Skip to content

Commit

Permalink
Check if we can read txout buf before doing so
Browse files Browse the repository at this point in the history
  • Loading branch information
@coderofstuff
coderofstuff committed Nov 13, 2023
1 parent 6f7c03e commit fac44fd
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions src/transaction/deserialize.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,12 +33,20 @@ parser_status_e transaction_output_deserialize(buffer_t *buf, transaction_output
return OUTPUT_VALUE_PARSING_ERROR;
}

if (!buffer_can_read(buf, 1)) {
return OUTPUT_SCRIPT_PUBKEY_PARSING_ERROR;
}

uint8_t script_len = (uint8_t) * (buf->ptr + buf->offset);

if (script_len == OP_BLAKE2B) {
// P2SH = 0xaa + 0x20 + (script hash) + 0x87
// Total length = 35
// script len is actually the second byte if the first one is 0xaa
if (!buffer_can_read(buf, 2)) {
return OUTPUT_SCRIPT_PUBKEY_PARSING_ERROR;
}

script_len = (uint8_t) * (buf->ptr + buf->offset + 1);

// For P2SH, we expect len to always be 0x20
Expand Down

0 comments on commit fac44fd

Please sign in to comment.