Add length check for CExtKey deserialization (jonasschnelli, guidovranken) #11081

pull jonasschnelli wants to merge 1 commits into bitcoin:master from jonasschnelli:2017/08/fix_cextkey changing 1 files +2 −0
  1. jonasschnelli commented at 7:57 PM on August 17, 2017: contributor

    Fix a potential overwrite or uninitialised data issue. That code part is currently unused (at least in Bitcoin Core). We already do the same check CExtPubKey.

    Reported by @guidovranken

  2. Add length check for CExtKey deserialization 07685d1bc1
  3. laanwj added the label Wallet on Aug 17, 2017
  4. laanwj commented at 8:28 PM on August 17, 2017: member

    utACK

    We should probably credit the person who reported this?

  5. practicalswift commented at 8:53 AM on August 18, 2017: contributor

    Ouch! Really nice find! Found by code review or fuzzing?

    utACK 07685d1bc1b0b815c00a68a5b7b335ffa0d4d90d

  6. jonasschnelli commented at 8:58 AM on August 18, 2017: contributor

    Issue was discovered by Guido Vranken via Fuzzing (@guidovranken / see also #11045). It looks like non of the Core forks is using this as well.

  7. practicalswift commented at 9:04 AM on August 18, 2017: contributor

    Thank you @guidovranken!

  8. MarcoFalke renamed this:
    Add length check for CExtKey deserialization
    Add length check for CExtKey deserialization (jonasschnelli, guidovranken)
    on Aug 18, 2017
  9. laanwj added the label Needs backport on Aug 18, 2017
  10. laanwj added this to the milestone 0.15.0 on Aug 18, 2017
  11. laanwj merged this on Aug 18, 2017
  12. laanwj closed this on Aug 18, 2017
  13. laanwj referenced this in commit 9f60b3707d on Aug 18, 2017
  14. guidovranken commented at 1:07 PM on August 18, 2017: contributor

    You're welcome.

  15. laanwj referenced this in commit 9fe1f6bd89 on Aug 21, 2017
  16. laanwj removed the label Needs backport on Aug 21, 2017
  17. PastaPastaPasta referenced this in commit 06deef425e on Sep 19, 2019
  18. codablock referenced this in commit b1e81a552b on Sep 20, 2019
  19. codablock referenced this in commit 8a6f881e4e on Sep 22, 2019
  20. codablock referenced this in commit a31fb063a6 on Sep 23, 2019
  21. barrystyle referenced this in commit 9f51b1c72b on Jan 22, 2020
  22. DrahtBot locked this on Sep 8, 2021
Contributors
jonasschnellilaanwjpracticalswiftguidovranken
Labels
Wallet

Milestone
0.15.0

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-21 15:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me