serialize: Change GetSerializeSize return type to uint64_t #33712

pull sshivanshg wants to merge 1 commits into bitcoin:master from sshivanshg:fix-getserializesize-return-type changing 9 files +13 −13
  1. sshivanshg commented at 10:22 am on October 27, 2025: none
    GetSerializeSize currently returns size_t, which is platform-dependent. On 32-bit systems, size_t is 32-bit, limiting the maximum serialized size to ~4GB. This can cause integer overflow when multiplying by WITNESS_SCALE_FACTOR during block size validation. Change GetSerializeSize to return uint64_t to ensure it can handle large sizes without overflow on all platforms. This fixes CVE-2025-46597. Resolves: #33709
  2. serialize: Change GetSerializeSize return type to uint64_t 
    GetSerializeSize currently returns size_t, which is platform-dependent.
On 32-bit systems, size_t is 32-bit, limiting the maximum serialized
size to ~4GB. This can cause integer overflow when multiplying by
WITNESS_SCALE_FACTOR during block size validation.

Change GetSerializeSize to return uint64_t to ensure it can handle
large sizes without overflow on all platforms.

This fixes CVE-2025-46597.
    3f2ec023d3
  3. DrahtBot commented at 10:22 am on October 27, 2025: contributor

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Code Coverage & Benchmarks

    For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/33712.

    Reviews

    See the guideline for information on the review process. A summary of reviews will appear here.

  4. pinheadmz commented at 11:23 am on October 27, 2025: member

    @sshivanshg because this code is so critical, your PR description should be more detailed. Especially since you are a first-time contributor with no merit. Please respond with a detailed explanation of your understanding of the issue, steps you took to solve the issue, how you tested your code, and how reviewers should test your code.

    This likely needs to be done before anyone seriously reviews your pull request. Otherwise it will be closed due to inactivity, and a more responsible human author will take it over.

    See https://github.com/bitcoin/bitcoin/blob/master/CONTRIBUTING.md

  5. sshivanshg closed this on Oct 27, 2025
  6. sshivanshg deleted the branch on Oct 27, 2025
  7. bitcoin locked this on Oct 28, 2025


sshivanshg DrahtBot pinheadmz

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-11-02 18:12 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me