diff options
| author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2019-03-08 12:02:21 +0000 |
|---|---|---|
| committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2019-06-14 08:47:01 +0000 |
| commit | 39169ace09f702b8ae66fe373424e5c0b1326a6d (patch) | |
| tree | afc9c77a79bddcd38abf7f1176529363bcceccf8 /contrib | |
| parent | Merge pull request #5632 (diff) | |
| download | monero-39169ace09f702b8ae66fe373424e5c0b1326a6d.tar.xz | |
epee: basic sanity check on allocation size from untrusted source
Reported by guidov
Diffstat (limited to 'contrib')
| -rw-r--r-- | contrib/epee/include/storages/portable_storage_from_bin.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/contrib/epee/include/storages/portable_storage_from_bin.h b/contrib/epee/include/storages/portable_storage_from_bin.h index 2884f8c5e..e0a32b3ca 100644 --- a/contrib/epee/include/storages/portable_storage_from_bin.h +++ b/contrib/epee/include/storages/portable_storage_from_bin.h @@ -136,6 +136,7 @@ namespace epee //for pod types array_entry_t<type_name> sa; size_t size = read_varint(); + CHECK_AND_ASSERT_THROW_MES(size <= m_count, "Size sanity check failed"); sa.reserve(size); //TODO: add some optimization here later while(size--) |