sikkienl/dash
1
0
Fork 0
mirror of https://github.com/dashpay/dash.git synced 2024-12-26 12:32:48 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge #14734: fix an undefined behavior in uint::SetHex

Browse Source 
0f459d868d85053f1cc066ea9099793f88cbd655 fix an undefined behavior in uint::SetHex (Kaz Wesley)

Pull request description:

  Decrementing psz beyond the beginning of the string is UB, even though
  the out-of-bounds pointer is never dereferenced.

  I don't think any clang sanitizer covers this, so I don't see any way a test could catch the original behavior.

ACKs for top commit:
  promag:
    utACK 0f459d8.
  l2a5b1:
    utACK 0f459d868d85053f1cc066ea9099793f88cbd655

Tree-SHA512: 388223254ea6e955f643d2ebdf74d15a3d494e9f0597d9f05987ebb708d7a1cc06ce64bd25d447d75b5f5561bdae9630dcf25adb7bd75f7a382298b95d127162
This commit is contained in:
Wladimir J. van der Laan 2019-07-03 14:06:45 +02:00 committed by UdjinM6
parent 57e3060ec8
commit 914946301c
1 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/uint256.cpp
View File

@ -40,16 +40,15 @@ void base_blob<BITS>::SetHex(const char* psz)
psz += 2; psz += 2;
// hex string to uint // hex string to uint
const char* pbegin = psz; size_t digits = 0;
while (::HexDigit(*psz) != -1) while (::HexDigit(psz[digits]) != -1)
psz++; digits++;
psz--;
unsigned char* p1 = (unsigned char*)m_data; unsigned char* p1 = (unsigned char*)m_data;
unsigned char* pend = p1 + WIDTH; unsigned char* pend = p1 + WIDTH;
while (psz >= pbegin && p1 < pend) { while (digits > 0 && p1 < pend) {
*p1 = ::HexDigit(*psz--); *p1 = ::HexDigit(psz[--digits]);
if (psz >= pbegin) { if (digits > 0) {
*p1 |= ((unsigned char)::HexDigit(*psz--) << 4); *p1 |= ((unsigned char)::HexDigit(psz[--digits]) << 4);
p1++; p1++;
} }
} }