netcraft
/
litecoin
mirror of https://github.com/litecoin-project/litecoin
6
0
Fork 0
Code Issues Projects Releases Wiki Activity

wallet: fix buffer over-read in SQLite file magic check

Browse Source 
If there is no terminating zero within the 16 magic bytes, the buffer would be
over-read in the std::string constructor. Fixed by using the "from buffer"
variant of the ctor (that also takes a size) rather than the "from c-string"
variant.
pull/764/head
Sebastian Falbesoner 4 years ago
parent dda18e7310
commit 56a461f727
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File

4
src/wallet/sqlite.cpp
Unescape View File

@ -619,8 +619,8 @@ bool IsSQLiteFile(const fs::path& path)
file.close();
// Check the magic, see https://sqlite.org/fileformat2.html
std::string magic_str(magic);
if (magic_str != std::string("SQLite format 3")) {
std::string magic_str(magic, 16);
if (magic_str != std::string("SQLite format 3", 16)) {
return false;
}

Write Preview
Loading…
Cancel
Save