Skip to content

Commit 6fc656a

Browse files
laanwjlaanwj
committed
Merge #14242: Avoid triggering undefined behaviour (std::memset(nullptr, 0, 0)) if an invalid string is passed to DecodeSecret(...)
d855e4c Avoid triggering undefined behaviour (std::memset(nullptr, 0, 0)) if an invalid string is passed to DecodeSecret(...) (practicalswift) Pull request description: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)`. Background reading: [memcpy (and friends) with NULL pointers](https://www.imperialviolet.org/2016/06/26/nonnull.html) Steps to reproduce: ``` ./configure --with-sanitizers=undefined && make check && ./test/functional/test_runner.py ``` Tree-SHA512: b8325ced4f724d9c03065e0747af56b1f297a90d9fb09a24d46c3231a90dce3df6299f2c41f863b5cec18eaeded7b46ee4b93d9a52adc2541eb4c44d2c0965d9
2 parents b9b26d9 + d855e4c commit 6fc656a

File tree

2 files changed

+3
-2
lines changed

2 files changed

+3
-2
lines changed

src/key_io.cpp

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -142,7 +142,9 @@ CKey DecodeSecret(const std::string& str)
142142
key.Set(data.begin() + privkey_prefix.size(), data.begin() + privkey_prefix.size() + 32, compressed);
143143
}
144144
}
145-
memory_cleanse(data.data(), data.size());
145+
if (!data.empty()) {
146+
memory_cleanse(data.data(), data.size());
147+
}
146148
return key;
147149
}
148150

test/sanitizer_suppressions/ubsan

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,6 @@ bool:wallet/wallet.cpp
44
float-divide-by-zero:policy/fees.cpp
55
float-divide-by-zero:validation.cpp
66
float-divide-by-zero:wallet/wallet.cpp
7-
nonnull-attribute:support/cleanse.cpp
87
unsigned-integer-overflow:arith_uint256.h
98
unsigned-integer-overflow:basic_string.h
109
unsigned-integer-overflow:bench/bench.h

0 commit comments

Comments
 (0)