AaronFiore/electrum
1
0
Fork 0
Code Activity

stricter tx deserialization: forbid negative output amount values

Browse Source
This commit is contained in:
SomberNight
2018-06-12 14:41:30 +02:00
parent 0b78cb5e6b
commit 12c5474cf1
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/transaction.py
View File

@@ -536,6 +536,8 @@ def parse_output(vds, i):
d['value'] = vds.read_int64()
if d['value'] > TOTAL_COIN_SUPPLY_LIMIT_IN_BTC * COIN:
raise SerializationError('invalid output amount (too large)')
if d['value'] < 0:
raise SerializationError('invalid output amount (negative)')
scriptPubKey = vds.read_bytes(vds.read_compact_size())
d['type'], d['address'] = get_address_from_output_script(scriptPubKey)
d['scriptPubKey'] = bh2u(scriptPubKey)