Skip to content

Commit

Permalink
wallet: fix buffer over-read in SQLite file magic check
Browse files Browse the repository at this point in the history 
If there is no terminating zero within the 16 magic bytes, the buffer would be
over-read in the std::string constructor. Fixed by using the "from buffer"
variant of the ctor (that also takes a size) rather than the "from c-string"
variant.
  • Loading branch information
@theStack
theStack committed Oct 22, 2020
1 parent dda18e7 commit 56a461f
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/wallet/sqlite.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -619,8 +619,8 @@ bool IsSQLiteFile(const fs::path& path)
file.close();

// Check the magic, see https://sqlite.org/fileformat2.html
std::string magic_str(magic);
if (magic_str != std::string("SQLite format 3")) {
std::string magic_str(magic, 16);
if (magic_str != std::string("SQLite format 3", 16)) {
return false;
}

Expand Down

0 comments on commit 56a461f

Please sign in to comment.