fix an undefined behavior in uint::SetHex

Decrementing psz beyond the beginning of the string is UB, even though the out-of-bounds pointer is never dereferenced.
author: Kaz Wesley <[email protected]> 2018-11-15 17:21:28 -0800
committer: Kaz Wesley <[email protected]> 2018-11-15 17:26:45 -0800
commit: 0f459d868d85053f1cc066ea9099793f88cbd655 (patch)
tree: cadcf1c064171be4493eda2e945a7392e383aa18 /src/uint256.cpp
parent: Merge #14411: [wallet] Restore ability to list incoming transactions by label (diff)
download: discoin-0f459d868d85053f1cc066ea9099793f88cbd655.tar.xz
discoin-0f459d868d85053f1cc066ea9099793f88cbd655.zip
1 files changed, 7 insertions, 8 deletions
diff --git a/src/uint256.cpp b/src/uint256.cpp
index d9da66803..b164e8678 100644
--- a/src/uint256.cpp
+++ b/src/uint256.cpp
@@ -37,16 +37,15 @@ void base_blob<BITS>::SetHex(const char* psz)
         psz += 2;
 
     // hex string to uint
-    const char* pbegin = psz;
-    while (::HexDigit(*psz) != -1)
-        psz++;
-    psz--;
+    size_t digits = 0;
+    while (::HexDigit(psz[digits]) != -1)
+        digits++;
     unsigned char* p1 = (unsigned char*)data;
     unsigned char* pend = p1 + WIDTH;
-    while (psz >= pbegin && p1 < pend) {
-        *p1 = ::HexDigit(*psz--);
-        if (psz >= pbegin) {
-            *p1 |= ((unsigned char)::HexDigit(*psz--) << 4);
+    while (digits > 0 && p1 < pend) {
+        *p1 = ::HexDigit(psz[--digits]);
+        if (digits > 0) {
+            *p1 |= ((unsigned char)::HexDigit(psz[--digits]) << 4);
             p1++;
         }
     }
author	Kaz Wesley <[email protected]>	2018-11-15 17:21:28 -0800
committer	Kaz Wesley <[email protected]>	2018-11-15 17:26:45 -0800
commit	0f459d868d85053f1cc066ea9099793f88cbd655 (patch)
tree	cadcf1c064171be4493eda2e945a7392e383aa18 /src/uint256.cpp
parent	Merge #14411: [wallet] Restore ability to list incoming transactions by label (diff)
download	discoin-0f459d868d85053f1cc066ea9099793f88cbd655.tar.xz discoin-0f459d868d85053f1cc066ea9099793f88cbd655.zip