Fix MatchWithdrawal segfault

This line: CScript p2pkh(script.begin()+30, script.end()); causes a segfault when script is less than 30 bytes.
LayerTwo-Labs · Apr 25, 2024 · 16e8e63 · 16e8e63
1 parent 767e7a8
commit 16e8e63
Showing 1 changed file with 7 additions and 5 deletions.
diff --git a/src/script/standard.cpp b/src/script/standard.cpp
@@ -63,11 +63,13 @@ static bool MatchPayToPubkeyHash(const CScript& script, valtype& pubkeyhash)
 
 static bool MatchWithdrawal(const CScript& script, valtype& refundKeyHash, valtype& mainAddress, valtype& mainFee)
 {
-    CScript p2pkh(script.begin()+30, script.end());
-    if (script.size() == 30 + 25 && script[0] == 28 && script[29] == OP_DROP && MatchPayToPubkeyHash(p2pkh, refundKeyHash)) {
-        mainAddress = valtype(script.begin()+1, script.begin()+21);
-        mainFee = valtype(script.begin()+21, script.begin()+29);
-        return true;
+    if (script.size() == 30 + 25 && script[0] == 28 && script[29] == OP_DROP) {
+        CScript p2pkh(script.begin()+30, script.end());
+        if (MatchPayToPubkeyHash(p2pkh, refundKeyHash)) {
+            mainAddress = valtype(script.begin()+1, script.begin()+21);
+            mainFee = valtype(script.begin()+21, script.begin()+29);
+            return true;
+        }
     }
     return false;
 }