litecoincash-project
commented
5 years ago Thanks very much for this. We'll take a look.
Open QiAnXinCodeSafe opened 5 years ago
litecoincash-project
commented
5 years ago Thanks very much for this. We'll take a look.
blockester
commented
3 years ago Regarding the null pointer issue. The upstream is essentially the same except: CNodeState *State(NodeId pnode) EXCLUSIVE_LOCKS_REQUIRED(cs_main) {
Maybe this lock could be implemented.
blockester
commented
3 years ago About a dereferenced pointer: could catch an exception there but only malformed SegWit transactions reach this logic.
Hi all, There is a possible null pointer dereference issue found by Qihoo360 CodeSafe Team. Details as bellow:
Function State() could return null pointer: https://github.com/litecoincash-project/litecoincash/blob/3bcc790cacad47421848d821b9ba18d8c86a5f7b/src/net_processing.cpp#L271-L276
After calling this function in line 521, the returned pointer is directly dereferenced without checking against: https://github.com/litecoincash-project/litecoincash/blob/3bcc790cacad47421848d821b9ba18d8c86a5f7b/src/net_processing.cpp#L521
Cheers Qihoo360 CodeSafe Team