diff --git a/src/blocksignature.cpp b/src/blocksignature.cpp index df698702803d..dc5f480fc7a1 100644 --- a/src/blocksignature.cpp +++ b/src/blocksignature.cpp @@ -76,14 +76,17 @@ bool CheckBlockSignature(const CBlock& block) // p2pk scriptsig only contains the signature and p2pkh scriptpubkey only contain the hash. return false; } else { - int start = 1 + (int) *txin.scriptSig.begin(); // skip sig + unsigned int start = 1 + (unsigned int) *txin.scriptSig.begin(); // skip sig + if (start >= txin.scriptSig.size() - 1) return false; pubkey = CPubKey(txin.scriptSig.begin()+start+1, txin.scriptSig.end()); } } else if (whichType == TX_COLDSTAKE) { // pick the public key from the P2CS input const CTxIn& txin = block.vtx[1]->vin[0]; - int start = 1 + (int) *txin.scriptSig.begin(); // skip sig + unsigned int start = 1 + (unsigned int) *txin.scriptSig.begin(); // skip sig + if (start >= txin.scriptSig.size() - 1) return false; start += 1 + (int) *(txin.scriptSig.begin()+start); // skip flag + if (start >= txin.scriptSig.size() - 1) return false; pubkey = CPubKey(txin.scriptSig.begin()+start+1, txin.scriptSig.end()); } } diff --git a/src/script/interpreter.cpp b/src/script/interpreter.cpp index b79a591592e5..58f425737a82 100644 --- a/src/script/interpreter.cpp +++ b/src/script/interpreter.cpp @@ -957,14 +957,20 @@ bool EvalScript(std::vector >& stack, const CScript& case OP_CHECKCOLDSTAKEVERIFY: { - return checker.CheckColdStake(false, script, stack, flags, serror); + if (!checker.CheckColdStake(false, script, stack, flags, serror)) { + // serror set + return false; + } } break; case OP_CHECKCOLDSTAKEVERIFY_LOF: { // Allow last output script "free" - return checker.CheckColdStake(true, script, stack, flags, serror); + if (!checker.CheckColdStake(true, script, stack, flags, serror)) { + // serror set + return false; + } } break;