From 98796576d2a1cf8269814044d11a06abfd4a62db Mon Sep 17 00:00:00 2001
From: Matt Corallo <git@bluematt.me>
Date: Mon, 20 May 2019 20:16:18 -0400
Subject: [PATCH] Fix trivial DoS when deserializing messages from the network

---
 src/consensus/encode.rs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/consensus/encode.rs b/src/consensus/encode.rs
index 90e4d2f1..7620137a 100644
--- a/src/consensus/encode.rs
+++ b/src/consensus/encode.rs
@@ -659,6 +659,12 @@ impl<D: Decoder> Decodable<D> for CheckedData {
     #[inline]
     fn consensus_decode(d: &mut D) -> Result<CheckedData, self::Error> {
         let len: u32 = Decodable::consensus_decode(d)?;
+        if len > MAX_VEC_SIZE as u32 {
+            return Err(self::Error::OversizedVectorAllocation {
+                requested: len as usize,
+                max: MAX_VEC_SIZE
+            });
+        }
         let checksum: [u8; 4] = Decodable::consensus_decode(d)?;
         let mut ret = Vec::with_capacity(len as usize);
         ret.resize(len as usize, 0);