diff options
Diffstat (limited to 'src/exchange-lib/exchange_api_reserve.c')
| -rw-r--r-- | src/exchange-lib/exchange_api_reserve.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/src/exchange-lib/exchange_api_reserve.c b/src/exchange-lib/exchange_api_reserve.c index 40c9d491d..6af500ee2 100644 --- a/src/exchange-lib/exchange_api_reserve.c +++ b/src/exchange-lib/exchange_api_reserve.c @@ -827,7 +827,20 @@ reserve_withdraw_payment_required (struct TALER_EXCHANGE_ReserveWithdrawHandle * total incoming and outgoing amounts */ len = json_array_size (history); { - struct TALER_EXCHANGE_ReserveHistory rhistory[len]; + struct TALER_EXCHANGE_ReserveHistory *rhistory; + + /* Use heap allocation as "len" may be very big and thus this may + not fit on the stack. Use "GNUNET_malloc_large" as a malicious + exchange may theoretically try to crash us by giving a history + that does not fit into our memory. */ + rhistory = GNUNET_malloc_large (sizeof (struct TALER_EXCHANGE_ReserveHistory) * len); + if (NULL == rhistory) + { + GNUNET_break (0); + free_rhistory (rhistory, + len); + return GNUNET_SYSERR; + } if (GNUNET_OK != parse_reserve_history (wsh->exchange, |