From b6622b4cffa76577a7a6dff50edc76f0e50ee30f Mon Sep 17 00:00:00 2001
From: Daniel Cousens <github@dcousens.com>
Date: Wed, 4 Mar 2015 21:28:48 +1100
Subject: [PATCH] script: return malformed script if returned pushDataOut out
 of range

---
 src/script.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/script.js b/src/script.js
index 6ac9f15..141fb1f 100644
--- a/src/script.js
+++ b/src/script.js
@@ -41,8 +41,11 @@ Script.fromBuffer = function (buffer) {
 
       // did reading a pushDataInt fail? return non-chunked script
       if (d === null) return new Script(buffer, [])
-
       i += d.size
+
+      // attempt to read too much data?
+      if (i + d.number > buffer.length) return new Script(buffer, [])
+
       var data = buffer.slice(i, i + d.number)
       i += d.number