From d12507e6122abb7d4f26e080e5d7580570af6549 Mon Sep 17 00:00:00 2001
From: Luke Parker <lukeparker5132@gmail.com>
Date: Sun, 21 Aug 2022 07:52:49 -0400
Subject: [PATCH] Fix a DoS in Monero

A malicious TX could cause an arbitrary amount of memory to be allocated
despite not even containing that amount of data.
---
 coins/monero/src/serialize.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/coins/monero/src/serialize.rs b/coins/monero/src/serialize.rs
index eadea341..6b5b510f 100644
--- a/coins/monero/src/serialize.rs
+++ b/coins/monero/src/serialize.rs
@@ -100,7 +100,7 @@ pub fn read_raw_vec<R: io::Read, T, F: Fn(&mut R) -> io::Result<T>>(
   len: usize,
   r: &mut R,
 ) -> io::Result<Vec<T>> {
-  let mut res = Vec::with_capacity(len);
+  let mut res = vec![];
   for _ in 0 .. len {
     res.push(f(r)?);
   }