Merge bitcoin/bitcoin#24139: Avoid unsigned integer overflow in bitcoin-tx

faa75fa193 Avoid unsigned integer overflow in bitcoin-tx (MarcoFalke)

Pull request description:

  While `npos` means "largest unsigned value" and adding `1` to it yields `0`, it may be clearer to just assign `0` to it and only increment otherwise.

  This also allows to remove a file-wide suppression for `unsigned-integer-overflow`.

ACKs for top commit:
  hebasto:
    ACK faa75fa193, I have reviewed the code and it looks OK, I agree it can be merged.
  theStack:
    Code-review ACK faa75fa193

Tree-SHA512: c24436641e5d801341c948b812c7f711d5dff70efdf04af00fd3221f4b81d93f25608dddaa36230ba81ca7ab0d18bdd957095d4561e22621e4d69017934f0a16

src/bitcoin-tx.cpp

@@ -434,13 +434,16 @@ static void MutateTxAddOutData(CMutableTransaction& tx, const std::string& strIn
     if (pos==0)
         throw std::runtime_error("TX output value not specified");
 
-    if (pos != std::string::npos) {
+    if (pos == std::string::npos) {
+        pos = 0;
+    } else {
         // Extract and validate VALUE
         value = ExtractAndValidateValue(strInput.substr(0, pos));
+        ++pos;
     }
 
     // extract and validate DATA
-    std::string strData = strInput.substr(pos + 1, std::string::npos);
+    const std::string strData{strInput.substr(pos, std::string::npos)};
 
     if (!IsHex(strData))
         throw std::runtime_error("invalid TX output data");

test/sanitizer_suppressions/ubsan

@@ -45,7 +45,6 @@ shift-base:test/fuzz/crypto_diff_fuzz_chacha20.cpp
 # job.
 unsigned-integer-overflow:addrman.cpp
 unsigned-integer-overflow:arith_uint256.h
-unsigned-integer-overflow:bitcoin-tx.cpp
 unsigned-integer-overflow:common/bloom.cpp
 unsigned-integer-overflow:chain.cpp
 unsigned-integer-overflow:chain.h