Sanity check transaction scripts in DecodeHexTx

Make sure that the scripts of decoded transactions are valid scripts.
author: Andrew Chow <achow101-github@achow101.com> 2017-05-30 15:43:07 -0700
committer: Andrew Chow <achow101-github@achow101.com> 2017-06-07 14:07:26 -0700
commit: ac4e438229134595e949bfedb1f487c71fd45d24 (patch)
tree: 08114ad8a0bd5616c83fd10d2a0db4f091b2e09b /src/core_read.cpp
parent: 5b75c477841fa463aad9c6e6d95a98b50ce14dd3 (diff)
1 files changed, 26 insertions, 3 deletions
diff --git a/src/core_read.cpp b/src/core_read.cpp
index a8d667e3bc..463871d178 100644
--- a/src/core_read.cpp
+++ b/src/core_read.cpp
@@ -88,10 +88,32 @@ CScript ParseScript(const std::string& s)
     return result;
 }
 
+// Check that all of the input and output scripts of a transaction contains valid opcodes
+bool CheckTxScriptsSanity(const CMutableTransaction& tx)
+{
+    // Check input scripts for non-coinbase txs
+    if (!CTransaction(tx).IsCoinBase()) {
+        for (unsigned int i = 0; i < tx.vin.size(); i++) {
+            if (!tx.vin[i].scriptSig.HasValidOps() || tx.vin[i].scriptSig.size() > MAX_SCRIPT_SIZE) {
+                return false;
+            }
+        }
+    }
+    // Check output scripts
+    for (unsigned int i = 0; i < tx.vout.size(); i++) {
+        if (!tx.vout[i].scriptPubKey.HasValidOps() || tx.vout[i].scriptPubKey.size() > MAX_SCRIPT_SIZE) {
+            return false;
+        }
+    }
+    
+    return true;
+}
+
 bool DecodeHexTx(CMutableTransaction& tx, const std::string& strHexTx, bool fTryNoWitness)
 {
-    if (!IsHex(strHexTx))
+    if (!IsHex(strHexTx)) {
         return false;
+    }
 
     std::vector<unsigned char> txData(ParseHex(strHexTx));
 
@@ -99,7 +121,7 @@ bool DecodeHexTx(CMutableTransaction& tx, const std::string& strHexTx, bool fTry
         CDataStream ssData(txData, SER_NETWORK, PROTOCOL_VERSION | SERIALIZE_TRANSACTION_NO_WITNESS);
         try {
             ssData >> tx;
-            if (ssData.eof()) {
+            if (ssData.eof() && CheckTxScriptsSanity(tx)) {
                 return true;
             }
         }
@@ -111,8 +133,9 @@ bool DecodeHexTx(CMutableTransaction& tx, const std::string& strHexTx, bool fTry
     CDataStream ssData(txData, SER_NETWORK, PROTOCOL_VERSION);
     try {
         ssData >> tx;
-        if (!ssData.empty())
+        if (!ssData.empty()) {
             return false;
+        }
     }
     catch (const std::exception&) {
         return false;
author	Andrew Chow <achow101-github@achow101.com>	2017-05-30 15:43:07 -0700
committer	Andrew Chow <achow101-github@achow101.com>	2017-06-07 14:07:26 -0700
commit	ac4e438229134595e949bfedb1f487c71fd45d24 (patch)
tree	08114ad8a0bd5616c83fd10d2a0db4f091b2e09b /src/core_read.cpp
parent	5b75c477841fa463aad9c6e6d95a98b50ce14dd3 (diff)