Merge #18416: util: Limit decimal range of numbers ParseScript accepts

9ab14e4d21c73d16d8d782f1576fe29e659e2a70 Limit decimal range of numbers ParseScript accepts (pierrenn)

Pull request description:

  Following up on this suggestion : https://github.com/bitcoin/bitcoin/pull/18413#issuecomment-602966490, prevent the output of `atoi64` in the `core_read.cpp:ParseScript` helper to send to `CScriptNum::serialize` values wider than 32-bit.

  Since the `ParseScript` helper is only used by the tool defined in `bitcoin-tx.cpp`, this only prevents users to provide too much unrealistic values.

ACKs for top commit:
  laanwj:
    ACK 9ab14e4d21c73d16d8d782f1576fe29e659e2a70

Tree-SHA512: ee228269d19d04e8fee0aa7c0ae2bb0a2b437b8e574356e8d9b2279318242057d51fcf39a842aa3afe27408d0f2d5276df245d07a3f4828644a366f80587b666

1 files changed, 8 insertions, 0 deletions

diff --git a/src/core_read.cpp b/src/core_read.cpp
index 9a65b02585..d036955641 100644
--- a/src/core_read.cpp
+++ b/src/core_read.cpp
@@ -59,6 +59,14 @@ CScript ParseScript(const std::string& s)
         {
             // Number
             int64_t n = atoi64(*w);
+
+            //limit the range of numbers ParseScript accepts in decimal
+            //since numbers outside -0xFFFFFFFF...0xFFFFFFFF are illegal in scripts
+            if (n > int64_t{0xffffffff} || n < -1 * int64_t{0xffffffff}) {
+                throw std::runtime_error("script parse error: decimal numeric value only allowed in the "
+                                         "range -0xFFFFFFFF...0xFFFFFFFF");
+            }
+
             result << n;
         }
         else if (w->substr(0,2) == "0x" && w->size() > 2 && IsHex(std::string(w->begin()+2, w->end())))