diff options
| author | Pieter Wuille <pieter.wuille@gmail.com> | 2014-11-22 15:44:43 +0100 |
|---|---|---|
| committer | Pieter Wuille <pieter.wuille@gmail.com> | 2014-12-11 17:22:15 +0100 |
| commit | 012598880cf69a6a4d4d495c78e40ab4abb4eb39 (patch) | |
| tree | f2d433bad71f00fadfdeac6063700b43735863b6 /src/merkleblock.cpp | |
| parent | 3bb29a3e13f78f534d96b71048a128843f3bab85 (diff) | |
| download | bitcoin-012598880cf69a6a4d4d495c78e40ab4abb4eb39.tar.xz | |
Implement test for merkle tree malleability in CPartialMerkleTree
This is a check that is mentioned in BIP 37, but never implemented in the
reference code. As Bitcoin Core so far never decodes partial merkle trees,
this is not a problem. But perhaps others use the code as a reference.
Diffstat (limited to 'src/merkleblock.cpp')
| -rw-r--r-- | src/merkleblock.cpp | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/src/merkleblock.cpp b/src/merkleblock.cpp index 8618e355d7..0500cfde88 100644 --- a/src/merkleblock.cpp +++ b/src/merkleblock.cpp @@ -93,10 +93,16 @@ uint256 CPartialMerkleTree::TraverseAndExtract(int height, unsigned int pos, uns } else { // otherwise, descend into the subtrees to extract matched txids and hashes uint256 left = TraverseAndExtract(height-1, pos*2, nBitsUsed, nHashUsed, vMatch), right; - if (pos*2+1 < CalcTreeWidth(height-1)) + if (pos*2+1 < CalcTreeWidth(height-1)) { right = TraverseAndExtract(height-1, pos*2+1, nBitsUsed, nHashUsed, vMatch); - else + if (right == left) { + // If the left and right branch should never be identical as the transaction + // hashes covered by them must be unique. + fBad = true; + } + } else { right = left; + } // and combine them before returning return Hash(BEGIN(left), END(left), BEGIN(right), END(right)); } |