diff options
| author | Wladimir J. van der Laan <laanwj@protonmail.com> | 2020-02-10 13:09:54 +0100 |
|---|---|---|
| committer | Wladimir J. van der Laan <laanwj@protonmail.com> | 2020-02-10 13:55:41 +0100 |
| commit | ba0b7e1296ffe4c18f4138f30d2c0468644ebb72 (patch) | |
| tree | adc3589deee1fe193758b382e2ce2c447243a64d /src/node | |
| parent | 4755037d457109a5f73a2fc508f2af53d4d87cfb (diff) | |
| parent | f5fb7fca969cd43318384bec46bb7687b1a529fd (diff) | |
| download | bitcoin-ba0b7e1296ffe4c18f4138f30d2c0468644ebb72.tar.xz | |
Merge #18079: [0.19] psbt: check that various indexes and amounts are within bounds
f5fb7fca969cd43318384bec46bb7687b1a529fd psbt: check output index is within bounds before accessing (Andrew Chow)
1cf77a2dc36c81b80a2f9af52ed99bd426061de8 Don't calculate tx fees for PSBTs with invalid money values (Andrew Chow)
Pull request description:
Backport of #17156, non-trivial due to crossing the refactor in #17371
ACKs for top commit:
laanwj:
ACK f5fb7fca969cd43318384bec46bb7687b1a529fd
Tree-SHA512: 7aabf9a6b8a8e287a26dfbf73a437a3bc55177bef8fc5149d822ef81b8ef2458e1d718c3a19c73532c5cef0f9bd8144574c7fad90ca89f13a08b44edf3a2656d
Diffstat (limited to 'src/node')
| -rw-r--r-- | src/node/psbt.cpp | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/node/psbt.cpp b/src/node/psbt.cpp index 9a30c3f083..ff7a38e40d 100644 --- a/src/node/psbt.cpp +++ b/src/node/psbt.cpp @@ -2,6 +2,7 @@ // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. +#include <amount.h> #include <coins.h> #include <consensus/tx_verify.h> #include <node/psbt.h> @@ -31,9 +32,17 @@ PSBTAnalysis AnalyzePSBT(PartiallySignedTransaction psbtx) // Check for a UTXO CTxOut utxo; if (psbtx.GetInputUTXO(utxo, i)) { + if (!MoneyRange(utxo.nValue) || !MoneyRange(in_amt + utxo.nValue)) { + result.SetInvalid(strprintf("PSBT is not valid. Input %u has invalid value", i)); + return result; + } in_amt += utxo.nValue; input_analysis.has_utxo = true; } else { + if (input.non_witness_utxo && psbtx.tx->vin[i].prevout.n >= input.non_witness_utxo->vout.size()) { + result.SetInvalid(strprintf("PSBT is not valid. Input %u specifies invalid prevout", i)); + return result; + } input_analysis.has_utxo = false; input_analysis.is_final = false; input_analysis.next = PSBTRole::UPDATER; @@ -85,9 +94,16 @@ PSBTAnalysis AnalyzePSBT(PartiallySignedTransaction psbtx) // Get the output amount CAmount out_amt = std::accumulate(psbtx.tx->vout.begin(), psbtx.tx->vout.end(), CAmount(0), [](CAmount a, const CTxOut& b) { + if (!MoneyRange(a) || !MoneyRange(b.nValue) || !MoneyRange(a + b.nValue)) { + return CAmount(-1); + } return a += b.nValue; } ); + if (!MoneyRange(out_amt)) { + result.SetInvalid(strprintf("PSBT is not valid. Output amount invalid")); + return result; + } // Get the fee CAmount fee = in_amt - out_amt; |