diff options
| author | Peter Todd <pete@petertodd.org> | 2014-03-10 17:36:35 -0400 |
|---|---|---|
| committer | Peter Todd <pete@petertodd.org> | 2014-05-08 00:55:01 -0400 |
| commit | 6380180821917c22ecfd89128ee60aae6f4cac33 (patch) | |
| tree | aecc6e95f94e6daf71b887128d23f8d33c4e34ad /src/script.cpp | |
| parent | 29c17498a5d030f9d0a78cead3fbd37965b3cd40 (diff) | |
| download | bitcoin-6380180821917c22ecfd89128ee60aae6f4cac33.tar.xz | |
Add rejection of non-null CHECKMULTISIG dummy values
This is a source of transaction mutability as the dummy value was
previously not checked and could be modified to something other than the
usual OP_0 value.
Diffstat (limited to 'src/script.cpp')
| -rw-r--r-- | src/script.cpp | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/src/script.cpp b/src/script.cpp index dc0cd28bf8..a5cdc9712d 100644 --- a/src/script.cpp +++ b/src/script.cpp @@ -934,8 +934,22 @@ bool EvalScript(vector<vector<unsigned char> >& stack, const CScript& script, co fSuccess = false; } - while (i-- > 0) + // Clean up stack of actual arguments + while (i-- > 1) popstack(stack); + + // A bug causes CHECKMULTISIG to consume one extra argument + // whose contents were not checked in any way. + // + // Unfortunately this is a potential source of mutability, + // so optionally verify it is exactly equal to zero prior + // to removing it from the stack. + if (stack.size() < 1) + return false; + if ((flags & SCRIPT_VERIFY_NULLDUMMY) && stacktop(-1).size()) + return error("CHECKMULTISIG dummy argument not null"); + popstack(stack); + stack.push_back(fSuccess ? vchTrue : vchFalse); if (opcode == OP_CHECKMULTISIGVERIFY) |