diff options
author | lucash-dev <lucash.dev@gmail.com> | 2018-11-10 09:11:22 -0800 |
---|---|---|
committer | lucash-dev <lucash.dev@gmail.com> | 2019-06-02 10:25:03 -0700 |
commit | 38bfca6bb2ad68719415e9c54a981441052da072 (patch) | |
tree | fb2686c0635b1e4db76eb779df0fd2800d0a7c53 /src/validation.cpp | |
parent | c7cfd20a77ce57d200b3b9e5e0dfb0d63818abdc (diff) |
Added comments referencing multiple CVEs in tests and production code.
This commit adds comments referencing multiple CVEs both in production and test code.
CVEs covered in this commit:
CVE-2010-5137
CVE-2010-5139
CVE-2010-5141
CVE-2012-1909
CVE-2012-2459
CVE-2012-3789
CVE-2018-17144
Diffstat (limited to 'src/validation.cpp')
-rw-r--r-- | src/validation.cpp | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/validation.cpp b/src/validation.cpp index 436c62261b..d0ce3f78fc 100644 --- a/src/validation.cpp +++ b/src/validation.cpp @@ -1865,7 +1865,7 @@ bool CChainState::ConnectBlock(const CBlock& block, CValidationState& state, CBl // If such overwrites are allowed, coinbases and transactions depending upon those // can be duplicated to remove the ability to spend the first instance -- even after // being sent to another address. - // See BIP30 and http://r6.ca/blog/20120206T005236Z.html for more information. + // See BIP30, CVE-2012-1909, and http://r6.ca/blog/20120206T005236Z.html for more information. // This logic is not necessary for memory pool transactions, as AcceptToMemoryPool // already refuses previously-known transaction ids entirely. // This rule was originally applied to all blocks with a timestamp after March 15, 2012, 0:00 UTC. @@ -3136,6 +3136,7 @@ bool CheckBlock(const CBlock& block, CValidationState& state, const Consensus::P return state.Invalid(ValidationInvalidReason::CONSENSUS, false, REJECT_INVALID, "bad-cb-multiple", "more than one coinbase"); // Check transactions + // Must check for duplicate inputs (see CVE-2018-17144) for (const auto& tx : block.vtx) if (!CheckTransaction(*tx, state, true)) return state.Invalid(state.GetReason(), false, state.GetRejectCode(), state.GetRejectReason(), |