aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorWladimir J. van der Laan <laanwj@gmail.com>2014-12-22 12:27:40 +0100
committerWladimir J. van der Laan <laanwj@gmail.com>2014-12-22 12:41:40 +0100
commit203632d20b3107009f45fae56cc3f7d828b16660 (patch)
tree8ab5d2f8bd6533a8ba92622332b4da619154f950 /src
parentf914f1a746d7f91951c1da262a4a749dd3ebfa71 (diff)
parent7c041b3b91aa08a8f5863382b865a5174281ad03 (diff)
Merge pull request #5253
7c041b3 Check against MANDATORY flags prior to accepting to mempool (Peter Todd)
Diffstat (limited to 'src')
-rw-r--r--src/main.cpp15
1 files changed, 15 insertions, 0 deletions
diff --git a/src/main.cpp b/src/main.cpp
index dd71c53d9d..ad3f70eed9 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -1060,6 +1060,21 @@ bool AcceptToMemoryPool(CTxMemPool& pool, CValidationState &state, const CTransa
{
return error("AcceptToMemoryPool: ConnectInputs failed %s", hash.ToString());
}
+
+ // Check again against just the consensus-critical mandatory script
+ // verification flags, in case of bugs in the standard flags that cause
+ // transactions to pass as valid when they're actually invalid. For
+ // instance the STRICTENC flag was incorrectly allowing certain
+ // CHECKSIG NOT scripts to pass, even though they were invalid.
+ //
+ // There is a similar check in CreateNewBlock() to prevent creating
+ // invalid blocks, however allowing such transactions into the mempool
+ // can be exploited as a DoS attack.
+ if (!CheckInputs(tx, state, view, true, MANDATORY_SCRIPT_VERIFY_FLAGS, true))
+ {
+ return error("AcceptToMemoryPool: : BUG! PLEASE REPORT THIS! ConnectInputs failed against MANDATORY but not STANDARD flags %s", hash.ToString());
+ }
+
// Store transaction in memory
pool.addUnchecked(hash, entry);
}