aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorPeter Todd <pete@petertodd.org>2014-11-10 02:52:28 -0500
committerPeter Todd <pete@petertodd.org>2014-11-10 02:52:28 -0500
commit7c041b3b91aa08a8f5863382b865a5174281ad03 (patch)
treea52e259e044d7c6b15c5724cc1279f27ecfcd2f2 /src
parent7b7c86616006a5047ae07085e26c40e3606f60c5 (diff)
Check against MANDATORY flags prior to accepting to mempool
Previously transactions were only tested again the STANDARD_SCRIPT_VERIFY_FLAGS prior to mempool acceptance, so any bugs in those flags that allowed actually-invalid transactions to pass would result in allowing invalid transactions into the mempool. Fortunately there is a second check in CreateNewBlock() that would prevent those transactions from being mined, resulting in an invalid block, however this could still be exploited as a DoS attack.
Diffstat (limited to 'src')
-rw-r--r--src/main.cpp15
1 files changed, 15 insertions, 0 deletions
diff --git a/src/main.cpp b/src/main.cpp
index 4aa49531b3..8d4a9e59f1 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -1039,6 +1039,21 @@ bool AcceptToMemoryPool(CTxMemPool& pool, CValidationState &state, const CTransa
{
return error("AcceptToMemoryPool: : ConnectInputs failed %s", hash.ToString());
}
+
+ // Check again against just the consensus-critical mandatory script
+ // verification flags, in case of bugs in the standard flags that cause
+ // transactions to pass as valid when they're actually invalid. For
+ // instance the STRICTENC flag was incorrectly allowing certain
+ // CHECKSIG NOT scripts to pass, even though they were invalid.
+ //
+ // There is a similar check in CreateNewBlock() to prevent creating
+ // invalid blocks, however allowing such transactions into the mempool
+ // can be exploited as a DoS attack.
+ if (!CheckInputs(tx, state, view, true, MANDATORY_SCRIPT_VERIFY_FLAGS, true))
+ {
+ return error("AcceptToMemoryPool: : BUG! PLEASE REPORT THIS! ConnectInputs failed against MANDATORY but not STANDARD flags %s", hash.ToString());
+ }
+
// Store transaction in memory
pool.addUnchecked(hash, entry);
}