diff options
| author | MarcoFalke <falke.marco@gmail.com> | 2022-03-08 16:48:18 +0100 |
|---|---|---|
| committer | MarcoFalke <falke.marco@gmail.com> | 2022-03-08 16:48:22 +0100 |
| commit | b07fdd7f9eef5f1498af056f3ef11e44795578c0 (patch) | |
| tree | ecee71c792ca2353f9b4e4ae9ed1c485b89fd58e /src | |
| parent | 64a4483dc6798a9a7d8327d320a17b3c4d7d4ee0 (diff) | |
| parent | fa097d074bc1afcc2a52976796bb618f7c6a68b3 (diff) | |
Merge bitcoin/bitcoin#24312: addrman: Log too low compat value
fa097d074bc1afcc2a52976796bb618f7c6a68b3 addrman: Log too low compat value (MarcoFalke)
Pull request description:
Before this patch, when writing a negative `lowest_compatible` value, it would be read as a positive value. For example `-32` will be read as `224`. There is generally nothing wrong with that. Though, similarly there shouldn't be anything wrong with refusing to read a negative value. I find the code after this patch more logical than before. Also, this allows dropping a file-wide sanitizer suppression.
In practice none of this should ever happen. Bitcoin Core would never write a negative `lowest_compatible` in normal operation, unless the file storage is later corrupted by external influence.
ACKs for top commit:
mzumsande:
re-ACK fa097d074bc1afcc2a52976796bb618f7c6a68b3
Tree-SHA512: 9aae7b8fe666f52f667f149667025e0160cef1a793cc4d392e36608f65c2bee8096da429235118f40a3368f327aabe30f3732ae78c5874648ea6f423f2687b65
Diffstat (limited to 'src')
| -rw-r--r-- | src/addrman.cpp | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/addrman.cpp b/src/addrman.cpp index f91a979934..2fd8143c1c 100644 --- a/src/addrman.cpp +++ b/src/addrman.cpp @@ -246,12 +246,18 @@ void AddrManImpl::Unserialize(Stream& s_) uint8_t compat; s >> compat; + if (compat < INCOMPATIBILITY_BASE) { + throw std::ios_base::failure(strprintf( + "Corrupted addrman database: The compat value (%u) " + "is lower than the expected minimum value %u.", + compat, INCOMPATIBILITY_BASE)); + } const uint8_t lowest_compatible = compat - INCOMPATIBILITY_BASE; if (lowest_compatible > FILE_FORMAT) { throw InvalidAddrManVersionError(strprintf( "Unsupported format of addrman database: %u. It is compatible with formats >=%u, " "but the maximum supported by this version of %s is %u.", - uint8_t{format}, uint8_t{lowest_compatible}, PACKAGE_NAME, uint8_t{FILE_FORMAT})); + uint8_t{format}, lowest_compatible, PACKAGE_NAME, uint8_t{FILE_FORMAT})); } s >> nKey; |