diff options
author | W. J. van der Laan <laanwj@protonmail.com> | 2021-10-13 13:48:36 +0200 |
---|---|---|
committer | W. J. van der Laan <laanwj@protonmail.com> | 2021-10-13 13:48:41 +0200 |
commit | 28d5074343d20417ac703860aeda3c615e566ab1 (patch) | |
tree | 8dad136090ccd4f7262d272236d7338dda2c19ba /src | |
parent | a9f642870849dcbfe32632fd6614804be61ab40c (diff) | |
parent | fa6f29de516c7af5206b91b59ada466032329250 (diff) | |
download | bitcoin-28d5074343d20417ac703860aeda3c615e566ab1.tar.xz |
Merge bitcoin/bitcoin#23253: bitcoin-tx: Reject non-integral and out of range int strings
fa6f29de516c7af5206b91b59ada466032329250 bitcoin-tx: Reject non-integral and out of range multisig numbers (MarcoFalke)
fafab8ea5e6ed6b87fac57a5cd16a8135236cdd6 bitcoin-tx: Reject non-integral and out of range sequence ids (MarcoFalke)
fa53d3d8266ad0257315d07b71b4f8a711134622 test: Check that bitcoin-tx accepts whitespace around sequence id and multisig numbers (MarcoFalke)
Pull request description:
Seems odd to silently accept arbitrary strings that don't even represent integral values.
Fix that.
ACKs for top commit:
practicalswift:
cr ACK fa6f29de516c7af5206b91b59ada466032329250
laanwj:
Code review ACK fa6f29de516c7af5206b91b59ada466032329250
Empact:
Code review ACK https://github.com/bitcoin/bitcoin/pull/23253/commits/fa6f29de516c7af5206b91b59ada466032329250
promag:
Code review ACK fa6f29de516c7af5206b91b59ada466032329250.
Tree-SHA512: e31f7f21fe55ac069e755557bdbcae8d5d29e20ff82e441ebdfc65153e3a31a4edd46ad3e6dea5190ecbd1b8ea5a8f94daa5d59a3b7558e46e794e30db0e6c79
Diffstat (limited to 'src')
-rw-r--r-- | src/bitcoin-tx.cpp | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/src/bitcoin-tx.cpp b/src/bitcoin-tx.cpp index fc3bc6aa71..eb97cfc6f6 100644 --- a/src/bitcoin-tx.cpp +++ b/src/bitcoin-tx.cpp @@ -235,6 +235,16 @@ static void MutateTxRBFOptIn(CMutableTransaction& tx, const std::string& strInId } } +template <typename T> +static T TrimAndParse(const std::string& int_str, const std::string& err) +{ + const auto parsed{ToIntegral<T>(TrimString(int_str))}; + if (!parsed.has_value()) { + throw std::runtime_error(err + " '" + int_str + "'"); + } + return parsed.value(); +} + static void MutateTxAddInput(CMutableTransaction& tx, const std::string& strInput) { std::vector<std::string> vStrInputParts; @@ -261,8 +271,9 @@ static void MutateTxAddInput(CMutableTransaction& tx, const std::string& strInpu // extract the optional sequence number uint32_t nSequenceIn = CTxIn::SEQUENCE_FINAL; - if (vStrInputParts.size() > 2) - nSequenceIn = std::stoul(vStrInputParts[2]); + if (vStrInputParts.size() > 2) { + nSequenceIn = TrimAndParse<uint32_t>(vStrInputParts.at(2), "invalid TX sequence id"); + } // append to transaction input list CTxIn txin(txid, vout, CScript(), nSequenceIn); @@ -352,10 +363,10 @@ static void MutateTxAddOutMultiSig(CMutableTransaction& tx, const std::string& s CAmount value = ExtractAndValidateValue(vStrInputParts[0]); // Extract REQUIRED - uint32_t required = stoul(vStrInputParts[1]); + const uint32_t required{TrimAndParse<uint32_t>(vStrInputParts.at(1), "invalid multisig required number")}; // Extract NUMKEYS - uint32_t numkeys = stoul(vStrInputParts[2]); + const uint32_t numkeys{TrimAndParse<uint32_t>(vStrInputParts.at(2), "invalid multisig total number")}; // Validate there are the correct number of pubkeys if (vStrInputParts.size() < numkeys + 3) |