Added comments referencing multiple CVEs in tests and production code.

This commit adds comments referencing multiple CVEs both in production and test code. CVEs covered in this commit: CVE-2010-5137 CVE-2010-5139 CVE-2010-5141 CVE-2012-1909 CVE-2012-2459 CVE-2012-3789 CVE-2018-17144
author: lucash-dev <lucash.dev@gmail.com> 2018-11-10 09:11:22 -0800
committer: lucash-dev <lucash.dev@gmail.com> 2019-06-02 10:25:03 -0700
commit: 38bfca6bb2ad68719415e9c54a981441052da072 (patch)
tree: fb2686c0635b1e4db76eb779df0fd2800d0a7c53 /test/functional/mempool_accept.py
parent: c7cfd20a77ce57d200b3b9e5e0dfb0d63818abdc (diff)
download: bitcoin-38bfca6bb2ad68719415e9c54a981441052da072.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/test/functional/mempool_accept.py b/test/functional/mempool_accept.py
index 2bb5d8ab7d..a94187ab90 100755
--- a/test/functional/mempool_accept.py
+++ b/test/functional/mempool_accept.py
@@ -212,6 +212,7 @@ class MempoolAcceptanceTest(BitcoinTestFramework):
             rawtxs=[tx.serialize().hex()],
         )
 
+        # The following two validations prevent overflow of the output amounts (see CVE-2010-5139).
         self.log.info('A transaction with too large output value')
         tx.deserialize(BytesIO(hex_str_to_bytes(raw_tx_reference)))
         tx.vout[0].nValue = 21000000 * COIN + 1
author	lucash-dev <lucash.dev@gmail.com>	2018-11-10 09:11:22 -0800
committer	lucash-dev <lucash.dev@gmail.com>	2019-06-02 10:25:03 -0700
commit	38bfca6bb2ad68719415e9c54a981441052da072 (patch)
tree	fb2686c0635b1e4db76eb779df0fd2800d0a7c53 /test/functional/mempool_accept.py
parent	c7cfd20a77ce57d200b3b9e5e0dfb0d63818abdc (diff)
download	bitcoin-38bfca6bb2ad68719415e9c54a981441052da072.tar.xz