aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/validation.cpp8
-rw-r--r--test/sanitizer_suppressions/ubsan3
2 files changed, 8 insertions, 3 deletions
diff --git a/src/validation.cpp b/src/validation.cpp
index 5e3d429c2e..dceceefbdc 100644
--- a/src/validation.cpp
+++ b/src/validation.cpp
@@ -4989,6 +4989,14 @@ bool ChainstateManager::PopulateAndValidateSnapshot(
coins_count - coins_left);
return false;
}
+ if (coin.nHeight > base_height ||
+ outpoint.n >= std::numeric_limits<decltype(outpoint.n)>::max() // Avoid integer wrap-around in coinstats.cpp:ApplyHash
+ ) {
+ LogPrintf("[snapshot] bad snapshot data after deserializing %d coins\n",
+ coins_count - coins_left);
+ return false;
+ }
+
coins_cache.EmplaceCoinInternalDANGER(std::move(outpoint), std::move(coin));
--coins_left;
diff --git a/test/sanitizer_suppressions/ubsan b/test/sanitizer_suppressions/ubsan
index 877adaccec..2850cfcea5 100644
--- a/test/sanitizer_suppressions/ubsan
+++ b/test/sanitizer_suppressions/ubsan
@@ -34,9 +34,6 @@ unsigned-integer-overflow:crypto/
unsigned-integer-overflow:FuzzedDataProvider.h
unsigned-integer-overflow:hash.cpp
unsigned-integer-overflow:leveldb/
-# temporary coinstats suppressions (will be removed and fixed in https://github.com/bitcoin/bitcoin/pull/22146)
-unsigned-integer-overflow:node/coinstats.cpp
-signed-integer-overflow:node/coinstats.cpp
unsigned-integer-overflow:policy/fees.cpp
unsigned-integer-overflow:prevector.h
unsigned-integer-overflow:pubkey.h
generated by cgit v1.2.3 (git 2.26.2) at 2024-09-03 04:17:52 +0000