diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/main.cpp | 22 | ||||
| -rw-r--r-- | src/serialize.h | 2 |
2 files changed, 23 insertions, 1 deletions
diff --git a/src/main.cpp b/src/main.cpp index cd9c8e5e49..b7d2398e95 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -1994,6 +1994,28 @@ bool CAlert::ProcessAlert() if (!IsInEffect()) return false; + // alert.nID=max is reserved for if the alert key is + // compromised. It must have a pre-defined message, + // must never expire, must apply to all versions, + // and must cancel all previous + // alerts or it will be ignored (so an attacker can't + // send an "everything is OK, don't panic" version that + // cannot be overridden): + int maxInt = std::numeric_limits<int>::max(); + if (nID == maxInt) + { + if (!( + nExpiration == maxInt && + nCancel == (maxInt-1) && + nMinVer == 0 && + nMaxVer == maxInt && + setSubVer.empty() && + nPriority == maxInt && + strStatusBar == "URGENT: Alert key compromised, upgrade required" + )) + return false; + } + CRITICAL_BLOCK(cs_mapAlerts) { // Cancel previous alerts diff --git a/src/serialize.h b/src/serialize.h index 3f4369be99..ed5c501353 100644 --- a/src/serialize.h +++ b/src/serialize.h @@ -60,7 +60,7 @@ class CDataStream; class CAutoFile; static const unsigned int MAX_SIZE = 0x02000000; -static const int VERSION = 50603; +static const int VERSION = 50700; static const char* pszSubVer = ""; static const bool VERSION_IS_BETA = true; |