aboutsummaryrefslogtreecommitdiff
path: root/test/functional/data
AgeCommit message (Collapse)Author
2019-09-19Merge #16885: doc: Update tx-size-small comment with relevant CVE disclosurefanquake
c4b0c08f7c91bcef48dd023982ff132795575247 Update tx-size-small comment with relevant CVE disclosure (Gregory Sanders) Pull request description: Code first introduced under https://github.com/bitcoin/bitcoin/pull/11423 with essentially no description and no discussion. ACKs for top commit: MarcoFalke: ACK c4b0c08f7c91bcef48dd023982ff132795575247 fanquake: ACK c4b0c08f7c91bcef48dd023982ff132795575247 Tree-SHA512: 95d5c92998b8b1e944c477dbaee265b62612b6e815099ab31d9ff580b4dff777abaf7f326a284644709f918aa1510412d62310689b1250ef6e64de7b19ca9f71
2019-09-18Update tx-size-small comment with relevant CVE disclosureGregory Sanders
2019-09-18Merge #14696: qa: Add explicit references to related CVE's in ↵Wladimir J. van der Laan
p2p_invalid_block test. 0c62e3aa73839e97e65a3155e06a98d84b700a1e New regression testing for CVE-2018-17144, CVE-2012-2459, and CVE-2010-5137. (lucash-dev) 38bfca6bb2ad68719415e9c54a981441052da072 Added comments referencing multiple CVEs in tests and production code. (lucash-dev) Pull request description: This functional test includes two scenarios that test for regressions of vulnerabilities, but they are only briefly described. There are freely available documents explaining in detail the issues, but without explicit mentions, the developer trying to maintain the code needs an additional step of digging in commit history and PR conversations to figure it out. Added comments to explicitly mention CVE-2018-17144 and CVE-2012-2459, for more complete documentation. This improves developer experience by making understanding the tests easier. ACKs for top commit: laanwj: ACK 0c62e3aa73839e97e65a3155e06a98d84b700a1e, checked the CVE numbers, thanks for adding documentation Tree-SHA512: 3ee05351745193b8b959e4a25d50f25a693b2d24b0732ed53cf7d5882df40b5dd0f1877bd5c69cffb921d4a7acf9deb3cc1160b96dc730d9b5984151ad06b7c9
2019-09-16Merge #16845: test: Add notes on how to generate data/wallets/high_minversionMarcoFalke
2222c96deec0f636dee6e49efb745f29b06a40a5 test: Add notes on how to generate data/wallets/high_minversion (MarcoFalke) Pull request description: I forgot to do this in #16796 ACKs for top commit: ryanofsky: ACK 2222c96deec0f636dee6e49efb745f29b06a40a5 Tree-SHA512: 5f24ffa641b97eac4febad42ade7228b14fa72335c918a10880c5dec86a3ecc3075a31526f275188e07fea95b8e2c6320c64f716099f604b00e13d5366fcee37
2019-09-16test: Add notes on how to generate data/wallets/high_minversionMarcoFalke
2019-09-12Merge #16551: test: Test that low difficulty chain fork is rejectedMarcoFalke
333317ce6b67aa92f7363d48cd750712190b4b6b test: Test that low difficulty chain fork is rejected (MarcoFalke) fa31dc1bf4ee471c4641eef8de02702ba0619ae7 test: Pass down correct chain name in tests (MarcoFalke) Pull request description: To prevent OOM, Bitcoin Core will reject chain forks at low difficulty by default. This is the only use-case of checkpoints, so add a test for it to make sure the feature works as expected. If it didn't work, checkpoints would have no use-case and we might as well remove them ACKs for top commit: Sjors: Thanks for adding the node 1 example. Code review ACK 333317c Tree-SHA512: 90dffa540d0904f3cffb61d2382b1a26f84fe9560b7013e4461546383add31a8757b350616a6d43217c59ef7b8b2a1b62bb3bab582c679cbb2c660a782ce7be1
2019-09-03wallet: Fix segmentation fault in CreateWalletFromFileMarcoFalke
2019-08-16test: Test that low difficulty chain fork is rejectedMarcoFalke
2019-06-02New regression testing for CVE-2018-17144, CVE-2012-2459, and CVE-2010-5137.lucash-dev
CVE-2018-17144 and CVE-2012-2459 are only partially tested for regression. - CVE-2018-17144 is not tested for the inflation bug. - CVE-2012-2459 is only tested for the mutated block being rejected, not for the original block being accepted afterwards. This commit fixes that limitation. Also added functional test for CVE-2010-5137.
2019-05-10Merge #14802: rpc: faster getblockstats using BlockUndo dataMarcoFalke
d20d756752 rpc: faster getblockstats using BlockUndo data (Felix Weis) Pull request description: Using undo data for a block (rev?????.dat) we can retrieve value information about prevouts and calculate the final transaction fee (rate). This approach is about 80x faster, drops the requirement for `-txindex`, and works for all non-pruned blocks. ``` # 2018-11-25T16:36:19Z Bitcoin Core version v0.17.99.0-edc715240-dirty (release build) seq 550100 550200 0.00s user 0.00s system 62% cpu 0.004 total xargs -n1 src/bitcoin-cli getblockstats 0.21s user 0.19s system 17% cpu 2.302 total # 2018-11-25T16:39:17Z Bitcoin Core version v0.17.0 (release build) seq 550100 550200 0.00s user 0.00s system 87% cpu 0.002 total xargs -n1 src/bitcoin-cli getblockstats 0.24s user 0.22s system 0% cpu 3:19.42 total ``` ACKs for commit d20d75: MarcoFalke: re-utACK d20d7567528e216badb8475df298bb3cec008985 Tree-SHA512: 5babc3eb8d2fee2cb23dc12f522656b80737a540cbf2b13390a8f388304c46c064cca76f896b46a6e2abae8cc582d28e1ab20dd4bb17ad6142f20630c2d30c54
2019-05-10rpc: faster getblockstats using BlockUndo dataFelix Weis
Using undo data for a block (rev?????.dat) we can retrieve value information about prevouts and calculate the final transaction fee (rate). This approach is about 80x faster, drops the requirement for -txindex, and works for all non-pruned blocks.
2019-05-04Merge #15141: Rewrite DoS interface between validation and net_processingWladimir J. van der Laan
0ff1c2a838da9e8dc7f77609adc89124bbea3e2b Separate reason for premature spends (coinbase/locktime) (Suhas Daftuar) 54470e767bab37f9b7089782b1be73d5883bb244 Assert validation reasons are contextually correct (Suhas Daftuar) 2120c31521aa51aa1984ee33250b8320506d3a0f [refactor] Update some comments in validation.cpp as we arent doing DoS there (Matt Corallo) 12dbdd7a41bac73e51ed8f7b290b7671196bf9ea [refactor] Drop unused state.DoS(), state.GetDoS(), state.CorruptionPossible() (Matt Corallo) aa502b88d10c2c3ac56d9163555849b96dc4df1e scripted-diff: Remove DoS calls to CValidationState (Matt Corallo) 7721ad64f40a0c67edefaaf7353264d78df8803e [refactor] Prep for scripted-diff by removing some \ns which annoy sed. (Matt Corallo) 5e78c5734bb0c9aae7b0a7019a745b2d7059b3d9 Allow use of state.Invalid() for all reasons (Matt Corallo) 6b34bc6b6f54f85537494cbea3846d5d195a06d9 Fix handling of invalid headers (Suhas Daftuar) ef54b486d5333dfc85c56e6b933c81735196a25d [refactor] Use Reasons directly instead of DoS codes (Matt Corallo) 9ab2a0412e96e87956fe61257387683635213035 CorruptionPossible -> BLOCK_MUTATED (Matt Corallo) 6e55b292b0ea944897b6dc2f766446fd209af484 CorruptionPossible -> TX_WITNESS_MUTATED (Matt Corallo) 7df16e70e67c753c871797ce947ea09d7cb0e519 LookupBlockIndex -> CACHED_INVALID (Matt Corallo) c8b0d22698385f91215ce8145631e3d5826dc977 [refactor] Drop redundant nDoS, corruptionPossible, SetCorruptionPossible (Matt Corallo) 34477ccd39a8d4bfa8ad612f22d5a46291922185 [refactor] Add useful-for-dos "reason" field to CValidationState (Matt Corallo) 6a7f8777a0b193fae4f976196f3464ffac01bf1b Ban all peers for all block script failures (Suhas Daftuar) 7b999103e21509e1c2dec10f68e48744ffe90f55 Clean up banning levels (Matt Corallo) b8b4c80146780f9011abbd1be72343cc965c07b9 [refactor] drop IsInvalid(nDoSOut) (Matt Corallo) 8818729013e17c650a25f030b2b80e0997389155 [refactor] Refactor misbehavior ban decisions to MaybePunishNode() (Matt Corallo) 00e11e61c0211a62788611cd6a6714a393fdc26c [refactor] rename stateDummy -> orphan_state (Matt Corallo) f34fa719cf33a51d11f1d2219cbe73ccff6fd697 Drop obsolete sigops comment (Matt Corallo) Pull request description: This is a rebase of #11639 with some fixes for the last few comments which were not yet addressed. The original PR text, with some strikethroughs of text that is no longer correct: > This cleans up an old main-carryover - it made sense that main could decide what DoS scores to assign things because the DoS scores were handled in a different part of main, but now validation is telling net_processing what DoS scores to assign to different things, which is utter nonsense. Instead, we replace CValidationState's nDoS and CorruptionPossible with a general ValidationInvalidReason, which net_processing can handle as it sees fit. I keep the behavior changes here to a minimum, but in the future we can utilize these changes for other smarter behavior, such as disconnecting/preferring to rotate outbound peers based on them providing things which are invalid due to SOFT_FORK because we shouldn't ban for such cases. > > This is somewhat complementary with, though obviously conflicts heavily with #11523, which added enums in place of DoS scores, as well as a few other cleanups (which are still relevant). > > Compared with previous bans, the following changes are made: > > Txn with empty vin/vout or null prevouts move from 10 DoS > points to 100. > Loose transactions with a dependency loop now result in a ban > instead of 10 DoS points. > ~~BIP68-violation no longer results in a ban as it is SOFT_FORK.~~ > ~~Non-SegWit SigOp violation no longer results in a ban as it > considers P2SH sigops and is thus SOFT_FORK.~~ > ~~Any script violation in a block no longer results in a ban as > it may be the result of a SOFT_FORK. This should likely be > fixed in the future by differentiating between them.~~ > Proof of work failure moves from 50 DoS points to a ban. > Blocks with timestamps under MTP now result in a ban, blocks > too far in the future continue to not result in a ban. > Inclusion of non-final transactions in a block now results in a > ban instead of 10 DoS points. Note: The change to ban all peers for consensus violations is actually NOT the change I'd like to make -- I'd prefer to only ban outbound peers in those situations. The current behavior is a bit of a mess, however, and so in the interests of advancing this PR I tried to keep the changes to a minimum. I plan to revisit the behavior in a followup PR. EDIT: One reviewer suggested I add some additional context for this PR: > The goal of this work was to make net_processing aware of the actual reasons for validation failures, rather than just deal with opaque numbers instructing it to do something. > > In the future, I'd like to make it so that we use more context to decide how to punish a peer. One example is to differentiate inbound and outbound peer misbehaviors. Another potential example is if we'd treat RECENT_CONSENSUS_CHANGE failures differently (ie after the next consensus change is implemented), and perhaps again we'd want to treat some peers differently than others. ACKs for commit 0ff1c2: jnewbery: utACK 0ff1c2a838da9e8dc7f77609adc89124bbea3e2b ryanofsky: utACK 0ff1c2a838da9e8dc7f77609adc89124bbea3e2b. Only change is dropping the first commit (f3883a321bf4ab289edcd9754b12cae3a648b175), and dropping the temporary `assert(level == GetDoS())` that was in 35ee77f2832eaffce30042e00785c310c5540cdc (now c8b0d22698385f91215ce8145631e3d5826dc977) Tree-SHA512: e915a411100876398af5463d0a885920e44d473467bb6af991ef2e8f2681db6c1209bb60f848bd154be72d460f039b5653df20a6840352c5f7ea5486d9f777a3
2019-05-02Clean up banning levelsMatt Corallo
Compared with previous bans, the following changes are made: * Txn with empty vin/vout or null prevouts move from 10 DoS points to 100. * Loose transactions with a dependency loop now result in a ban instead of 10 DoS points. * Many pre-segwit soft-fork errors now result in a ban. Note: Transactions that violate soft-fork script flags since P2SH do not generally result in a ban. Also, banning behavior for invalid blocks is dependent on whether the node is validating with multiple script check threads, due to a long- standing bug. That inconsistency is still present after this commit. * Proof of work failure moves from 50 DoS points to a ban. * Blocks with timestamps under MTP now result in a ban, blocks too far in the future continue to *not* result in a ban. * Inclusion of non-final transactions in a block now results in a ban instead of 10 DoS points. Co-authored-by: Anthony Towns <aj@erisian.com.au>
2019-04-25Fix missing input template by making minimal txGregory Sanders
2018-11-27test: add invalid tx templates for use in functional testsJames O'Beirne
Add templates for easily constructing different kinds of invalid transactions and use them in feature_block and p2p_invalid_tx.
2018-10-03check that a separator is found for psbt inputs, outputs, and global mapAndrew Chow
2018-09-11Remove redundant BIP174 test from rpc_psbt.jsonaraspitzu
2018-08-14Merge #13917: Additional safety checks in PSBT signerWladimir J. van der Laan
5df6f089b53c5b5859e5a3454c026447e4752f82 More tests of signer checks (Andrew Chow) 7c8bffdc24e005c3044a9a80bbc227b2a39b8605 Test that a non-witness script as witness utxo is not signed (Andrew Chow) 8254e9950f67d750c7f5905bfdef526d825965ed Additional sanity checks in SignPSBTInput (Pieter Wuille) c05712cb590c8c76729a71d75a290c67ae9e3c06 Only wipe wrong UTXO type data if overwritten by wallet (Pieter Wuille) Pull request description: The current PSBT signing code can end up producing a non-segwit signature, while only the UTXO being spent is provided in the PSBT (as opposed to the entire transaction being spent). This may be used to trick a user to incorrectly decide a transaction has the semantics he intends to sign. Fix this by refusing to sign if there is any mismatch between the provided data and what is being signed. Tree-SHA512: b55790d79d8166e05513fc4c603a982a33710e79dc3c045060cddac6b48a1be3a28ebf8db63f988b6567b15dd27fd09bbaf48846e323c8635376ac20178956f4
2018-08-13Fix PSBT deserialization of 0-input transactionsAndrew Chow
0-input transactions can be ambiguously deserialized as being witness transactions. Since the unsigned transaction is never serialized as a witness transaction as it has no witnesses, we should always deserialize it as a non-witness transaction and set the serialization flags as such. Also always serialize the unsigned transaction as a non-witness transaction.
2018-08-13More tests of signer checksAndrew Chow
2018-08-13Test that a non-witness script as witness utxo is not signedAndrew Chow
2018-08-13Merge #13918: rpc: Replace median fee rate with feerate percentiles in ↵MarcoFalke
getblockstats 4b7091a842 Replace median fee rate with feerate percentiles (Marcin Jachymiak) Pull request description: Currently, the `medianfeerate` statistic is calculated from the feerate of the middle transaction of a list of transactions sorted by feerate. This PR instead uses the value of the 50th percentile weight unit in the block, and also calculates the feerate at the 10th, 25th, 75th, and 90th percentiles. This more accurately corresponds with what is generally meant by median feerate. Tree-SHA512: 59255e243df90d7afbe69839408c58c9723884b8ab82c66dc24a769e89c6d539db1905374a3f025ff28272fb25a0b90e92d8101103e39a6d9c0d60423a596714
2018-08-11Replace median fee rate with feerate percentilesMarcin Jachymiak
Removes medianfeerate result from getblockstats. Adds feerate_percentiles which give the feerate of the 10th, 25th, 50th, 75th, and 90th percentile weight unit in the block.
2018-08-09Always create 70 byte signatures with low R valuesAndrew Chow
When extra entropy is not specified by the caller, CKey::Sign will now always create a signature that has a low R value and is at most 70 bytes. The resulting signature on the stack will be 71 bytes when the sighash byte is included. Using low R signatures means that the resulting DER encoded signature will never need to have additional padding to account for high R values.
2018-07-19Fix merging of global unknown data in PSBTsAndrew Chow
Actually merge the global unknown key-value pairs. Add a test for merging unknown key-value pairs.
2018-07-19Check that PSBT keys are the correct lengthAndrew Chow
Checks that all of the one byte type keys are actually one byte and throw an error if they are not. Add tests for each type to check for this behavior.
2018-07-16Tests for PSBTAndrew Chow
Added functional tests for PSBT that test the RPCs. Also added all of the BIP 174 test vectors (except for the updater tests) in the functional tests. Added a Unit test for the BIP 174 updater test vector.
2018-05-22Tests: Add data fileAnthony Towns