From ac4e438229134595e949bfedb1f487c71fd45d24 Mon Sep 17 00:00:00 2001
From: Andrew Chow <achow101-github@achow101.com>
Date: Tue, 30 May 2017 15:43:07 -0700
Subject: Sanity check transaction scripts in DecodeHexTx

Make sure that the scripts of decoded transactions are valid scripts.
---
 src/script/script.cpp | 3 ++-
 src/script/script.h   | 3 +++
 2 files changed, 5 insertions(+), 1 deletion(-)

(limited to 'src/script')

diff --git a/src/script/script.cpp b/src/script/script.cpp
index a71fee19cf..a10b619f7d 100644
--- a/src/script/script.cpp
+++ b/src/script/script.cpp
@@ -273,7 +273,8 @@ bool CScript::HasValidOps() const
     CScript::const_iterator it = begin();
     while (it < end()) {
         opcodetype opcode;
-        if (!GetOp(it, opcode) || opcode > 0xb9) {
+        std::vector<unsigned char> item;
+        if (!GetOp(it, opcode, item) || opcode > MAX_OPCODE || item.size() > MAX_SCRIPT_ELEMENT_SIZE) {
             return false;
         }
     }
diff --git a/src/script/script.h b/src/script/script.h
index 25b80ef62b..23706b9826 100644
--- a/src/script/script.h
+++ b/src/script/script.h
@@ -190,6 +190,9 @@ enum opcodetype
     OP_INVALIDOPCODE = 0xff,
 };
 
+// Maximum value that an opcode can be
+static const unsigned int MAX_OPCODE = OP_NOP10;
+
 const char* GetOpName(opcodetype opcode);
 
 class scriptnum_error : public std::runtime_error
-- 
cgit v1.2.3