From 4d3b091eb269a6cc275aba669b86079639dd9676 Mon Sep 17 00:00:00 2001 From: Jeremiah Buddenhagen Date: Mon, 1 Oct 2018 12:12:15 -0700 Subject: [PATCH] CVE-2018-17144 fix https://bitcoincore.org/en/2018/09/20/notice/ --- src/consensus/tx_verify.cpp | 16 +++++++--------- src/consensus/tx_verify.h | 2 +- src/validation.cpp | 2 +- 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/src/consensus/tx_verify.cpp b/src/consensus/tx_verify.cpp index 9878a29ab..1380f7ac8 100755 --- a/src/consensus/tx_verify.cpp +++ b/src/consensus/tx_verify.cpp @@ -157,7 +157,7 @@ int64_t GetTransactionSigOpCost(const CTransaction& tx, const CCoinsViewCache& i return nSigOps; } -bool CheckTransaction(const CTransaction& tx, CValidationState &state, bool fCheckDuplicateInputs) +bool CheckTransaction(const CTransaction& tx, CValidationState &state) { // Basic checks that don't depend on any context if (tx.vin.empty()) @@ -181,14 +181,12 @@ bool CheckTransaction(const CTransaction& tx, CValidationState &state, bool fChe return state.DoS(100, false, REJECT_INVALID, "bad-txns-txouttotal-toolarge"); } - // Check for duplicate inputs - note that this check is slow so we skip it in CheckBlock - if (fCheckDuplicateInputs) { - std::set vInOutPoints; - for (const auto& txin : tx.vin) - { - if (!vInOutPoints.insert(txin.prevout).second) - return state.DoS(100, false, REJECT_INVALID, "bad-txns-inputs-duplicate"); - } + // Check for duplicate inputs - note that this check is slow (no longer skipped due to CVE-2018-17144) + std::set vInOutPoints; + for (const auto& txin : tx.vin) + { + if (!vInOutPoints.insert(txin.prevout).second) + return state.DoS(100, false, REJECT_INVALID, "bad-txns-inputs-duplicate"); } if (tx.IsCoinBase()) diff --git a/src/consensus/tx_verify.h b/src/consensus/tx_verify.h index d1f401a52..50122660b 100755 --- a/src/consensus/tx_verify.h +++ b/src/consensus/tx_verify.h @@ -17,7 +17,7 @@ class CValidationState; /** Transaction validation functions */ /** Context-independent validity checks */ -bool CheckTransaction(const CTransaction& tx, CValidationState& state, bool fCheckDuplicateInputs=true); +bool CheckTransaction(const CTransaction& tx, CValidationState& state); namespace Consensus { /** diff --git a/src/validation.cpp b/src/validation.cpp index 1c37b036b..521f55ce6 100755 --- a/src/validation.cpp +++ b/src/validation.cpp @@ -2824,7 +2824,7 @@ bool CheckBlock(const CBlock& block, CValidationState& state, const Consensus::P // Check transactions for (const auto& tx : block.vtx) - if (!CheckTransaction(*tx, state, false)) + if (!CheckTransaction(*tx, state)) return state.Invalid(false, state.GetRejectCode(), state.GetRejectReason(), strprintf("Transaction check failed (tx hash %s) %s", tx->GetHash().ToString(), state.GetDebugMessage()));