From 5fae0c50a17aa4c7f4d8fb96cef71a71c647823c Mon Sep 17 00:00:00 2001
From: Christopher Jeffrey <chjjeffrey@gmail.com>
Date: Fri, 25 Aug 2017 08:08:31 -0700
Subject: [PATCH] script: enforce stack size on unexecuted branches.

This primarily only affects zero-length scripts. An input script which pushed
this many items onto the stack without failing _is not possible_, but with
segwit, it is possible. However, a witness program would fail due to cleanstack
before there would be any kind of consensus fault. In other words, without this
fix, we still remain in consensus with bitcoin core, but ideally we should want
to fail for the same reason.
---
 lib/script/script.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/script/script.js b/lib/script/script.js
index 3aedf8c2..34b84c6e 100644
--- a/lib/script/script.js
+++ b/lib/script/script.js
@@ -589,8 +589,11 @@ Script.prototype.execute = function execute(stack, flags, tx, index, value, vers
     if (op.isDisabled())
       throw new ScriptError('DISABLED_OPCODE', op, ip);
 
-    if (negate && !op.isBranch())
+    if (negate && !op.isBranch()) {
+      if (stack.length + alt.length > consensus.MAX_SCRIPT_STACK)
+        throw new ScriptError('STACK_SIZE', op, ip);
       continue;
+    }
 
     if (op.data) {
       if (minimal && !op.isMinimal())