monero-project
/
monero
mirror of https://github.com/monero-project/monero
7
0
Fork 2
Code Issues Releases Wiki Activity

blockchain_db: harden code against invalid input types

Browse Source 
If an invalid input type were to get to this, the code could
remove key images that might be present already in the chain,
which could allow a double spend, even if this is impossible
with the current code.

Reported by KeyboardWarrior.
pull/7633/head
moneromooo-monero 3 years ago
parent dcba757dd2
commit f6e2636493
No known key found for this signature in database
GPG Key ID: 686F07454D6CEFC3
1 changed files with 2 additions and 9 deletions
Show Stats Download Patch File Download Diff File

11
src/blockchain_db/blockchain_db.cpp
Unescape View File

@ -216,15 +216,8 @@ void BlockchainDB::add_transaction(const crypto::hash& blk_hash, const std::pair
}
else
{
LOG_PRINT_L1("Unsupported input type, removing key images and aborting transaction addition");
for (const txin_v& tx_input : tx.vin)
{
if (tx_input.type() == typeid(txin_to_key))
{
remove_spent_key(boost::get<txin_to_key>(tx_input).k_image);
}
}
return;
LOG_PRINT_L1("Unsupported input type, aborting transaction addition");
throw std::runtime_error("Unexpected input type, aborting");
}
}

Write Preview
Loading…
Cancel
Save