blockchain: reject unsorted ins and outs from v7
This ensures no information is leaked by the ordering
This commit is contained in:
parent
16afab900d
commit
6137a0b94d
|
@ -32,12 +32,18 @@
|
||||||
|
|
||||||
#include <vector>
|
#include <vector>
|
||||||
#include <functional>
|
#include <functional>
|
||||||
|
#include "misc_log_ex.h"
|
||||||
|
|
||||||
namespace tools
|
namespace tools
|
||||||
{
|
{
|
||||||
|
|
||||||
void apply_permutation(std::vector<size_t> permutation, const std::function<void(size_t, size_t)> &swap)
|
template<typename F>
|
||||||
|
void apply_permutation(std::vector<size_t> permutation, const F &swap)
|
||||||
{
|
{
|
||||||
|
//sanity check
|
||||||
|
for (size_t n = 0; n < permutation.size(); ++n)
|
||||||
|
CHECK_AND_ASSERT_THROW_MES(std::find(permutation.begin(), permutation.end(), n) != permutation.end(), "Bad permutation");
|
||||||
|
|
||||||
for (size_t i = 0; i < permutation.size(); ++i)
|
for (size_t i = 0; i < permutation.size(); ++i)
|
||||||
{
|
{
|
||||||
size_t current = i;
|
size_t current = i;
|
||||||
|
@ -55,6 +61,7 @@ void apply_permutation(std::vector<size_t> permutation, const std::function<void
|
||||||
template<typename T>
|
template<typename T>
|
||||||
void apply_permutation(const std::vector<size_t> &permutation, std::vector<T> &v)
|
void apply_permutation(const std::vector<size_t> &permutation, std::vector<T> &v)
|
||||||
{
|
{
|
||||||
|
CHECK_AND_ASSERT_THROW_MES(permutation.size() == v.size(), "Mismatched vector sizes");
|
||||||
apply_permutation(permutation, [&v](size_t i0, size_t i1){ std::swap(v[i0], v[i1]); });
|
apply_permutation(permutation, [&v](size_t i0, size_t i1){ std::swap(v[i0], v[i1]); });
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -2333,6 +2333,26 @@ bool Blockchain::check_tx_outputs(const transaction& tx, tx_verification_context
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// from v7, sorted outs
|
||||||
|
if (m_hardfork->get_current_version() >= 7) {
|
||||||
|
const crypto::public_key *last_key = NULL;
|
||||||
|
for (size_t n = 0; n < tx.vout.size(); ++n)
|
||||||
|
{
|
||||||
|
const tx_out &o = tx.vout[n];
|
||||||
|
if (o.target.type() == typeid(txout_to_key))
|
||||||
|
{
|
||||||
|
const txout_to_key& out_to_key = boost::get<txout_to_key>(o.target);
|
||||||
|
if (last_key && memcmp(&out_to_key.key, last_key, sizeof(*last_key)) >= 0)
|
||||||
|
{
|
||||||
|
MERROR_VER("transaction has unsorted outputs");
|
||||||
|
tvc.m_invalid_output = true;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
last_key = &out_to_key.key;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
//------------------------------------------------------------------
|
//------------------------------------------------------------------
|
||||||
|
@ -2501,6 +2521,25 @@ bool Blockchain::check_tx_inputs(transaction& tx, tx_verification_context &tvc,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// from v7, sorted ins
|
||||||
|
if (hf_version >= 7) {
|
||||||
|
const crypto::key_image *last_key_image = NULL;
|
||||||
|
for (size_t n = 0; n < tx.vin.size(); ++n)
|
||||||
|
{
|
||||||
|
const txin_v &txin = tx.vin[n];
|
||||||
|
if (txin.type() == typeid(txin_to_key))
|
||||||
|
{
|
||||||
|
const txin_to_key& in_to_key = boost::get<txin_to_key>(txin);
|
||||||
|
if (last_key_image && memcmp(&in_to_key.k_image, last_key_image, sizeof(*last_key_image)) >= 0)
|
||||||
|
{
|
||||||
|
MERROR_VER("transaction has unsorted inputs");
|
||||||
|
tvc.m_verifivation_failed = true;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
last_key_image = &in_to_key.k_image;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
auto it = m_check_txin_table.find(tx_prefix_hash);
|
auto it = m_check_txin_table.find(tx_prefix_hash);
|
||||||
if(it == m_check_txin_table.end())
|
if(it == m_check_txin_table.end())
|
||||||
{
|
{
|
||||||
|
|
|
@ -43,3 +43,32 @@ TEST(apply_permutation, reorder)
|
||||||
tools::apply_permutation({3, 5, 6, 1, 2, 4, 0}, v);
|
tools::apply_permutation({3, 5, 6, 1, 2, 4, 0}, v);
|
||||||
ASSERT_EQ(v, std::vector<int>({1, 2, 4, 4, 6, 7, 8}));
|
ASSERT_EQ(v, std::vector<int>({1, 2, 4, 4, 6, 7, 8}));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
TEST(apply_permutation, bad_size)
|
||||||
|
{
|
||||||
|
std::vector<int> v_large = {8, 4, 6, 1, 7, 2, 4, 9};
|
||||||
|
std::vector<int> v_small = {8, 4, 6, 1, 7, 2};
|
||||||
|
try
|
||||||
|
{
|
||||||
|
tools::apply_permutation({3, 5, 6, 1, 2, 4, 0}, v_large);
|
||||||
|
ASSERT_FALSE(true);
|
||||||
|
}
|
||||||
|
catch (const std::exception &e) {}
|
||||||
|
try
|
||||||
|
{
|
||||||
|
tools::apply_permutation({3, 5, 6, 1, 2, 4, 0}, v_small);
|
||||||
|
ASSERT_FALSE(true);
|
||||||
|
}
|
||||||
|
catch (const std::exception &e) {}
|
||||||
|
}
|
||||||
|
|
||||||
|
TEST(apply_permutation, bad_permutation)
|
||||||
|
{
|
||||||
|
std::vector<int> v = {8, 4, 6, 1, 7, 2, 4};
|
||||||
|
try
|
||||||
|
{
|
||||||
|
tools::apply_permutation({3, 5, 6, 1, 2, 4, 1}, v);
|
||||||
|
ASSERT_FALSE(true);
|
||||||
|
}
|
||||||
|
catch (const std::exception &e) {}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue