[0.19] psbt: check that various indexes and amounts are within bounds #18079

pull luke-jr wants to merge 2 commits into bitcoin:0.19 from luke-jr:psbt_fix_pr17156-0.19.1 changing 6 files +72 −4
  1. luke-jr commented at 10:57 pm on February 5, 2020: member
    Backport of #17156, non-trivial due to crossing the refactor in #17371
  2. Don't calculate tx fees for PSBTs with invalid money values
    In decodepsbt if an invalid amount is seen, don't calculate the fee
    but still show the invalid value in the decode.
    
    In analyze psbt, if an invalid amount is seen, set the next step to
    be the creator as the creator needs to remake the transaction so that
    it is valid.
    
    Github-Pull: #17156
    Rebased-From: f1ef7f0aa46338f4cd8de79696027a1bf868f359
    1cf77a2dc3
  3. luke-jr requested review from achow101 on Feb 5, 2020
  4. fanquake added the label Backport on Feb 5, 2020
  5. fanquake added the label PSBT on Feb 5, 2020
  6. fanquake commented at 6:14 am on February 6, 2020: member

    Looks like this needs some changes:

    0wallet/test/psbt_wallet_tests.cpp: In member function ‘void psbt_wallet_tests::psbt_updater_test::test_method()’:
    1wallet/test/psbt_wallet_tests.cpp:77:48: error: ‘class CWallet’ has no member named ‘GetSigningProvider’
    2     const SigningProvider* provider = m_wallet.GetSigningProvider(ws1, sigdata);
    3                                                ^
    4make[2]: *** [wallet/test/test_test_bitcoin-psbt_wallet_tests.o] Error 1
    
  7. fanquake added the label Waiting for author on Feb 6, 2020
  8. psbt: check output index is within bounds before accessing
    Github-Pull: #17156
    Rebased-From: deaa6dd144f5650b385658a0c4f9a014aff8dde2
    f5fb7fca96
  9. luke-jr force-pushed on Feb 6, 2020
  10. luke-jr commented at 11:23 pm on February 6, 2020: member
    Fixed (SignPSBTInput’s first argument is simply the wallet in 0.19)
  11. luke-jr requested review from laanwj on Feb 6, 2020
  12. luke-jr requested review from MarcoFalke on Feb 6, 2020
  13. luke-jr requested review from practicalswift on Feb 6, 2020
  14. luke-jr requested review from promag on Feb 6, 2020
  15. luke-jr requested review from Sjors on Feb 6, 2020
  16. fanquake removed the label Waiting for author on Feb 6, 2020
  17. laanwj commented at 12:29 pm on February 10, 2020: member
    Backport looks good to me, backported test looks good to me (and passes). ACK f5fb7fca969cd43318384bec46bb7687b1a529fd
  18. laanwj approved
  19. laanwj referenced this in commit ba0b7e1296 on Feb 10, 2020
  20. laanwj merged this on Feb 10, 2020
  21. laanwj closed this on Feb 10, 2020

  22. dgpv commented at 2:24 pm on February 10, 2020: contributor

    The checks correctly detect the case when the sum of amounts of inputs or outputs (rather than individual amounts) exceed MoneyRange, but as AFAICT the tests do not test for these conditions.

    Here’s two test PSBT that exhibit the conditions, please use them to add to the tests if you’d like:

    sum of input amounts is out of valid range: cHNidP8BAJoCAAAAAvA00BFgAm6tp86RowwH6BMImQNL5zXUcTT97XoLGz0BAAAAAAD/////8DTQEWACbq2nzpGjDAfoEwiZA0vnNdRxNP3tegsbPQEBAAAAAP////8CAPkClQAAAAAWABQo3DTHwdFy0CCa+h6+bi7VJs3tcvztApUAAAAAFgAU9yTiAXuIvg0vjC19EAqBBuCGJNQAAAAAAAEBHwAAu8VkQwQAFgAU1EyyBQKdNymMjX5teAIUYQ+kIc0AAQEfAAC7xWRDBAAWABSSuJ3ylxfvTwYlM3tgxCBvDoOVXgAAAA==

    sum of output amounts is out of valid range: cHNidP8BAHECAAAAAfA00BFgAm6tp86RowwH6BMImQNL5zXUcTT97XoLGz0BAAAAAAD/////AgAAu8VkQwQAFgAUKNw0x8HRctAgmvoevm4u1SbN7XIAALvFZEMEABYAFPck4gF7iL4NL4wtfRAKgQbghiTUAAAAAAABAR+AsU8BAAAAABYAFJUDtxf2PHo641HEOBOAIvFMNTr2AAAA

  23. MarkLTZ referenced this in commit d99bc96496 on Feb 13, 2020
  24. Munkybooty referenced this in commit 6696b971e2 on Dec 9, 2021
  25. Munkybooty referenced this in commit 5c1e04fb24 on Dec 9, 2021
  26. Munkybooty referenced this in commit 86284f11f4 on Dec 9, 2021
  27. Munkybooty referenced this in commit b66b23919d on Dec 9, 2021
  28. Munkybooty referenced this in commit 2688da5330 on Dec 9, 2021
  29. Munkybooty referenced this in commit 1ad87663be on Dec 9, 2021
  30. Munkybooty referenced this in commit 2c5ea77983 on Dec 23, 2021
  31. DrahtBot locked this on Feb 15, 2022

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-21 15:12 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me