[0.19] psbt: check that various indexes and amounts are within bounds #18079

pull luke-jr wants to merge 2 commits into bitcoin:0.19 from luke-jr:psbt_fix_pr17156-0.19.1 changing 6 files +72 −4

luke-jr commented at 10:57 pm on February 5, 2020: member

Backport of #17156, non-trivial due to crossing the refactor in #17371

Don't calculate tx fees for PSBTs with invalid money values

In decodepsbt if an invalid amount is seen, don't calculate the fee
but still show the invalid value in the decode.

In analyze psbt, if an invalid amount is seen, set the next step to
be the creator as the creator needs to remake the transaction so that
it is valid.

Github-Pull: #17156
Rebased-From: f1ef7f0aa46338f4cd8de79696027a1bf868f359

1cf77a2dc3

luke-jr requested review from achow101 on Feb 5, 2020
fanquake added the label Backport on Feb 5, 2020
fanquake added the label PSBT on Feb 5, 2020

fanquake commented at 6:14 am on February 6, 2020: member

Looks like this needs some changes:

0wallet/test/psbt_wallet_tests.cpp: In member function ‘void psbt_wallet_tests::psbt_updater_test::test_method()’:
1wallet/test/psbt_wallet_tests.cpp:77:48: error: ‘class CWallet’ has no member named ‘GetSigningProvider’
2     const SigningProvider* provider = m_wallet.GetSigningProvider(ws1, sigdata);
3                                                ^
4make[2]: *** [wallet/test/test_test_bitcoin-psbt_wallet_tests.o] Error 1

fanquake added the label Waiting for author on Feb 6, 2020

psbt: check output index is within bounds before accessing

Github-Pull: #17156
Rebased-From: deaa6dd144f5650b385658a0c4f9a014aff8dde2

f5fb7fca96

luke-jr force-pushed on Feb 6, 2020
luke-jr commented at 11:23 pm on February 6, 2020: member

Fixed (SignPSBTInput’s first argument is simply the wallet in 0.19)
luke-jr requested review from laanwj on Feb 6, 2020
luke-jr requested review from MarcoFalke on Feb 6, 2020
luke-jr requested review from practicalswift on Feb 6, 2020
luke-jr requested review from promag on Feb 6, 2020
luke-jr requested review from Sjors on Feb 6, 2020
fanquake removed the label Waiting for author on Feb 6, 2020
laanwj commented at 12:29 pm on February 10, 2020: member

Backport looks good to me, backported test looks good to me (and passes). ACK f5fb7fca969cd43318384bec46bb7687b1a529fd
laanwj approved
laanwj referenced this in commit ba0b7e1296 on Feb 10, 2020
laanwj merged this on Feb 10, 2020
laanwj closed this on Feb 10, 2020
dgpv commented at 2:24 pm on February 10, 2020: contributor

The checks correctly detect the case when the sum of amounts of inputs or outputs (rather than individual amounts) exceed MoneyRange, but as AFAICT the tests do not test for these conditions.

Here’s two test PSBT that exhibit the conditions, please use them to add to the tests if you’d like:

sum of input amounts is out of valid range: cHNidP8BAJoCAAAAAvA00BFgAm6tp86RowwH6BMImQNL5zXUcTT97XoLGz0BAAAAAAD/////8DTQEWACbq2nzpGjDAfoEwiZA0vnNdRxNP3tegsbPQEBAAAAAP////8CAPkClQAAAAAWABQo3DTHwdFy0CCa+h6+bi7VJs3tcvztApUAAAAAFgAU9yTiAXuIvg0vjC19EAqBBuCGJNQAAAAAAAEBHwAAu8VkQwQAFgAU1EyyBQKdNymMjX5teAIUYQ+kIc0AAQEfAAC7xWRDBAAWABSSuJ3ylxfvTwYlM3tgxCBvDoOVXgAAAA==

sum of output amounts is out of valid range: cHNidP8BAHECAAAAAfA00BFgAm6tp86RowwH6BMImQNL5zXUcTT97XoLGz0BAAAAAAD/////AgAAu8VkQwQAFgAUKNw0x8HRctAgmvoevm4u1SbN7XIAALvFZEMEABYAFPck4gF7iL4NL4wtfRAKgQbghiTUAAAAAAABAR+AsU8BAAAAABYAFJUDtxf2PHo641HEOBOAIvFMNTr2AAAA
MarkLTZ referenced this in commit d99bc96496 on Feb 13, 2020
Munkybooty referenced this in commit 6696b971e2 on Dec 9, 2021
Munkybooty referenced this in commit 5c1e04fb24 on Dec 9, 2021
Munkybooty referenced this in commit 86284f11f4 on Dec 9, 2021
Munkybooty referenced this in commit b66b23919d on Dec 9, 2021
Munkybooty referenced this in commit 2688da5330 on Dec 9, 2021
Munkybooty referenced this in commit 1ad87663be on Dec 9, 2021
Munkybooty referenced this in commit 2c5ea77983 on Dec 23, 2021
DrahtBot locked this on Feb 15, 2022

Contributors
luke-jr fanquake laanwj dgpv

Review Requested
Sjors promag achow101 MarcoFalke practicalswift

Labels
Backport PSBT