diff options
author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-09-12 21:41:30 +0100 |
---|---|---|
committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-09-18 11:23:15 +0100 |
commit | 6137a0b94d86e9f1c3321969da1c74f1d5e72b4f (patch) | |
tree | 5f22756053d60d8200e138192c94cd918911871e | |
parent | core: sort ins and outs key key image and public key, respectively (diff) | |
download | monero-6137a0b94d86e9f1c3321969da1c74f1d5e72b4f.tar.xz |
blockchain: reject unsorted ins and outs from v7
This ensures no information is leaked by the ordering
-rw-r--r-- | src/common/apply_permutation.h | 9 | ||||
-rw-r--r-- | src/cryptonote_core/blockchain.cpp | 39 | ||||
-rw-r--r-- | tests/unit_tests/apply_permutation.cpp | 29 |
3 files changed, 76 insertions, 1 deletions
diff --git a/src/common/apply_permutation.h b/src/common/apply_permutation.h index 4de224690..4fd952686 100644 --- a/src/common/apply_permutation.h +++ b/src/common/apply_permutation.h @@ -32,12 +32,18 @@ #include <vector> #include <functional> +#include "misc_log_ex.h" namespace tools { -void apply_permutation(std::vector<size_t> permutation, const std::function<void(size_t, size_t)> &swap) +template<typename F> +void apply_permutation(std::vector<size_t> permutation, const F &swap) { + //sanity check + for (size_t n = 0; n < permutation.size(); ++n) + CHECK_AND_ASSERT_THROW_MES(std::find(permutation.begin(), permutation.end(), n) != permutation.end(), "Bad permutation"); + for (size_t i = 0; i < permutation.size(); ++i) { size_t current = i; @@ -55,6 +61,7 @@ void apply_permutation(std::vector<size_t> permutation, const std::function<void template<typename T> void apply_permutation(const std::vector<size_t> &permutation, std::vector<T> &v) { + CHECK_AND_ASSERT_THROW_MES(permutation.size() == v.size(), "Mismatched vector sizes"); apply_permutation(permutation, [&v](size_t i0, size_t i1){ std::swap(v[i0], v[i1]); }); } diff --git a/src/cryptonote_core/blockchain.cpp b/src/cryptonote_core/blockchain.cpp index 93a4e26f8..c0d142979 100644 --- a/src/cryptonote_core/blockchain.cpp +++ b/src/cryptonote_core/blockchain.cpp @@ -2333,6 +2333,26 @@ bool Blockchain::check_tx_outputs(const transaction& tx, tx_verification_context } } + // from v7, sorted outs + if (m_hardfork->get_current_version() >= 7) { + const crypto::public_key *last_key = NULL; + for (size_t n = 0; n < tx.vout.size(); ++n) + { + const tx_out &o = tx.vout[n]; + if (o.target.type() == typeid(txout_to_key)) + { + const txout_to_key& out_to_key = boost::get<txout_to_key>(o.target); + if (last_key && memcmp(&out_to_key.key, last_key, sizeof(*last_key)) >= 0) + { + MERROR_VER("transaction has unsorted outputs"); + tvc.m_invalid_output = true; + return false; + } + last_key = &out_to_key.key; + } + } + } + return true; } //------------------------------------------------------------------ @@ -2501,6 +2521,25 @@ bool Blockchain::check_tx_inputs(transaction& tx, tx_verification_context &tvc, } } + // from v7, sorted ins + if (hf_version >= 7) { + const crypto::key_image *last_key_image = NULL; + for (size_t n = 0; n < tx.vin.size(); ++n) + { + const txin_v &txin = tx.vin[n]; + if (txin.type() == typeid(txin_to_key)) + { + const txin_to_key& in_to_key = boost::get<txin_to_key>(txin); + if (last_key_image && memcmp(&in_to_key.k_image, last_key_image, sizeof(*last_key_image)) >= 0) + { + MERROR_VER("transaction has unsorted inputs"); + tvc.m_verifivation_failed = true; + return false; + } + last_key_image = &in_to_key.k_image; + } + } + } auto it = m_check_txin_table.find(tx_prefix_hash); if(it == m_check_txin_table.end()) { diff --git a/tests/unit_tests/apply_permutation.cpp b/tests/unit_tests/apply_permutation.cpp index 888a00746..a008b74ee 100644 --- a/tests/unit_tests/apply_permutation.cpp +++ b/tests/unit_tests/apply_permutation.cpp @@ -43,3 +43,32 @@ TEST(apply_permutation, reorder) tools::apply_permutation({3, 5, 6, 1, 2, 4, 0}, v); ASSERT_EQ(v, std::vector<int>({1, 2, 4, 4, 6, 7, 8})); } + +TEST(apply_permutation, bad_size) +{ + std::vector<int> v_large = {8, 4, 6, 1, 7, 2, 4, 9}; + std::vector<int> v_small = {8, 4, 6, 1, 7, 2}; + try + { + tools::apply_permutation({3, 5, 6, 1, 2, 4, 0}, v_large); + ASSERT_FALSE(true); + } + catch (const std::exception &e) {} + try + { + tools::apply_permutation({3, 5, 6, 1, 2, 4, 0}, v_small); + ASSERT_FALSE(true); + } + catch (const std::exception &e) {} +} + +TEST(apply_permutation, bad_permutation) +{ + std::vector<int> v = {8, 4, 6, 1, 7, 2, 4}; + try + { + tools::apply_permutation({3, 5, 6, 1, 2, 4, 1}, v); + ASSERT_FALSE(true); + } + catch (const std::exception &e) {} +} |