diff options
| author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2016-12-07 22:09:43 +0000 |
|---|---|---|
| committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2016-12-07 22:09:43 +0000 |
| commit | 2f1732a7e5baf6661ef8d9573754f0388ecba56f (patch) | |
| tree | 43983706b28b9c1deeb66aa6b528822d38882247 | |
| parent | Merge pull request #1403 (diff) | |
| download | monero-2f1732a7e5baf6661ef8d9573754f0388ecba56f.tar.xz | |
ringct: guard against bad data exceptions in worker threads
If purported pubkeys aren't actually valid pubkeys, exceptions
will fly. These will terminate if thrown in a worker thread.
Guard against this.
| -rw-r--r-- | src/ringct/rctSigs.cpp | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/ringct/rctSigs.cpp b/src/ringct/rctSigs.cpp index b773be1e5..0727c6be6 100644 --- a/src/ringct/rctSigs.cpp +++ b/src/ringct/rctSigs.cpp @@ -335,6 +335,8 @@ namespace rct { // mask is a such that C = aG + bH, and b = amount //verRange verifies that \sum Ci = C and that each Ci is a commitment to 0 or 2^i bool verRange(const key & C, const rangeSig & as) { + try + { PERF_TIMER(verRange); key64 CiH; int i = 0; @@ -348,6 +350,9 @@ namespace rct { if (!VerASNL(as.Ci, CiH, as.asig)) return false; return true; + } + // we can get deep throws from ge_frombytes_vartime if input isn't valid + catch (...) { return false; } } key get_pre_mlsag_hash(const rctSig &rv) @@ -513,6 +518,8 @@ namespace rct { //This does a simplified version, assuming only post Rct //inputs bool verRctMGSimple(const key &message, const mgSig &mg, const ctkeyV & pubs, const key & C) { + try + { PERF_TIMER(verRctMGSimple); //setup vars size_t rows = 1; @@ -528,6 +535,8 @@ namespace rct { } //DP(C); return MLSAG_Ver(message, M, mg, rows); + } + catch (...) { return false; } } @@ -790,6 +799,8 @@ namespace rct { //ver RingCT simple //assumes only post-rct style inputs (at least for max anonymity) bool verRctSimple(const rctSig & rv) { + try + { PERF_TIMER(verRctSimple); CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple, false, "verRctSimple called on non simple rctSig"); @@ -860,6 +871,9 @@ namespace rct { } return true; + } + // we can get deep throws from ge_frombytes_vartime if input isn't valid + catch (...) { return false; } } //RingCT protocol |