aboutsummaryrefslogtreecommitdiff
path: root/src/ringct
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2016-12-07 22:09:43 +0000
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2016-12-07 22:09:43 +0000
commit2f1732a7e5baf6661ef8d9573754f0388ecba56f (patch)
tree43983706b28b9c1deeb66aa6b528822d38882247 /src/ringct
parentMerge pull request #1403 (diff)
downloadmonero-2f1732a7e5baf6661ef8d9573754f0388ecba56f.tar.xz
ringct: guard against bad data exceptions in worker threads
If purported pubkeys aren't actually valid pubkeys, exceptions will fly. These will terminate if thrown in a worker thread. Guard against this.
Diffstat (limited to '')
-rw-r--r--src/ringct/rctSigs.cpp14
1 files changed, 14 insertions, 0 deletions
diff --git a/src/ringct/rctSigs.cpp b/src/ringct/rctSigs.cpp
index b773be1e5..0727c6be6 100644
--- a/src/ringct/rctSigs.cpp
+++ b/src/ringct/rctSigs.cpp
@@ -335,6 +335,8 @@ namespace rct {
// mask is a such that C = aG + bH, and b = amount
//verRange verifies that \sum Ci = C and that each Ci is a commitment to 0 or 2^i
bool verRange(const key & C, const rangeSig & as) {
+ try
+ {
PERF_TIMER(verRange);
key64 CiH;
int i = 0;
@@ -348,6 +350,9 @@ namespace rct {
if (!VerASNL(as.Ci, CiH, as.asig))
return false;
return true;
+ }
+ // we can get deep throws from ge_frombytes_vartime if input isn't valid
+ catch (...) { return false; }
}
key get_pre_mlsag_hash(const rctSig &rv)
@@ -513,6 +518,8 @@ namespace rct {
//This does a simplified version, assuming only post Rct
//inputs
bool verRctMGSimple(const key &message, const mgSig &mg, const ctkeyV & pubs, const key & C) {
+ try
+ {
PERF_TIMER(verRctMGSimple);
//setup vars
size_t rows = 1;
@@ -528,6 +535,8 @@ namespace rct {
}
//DP(C);
return MLSAG_Ver(message, M, mg, rows);
+ }
+ catch (...) { return false; }
}
@@ -790,6 +799,8 @@ namespace rct {
//ver RingCT simple
//assumes only post-rct style inputs (at least for max anonymity)
bool verRctSimple(const rctSig & rv) {
+ try
+ {
PERF_TIMER(verRctSimple);
CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple, false, "verRctSimple called on non simple rctSig");
@@ -860,6 +871,9 @@ namespace rct {
}
return true;
+ }
+ // we can get deep throws from ge_frombytes_vartime if input isn't valid
+ catch (...) { return false; }
}
//RingCT protocol