From f6e2636493970f3cf3279fd9773efe211868ffb4 Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Wed, 24 Mar 2021 21:42:09 +0000 Subject: blockchain_db: harden code against invalid input types If an invalid input type were to get to this, the code could remove key images that might be present already in the chain, which could allow a double spend, even if this is impossible with the current code. Reported by KeyboardWarrior. --- src/blockchain_db/blockchain_db.cpp | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/src/blockchain_db/blockchain_db.cpp b/src/blockchain_db/blockchain_db.cpp index 5e12fa8ec..a84a4148d 100644 --- a/src/blockchain_db/blockchain_db.cpp +++ b/src/blockchain_db/blockchain_db.cpp @@ -216,15 +216,8 @@ void BlockchainDB::add_transaction(const crypto::hash& blk_hash, const std::pair } else { - LOG_PRINT_L1("Unsupported input type, removing key images and aborting transaction addition"); - for (const txin_v& tx_input : tx.vin) - { - if (tx_input.type() == typeid(txin_to_key)) - { - remove_spent_key(boost::get(tx_input).k_image); - } - } - return; + LOG_PRINT_L1("Unsupported input type, aborting transaction addition"); + throw std::runtime_error("Unexpected input type, aborting"); } } -- cgit v1.2.3