From 26d039db0ae8cb54c6a41577d5ff78c01c420336 Mon Sep 17 00:00:00 2001
From: wowario <wowario@protonmail.com>
Date: Fri, 24 Feb 2023 09:58:44 +0300
Subject: [PATCH] from v20, limit tx extra size

---
 src/cryptonote_config.h            |  1 +
 src/cryptonote_core/blockchain.cpp | 12 ++++++++++++
 2 files changed, 13 insertions(+)

diff --git a/src/cryptonote_config.h b/src/cryptonote_config.h
index d3faf5946..8c0d3ce20 100644
--- a/src/cryptonote_config.h
+++ b/src/cryptonote_config.h
@@ -199,6 +199,7 @@
 #define HF_VERSION_BLOCK_HEADER_MINER_SIG       18
 #define HF_VERSION_VIEW_TAGS                    20
 #define HF_VERSION_2021_SCALING                 20
+#define HF_VERSION_CAP_TX_EXTRA_SIZE            20
 
 #define PER_KB_FEE_QUANTIZATION_DECIMALS        8
 #define CRYPTONOTE_SCALING_2021_FEE_ROUNDING_PLACES 2
diff --git a/src/cryptonote_core/blockchain.cpp b/src/cryptonote_core/blockchain.cpp
index 8c554ea27..16fe4206d 100644
--- a/src/cryptonote_core/blockchain.cpp
+++ b/src/cryptonote_core/blockchain.cpp
@@ -1449,6 +1449,11 @@ bool Blockchain::prevalidate_miner_transaction(const block& b, uint64_t height,
       }
   }
 
+  if (hf_version >= HF_VERSION_CAP_TX_EXTRA_SIZE && b.miner_tx.extra.size() > MAX_TX_EXTRA_SIZE)
+  {
+    MWARNING("coinbase transaction tx-extra is too big: " << b.miner_tx.extra.size() << " bytes, the limit is: " << MAX_TX_EXTRA_SIZE);
+    return false;
+  }
   LOG_PRINT_L3("Blockchain::" << __func__);
   CHECK_AND_ASSERT_MES(b.miner_tx.vin.size() == 1, false, "coinbase transaction in the block has no inputs");
   CHECK_AND_ASSERT_MES(b.miner_tx.vin[0].type() == typeid(txin_gen), false, "coinbase transaction in the block has the wrong type");
@@ -3298,6 +3303,13 @@ bool Blockchain::check_tx_outputs(const transaction& tx, tx_verification_context
     return false;
   }
 
+  // from v20, limit tx extra size
+  if (hf_version >= HF_VERSION_CAP_TX_EXTRA_SIZE && tx.extra.size() > MAX_TX_EXTRA_SIZE)
+  {
+    MERROR_VER("transaction tx-extra is too big: " << tx.extra.size() << " bytes, the limit is: " << MAX_TX_EXTRA_SIZE);
+    tvc.m_tx_extra_too_big = true;
+    return false;
+  }
   return true;
 }
 //------------------------------------------------------------------