Merge pull request #5248

3f6f90bb wallet2: do not use invalid keys as fake outs in rings (moneromooo-monero)
This commit is contained in:
Riccardo Spagni 2019-03-21 14:46:58 +02:00
commit 30e823e7cd
No known key found for this signature in database
GPG key ID: 55432DF31CCD4FCD

View file

@ -7060,6 +7060,17 @@ bool wallet2::tx_add_fake_output(std::vector<std::vector<tools::wallet2::get_out
CHECK_AND_ASSERT_MES(!outs.empty(), false, "internal error: outs is empty"); CHECK_AND_ASSERT_MES(!outs.empty(), false, "internal error: outs is empty");
if (std::find(outs.back().begin(), outs.back().end(), item) != outs.back().end()) // don't add duplicates if (std::find(outs.back().begin(), outs.back().end(), item) != outs.back().end()) // don't add duplicates
return false; return false;
// check the keys are valid
if (!rct::isInMainSubgroup(rct::pk2rct(output_public_key)))
{
MWARNING("Key " << output_public_key << " at index " << global_index << " is not in the main subgroup");
return false;
}
if (!rct::isInMainSubgroup(mask))
{
MWARNING("Commitment " << mask << " at index " << global_index << " is not in the main subgroup");
return false;
}
// if (is_output_blackballed(output_public_key)) // don't add blackballed outputs // if (is_output_blackballed(output_public_key)) // don't add blackballed outputs
// return false; // return false;
outs.back().push_back(item); outs.back().push_back(item);