mirror of
https://git.wownero.com/wownero/wownero.git
synced 2024-08-15 01:03:23 +00:00
blockchain_db: harden code against invalid input types
If an invalid input type were to get to this, the code could remove key images that might be present already in the chain, which could allow a double spend, even if this is impossible with the current code. Reported by KeyboardWarrior.
This commit is contained in:
parent
dcba757dd2
commit
f6e2636493
1 changed files with 2 additions and 9 deletions
|
@ -216,15 +216,8 @@ void BlockchainDB::add_transaction(const crypto::hash& blk_hash, const std::pair
|
|||
}
|
||||
else
|
||||
{
|
||||
LOG_PRINT_L1("Unsupported input type, removing key images and aborting transaction addition");
|
||||
for (const txin_v& tx_input : tx.vin)
|
||||
{
|
||||
if (tx_input.type() == typeid(txin_to_key))
|
||||
{
|
||||
remove_spent_key(boost::get<txin_to_key>(tx_input).k_image);
|
||||
}
|
||||
}
|
||||
return;
|
||||
LOG_PRINT_L1("Unsupported input type, aborting transaction addition");
|
||||
throw std::runtime_error("Unexpected input type, aborting");
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue