Skip to content

bitcoin-tx: Fix missing range check #10106

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
awemany wants to merge 1 commit into from
Closed

bitcoin-tx: Fix missing range check #10106

awemany wants to merge 1 commit into from

Conversation

@awemany
Copy link
Contributor

@awemany awemany commented Mar 28, 2017
edited
Loading

The number of arguments is not checked in MutateTxAddOutAddr(..), meaning
that

./bitcoin-tx -create outaddr=

accessed the vStrInputParts vector beyond its bounds.

@awemany
bitcoin-tx: Fix missing range check
71a6133 
The number of arguments is not checked MutateTxAddOutAddr(..), meaning
that

> ./bitcoin-tx -create outaddr=

accessed the vStrInputParts vector beyond its bounds.
@instagibbs
Copy link
Member

instagibbs commented Mar 28, 2017

utACK 71a6133

@gmaxwell
Copy link
Contributor

gmaxwell commented Mar 28, 2017
edited
Loading

MutateTxAddOutPubKey appears to have the same issue. I recommend reviewing 61a1534 and addressing it completely.

Also, pinging @jnewbery

@laanwj laanwj added this to the 0.14.1 milestone Mar 29, 2017
@laanwj
Copy link
Member

laanwj commented Mar 29, 2017

Ugh. Needs backport to 0.14.1

@jnewbery
Copy link
Contributor

jnewbery commented Mar 29, 2017

I've reviewed 61a1534 and I think MutateTxAddOutAddr() and MutateTxAddOutPubKey() are the only functions that aren't properly checking their inputs. Extra eyes to review are always good though.

The check in MutateTxAddOutPubKey() should be:

    if (vStrInputParts.size() < 2 || vStrInputParts.size() > 3)
        throw std::runtime_error("TX output missing or too many separators");

since MutateTxAddOutPubKey() can have an optional flag.

I'm currently writing test cases for bitcoin-tx that test this and other errors. We should include that in this PR when it's ready.

@jnewbery
Copy link
Contributor

jnewbery commented Mar 29, 2017

Extra testcases are here: https://github.com/jnewbery/bitcoin/commits/bitcoin_tx_input_sanitiser

  • 31c4dbf81a164e57a414ee548ec3227dfee35cba adds stderr checking to bctest.py
  • 718063a84dd78187171f60759bebd64aea1fed58 is the fix for bitcoin-tx (which you should just squash into your existing fix)
  • 0768e51977924aadf19c21331a15e30d97ba44c0 adds tests for bitcoin-tx correctly checking the number of separators in inputs.

@jtimon
Copy link
Contributor

jtimon commented Mar 30, 2017

Yes, it seems MutateTxAddOutAddr and MutateTxAddOutPubKey are the only ones with more than one part but not checking it.
utACK but better to fix both.

@jnewbery
Copy link
Contributor

jnewbery commented Mar 30, 2017

@awemany - there's some enthusiasm to get this merged into master quickly, so I've opened #10130 with your fix and my test changes.

Thanks for reporting this (and providing a fix!)

@jnewbery jnewbery mentioned this pull request Mar 30, 2017
Merged
@fanquake
Copy link
Member

fanquake commented Mar 30, 2017

Closing in favour of #10130 . @awemany your changes are still included in the new pull-request.

@fanquake fanquake closed this Mar 30, 2017
@fanquake fanquake removed this from the 0.14.1 milestone Mar 30, 2017
@awemany awemany deleted the bitcointx-addoutaddr branch November 24, 2017 17:31
@bitcoin bitcoin locked as resolved and limited conversation to collaborators Sep 8, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@awemany @instagibbs @gmaxwell @laanwj @jnewbery @jtimon @fanquake