Merge #16885: doc: Update tx-size-small comment with relevant CVE disclosure

c4b0c08f7c Update tx-size-small comment with relevant CVE disclosure (Gregory Sanders)

Pull request description:

  Code first introduced under https://github.com/bitcoin/bitcoin/pull/11423 with essentially no description and no discussion.

ACKs for top commit:
  MarcoFalke:
    ACK c4b0c08f7c
  fanquake:
    ACK c4b0c08f7c

Tree-SHA512: 95d5c92998b8b1e944c477dbaee265b62612b6e815099ab31d9ff580b4dff777abaf7f326a284644709f918aa1510412d62310689b1250ef6e64de7b19ca9f71
This commit is contained in:
fanquake 2019-09-19 08:37:59 +08:00
commit 9bf5768dd6
No known key found for this signature in database
GPG Key ID: 2EEB9F5CC09526C1
2 changed files with 4 additions and 1 deletions

View File

@ -574,7 +574,8 @@ bool MemPoolAccept::PreChecks(ATMPArgs& args, Workspace& ws)
// Do not work on transactions that are too small.
// A transaction with 1 segwit input and 1 P2WPHK output has non-witness size of 82 bytes.
// Transactions smaller than this are not relayed to reduce unnecessary malloc overhead.
// Transactions smaller than this are not relayed to mitigate CVE-2017-12842 by not relaying
// 64-byte transactions.
if (::GetSerializeSize(tx, PROTOCOL_VERSION | SERIALIZE_TRANSACTION_NO_WITNESS) < MIN_STANDARD_TX_NONWITNESS_SIZE)
return state.Invalid(ValidationInvalidReason::TX_NOT_STANDARD, false, REJECT_NONSTANDARD, "tx-size-small");

View File

@ -99,6 +99,8 @@ class InputMissing(BadTxTemplate):
return tx
# The following check prevents exploit of lack of merkle
# tree depth commitment (CVE-2017-12842)
class SizeTooSmall(BadTxTemplate):
reject_reason = "tx-size-small"
expect_disconnect = False