mirrors/core-lightning
1
0
Fork 0
mirror of https://github.com/ElementsProject/lightning.git synced 2025-02-22 22:45:27 +01:00
Code Issues Projects Releases Wiki Activity

peer_control: close leak in sign_last_tx.

Browse source 
We can call this multiple times.  The best solution is to add and remove
the signature so it's always unsigned as we expect it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This commit is contained in:
Rusty Russell 2017-12-15 20:59:37 +10:30 committed by Christian Decker
parent ed8baf5f88
commit 85f065a6e7
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
lightningd/peer_control.c
View file

@ -146,6 +146,8 @@ static void sign_last_tx(struct peer *peer)
struct secrets secrets;
secp256k1_ecdsa_signature sig;
assert(!peer->last_tx->input[0].witness);
derive_basepoints(peer->seed, &local_funding_pubkey, NULL, &secrets,
NULL);
@ -170,6 +172,12 @@ static void sign_last_tx(struct peer *peer)
tal_free(tmpctx);
}
static void remove_sig(struct bitcoin_tx *signed_tx)
{
signed_tx->input[0].amount = tal_free(signed_tx->input[0].amount);
signed_tx->input[0].witness = tal_free(signed_tx->input[0].witness);
}
static void drop_to_chain(struct peer *peer)
{
sign_last_tx(peer);
@ -177,6 +185,7 @@ static void drop_to_chain(struct peer *peer)
/* Keep broadcasting until we say stop (can fail due to dup,
* if they beat us to the broadcast). */
broadcast_tx(peer->ld->topology, peer, peer->last_tx, NULL);
remove_sig(peer->last_tx);
}
/* This lets us give a more detailed error than just a destructor. */
@ -2745,6 +2754,7 @@ static void json_sign_last_tx(struct command *cmd,
tal_count(peer->last_tx->output));
sign_last_tx(peer);
linear = linearize_tx(cmd, peer->last_tx);
remove_sig(peer->last_tx);
json_object_start(response, NULL);
json_add_hex(response, "tx", linear, tal_len(linear));