Mercurial > hg > bitcoin

changeset 227:514383c38156 draft

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix for block 74638 overflow output transaction git-svn-id: https://bitcoin.svn.sourceforge.net/svnroot/bitcoin/trunk@132 1a98c847-1fd6-4fd8-948a-caf3550aa51b
author s_nakamoto <s_nakamoto@1a98c847-1fd6-4fd8-948a-caf3550aa51b>
date Sun, 15 Aug 2010 21:35:24 +0000
parents 7aa42b703b52
children 78000f16ad7e
files main.cpp main.h serialize.h
diffstat 3 files changed, 19 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/main.cpp
+++ b/main.cpp
@@ -1006,6 +1006,14 @@
                 mapTestPool[prevout.hash] = txindex;
 
             nValueIn += txPrev.vout[prevout.n].nValue;
+
+            // Check for negative or overflow input values
+            if (txPrev.vout[prevout.n].nValue < 0)
+                return error("ConnectInputs() : txin.nValue negative");
+            if (txPrev.vout[prevout.n].nValue > MAX_MONEY)
+                return error("ConnectInputs() : txin.nValue too high");
+            if (nValueIn > MAX_MONEY)
+                return error("ConnectInputs() : txin total too high");
         }
 
         // Tally transaction fees
--- a/main.h
+++ b/main.h
@@ -18,6 +18,7 @@
 static const unsigned int MAX_BLOCK_SIZE = 1000000;
 static const int64 COIN = 100000000;
 static const int64 CENT = 1000000;
+static const int64 MAX_MONEY = 21000000 * COIN;
 static const int COINBASE_MATURITY = 100;
 
 static const CBigNum bnProofOfWorkLimit(~uint256(0) >> 32);
@@ -471,10 +472,18 @@
         if (vin.empty() || vout.empty())
             return error("CTransaction::CheckTransaction() : vin or vout empty");
 
-        // Check for negative values
+        // Check for negative or overflow output values
+        int64 nValueOut = 0;
         foreach(const CTxOut& txout, vout)
+        {
             if (txout.nValue < 0)
                 return error("CTransaction::CheckTransaction() : txout.nValue negative");
+            if (txout.nValue > MAX_MONEY)
+                return error("CTransaction::CheckTransaction() : txout.nValue too high");
+            nValueOut += txout.nValue;
+            if (nValueOut > MAX_MONEY)
+                return error("CTransaction::CheckTransaction() : txout total too high");
+        }
 
         if (IsCoinBase())
         {
--- a/serialize.h
+++ b/serialize.h
@@ -19,7 +19,7 @@
 class CDataStream;
 class CAutoFile;
 
-static const int VERSION = 309;
+static const int VERSION = 310;
 static const char* pszSubVer = ".0";