diff --git a/src/script.cpp b/src/script.cpp index 942e8810db7..d6d6684f443 100644 --- a/src/script.cpp +++ b/src/script.cpp @@ -1874,9 +1874,11 @@ bool CScript::IsPushOnly() const const_iterator pc = begin(); while (pc < end()) { + // Note how a script with an invalid PUSHDATA returns False. opcodetype opcode; if (!GetOp(pc, opcode)) return false; + // Note that IsPushOnly() *does* consider OP_RESERVED to be a // push-type opcode, however execution of OP_RESERVED fails, so // it's not relevant to P2SH as the scriptSig would fail prior to diff --git a/src/test/script_tests.cpp b/src/test/script_tests.cpp index bc9f31c0776..77c44501ab3 100644 --- a/src/test/script_tests.cpp +++ b/src/test/script_tests.cpp @@ -394,4 +394,15 @@ BOOST_AUTO_TEST_CASE(script_standard_push) } } +BOOST_AUTO_TEST_CASE(script_IsPushOnly_on_invalid_scripts) +{ + // IsPushOnly returns false when given a script containing only pushes that + // are invalid due to truncation. IsPushOnly() is consensus critical + // because P2SH evaluation uses it, although this specific behavior should + // not be consensus critical as the P2SH evaluation would fail first due to + // the invalid push. Still, it doesn't hurt to test it explicitly. + static const unsigned char direct[] = { 1 }; + BOOST_CHECK(!CScript(direct, direct+sizeof(direct)).IsPushOnly()); +} + BOOST_AUTO_TEST_SUITE_END()