litecoin/src/consensus/tx_check.cpp

// Copyright (c) 2017-2019 The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.

#include <consensus/tx_check.h>

#include <primitives/transaction.h>
#include <consensus/validation.h>

bool CheckTransaction(const CTransaction& tx, TxValidationState& state)
{
    // Basic checks that don't depend on any context
    if (tx.vin.empty())
        return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-vin-empty");
    if (tx.vout.empty())
        return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-vout-empty");
    // Size limits (this doesn't take the witness into account, as that hasn't been checked for malleability)
    if (::GetSerializeSize(tx, PROTOCOL_VERSION | SERIALIZE_TRANSACTION_NO_WITNESS) * WITNESS_SCALE_FACTOR > MAX_BLOCK_WEIGHT)
        return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-oversize");

    // Check for negative or overflow output values (see CVE-2010-5139)
    CAmount nValueOut = 0;
    for (const auto& txout : tx.vout)
    {
        if (txout.nValue < 0)
            return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-vout-negative");
        if (txout.nValue > MAX_MONEY)
            return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-vout-toolarge");
        nValueOut += txout.nValue;
        if (!MoneyRange(nValueOut))
            return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-txouttotal-toolarge");
    }

    // Check for duplicate inputs (see CVE-2018-17144)
    // While Consensus::CheckTxInputs does check if all inputs of a tx are available, and UpdateCoins marks all inputs
    // of a tx as spent, it does not check if the tx has duplicate inputs.
    // Failure to run this check will result in either a crash or an inflation bug, depending on the implementation of
    // the underlying coins database.
    std::set<COutPoint> vInOutPoints;
    for (const auto& txin : tx.vin) {
        if (!vInOutPoints.insert(txin.prevout).second)
            return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-inputs-duplicate");
    }

    if (tx.IsCoinBase())
    {
        if (tx.vin[0].scriptSig.size() < 2 || tx.vin[0].scriptSig.size() > 100)
            return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-cb-length");
    }
    else
    {
        for (const auto& txin : tx.vin)
            if (txin.prevout.IsNull())
                return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-prevout-null");
    }

    return true;
}
scripted-diff: Bump copyright of files changed in 2019 -BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT- 5 years ago			`// Copyright (c) 2017-2019 The Bitcoin Core developers`
[build] Move CheckTransaction from lib_server to lib_consensus CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries. 6 years ago			`// Distributed under the MIT software license, see the accompanying`
			`// file COPYING or http://www.opensource.org/licenses/mit-license.php.`

			`#include <consensus/tx_check.h>`

			`#include <primitives/transaction.h>`
			`#include <consensus/validation.h>`

[validation] Add CValidationState subclasses Split CValidationState into TxValidationState and BlockValidationState to store validation results for transactions and blocks respectively. 5 years ago			`bool CheckTransaction(const CTransaction& tx, TxValidationState& state)`
[build] Move CheckTransaction from lib_server to lib_consensus CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries. 6 years ago			`{`
			`// Basic checks that don't depend on any context`
			`if (tx.vin.empty())`
[validation] Remove useless ret parameter from Invalid() ValidationState::Invalid() takes a parameter `ret` which is returned to the caller. All call sites set this to false. Remove the `ret` parameter and just return false always. 6 years ago			`return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-vin-empty");`
[build] Move CheckTransaction from lib_server to lib_consensus CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries. 6 years ago			`if (tx.vout.empty())`
[validation] Remove useless ret parameter from Invalid() ValidationState::Invalid() takes a parameter `ret` which is returned to the caller. All call sites set this to false. Remove the `ret` parameter and just return false always. 6 years ago			`return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-vout-empty");`
[build] Move CheckTransaction from lib_server to lib_consensus CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries. 6 years ago			`// Size limits (this doesn't take the witness into account, as that hasn't been checked for malleability)`
			`if (::GetSerializeSize(tx, PROTOCOL_VERSION \| SERIALIZE_TRANSACTION_NO_WITNESS) * WITNESS_SCALE_FACTOR > MAX_BLOCK_WEIGHT)`
[validation] Remove useless ret parameter from Invalid() ValidationState::Invalid() takes a parameter `ret` which is returned to the caller. All call sites set this to false. Remove the `ret` parameter and just return false always. 6 years ago			`return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-oversize");`
[build] Move CheckTransaction from lib_server to lib_consensus CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries. 6 years ago
Added comments referencing multiple CVEs in tests and production code. This commit adds comments referencing multiple CVEs both in production and test code. CVEs covered in this commit: CVE-2010-5137 CVE-2010-5139 CVE-2010-5141 CVE-2012-1909 CVE-2012-2459 CVE-2012-3789 CVE-2018-17144 6 years ago			`// Check for negative or overflow output values (see CVE-2010-5139)`
[build] Move CheckTransaction from lib_server to lib_consensus CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries. 6 years ago			`CAmount nValueOut = 0;`
			`for (const auto& txout : tx.vout)`
			`{`
			`if (txout.nValue < 0)`
[validation] Remove useless ret parameter from Invalid() ValidationState::Invalid() takes a parameter `ret` which is returned to the caller. All call sites set this to false. Remove the `ret` parameter and just return false always. 6 years ago			`return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-vout-negative");`
[build] Move CheckTransaction from lib_server to lib_consensus CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries. 6 years ago			`if (txout.nValue > MAX_MONEY)`
[validation] Remove useless ret parameter from Invalid() ValidationState::Invalid() takes a parameter `ret` which is returned to the caller. All call sites set this to false. Remove the `ret` parameter and just return false always. 6 years ago			`return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-vout-toolarge");`
[build] Move CheckTransaction from lib_server to lib_consensus CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries. 6 years ago			`nValueOut += txout.nValue;`
			`if (!MoneyRange(nValueOut))`
[validation] Remove useless ret parameter from Invalid() ValidationState::Invalid() takes a parameter `ret` which is returned to the caller. All call sites set this to false. Remove the `ret` parameter and just return false always. 6 years ago			`return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-txouttotal-toolarge");`
[build] Move CheckTransaction from lib_server to lib_consensus CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries. 6 years ago			`}`

consensus: Explain why fCheckDuplicateInputs can not be skipped and remove it 5 years ago			`// Check for duplicate inputs (see CVE-2018-17144)`
			`// While Consensus::CheckTxInputs does check if all inputs of a tx are available, and UpdateCoins marks all inputs`
			`// of a tx as spent, it does not check if the tx has duplicate inputs.`
			`// Failure to run this check will result in either a crash or an inflation bug, depending on the implementation of`
			`// the underlying coins database.`
			`std::set<COutPoint> vInOutPoints;`
			`for (const auto& txin : tx.vin) {`
			`if (!vInOutPoints.insert(txin.prevout).second)`
[validation] Remove useless ret parameter from Invalid() ValidationState::Invalid() takes a parameter `ret` which is returned to the caller. All call sites set this to false. Remove the `ret` parameter and just return false always. 6 years ago			`return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-inputs-duplicate");`
[build] Move CheckTransaction from lib_server to lib_consensus CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries. 6 years ago			`}`

			`if (tx.IsCoinBase())`
			`{`
			`if (tx.vin[0].scriptSig.size() < 2 \|\| tx.vin[0].scriptSig.size() > 100)`
[validation] Remove useless ret parameter from Invalid() ValidationState::Invalid() takes a parameter `ret` which is returned to the caller. All call sites set this to false. Remove the `ret` parameter and just return false always. 6 years ago			`return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-cb-length");`
[build] Move CheckTransaction from lib_server to lib_consensus CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries. 6 years ago			`}`
			`else`
			`{`
			`for (const auto& txin : tx.vin)`
			`if (txin.prevout.IsNull())`
[validation] Remove useless ret parameter from Invalid() ValidationState::Invalid() takes a parameter `ret` which is returned to the caller. All call sites set this to false. Remove the `ret` parameter and just return false always. 6 years ago			`return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-prevout-null");`
[build] Move CheckTransaction from lib_server to lib_consensus CheckTransaction is a context-free function that does not require access to the blockchain or mempool. Move it from src/consensus/tx_verify in lib_server to a new unit src/consensus/tx_check in lib_consensus so that it can be called by non-server libraries. 6 years ago			`}`

			`return true;`
			`}`