From dec16d7ff26f5145a0e573ddbd87df4108d104a8 Mon Sep 17 00:00:00 2001
From: "Owain G. Ainsworth" <oga@conformal.com>
Date: Fri, 14 Mar 2014 18:35:36 +0000
Subject: [PATCH] Enforce a combined max stack depth of 1000 after every
 opcode.

This limit is for the sum of main and alt stacks. Found by bitcoind
negative tests.
---
 script.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/script.go b/script.go
index 30575337..a3819b01 100644
--- a/script.go
+++ b/script.go
@@ -116,8 +116,16 @@ var (
 	// StackErrNonPushOnly is returned when ScriptInfo is called with a
 	// pkScript that peforms operations other that pushing data to the stack.
 	StackErrNonPushOnly = errors.New("SigScript is non pushonly")
+
+	// StackErrOverflow is returned when stack and altstack combined depth
+	// is over the limit.
+	StackErrOverflow = errors.New("Stacks overflowed")
 )
 
+// maxStackSize is the maximum combined height of stack and alt stack during
+// execution.
+const maxStackSize = 1000
+
 // ErrUnsupportedAddress is returned when a concrete type that implements
 // a btcutil.Address is not a supported type.
 var ErrUnsupportedAddress = errors.New("unsupported address type")
@@ -599,6 +607,10 @@ func (m *Script) Step() (done bool, err error) {
 		return true, err
 	}
 
+	if m.dstack.Depth() + m.astack.Depth() > maxStackSize {
+		return false, StackErrOverflow
+	}
+
 	// prepare for next instruction
 	m.scriptoff++
 	if m.scriptoff >= len(m.scripts[m.scriptidx]) {