Commit graph

19119 commits

Author SHA1 Message Date
Gavin Andresen
8dc206a1e2 Reject non-canonically-encoded sizes
The length of vectors, maps, sets, etc are serialized using
Write/ReadCompactSize -- which, unfortunately, do not use a
unique encoding.

So deserializing and then re-serializing a transaction (for example)
can give you different bits than you started with. That doesn't
cause any problems that we are aware of, but it is exactly the type
of subtle mismatch that can lead to exploits.

With this pull, reading a non-canonical CompactSize throws an
exception, which means nodes will ignore 'tx' or 'block' or
other messages that are not properly encoded.

Please check my logic... but this change is safe with respect to
causing a network split. Old clients that receive
non-canonically-encoded transactions or blocks deserialize
them into CTransaction/CBlock structures in memory, and then
re-serialize them before relaying them to peers.

And please check my logic with respect to causing a blockchain
split: there are no CompactSize fields in the block header, so
the block hash is always canonical. The merkle root in the block
header is computed on a vector<CTransaction>, so
any non-canonical encoding of the transactions in 'tx' or 'block'
messages is erased as they are read into memory by old clients,
and does not affect the block hash. And, as noted above, old
clients re-serialize (with canonical encoding) 'tx' and 'block'
messages before relaying to peers.
2013-08-09 10:01:35 +10:00
Gavin Andresen
42656ea2e5 Make RPC password resistant to timing attacks
Fixes issue#2838; this is a tweaked version of pull#2845 that
should not leak the length of the password and is more generic,
in case we run into other situations where we need
timing-attack-resistant comparisons.
2013-08-08 19:58:57 +10:00
Gavin Andresen
6cc766fa55 Merge pull request #2856 from Diapolo/crypter_headers
remove windows.h from crypter.cpp includes
2013-08-08 02:16:56 -07:00
Gavin Andresen
9d23db58c1 Merge pull request #2883 from codler/patch-5
Replace with existing constants
2013-08-07 04:44:57 -07:00
Han Lin Yap
1511769239 Use existing RPC_INVALID_PARAMETER constant 2013-08-07 10:14:33 +02:00
Gavin Andresen
ddd0e2f616 Merge pull request #2871 from gavinandresen/simplify_maporphan
Simplify storage of orphan transactions, fix CVE-2013-4627
2013-08-06 17:11:48 -07:00
Gavin Andresen
1188a33d18 Merge pull request #2882 from codler/patch-4
Fix typo
2013-08-06 16:53:23 -07:00
Han Lin Yap
b3915841b0 fix typo in README.md 2013-08-06 14:09:35 +02:00
Gavin Andresen
7b22c8e8ca Merge pull request #2881 from Diapolo/translations_rem_newline
remove a newline from a string in init.cpp
2013-08-06 04:46:02 -07:00
Philip Kaufmann
265e2657b4 remove a newline from a string in init.cpp
- to match all other translatable strings in init.cpp and to simplify
  translations via Transifex
2013-08-06 10:28:52 +02:00
Gavin Andresen
bdd34642dc More unit tests for NUMEQUAL 2013-08-06 16:06:07 +10:00
Wladimir J. van der Laan
e07d9f77e9 Merge pull request #2879 from Diapolo/translations
translations update for Transifex 2013-08-05
2013-08-05 03:34:55 -07:00
Philip Kaufmann
0f1c8f23eb translations update for Transifex 2013-08-05 2013-08-05 11:06:45 +02:00
Gavin Andresen
ae759b3788 Merge pull request #2849 from petertodd/if-else-else
Add unittests for multiple ELSEs in a row
2013-08-05 01:53:57 -07:00
Gavin Andresen
15047f5af0 Merge pull request #2851 from TheBlueMatt/master
Prepare for mempool testing in pull-tester and fix multi-block transaction resurrection
2013-08-05 01:53:17 -07:00
Gavin Andresen
2af267c150 Merge pull request #2857 from Diapolo/compat_cleanup
cleanup compat.h Windows stuff
2013-08-05 01:48:35 -07:00
Gavin Andresen
e622f3f195 Merge pull request #2855 from Diapolo/guard_CreatePidFile
exclude CreatePidFile() function on WIN32 as it is unused
2013-08-05 01:05:59 -07:00
Gavin Andresen
a4ae02969e Merge pull request #2827 from Diapolo/rpccon_winpos
Bitcoin-Qt: save and restore position of debug window
2013-08-05 00:58:05 -07:00
Gavin Andresen
d687aaa311 Merge pull request #2865 from Diapolo/fix_intro_translation
fix string in intro.cpp, which is untranslatable on Transifex
2013-08-05 00:24:49 -07:00
Gavin Andresen
923602f11d Compile into build_test when creating bitcoin-qt_test 2013-08-05 14:36:58 +10:00
Gavin Andresen
159bc48193 Simplify storage of orphan transactions
Orphan transactions were stored as a CDataStream pointer;
this changes the mapOrphanTransactions data structures to
store orphans as a CTransaction.

This also fixes CVE-2013-4627 by always re-serializing
transactions before relaying them.
2013-08-02 16:10:25 +10:00
Gavin Andresen
8f6f92c72b Revert "Truncate oversize 'tx' messages before relaying/storing."
This reverts commit c40a5aaaf4.
2013-08-02 15:50:04 +10:00
Wladimir J. van der Laan
6d89611c3a Merge pull request #2850 from Diapolo/fix_intro
fix possible infinite loop in intro.cpp thread
2013-07-31 22:15:05 -07:00
Jeff Garzik
3b2ed514d3 Merge pull request #2867 from jgarzik/miner-sep
Move internal miner to separate miner.cpp module
2013-07-31 12:32:17 -07:00
Jeff Garzik
d247a5d130 Move internal miner/block creation to separate miner.cpp module.
Public functions referenced elsewhere are added to miner.h.
2013-07-31 09:43:35 -04:00
Jeff Garzik
18946846d5 Minor miner fixes (hey hey it's fun to say)
* Fix UpdateCoins() definition in main.h
* Remove pwalletMain reference from BitcoinMiner(), as it is passed
  a wallet argument.
2013-07-31 08:45:49 -04:00
Jeff Garzik
8351d55cd3 Merge pull request #2866 from gavinandresen/loopdefine
Remove #define loop from util.h
2013-07-31 03:35:33 -07:00
Gavin Andresen
050d2e953f Remove #define loop from util.h
Replace the loop macro with while (true). The #define caused
problems for Qt.
2013-07-31 14:06:44 +10:00
Philip Kaufmann
bef9f573b5 fix string in intro.cpp, which is untranslatable on Transifex
- seems the code tags in the original string cause errors, when using the
  Transifex site for translation
2013-07-29 16:56:03 +02:00
Philip Kaufmann
c431e9f1f0 Bitcoin-Qt: save and restore position of debug window
- move the code for saving and restoring window positions from BitcoinGUI
  to GUIUtil, make it more generic and also use it for saving/restoring
  debug window positions
2013-07-29 16:22:46 +02:00
Pieter Wuille
c4316fefa5 Make sure new wallet variables are initialized 2013-07-29 02:34:01 +02:00
Pieter Wuille
4bb77b4963 Merge pull request #2541 from luke-jr/bugfix_wallet_resend
Bugfix: Store last/next wallet resend times unique per CWallet object
2013-07-28 17:21:21 -07:00
Pieter Wuille
83a3597071 Merge pull request #2702 from vinniefalco/leveldb-subtree-at-1-10-0
Leveldb subtree at 1 12 0
2013-07-28 03:57:17 -07:00
Pieter Wuille
f38f452251 Merge pull request #2863 from maaku/patch-1
Fix typo in README.md
2013-07-27 14:26:47 -07:00
Mark Friedenbach
cb501a7d44 Fix typo in README.md 2013-07-27 14:22:42 -07:00
Philip Kaufmann
5bc6d8e580 fix possible infinite loop in intro.cpp thread
- it was possible to trigger an infinite loop in FreespaceChecker::check() by
  simply removing the drive letter on Windows (which leads to an infinite
  loop in the FreespaceChecker thread)
- this was caused by not checking if we make progress with
  parentDir.parent_path()
2013-07-26 09:17:24 +02:00
Wladimir J. van der Laan
2b894bceac Merge pull request #2847 from Diapolo/fix_QApplication_include
Bitcoin-Qt: fix QApplication includes to match our include defaults
2013-07-25 22:42:16 -07:00
Wladimir J. van der Laan
7d3a50ddbe Merge pull request #2848 from Diapolo/translations
update bitcoin_en.ts to current master (2013-07-23)
2013-07-25 22:41:51 -07:00
Gavin Andresen
5e67e124cf Merge pull request #1889 from tcatm/multi-wallet
let user select wallet file with -wallet=foo.dat
2013-07-24 22:52:21 -07:00
Philip Kaufmann
852605d8d1 remove windows.h from crypter.cpp includes
- remove an unneeded windows.h include (comes from allocators.h, which is
  included in crypter.h)
2013-07-24 22:35:44 +02:00
Philip Kaufmann
dd833a4cd8 cleanup compat.h Windows stuff
- remove an unneded include for mswsock.h as we use winsock2.h anyway
- move typedef u_int SOCKET; into the #ifndef WIN32 part
- remove typedef int socklen_t;  as this is defined in ws2tcpip.h
2013-07-24 16:24:38 +02:00
Philip Kaufmann
a034c7ebb6 exclude CreatePidFile() function on WIN32 as it is unused 2013-07-24 09:30:09 +02:00
Peter Todd
1b3656d50b Add 'chainwork' to getblock
Returns nChainWork from the block index, the total work done by all
blocks since the genesis block.
2013-07-24 01:58:23 -04:00
Matt Corallo
9bf2a4aba2 Fix multi-block reorg transaction resurrection 2013-07-23 18:02:27 +02:00
Matt Corallo
d9ace8abe8 Don't use checkpoints and accept nonstd txn on -regtest 2013-07-23 18:02:26 +02:00
Peter Todd
aff83e9c02 Add unittests for multiple ELSEs in a row
IF ELSE ELSE ENDIF is a valid construct; execution or non-execution
inverts on each ELSE encountered.
2013-07-23 05:12:38 -04:00
Philip Kaufmann
3960d2e4ab update bitcoin_en.ts to current master (2013-07-23) 2013-07-23 09:10:57 +02:00
Philip Kaufmann
84ef729aa1 Bitcoin-Qt: fix QApplication includes to match our include defaults
- move all QApplication includes to top of included Qt headers
- undef our loop macro where it would cause compilation errors otherwise
2013-07-23 08:52:24 +02:00
constantined
2ecb7555a9 Switch to using raw_utf8 2013-07-23 04:51:29 +03:00
constantined
2227389fa8 JSON Spirit updated to v4.06 2013-07-23 04:48:14 +03:00