Inicio Explorar Ayuda
Iniciar sesión
pascal
/
PascalCoin
2
0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Explorar el Código

Prevention exception on IsValidSignatureBasedOnCurrentSafeboxState

PascalCoin hace 3 años
padre
c7bfe50f77
commit
f9f257652a
Se han modificado 2 ficheros con 7 adiciones y 0 borrados
Dividir vista Mostrar estadísticas de diff
  1. 5 0
      src/core/UOpTransaction.pas
  2. 2 0
      src/core/UTxMultiOperation.pas

+ 5 - 0
src/core/UOpTransaction.pas
Ver fichero 

@@ -393,6 +393,7 @@ end;
 
 function TOpChangeAccountInfo.IsValidSignatureBasedOnCurrentSafeboxState(ASafeBoxTransaction: TPCSafeBoxTransaction): Boolean;
 
 var LAccount : TAccount;
 
 begin
 
+  if (FData.account_signer<0) or (FData.account_signer>=ASafeBoxTransaction.FreezedSafeBox.AccountsCount) then Exit(False); // Preventing exception
 
   LAccount := ASafeBoxTransaction.Account(FData.account_signer);
 
   Result := IsValidECDSASignature(LAccount.accountInfo.accountkey,FData.sign);
 
 end;
 
@@ -1133,6 +1134,7 @@ end;
 
 function TOpTransaction.IsValidSignatureBasedOnCurrentSafeboxState(ASafeBoxTransaction: TPCSafeBoxTransaction): Boolean;
 
 var LAccount : TAccount;
 
 begin
 
+  if (FData.sender<0) or (FData.sender>=ASafeBoxTransaction.FreezedSafeBox.AccountsCount) then Exit(False); // Preventing exception
 
   LAccount := ASafeBoxTransaction.Account(FData.sender);
 
   Result := IsValidECDSASignature(LAccount.accountInfo.accountkey,FData.sign);
 
 end;
 
@@ -1579,6 +1581,7 @@ end;
 
 function TOpChangeKey.IsValidSignatureBasedOnCurrentSafeboxState(ASafeBoxTransaction: TPCSafeBoxTransaction): Boolean;
 
 var LAccount : TAccount;
 
 begin
 
+  if (FData.account_signer<0) or (FData.account_signer>=ASafeBoxTransaction.FreezedSafeBox.AccountsCount) then Exit(False); // Preventing exception
 
   LAccount := ASafeBoxTransaction.Account(FData.account_signer);
 
   Result := IsValidECDSASignature(LAccount.accountInfo.accountkey,FData.sign);
 
 end;
 
@@ -2163,6 +2166,7 @@ end;
 
 function TOpListAccount.IsValidSignatureBasedOnCurrentSafeboxState(ASafeBoxTransaction: TPCSafeBoxTransaction): Boolean;
 
 var LAccount : TAccount;
 
 begin
 
+  if (FData.account_signer<0) or (FData.account_signer>=ASafeBoxTransaction.FreezedSafeBox.AccountsCount) then Exit(False); // Preventing exception
 
   LAccount := ASafeBoxTransaction.Account(FData.account_signer);
 
   Result := IsValidECDSASignature(LAccount.accountInfo.accountkey,FData.sign);
 
 end;
 
@@ -2574,6 +2578,7 @@ end;
 
 function TOpData.IsValidSignatureBasedOnCurrentSafeboxState(ASafeBoxTransaction: TPCSafeBoxTransaction): Boolean;
 
 var LAccount : TAccount;
 
 begin
 
+  if (FData.account_signer<0) or (FData.account_signer>=ASafeBoxTransaction.FreezedSafeBox.AccountsCount) then Exit(False); // Preventing exception
 
   LAccount := ASafeBoxTransaction.Account(FData.account_signer);
 
   Result := IsValidECDSASignature(LAccount.accountInfo.accountkey,FData.sign);
 
 end;

+ 2 - 0
src/core/UTxMultiOperation.pas
Ver fichero 

@@ -504,6 +504,7 @@ begin
 
     ophtosign := GetDigestToSign;
 
     // Tx verification
 
     For i:=Low(FData.txSenders) to High(FData.txSenders) do begin
 
+      if (FData.txSenders[i].Account<0) or (FData.txSenders[i].Account>=AccountTransaction.FreezedSafeBox.AccountsCount) then Exit(False); // Preventing exception
 
       acc := AccountTransaction.Account(FData.txSenders[i].Account);
 
       If (length(FData.txSenders[i].Signature.r)>0) And
 
          (length(FData.txSenders[i].Signature.s)>0) then begin
 
@@ -523,6 +524,7 @@ begin
 
     end;
 
     // Change verification
 
     For i:=Low(FData.changesInfo) to High(FData.changesInfo) do begin
 
+      if (FData.changesInfo[i].Account<0) or (FData.changesInfo[i].Account>=AccountTransaction.FreezedSafeBox.AccountsCount) then Exit(False); // Preventing exception
 
       acc := AccountTransaction.Account(FData.changesInfo[i].Account);
 
       If (length(FData.changesInfo[i].Signature.r)>0) And
 
          (length(FData.changesInfo[i].Signature.s)>0) then begin