Skip to content

Commit

Permalink
wire: remove erroneous witness size check in wire parsing
Browse files Browse the repository at this point in the history
In this commit, we fix a bug that would cause nodes to be unable to
parse a given block from the wire. The block would be properly accepted
if fed in via other mechanisms.

The issue here is that the old checks for the maximum witness size,
circa segwit v0 where placed in the wire package _as well_ as the tx
engine. This check should only be in the engine, since it's properly
gated by other related scrip validation flags.

The fix itself is simple: limit witnesses only based on the maximum
block size in bytes, or ~4MB.
  • Loading branch information
Roasbeef committed Oct 10, 2022
1 parent 38ee9a4 commit f523d4c
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 15 deletions.
2 changes: 1 addition & 1 deletion blockchain/weight.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@ package blockchain
import (
"fmt"

"github.com/btcsuite/btcd/btcutil"
"github.com/btcsuite/btcd/txscript"
"github.com/btcsuite/btcd/wire"
"github.com/btcsuite/btcd/btcutil"
)

const (
Expand Down
30 changes: 16 additions & 14 deletions wire/msgtx.go
Original file line number Diff line number Diff line change
Expand Up @@ -103,27 +103,28 @@ const (
maxWitnessItemsPerInput = 500000

// maxWitnessItemSize is the maximum allowed size for an item within
// an input's witness data. This number is derived from the fact that
// for script validation, each pushed item onto the stack must be less
// than 10k bytes.
maxWitnessItemSize = 11000
// an input's witness data. This value is bounded by the largest
// possible block size, post segwit v1 (taproot).
maxWitnessItemSize = 4_000_000
)

// TxFlagMarker is the first byte of the FLAG field in a bitcoin tx
// message. It allows decoders to distinguish a regular serialized
// transaction from one that would require a different parsing logic.
//
// Position of FLAG in a bitcoin tx message:
// ┌─────────┬────────────────────┬─────────────┬─────┐
// │ VERSION │ FLAG │ TX-IN-COUNT │ ... │
// │ 4 bytes │ 2 bytes (optional) │ varint │ │
// └─────────┴────────────────────┴─────────────┴─────┘
//
// ┌─────────┬────────────────────┬─────────────┬─────┐
// │ VERSION │ FLAG │ TX-IN-COUNT │ ... │
// │ 4 bytes │ 2 bytes (optional) │ varint │ │
// └─────────┴────────────────────┴─────────────┴─────┘
//
// Zooming into the FLAG field:
// ┌── FLAG ─────────────┬────────┐
// │ TxFlagMarker (0x00) │ TxFlag │
// │ 1 byte │ 1 byte │
// └─────────────────────┴────────┘
//
// ┌── FLAG ─────────────┬────────┐
// │ TxFlagMarker (0x00) │ TxFlag │
// │ 1 byte │ 1 byte │
// └─────────────────────┴────────┘
const TxFlagMarker = 0x00

// TxFlag is the second byte of the FLAG field in a bitcoin tx message.
Expand Down Expand Up @@ -586,8 +587,9 @@ func (msg *MsgTx) BtcDecode(r io.Reader, pver uint32, enc MessageEncoding) error
// item itself.
txin.Witness = make([][]byte, witCount)
for j := uint64(0); j < witCount; j++ {
txin.Witness[j], err = readScript(r, pver,
maxWitnessItemSize, "script witness item")
txin.Witness[j], err = readScript(
r, pver, maxWitnessItemSize, "script witness item",
)
if err != nil {
returnScriptBuffers()
return err
Expand Down

0 comments on commit f523d4c

Please sign in to comment.