From ab3ffafdcdc0217dd7043d2360358e45186016c6 Mon Sep 17 00:00:00 2001 From: Garrick Ollivander Date: Sat, 29 Oct 2016 17:55:47 +0200 Subject: [PATCH 1/2] fix merkle tree malleability --- core/src/core/mod.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/core/src/core/mod.rs b/core/src/core/mod.rs index cffccadb2b..17a8316702 100644 --- a/core/src/core/mod.rs +++ b/core/src/core/mod.rs @@ -163,13 +163,13 @@ impl Hashed for HPair { } } /// An iterator over hashes in a vector that pairs them to build a row in a -/// Merkle tree. If the vector has an odd number of hashes, duplicates the last. +/// Merkle tree. If the vector has an odd number of hashes, it appends a zero hash struct HPairIter(Vec); impl Iterator for HPairIter { type Item = HPair; fn next(&mut self) -> Option { - self.0.pop().map(|first| HPair(first, self.0.pop().unwrap_or(first))) + self.0.pop().map(|first| HPair(first, self.0.pop().unwrap_or(ZERO_HASH))) } } /// A row in a Merkle tree. Can be built from a vector of hashes. Calculates From 4e11aab1eacff7f36ff5474c65ebd30e52e98eb6 Mon Sep 17 00:00:00 2001 From: Garrick Ollivander Date: Sat, 29 Oct 2016 18:18:32 +0200 Subject: [PATCH 2/2] added comment to avoid this vulnarability sneaking back --- core/src/core/mod.rs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/core/src/core/mod.rs b/core/src/core/mod.rs index 17a8316702..1095c70aa5 100644 --- a/core/src/core/mod.rs +++ b/core/src/core/mod.rs @@ -164,6 +164,8 @@ impl Hashed for HPair { } /// An iterator over hashes in a vector that pairs them to build a row in a /// Merkle tree. If the vector has an odd number of hashes, it appends a zero hash +/// See https://bitcointalk.org/index.php?topic=102395.0 CVE-2012-2459 (block merkle calculation exploit) +/// for the argument against duplication of last hash struct HPairIter(Vec); impl Iterator for HPairIter { type Item = HPair;