Differential D10725

Avoid signed integer overflow when loading a mempool.dat file with a malformed time field
ClosedPublic
Actions

Authored by PiRK on Dec 22 2021, 16:17.

Details

Reviewers

Fabien

Group Reviewers

Restricted Project

Commits

rABC3610aa71daee: Avoid signed integer overflow when loading a mempool.dat file with a malformed…

Summary

This is a backport of core#20372

Test Plan

This causes an error before applying the commit, and it works after the change:

$ cmake .. -GNinja -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ -DENABLE_SANITIZERS=undefined
$ xxd -p -r > mempool.dat-crash-1 <<EOF
0100000000000000000000000004000000000000000000000000ffffffff
ffffff7f00000000000000000000000000
EOF
$ cp mempool.dat-crash-1 /bitcoinddata/regtest/mempool.dat
$ ninja
$ UBSAN_OPTIONS="print_stacktrace=1:halt_on_error=1:report_error_type=1" src/bitcoind -regtest

../src/validation.cpp:5853:23: runtime error: signed integer overflow: 9223372036854775807 + 1209600 cannot be represented in type 'long'
    #0 0x55f14103ffcd in LoadMempool(Config const&, CTxMemPool&) /home/pierre/dev/bitcoin-abc/build_ubsan/../src/validation.cpp:5853:23
    #1 0x55f14103fb65 in CChainState::LoadMempool(Config const&, ArgsManager const&) /home/pierre/dev/bitcoin-abc/build_ubsan/../src/validation.cpp:4821:9
...