assumeutxo: Drop block height from metadata
AcceptedPublic
Actions

Authored by PiRK on Wed, May 7, 13:44.

Details

Reviewers

Fabien

Group Reviewers

Restricted Project

Summary

Removing the block height from the assumeutxo snapshot file prevents potential UB (implicit-integer-sign-change) when loading the file. The snapshot file should be considered untrusted input, and its fields should be sanitized or removed if unnecessary.

The Snapshot format version is updated to 2 to indicate this change.

Co-authored-by: MarcoFalke <*~=`'#}+{/-|&$^_@721217.xyz>

This is a backport of core#30598
Depends on D18059

Test Plan

ninja all check-all

Diff Detail

Repository

rABC Bitcoin ABC

Branch

pr30598

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 33236
Build 65955: Build Diff	lint-circular-dependencies · build-without-wallet · build-diff · build-debug · build-clang-tidy · build-clang
Build 65954: arc lint + arc unit

Event Timeline

PiRK created this revision.Wed, May 7, 13:44

Herald added a reviewer: Restricted Project. · View Herald TranscriptWed, May 7, 13:44

PiRK requested review of this revision.Wed, May 7, 13:44

teamcity edited the summary of this revision. (Show Details)Wed, May 7, 13:45

PiRK added inline comments.Wed, May 7, 13:49

src/node/utxo_snapshot.h
31	we never released a snapshot file, so in theory we could skip bumping the version. But from my past experience with the PSBT format, it is better to avoid incompatiblities with BTC tools and libs when possible, by keeping the same exact format for a same version number.