Page MenuHomePhabricator

Add static_assert to prevent VARINT(<signed value>)

Authored by deadalnix on Oct 1 2019, 13:43.



Using VARINT with signed types is dangerous because negative values will appear
to serialize correctly, but then deserialize as positive values mod 128.

This commit changes the VARINT macro to trigger an error by default if called
with an signed value, and updates broken uses of VARINT to pass a special flag
that lets them keep working with no change in behavior.

This is a backport of Core PR9753

Test Plan
make check
./test/functional/ --extended

Diff Detail

rABC Bitcoin ABC
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

This revision is now accepted and ready to land.Oct 1 2019, 14:57