[backport#14696 1/2] Added comments referencing multiple CVEs in tests and production code.
ClosedPublic
Actions

Authored by PiRK on Oct 21 2020, 09:18.

Details

Reviewers

Group Reviewers

Restricted Owners Package	(Owns No Changed Paths)
Restricted Project

Commits

rABC6d3edf189e34: [backport#14696 1/2] Added comments referencing multiple CVEs in tests and…

Summary

This commit adds comments referencing multiple CVEs both in production and test code.
CVEs covered in this commit:

CVE-2010-5137
CVE-2010-5139
CVE-2010-5141
CVE-2012-1909
CVE-2012-2459
CVE-2012-3789
CVE-2018-17144

Backport of Core PR14696 - part 1 of 2
Commit https://github.com/bitcoin/bitcoin/pull/14696/commits/38bfca6bb2ad68719415e9c54a981441052da072

Test Plan

ninja && ninja check
(just to make sure the src/test/data/script_tests.json change didn't break anything)

Diff Detail

Repository

rABC Bitcoin ABC

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

PiRK created this revision.Oct 21 2020, 09:18

Owners added a reviewer: Restricted Owners Package.Oct 21 2020, 09:19

Herald added a reviewer: Restricted Project. · View Herald TranscriptOct 21 2020, 09:19

PiRK requested review of this revision.Oct 21 2020, 09:19

teamcity edited the summary of this revision. (Show Details)Oct 21 2020, 09:19

Harbormaster completed remote builds in B13549: Diff 24876.Oct 21 2020, 09:41

Build Bitcoin ABC Diffs / Diff Testing (build-clang) failed.

Tail of the build log:

[357/418] bitcoin: testing streams_tests
[358/418] Running utility command for check-bitcoin-settings_tests
[359/418] bitcoin: testing timedata_tests
[360/418] Running utility command for check-bitcoin-streams_tests
[361/418] Running utility command for check-bitcoin-timedata_tests
[362/418] bitcoin: testing uint256_tests
[363/418] bitcoin: testing undo_tests
[364/418] Running utility command for check-bitcoin-uint256_tests
[365/418] Running utility command for check-bitcoin-undo_tests
[366/418] bitcoin: testing walletdb_tests
[367/418] bitcoin: testing sigencoding_tests
[368/418] Running utility command for check-bitcoin-sigencoding_tests
[369/418] bitcoin: testing util_threadnames_tests
[370/418] Running utility command for check-bitcoin-walletdb_tests
[371/418] Running utility command for check-bitcoin-util_threadnames_tests
[372/418] bitcoin: testing serialize_tests
[373/418] bitcoin: testing txvalidationcache_tests
[374/418] Running utility command for check-bitcoin-serialize_tests
[375/418] bitcoin: testing compilerbug_tests
[376/418] Running utility command for check-bitcoin-txvalidationcache_tests
[377/418] bitcoin: testing validationinterface_tests
[378/418] Running utility command for check-bitcoin-compilerbug_tests
[379/418] Running utility command for check-bitcoin-validationinterface_tests
[380/418] bitcoin: testing checkpoints_tests
[381/418] bitcoin: testing radix_tests
[382/418] Running utility command for check-bitcoin-checkpoints_tests
[383/418] Running utility command for check-bitcoin-radix_tests
[384/418] bitcoin: testing script_standard_tests
[385/418] bitcoin: testing crypto_tests
[386/418] Running utility command for check-bitcoin-script_standard_tests
[387/418] Running utility command for check-bitcoin-crypto_tests
[388/418] bitcoin: testing getarg_tests
[389/418] bitcoin: testing blockcheck_tests
[390/418] Running utility command for check-bitcoin-getarg_tests
[391/418] Running utility command for check-bitcoin-blockcheck_tests
[392/418] bitcoin: testing ref_tests
[393/418] bitcoin: testing script_tests
[394/418] Running utility command for check-bitcoin-ref_tests
[395/418] Running utility command for check-bitcoin-script_tests
[396/418] bitcoin: testing bswap_tests
[397/418] Running utility command for check-bitcoin-bswap_tests
[398/418] bitcoin: testing validation_tests
[399/418] Running utility command for check-bitcoin-validation_tests
[400/418] bitcoin: testing validation_block_tests
[401/418] Running utility command for check-bitcoin-validation_block_tests
[402/418] bitcoin: testing skiplist_tests
[403/418] Running utility command for check-bitcoin-skiplist_tests
[404/418] bitcoin: testing cuckoocache_tests
[405/418] Running utility command for check-bitcoin-cuckoocache_tests
[406/418] bitcoin: testing monolith_opcodes_tests
[407/418] Running utility command for check-bitcoin-monolith_opcodes_tests
[408/418] bitcoin: testing util_tests
[409/418] Running utility command for check-bitcoin-util_tests
[410/418] bitcoin: testing op_reversebytes_tests
[411/418] Running utility command for check-bitcoin-op_reversebytes_tests
[412/418] bitcoin: testing transaction_tests
[413/418] Running utility command for check-bitcoin-transaction_tests
[414/418] bitcoin: testing coins_tests
[415/418] Running utility command for check-bitcoin-coins_tests
Build build-clang timed out after 1200.0s

deadalnix requested changes to this revision.Oct 21 2020, 10:38

deadalnix added a subscriber: deadalnix.

deadalnix added inline comments.

src/consensus/tx_check.cpp
44 ↗	(On Diff #24876)	revert
src/validation.cpp
1577 ↗	(On Diff #24876)	It seems like this would flow better with a line break before the `See`.

This revision now requires changes to proceed.Oct 21 2020, 10:38

PiRK edited the summary of this revision. (Show Details)Oct 21 2020, 11:29

address feedback about line breaks

Harbormaster completed remote builds in B13552: Diff 24880.Oct 21 2020, 11:42

I'm still working on the second commit of that PR. I thought it would be easy, but it isn't (new test not passing). Sorry about that, I should not have sent that first diff so fast.

PiRK edited the summary of this revision. (Show Details)Oct 21 2020, 12:25

PiRK added a child revision: D8026: [backport#14696 2/2] New regression testing for CVE-2018-17144, CVE-2012-2459, and CVE-2010-5137..Oct 21 2020, 14:32

In D8018#188187, @PiRK wrote:

I'm still working on the second commit of that PR. I thought it would be easy, but it isn't (new test not passing). Sorry about that, I should not have sent that first diff so fast.

If the PR is incomplete, you need to update the description accordingly.

This revision now requires changes to proceed.Oct 21 2020, 14:36

PiRK retitled this revision from Added comments referencing multiple CVEs in tests and production code. to [backport#14696 1/2] Added comments referencing multiple CVEs in tests and production code..Oct 21 2020, 16:58

PiRK edited the summary of this revision. (Show Details)

It's complete know. It took me some time to understand how to make the tests work for ABC.

deadalnix accepted this revision.Oct 21 2020, 17:34

This revision is now accepted and ready to land.Oct 21 2020, 17:34

Closed by commit rABC6d3edf189e34: [backport#14696 1/2] Added comments referencing multiple CVEs in tests and… (authored by lucash-dev <lucash.dev@gmail.com>, committed by PiRK). · Explain WhyOct 24 2020, 13:10

This revision was automatically updated to reflect the committed changes.

PiRK added a commit: rABC6d3edf189e34: [backport#14696 1/2] Added comments referencing multiple CVEs in tests and….