Changeset View
Changeset View
Standalone View
Standalone View
src/consensus/merkle.cpp
| // Copyright (c) 2015-2016 The Bitcoin Core developers | // Copyright (c) 2015-2016 The Bitcoin Core developers | ||||
| // Distributed under the MIT software license, see the accompanying | // Distributed under the MIT software license, see the accompanying | ||||
| // file COPYING or http://www.opensource.org/licenses/mit-license.php. | // file COPYING or http://www.opensource.org/licenses/mit-license.php. | ||||
| #include "merkle.h" | #include <consensus/merkle.h> | ||||
| #include "hash.h" | #include <hash.h> | ||||
| #include "utilstrencodings.h" | #include <utilstrencodings.h> | ||||
| /* WARNING! If you're reading this because you're learning about crypto | /* WARNING! If you're reading this because you're learning about crypto | ||||
| and/or designing a new system that will use merkle trees, keep in mind | and/or designing a new system that will use merkle trees, keep in mind | ||||
| that the following merkle tree algorithm has a serious flaw related to | that the following merkle tree algorithm has a serious flaw related to | ||||
| duplicate txids, resulting in a vulnerability (CVE-2012-2459). | duplicate txids, resulting in a vulnerability (CVE-2012-2459). | ||||
| The reason is that if the number of hashes in the list at a given time | The reason is that if the number of hashes in the list at a given time | ||||
| is odd, the last one is duplicated before computing the next level (which | is odd, the last one is duplicated before computing the next level (which | ||||
| ▲ Show 20 Lines • Show All 56 Lines • Show Last 20 Lines | |||||