No longer ever reuse keypool indexes #10795
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
TheBlueMatt
force-pushed
the
2017-07-wallet-keypool-overwrite
branch
from
1e42dd0
to
7e11ab8
Compare
TheBlueMatt
force-pushed
the
2017-07-wallet-keypool-overwrite
branch
from
7e11ab8
to
501dd26
Compare
TheBlueMatt
force-pushed
the
2017-07-wallet-keypool-overwrite
branch
from
501dd26
to
1c01ea6
Compare
|
utACK 1c01ea6 bugfix needed for 0.15 |
sipa
reviewed
Jul 13, 2017
src/wallet/wallet.cpp
Outdated
| nEnd = std::max(nEnd, *(setExternalKeyPool.rbegin()) + 1); | ||
| } | ||
| int64_t index = ++m_max_keypool_index; | ||
| assert(index >= 0); // How in the hell did you use so many keys? |
There was a problem hiding this comment.
Signed overflow is undefined behaviour, so the compiler is allowed to optimize this assert out (it can assume overflow never happens).
There was a problem hiding this comment.
heh, i almost commented that it would be clearer to check against max
There was a problem hiding this comment.
Heh, but in practice it doesnt, plus its just an assert, so whatever :).
There was a problem hiding this comment.
Code like this makes me go "wtf were the authors of this smoking": asserts like this are usually optimized out, so the code looks like it's saying that the author thought the signed overflow was kosher and that they thought it could happen here.
There was a problem hiding this comment.
Would be better (non-UB, but also more clear to read) to check against std::numeric_limits<int64_t>::max() before the increase.
|
Needs rebase. |
TheBlueMatt
force-pushed
the
2017-07-wallet-keypool-overwrite
branch
from
1c01ea6
to
44d0996
Compare
|
Rebased. |
|
LGTM, what a foresight Satoshi had to use 64 bit numbers for keypool indexes in walletdb. |
|
re-utACK 44d0996 |
TheBlueMatt
force-pushed
the
2017-07-wallet-keypool-overwrite
branch
from
44d0996
to
44af47a
Compare
|
@TheBlueMatt plz2rebase |
This fixes an issue where you could reserve a keypool entry, then top up the keypool, writing out a new key at the given index, then return they key from the pool. This isnt likely to cause issues, but given there is no reason to ever re-use keypool indexes (they're 64 bits...), best to avoid it alltogether.
|
Rebased. |
TheBlueMatt
force-pushed
the
2017-07-wallet-keypool-overwrite
branch
from
44af47a
to
1fc8c3d
Compare
|
re-re-utACK 1fc8c3d |
laanwj
added a commit
that referenced
this pull request
Jul 18, 2017
1fc8c3d No longer ever reuse keypool indexes (Matt Corallo) Pull request description: This fixes an issue where you could reserve a keypool entry, then top up the keypool, writing out a new key at the given index, then return they key from the pool. This isnt likely to cause issues, but given there is no reason to ever re-use keypool indexes (they're 64 bits...), best to avoid it alltogether. Builds on #10235, should probably get a 15 tag. Tree-SHA512: c13a18a90f1076fb74307f2d64e9d80149811524c6bda259698ff2c65adaf8c6c3f2a3a07a5f4bf03251bc942ba8f5fd33a4427aa4256748c40b062991682caf
|
post merge ACK |
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Sep 16, 2019
1fc8c3d No longer ever reuse keypool indexes (Matt Corallo) Pull request description: This fixes an issue where you could reserve a keypool entry, then top up the keypool, writing out a new key at the given index, then return they key from the pool. This isnt likely to cause issues, but given there is no reason to ever re-use keypool indexes (they're 64 bits...), best to avoid it alltogether. Builds on bitcoin#10235, should probably get a 15 tag. Tree-SHA512: c13a18a90f1076fb74307f2d64e9d80149811524c6bda259698ff2c65adaf8c6c3f2a3a07a5f4bf03251bc942ba8f5fd33a4427aa4256748c40b062991682caf
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Sep 18, 2019
1fc8c3d No longer ever reuse keypool indexes (Matt Corallo) Pull request description: This fixes an issue where you could reserve a keypool entry, then top up the keypool, writing out a new key at the given index, then return they key from the pool. This isnt likely to cause issues, but given there is no reason to ever re-use keypool indexes (they're 64 bits...), best to avoid it alltogether. Builds on bitcoin#10235, should probably get a 15 tag. Tree-SHA512: c13a18a90f1076fb74307f2d64e9d80149811524c6bda259698ff2c65adaf8c6c3f2a3a07a5f4bf03251bc942ba8f5fd33a4427aa4256748c40b062991682caf
barrystyle
pushed a commit
to PACGlobalOfficial/PAC
that referenced
this pull request
Jan 22, 2020
1fc8c3d No longer ever reuse keypool indexes (Matt Corallo) Pull request description: This fixes an issue where you could reserve a keypool entry, then top up the keypool, writing out a new key at the given index, then return they key from the pool. This isnt likely to cause issues, but given there is no reason to ever re-use keypool indexes (they're 64 bits...), best to avoid it alltogether. Builds on bitcoin#10235, should probably get a 15 tag. Tree-SHA512: c13a18a90f1076fb74307f2d64e9d80149811524c6bda259698ff2c65adaf8c6c3f2a3a07a5f4bf03251bc942ba8f5fd33a4427aa4256748c40b062991682caf
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This fixes an issue where you could reserve a keypool entry, then
top up the keypool, writing out a new key at the given index, then
return they key from the pool. This isnt likely to cause issues,
but given there is no reason to ever re-use keypool indexes
(they're 64 bits...), best to avoid it alltogether.
Builds on #10235, should probably get a 15 tag.