From 3bd054748e0d7ae0eac1e113aa1c95325e039996 Mon Sep 17 00:00:00 2001 From: JoelKatz Date: Sat, 1 Sep 2012 00:53:40 -0700 Subject: [PATCH] Fix a vulnerability. Someone could see a ledger proposal and send us a malformed version of that ledger proposal that failed our validity check but was similar enough to the real proposal to trick us into suppressing that proposal as a duplicate. --- src/NetworkOPs.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/NetworkOPs.cpp b/src/NetworkOPs.cpp index a250d8c2ab..71737638c0 100644 --- a/src/NetworkOPs.cpp +++ b/src/NetworkOPs.cpp @@ -607,10 +607,12 @@ bool NetworkOPs::recvPropose(uint32 proposeSeq, const uint256& proposeHash, uint // XXX Take a vuc for pubkey. // Get a preliminary hash to use to suppress duplicates - Serializer s(128); + Serializer s(256); + s.add256(proposeHash); s.add32(proposeSeq); - s.add32(getCurrentLedgerID()); + s.add32(closeTime); s.addRaw(pubKey); + s.addRaw(signature); if (!theApp->isNew(s.getSHA512Half())) return false;