Trap another malformed transaction form (RIPD-182):

A transaction with both a Signers array and a TxnSignature field is malformed.
2025-11-21 19:15:48 +00:00 · 2015-09-17 10:16:45 -07:00
parent f424ae6942
commit b44d68ea5d
2 changed files with 26 additions and 2 deletions
--- a/src/ripple/app/tests/MultiSign.test.cpp
+++ b/src/ripple/app/tests/MultiSign.test.cpp
@@ -172,16 +172,35 @@ public:
        env.close();
        expect (env.seq(alice) == aliceSeq);

-        // Multisign, but leave a nonempty sfSigners.  Should fail.
+        // Multisign, but leave a nonempty sfSigningPubKey.  Should fail.
        {
            aliceSeq = env.seq (alice);
            Json::Value multiSig =
                env.json (noop (alice), msig(bogie), fee(2 * baseFee));
-
            env (env.jt (multiSig), ter (temINVALID));
            env.close();
            expect (env.seq(alice) == aliceSeq);
        }
+        // Attach both Signers and a TxnSignature with an empty sfPubKey.
+        // Should fail.
+        {
+            aliceSeq = env.seq (alice);
+            Json::Value multiSig = env.json (noop (alice),
+                fee(2 * baseFee), seq(aliceSeq), sig(alice), msig(bogie));
+            JTx jt = env.jt (multiSig);
+            jt.fill_fee = false;
+            jt.fill_seq = false;
+            jt.fill_sig = false;
+            jt.jv["SigningPubKey"] = "";
+
+            auto noSigPubKey = std::make_unique<STTx>(*(jt.stx));
+            noSigPubKey->setFieldVL (sfSigningPubKey, Blob());
+            jt.stx.reset (noSigPubKey.release());
+
+            env (jt, ter (temINVALID));
+            env.close();
+            expect (env.seq(alice) == aliceSeq);
+        }

        // Don't meet the quorum.  Should fail.
        env(signers(alice, 2, {{bogie, 1}, {demon, 1}}));
--- a/src/ripple/protocol/impl/STTx.cpp
+++ b/src/ripple/protocol/impl/STTx.cpp
@@ -305,6 +305,11 @@ STTx::checkMultiSign () const
    if (!isFieldPresent (sfSigners))
        return false;

+    // We don't allow both an sfSigners and an sfTxnSignature.  Both fields
+    // being present would indicate that the transaction is signed both ways.
+    if (isFieldPresent (sfTxnSignature))
+        return false;
+
    STArray const& signers {getFieldArray (sfSigners)};

    // There are well known bounds that the number of signers must be within.