diff options
| author | Gavin Andresen <[email protected]> | 2013-01-14 16:52:33 -0500 |
|---|---|---|
| committer | Gavin Andresen <[email protected]> | 2013-01-15 09:10:22 -0500 |
| commit | ce99358f4aa4182d6983fde3e33a8fdbe1dfe4c3 (patch) | |
| tree | 3e7e864daea2f64627df70e7413dd82cd3be0de9 /src/rpcrawtransaction.cpp | |
| parent | Merge pull request #2172 from Diapolo/init_messages (diff) | |
| download | discoin-ce99358f4aa4182d6983fde3e33a8fdbe1dfe4c3.tar.xz discoin-ce99358f4aa4182d6983fde3e33a8fdbe1dfe4c3.zip | |
Remove IsFromMe() check in CTxMemPool::accept()
Fixes issue #2178 : attacker could penny-flood with invalid-signature
transactions to deduce which addresses belonged to your node.
I'm committing this early for code review; I still need to write up
a test plan.
Executive summary of fix: check all transactions received from the network
for penny-flood rate-limiting before adding to the memory pool. But do NOT
ratelimit transactions added to the memory pool:
- because of blockchain reorgs
- stored in the wallet and added at startup
- sent from the GUI or one of the send* RPC commands (CWallet::CommitTransaction)
The limit-free-transactions code really should be a method on CNode, with
counters per-peer. But that is a bigger change for another day.
Diffstat (limited to 'src/rpcrawtransaction.cpp')
| -rw-r--r-- | src/rpcrawtransaction.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/rpcrawtransaction.cpp b/src/rpcrawtransaction.cpp index 9531b1267..8117a1ff4 100644 --- a/src/rpcrawtransaction.cpp +++ b/src/rpcrawtransaction.cpp @@ -546,7 +546,7 @@ Value sendrawtransaction(const Array& params, bool fHelp) fHave = view.GetCoins(hashTx, existingCoins); if (!fHave) { // push to local node - if (!tx.AcceptToMemoryPool()) + if (!tx.AcceptToMemoryPool(true, false)) throw JSONRPCError(RPC_DESERIALIZATION_ERROR, "TX rejected"); } } |