From 2f100e0eae1291c9f7755bd2fffbbde630d19000 Mon Sep 17 00:00:00 2001 From: Daniel Cousens Date: Wed, 4 Mar 2015 20:32:08 +1100 Subject: [PATCH 1/6] tests: add failing pushDataInt fixtures --- test/bufferutils.js | 19 +++++-- test/fixtures/bufferutils.json | 48 +++++++++++------ test/fixtures/script.json | 94 +++++++++++++++++++--------------- test/fixtures/transaction.json | 51 ++++++++++++++++++ test/script.js | 2 +- test/transaction.js | 41 +++++++-------- 6 files changed, 172 insertions(+), 83 deletions(-) diff --git a/test/bufferutils.js b/test/bufferutils.js index 485447b..c97e0bc 100644 --- a/test/bufferutils.js +++ b/test/bufferutils.js @@ -32,6 +32,17 @@ describe('bufferutils', function () { assert.equal(d.size, buffer.length) }) }) + + fixtures.invalid.readPushDataInt.forEach(function (f) { + if (!f.hexPD) return + + it('decodes ' + f.hexPD + ' as null', function () { + var buffer = new Buffer(f.hexPD, 'hex') + + var n = bufferutils.readPushDataInt(buffer, 0) + assert.equal(n, null) + }) + }) }) describe('readUInt64LE', function () { @@ -44,7 +55,7 @@ describe('bufferutils', function () { }) }) - fixtures.invalid.forEach(function (f) { + fixtures.invalid.readUInt64LE.forEach(function (f) { it('throws on ' + f.description, function () { var buffer = new Buffer(f.hex64, 'hex') @@ -66,7 +77,7 @@ describe('bufferutils', function () { }) }) - fixtures.invalid.forEach(function (f) { + fixtures.invalid.readUInt64LE.forEach(function (f) { it('throws on ' + f.description, function () { var buffer = new Buffer(f.hexVI, 'hex') @@ -151,7 +162,7 @@ describe('bufferutils', function () { }) }) - fixtures.invalid.forEach(function (f) { + fixtures.invalid.readUInt64LE.forEach(function (f) { it('throws on ' + f.description, function () { var buffer = new Buffer(8) buffer.fill(0) @@ -174,7 +185,7 @@ describe('bufferutils', function () { }) }) - fixtures.invalid.forEach(function (f) { + fixtures.invalid.readUInt64LE.forEach(function (f) { it('throws on ' + f.description, function () { var buffer = new Buffer(9) buffer.fill(0) diff --git a/test/fixtures/bufferutils.json b/test/fixtures/bufferutils.json index 8c6881d..baa003f 100644 --- a/test/fixtures/bufferutils.json +++ b/test/fixtures/bufferutils.json @@ -82,20 +82,36 @@ "hexVI": "ffffffffffffff1f00" } ], - "invalid": [ - { - "description": "n === 2^53", - "exception": "value is larger than maximum value for type", - "hex64": "0000000000002000", - "hexVI": "ff0000000000000020", - "dec": 9007199254740992 - }, - { - "description": "n > 2^53", - "exception": "value is larger than maximum value for type", - "hex64": "0100000000002000", - "hexVI": "ff0100000000000020", - "dec": 9007199254740993 - } - ] + "invalid": { + "readUInt64LE": [ + { + "description": "n === 2^53", + "exception": "value is larger than maximum value for type", + "hex64": "0000000000002000", + "hexVI": "ff0000000000000020", + "dec": 9007199254740992 + }, + { + "description": "n > 2^53", + "exception": "value is larger than maximum value for type", + "hex64": "0100000000002000", + "hexVI": "ff0100000000000020", + "dec": 9007199254740993 + } + ], + "readPushDataInt": [ + { + "description": "OP_PUSHDATA1, no size", + "hexPD": "4c" + }, + { + "description": "OP_PUSHDATA2, no size", + "hexPD": "4d" + }, + { + "description": "OP_PUSHDATA4, no size", + "hexPD": "4e" + } + ] + } } diff --git a/test/fixtures/script.json b/test/fixtures/script.json index e06f9f0..714976c 100644 --- a/test/fixtures/script.json +++ b/test/fixtures/script.json @@ -1,86 +1,96 @@ { "valid": [ { + "asm": "031f1e68f82112b373f0fe980b3a89d212d2b5c01fb51eb25acb8b4c4b4299ce95 OP_CHECKSIG", "description": "pay-to-PubKey", - "hex": "21031f1e68f82112b373f0fe980b3a89d212d2b5c01fb51eb25acb8b4c4b4299ce95ac", - "type": "pubkey", "hash": "26e645ab170255f2a0a82d29e48f35b14ae7c826", - "pubKey": "031f1e68f82112b373f0fe980b3a89d212d2b5c01fb51eb25acb8b4c4b4299ce95", - "asm": "031f1e68f82112b373f0fe980b3a89d212d2b5c01fb51eb25acb8b4c4b4299ce95 OP_CHECKSIG", - "scriptPubKey": true + "hex": "21031f1e68f82112b373f0fe980b3a89d212d2b5c01fb51eb25acb8b4c4b4299ce95ac", + "pubKey": "031f1e68f82112b373f0fe980b3a89d212d2b5c01fb51eb25acb8b4c4b4299ce95" }, { + "asm": "OP_HASH160 e8c300c87986efa84c37c0519929019ef86eb5b4 OP_EQUAL", "description": "P2SH ScriptPubKey", - "hex": "a914e8c300c87986efa84c37c0519929019ef86eb5b487", - "type": "scripthash", "hash": "0ba47b56a573bab4b430ad6ed3ec79270e04b066", - "asm": "OP_HASH160 e8c300c87986efa84c37c0519929019ef86eb5b4 OP_EQUAL", - "scriptPubKey": true + "hex": "a914e8c300c87986efa84c37c0519929019ef86eb5b487" }, { + "asm": "OP_DUP OP_HASH160 5a3acbc7bbcc97c5ff16f5909c9d7d3fadb293a8 OP_EQUALVERIFY OP_CHECKSIG", "description": "PubKeyHash ScriptPubKey", - "hex": "76a9145a3acbc7bbcc97c5ff16f5909c9d7d3fadb293a888ac", - "type": "pubkeyhash", "hash": "a5313f33d5c7b81674b35f7f3febc3522ef234db", - "asm": "OP_DUP OP_HASH160 5a3acbc7bbcc97c5ff16f5909c9d7d3fadb293a8 OP_EQUALVERIFY OP_CHECKSIG", - "scriptPubKey": true + "hex": "76a9145a3acbc7bbcc97c5ff16f5909c9d7d3fadb293a888ac" }, { + "asm": "304502206becda98cecf7a545d1a640221438ff8912d9b505ede67e0138485111099f696022100ccd616072501310acba10feb97cecc918e21c8e92760cd35144efec7622938f301 040cd2d2ce17a1e9b2b3b2cb294d40eecf305a25b7e7bfdafae6bb2639f4ee399b3637706c3d377ec4ab781355add443ae864b134c5e523001c442186ea60f0eb8", "description": "pubKeyHash scriptSig", - "hex": "48304502206becda98cecf7a545d1a640221438ff8912d9b505ede67e0138485111099f696022100ccd616072501310acba10feb97cecc918e21c8e92760cd35144efec7622938f30141040cd2d2ce17a1e9b2b3b2cb294d40eecf305a25b7e7bfdafae6bb2639f4ee399b3637706c3d377ec4ab781355add443ae864b134c5e523001c442186ea60f0eb8", - "type": "pubkeyhash", "hash": "b9bac2a5c5c29bb27c382d41fa3d179c646c78fd", - "asm": "304502206becda98cecf7a545d1a640221438ff8912d9b505ede67e0138485111099f696022100ccd616072501310acba10feb97cecc918e21c8e92760cd35144efec7622938f301 040cd2d2ce17a1e9b2b3b2cb294d40eecf305a25b7e7bfdafae6bb2639f4ee399b3637706c3d377ec4ab781355add443ae864b134c5e523001c442186ea60f0eb8", - "scriptPubKey": false + "hex": "48304502206becda98cecf7a545d1a640221438ff8912d9b505ede67e0138485111099f696022100ccd616072501310acba10feb97cecc918e21c8e92760cd35144efec7622938f30141040cd2d2ce17a1e9b2b3b2cb294d40eecf305a25b7e7bfdafae6bb2639f4ee399b3637706c3d377ec4ab781355add443ae864b134c5e523001c442186ea60f0eb8" }, { + "asm": "304502206becda98cecf7a545d1a640221438ff8912d9b505ede67e0138485111099f696022100ccd616072501310acba10feb97cecc918e21c8e92760cd35144efec7622938f301", "description": "pubKey scriptSig", - "hex": "48304502206becda98cecf7a545d1a640221438ff8912d9b505ede67e0138485111099f696022100ccd616072501310acba10feb97cecc918e21c8e92760cd35144efec7622938f301", - "type": "pubkey", "hash": "44d9982c3e79452e02ef5816976a0e20a0ec1cba", - "signature": "304502206becda98cecf7a545d1a640221438ff8912d9b505ede67e0138485111099f696022100ccd616072501310acba10feb97cecc918e21c8e92760cd35144efec7622938f301", - "asm": "304502206becda98cecf7a545d1a640221438ff8912d9b505ede67e0138485111099f696022100ccd616072501310acba10feb97cecc918e21c8e92760cd35144efec7622938f301", - "scriptPubKey": false + "hex": "48304502206becda98cecf7a545d1a640221438ff8912d9b505ede67e0138485111099f696022100ccd616072501310acba10feb97cecc918e21c8e92760cd35144efec7622938f301", + "signature": "304502206becda98cecf7a545d1a640221438ff8912d9b505ede67e0138485111099f696022100ccd616072501310acba10feb97cecc918e21c8e92760cd35144efec7622938f301" }, { + "asm": "OP_TRUE 032487c2a32f7c8d57d2a93906a6457afd00697925b0e6e145d89af6d3bca33016 02308673d16987eaa010e540901cc6fe3695e758c19f46ce604e174dac315e685a OP_2 OP_CHECKMULTISIG", "description": "Valid multisig script", - "hex": "5121032487c2a32f7c8d57d2a93906a6457afd00697925b0e6e145d89af6d3bca330162102308673d16987eaa010e540901cc6fe3695e758c19f46ce604e174dac315e685a52ae", - "type": "multisig", "hash": "f1c98f0b74ecabcf78ae20dfa224bb6666051fbe", - "asm": "OP_TRUE 032487c2a32f7c8d57d2a93906a6457afd00697925b0e6e145d89af6d3bca33016 02308673d16987eaa010e540901cc6fe3695e758c19f46ce604e174dac315e685a OP_2 OP_CHECKMULTISIG", - "scriptPubKey": true + "hex": "5121032487c2a32f7c8d57d2a93906a6457afd00697925b0e6e145d89af6d3bca330162102308673d16987eaa010e540901cc6fe3695e758c19f46ce604e174dac315e685a52ae" }, { + "asm": "OP_0 304402202b29881db1b4cc128442d955e906d41c77365ed9a8392b584be12d980b236459022009da4bc60d09280aa26f4f981bfbed94eb7263d92920961e48a7f3f0991895b101 3045022100871708a7597c1dbebff2a5527a56a1f2b49d73e35cd825a07285f5f29f5766d8022003bd7ac25334e9a6d6020cc8ba1be67a8c70dca8e7063ea0547d79c45b9bc12601", "description": "mutisig scriptSig", - "hex": "0047304402202b29881db1b4cc128442d955e906d41c77365ed9a8392b584be12d980b236459022009da4bc60d09280aa26f4f981bfbed94eb7263d92920961e48a7f3f0991895b101483045022100871708a7597c1dbebff2a5527a56a1f2b49d73e35cd825a07285f5f29f5766d8022003bd7ac25334e9a6d6020cc8ba1be67a8c70dca8e7063ea0547d79c45b9bc12601", - "type": "multisig", "hash": "b1ef3ae2c77b356eff81049aad7dfd2eeb34c6f5", - "asm": "OP_0 304402202b29881db1b4cc128442d955e906d41c77365ed9a8392b584be12d980b236459022009da4bc60d09280aa26f4f981bfbed94eb7263d92920961e48a7f3f0991895b101 3045022100871708a7597c1dbebff2a5527a56a1f2b49d73e35cd825a07285f5f29f5766d8022003bd7ac25334e9a6d6020cc8ba1be67a8c70dca8e7063ea0547d79c45b9bc12601", - "scriptPubKey": false + "hex": "0047304402202b29881db1b4cc128442d955e906d41c77365ed9a8392b584be12d980b236459022009da4bc60d09280aa26f4f981bfbed94eb7263d92920961e48a7f3f0991895b101483045022100871708a7597c1dbebff2a5527a56a1f2b49d73e35cd825a07285f5f29f5766d8022003bd7ac25334e9a6d6020cc8ba1be67a8c70dca8e7063ea0547d79c45b9bc12601" }, { + "asm": "OP_RETURN 06deadbeef03f895a2ad89fb6d696497af486cb7c644a27aa568c7a18dd06113401115185474", "description": "OP_RETURN script", - "hex": "6a2606deadbeef03f895a2ad89fb6d696497af486cb7c644a27aa568c7a18dd06113401115185474", - "type": "nulldata", "hash": "ec88f016655477663455fe6a8e83508c348ea145", - "asm": "OP_RETURN 06deadbeef03f895a2ad89fb6d696497af486cb7c644a27aa568c7a18dd06113401115185474", - "scriptPubKey": true + "hex": "6a2606deadbeef03f895a2ad89fb6d696497af486cb7c644a27aa568c7a18dd06113401115185474" }, { + "asm": "OP_HASH256 6fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d6190000000000 OP_EQUAL", "description": "Non standard script", - "hex": "aa206fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d619000000000087", - "type": "nonstandard", "hash": "3823382e70d1930989813d3459988e0d7c2861d8", - "asm": "OP_HASH256 6fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d6190000000000 OP_EQUAL", - "scriptPubKey": true + "hex": "aa206fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d619000000000087" }, { + "asm": "OP_0 OP_0 OP_0 OP_CHECKMULTISIG", "description": "Invalid multisig script", - "hex": "000000ae", - "type": "nonstandard", "hash": "62ede8963f9387544935f168745262f703dab1fb", - "asm": "OP_0 OP_0 OP_0 OP_CHECKMULTISIG", - "scriptPubKey": true + "hex": "000000ae" + }, + { + "asm": "", + "description": "Not enough data: OP_1", + "hash": "c51b66bced5e4491001bd702669770dccf440982", + "hex": "01" + }, + { + "asm": "", + "description": "Not enough data: OP_2", + "hash": "d48ce86c698f246829921ba9fb2a844ae2adba67", + "hex": "0201" + }, + { + "asm": "", + "description": "Not enough data: OP_PUSHDATA1 0x02", + "hash": "b663ef01a96ff65bec84a3fb14688d6ff7fc617c", + "hex": "4c0201" + }, + { + "asm": "", + "description": "Not enough data: OP_PUSHDATA2 0xffff", + "hash": "b4d2fac2836232e59d7b1628f64f24bce3cb4478", + "hex": "4dffff01" + }, + { + "asm": "", + "description": "Not enough data: OP_PUSHDATA4 0xffffffff", + "hash": "941db1ca32faf29e1338fb966bb56d98fbce4823", + "hex": "4effffffff01" } ] } diff --git a/test/fixtures/transaction.json b/test/fixtures/transaction.json index 043dfed..9710818 100644 --- a/test/fixtures/transaction.json +++ b/test/fixtures/transaction.json @@ -173,6 +173,57 @@ ], "locktime": 0 } + }, + { + "description": "Transaction that ignores script chunking rules - Bug #367", + "id": "ebc9fa1196a59e192352d76c0f6e73167046b9d37b8302b6bb6968dfd279b767", + "hash": "67b779d2df6869bbb602837bd3b9467016736e0f6cd75223199ea59611fac9eb", + "hex": "01000000019ac03d5ae6a875d970128ef9086cef276a1919684a6988023cc7254691d97e6d010000006b4830450221009d41dc793ba24e65f571473d40b299b6459087cea1509f0d381740b1ac863cb6022039c425906fcaf51b2b84d8092569fb3213de43abaff2180e2a799d4fcb4dd0aa012102d5ede09a8ae667d0f855ef90325e27f6ce35bbe60a1e6e87af7f5b3c652140fdffffffff080100000000000000010101000000000000000202010100000000000000014c0100000000000000034c02010100000000000000014d0100000000000000044dffff010100000000000000014e0100000000000000064effffffff0100000000", + "raw": { + "version": 1, + "locktime": 0, + "ins": [ + { + "hash": "9ac03d5ae6a875d970128ef9086cef276a1919684a6988023cc7254691d97e6d", + "index": 1, + "script": "30450221009d41dc793ba24e65f571473d40b299b6459087cea1509f0d381740b1ac863cb6022039c425906fcaf51b2b84d8092569fb3213de43abaff2180e2a799d4fcb4dd0aa01 02d5ede09a8ae667d0f855ef90325e27f6ce35bbe60a1e6e87af7f5b3c652140fd" + } + ], + "outs": [ + { + "data": "01", + "value": 1 + }, + { + "data": "0201", + "value": 1 + }, + { + "data": "4c", + "value": 1 + }, + { + "data": "4c0201", + "value": 1 + }, + { + "data": "4d", + "value": 1 + }, + { + "data": "4dffff01", + "value": 1 + }, + { + "data": "4e", + "value": 1 + }, + { + "data": "4effffffff01", + "value": 1 + } + ] + } } ], "invalid": { diff --git a/test/script.js b/test/script.js index 7017522..1af2c1c 100644 --- a/test/script.js +++ b/test/script.js @@ -44,7 +44,7 @@ describe('Script', function () { describe('getHash', function () { fixtures.valid.forEach(function (f) { - it('produces a HASH160 of "' + f.asm + '"', function () { + it('produces a HASH160 of ' + f.description, function () { var script = Script.fromHex(f.hex) assert.equal(script.getHash().toString('hex'), f.hash) diff --git a/test/transaction.js b/test/transaction.js index 4a64493..f177318 100644 --- a/test/transaction.js +++ b/test/transaction.js @@ -18,7 +18,8 @@ describe('Transaction', function () { var script if (txIn.data) { - script = new Script(new Buffer(txIn.data, 'hex'), []) + var data = new Buffer(txIn.data, 'hex') + script = new Script(data, []) } else if (txIn.script) { script = Script.fromASM(txIn.script) } @@ -27,7 +28,16 @@ describe('Transaction', function () { }) raw.outs.forEach(function (txOut) { - tx.addOutput(Script.fromASM(txOut.script), txOut.value) + var script + + if (txOut.data) { + var data = new Buffer(txOut.data, 'hex') + script = new Script(data, []) + } else if (txOut.script) { + script = Script.fromASM(txOut.script) + } + + tx.addOutput(script, txOut.value) }) return tx @@ -35,10 +45,10 @@ describe('Transaction', function () { describe('fromBuffer/fromHex', function () { fixtures.valid.forEach(function (f) { - it('imports ' + f.id + ' correctly', function () { + it('imports ' + f.description + ' (' + f.id + ')', function () { var actual = Transaction.fromHex(f.hex) - assert.deepEqual(actual.toHex(), f.hex) + assert.equal(actual.toHex(), f.hex, actual.toHex()) }) }) @@ -53,10 +63,10 @@ describe('Transaction', function () { describe('toBuffer/toHex', function () { fixtures.valid.forEach(function (f) { - it('exports ' + f.id + ' correctly', function () { + it('exports ' + f.description + ' (' + f.id + ')', function () { var actual = fromRaw(f.raw) - assert.deepEqual(actual.toHex(), f.hex) + assert.equal(actual.toHex(), f.hex, actual.toHex()) }) }) }) @@ -108,19 +118,10 @@ describe('Transaction', function () { }) describe('addOutput', function () { - fixtures.valid.forEach(function (f) { - it('should add the outputs for ' + f.id + ' correctly', function () { - var tx = new Transaction() - - f.raw.outs.forEach(function (txOut, i) { - var scriptPubKey = Script.fromASM(txOut.script) - var j = tx.addOutput(scriptPubKey, txOut.value) - - assert.equal(i, j) - assert.equal(tx.outs[i].script, scriptPubKey) - assert.equal(tx.outs[i].value, txOut.value) - }) - }) + it('returns an index', function () { + var tx = new Transaction() + assert.equal(tx.addOutput(Script.EMPTY, 0), 0) + assert.equal(tx.addOutput(Script.EMPTY, 0), 1) }) }) @@ -158,7 +159,7 @@ describe('Transaction', function () { it('should return the hash for ' + f.id, function () { var tx = Transaction.fromHex(f.hex) - assert.deepEqual(tx.getHash().toString('hex'), f.hash) + assert.equal(tx.getHash().toString('hex'), f.hash) }) }) }) From ec66ca9b1a379dabc2ff9a516e3ba9d46c451fb2 Mon Sep 17 00:00:00 2001 From: Daniel Cousens Date: Wed, 4 Mar 2015 20:48:28 +1100 Subject: [PATCH 2/6] bufferutils/script: allow for invalid pushDatInts, fixes #367 --- src/bufferutils.js | 3 +++ src/script.js | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/src/bufferutils.js b/src/bufferutils.js index afe03e6..773e502 100644 --- a/src/bufferutils.js +++ b/src/bufferutils.js @@ -27,16 +27,19 @@ function readPushDataInt (buffer, offset) { // 8 bit } else if (opcode === opcodes.OP_PUSHDATA1) { + if (offset + 2 > buffer.length) return null number = buffer.readUInt8(offset + 1) size = 2 // 16 bit } else if (opcode === opcodes.OP_PUSHDATA2) { + if (offset + 3 > buffer.length) return null number = buffer.readUInt16LE(offset + 1) size = 3 // 32 bit } else { + if (offset + 5 > buffer.length) return null assert.equal(opcode, opcodes.OP_PUSHDATA4, 'Unexpected opcode') number = buffer.readUInt32LE(offset + 1) diff --git a/src/script.js b/src/script.js index b35bfdf..6ac9f15 100644 --- a/src/script.js +++ b/src/script.js @@ -38,8 +38,11 @@ Script.fromBuffer = function (buffer) { // data chunk if ((opcode > opcodes.OP_0) && (opcode <= opcodes.OP_PUSHDATA4)) { var d = bufferutils.readPushDataInt(buffer, i) - i += d.size + // did reading a pushDataInt fail? return non-chunked script + if (d === null) return new Script(buffer, []) + + i += d.size var data = buffer.slice(i, i + d.number) i += d.number From d00ec9af291c0bc659c23ef246692b4bc4c07d70 Mon Sep 17 00:00:00 2001 From: Daniel Cousens Date: Wed, 4 Mar 2015 21:00:07 +1100 Subject: [PATCH 3/6] scripts: fix isScriptHashInput classification --- src/scripts.js | 11 ++++------- test/fixtures/scripts.json | 2 +- test/scripts.js | 4 ++-- 3 files changed, 7 insertions(+), 10 deletions(-) diff --git a/src/scripts.js b/src/scripts.js index 3876184..e5f3916 100644 --- a/src/scripts.js +++ b/src/scripts.js @@ -73,15 +73,12 @@ function isScriptHashInput (script, allowIncomplete) { if (!Buffer.isBuffer(lastChunk)) return false var scriptSig = Script.fromChunks(script.chunks.slice(0, -1)) - var scriptPubKey + var redeemScript = Script.fromBuffer(lastChunk) - try { - scriptPubKey = Script.fromBuffer(lastChunk) - } catch (e) { - return false - } + // is redeemScript a valid script? + if (redeemScript.chunks.length === 0) return false - return classifyInput(scriptSig, allowIncomplete) === classifyOutput(scriptPubKey) + return classifyInput(scriptSig, allowIncomplete) === classifyOutput(redeemScript) } function isScriptHashOutput (script) { diff --git a/test/fixtures/scripts.json b/test/fixtures/scripts.json index e79a6e7..a702f1d 100644 --- a/test/fixtures/scripts.json +++ b/test/fixtures/scripts.json @@ -113,7 +113,7 @@ "scriptSig": "OP_0 304402207515cf147d201f411092e6be5a64a6006f9308fad7b2a8fdaab22cd86ce764c202200974b8aca7bf51dbf54150d3884e1ae04f675637b926ec33bf75939446f6ca2801 3045022100ef253c1faa39e65115872519e5f0a33bbecf430c0f35cf562beabbad4da24d8d02201742be8ee49812a73adea3007c9641ce6725c32cd44ddb8e3a3af460015d140501 OP_RESERVED" }, { - "description": "signature forms invalid script", + "description": "redeemScript is a signature, therefore not a valid script", "scriptSig": "OP_0 3045022100e12b17b3a4c80c401a1687487bd2bafee9e5f1f8f1ffc6180ce186672ad7b43a02205e316d1e5e71822f5ef301b694e578fa9c94af4f5f098c952c833f4691307f4e01" } ], diff --git a/test/scripts.js b/test/scripts.js index ccfee0b..0ad6c26 100644 --- a/test/scripts.js +++ b/test/scripts.js @@ -86,7 +86,7 @@ describe('Scripts', function () { fixtures.invalid[inputFnName].forEach(function (f) { if (inputFn && f.scriptSig) { - it('returns false for ' + f.scriptSig, function () { + it('returns false for ' + f.description + ' (' + f.scriptSig + ')', function () { var script = Script.fromASM(f.scriptSig) assert.equal(inputFn(script), false) @@ -112,7 +112,7 @@ describe('Scripts', function () { fixtures.invalid[outputFnName].forEach(function (f) { if (outputFn && f.scriptPubKey) { - it('returns false for ' + f.scriptPubKey, function () { + it('returns false for ' + f.description + ' (' + f.scriptPubKey + ')', function () { var script = Script.fromASM(f.scriptPubKey) assert.equal(outputFn(script), false) From d904e4424c3ec2517fb5c87a459dbdc7d89aadd9 Mon Sep 17 00:00:00 2001 From: Daniel Cousens Date: Wed, 4 Mar 2015 21:25:00 +1100 Subject: [PATCH 4/6] tests: add failing scripts by cross-verifying ASM/Hex --- test/script.js | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/test/script.js b/test/script.js index 1af2c1c..a202206 100644 --- a/test/script.js +++ b/test/script.js @@ -28,8 +28,13 @@ describe('Script', function () { describe('fromASM/toASM', function () { fixtures.valid.forEach(function (f) { + if (!f.asm) return + it('decodes/encodes ' + f.description, function () { - assert.equal(Script.fromASM(f.asm).toASM(), f.asm) + var script = Script.fromASM(f.asm) + + assert.equal(script.toASM(), f.asm) + assert.equal(script.toHex(), f.hex) }) }) }) @@ -37,7 +42,10 @@ describe('Script', function () { describe('fromHex/toHex', function () { fixtures.valid.forEach(function (f) { it('decodes/encodes ' + f.description, function () { - assert.equal(Script.fromHex(f.hex).toHex(), f.hex) + var script = Script.fromHex(f.hex) + + assert.equal(script.toASM(), f.asm) + assert.equal(script.toHex(), f.hex) }) }) }) From b6622b4cffa76577a7a6dff50edc76f0e50ee30f Mon Sep 17 00:00:00 2001 From: Daniel Cousens Date: Wed, 4 Mar 2015 21:28:48 +1100 Subject: [PATCH 5/6] script: return malformed script if returned pushDataOut out of range --- src/script.js | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/script.js b/src/script.js index 6ac9f15..141fb1f 100644 --- a/src/script.js +++ b/src/script.js @@ -41,8 +41,11 @@ Script.fromBuffer = function (buffer) { // did reading a pushDataInt fail? return non-chunked script if (d === null) return new Script(buffer, []) - i += d.size + + // attempt to read too much data? + if (i + d.number > buffer.length) return new Script(buffer, []) + var data = buffer.slice(i, i + d.number) i += d.number From 4333217bdd7c1972e272c9154698697ed92fd542 Mon Sep 17 00:00:00 2001 From: Daniel Cousens Date: Wed, 4 Mar 2015 21:30:31 +1100 Subject: [PATCH 6/6] tests: add example non-standard scripthash --- test/fixtures/scripts.json | 6 ++++++ test/scripts.js | 34 ++++++++++++++++++++++++---------- 2 files changed, 30 insertions(+), 10 deletions(-) diff --git a/test/fixtures/scripts.json b/test/fixtures/scripts.json index a702f1d..57d48bf 100644 --- a/test/fixtures/scripts.json +++ b/test/fixtures/scripts.json @@ -98,6 +98,12 @@ "redeemScript": "OP_2 0479be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8 04c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee51ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a OP_2 OP_CHECKMULTISIG", "redeemScriptSig": "OP_0 OP_0 30450221009c92c1ae1767ac04e424da7f6db045d979b08cde86b1ddba48621d59a109d818022004f5bb21ad72255177270abaeb2d7940ac18f1e5ca1f53db4f3fd1045647a8a801", "scriptSig": "OP_0 OP_0 30450221009c92c1ae1767ac04e424da7f6db045d979b08cde86b1ddba48621d59a109d818022004f5bb21ad72255177270abaeb2d7940ac18f1e5ca1f53db4f3fd1045647a8a801 52410479be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b84104c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee51ae168fea63dc339a3c58419466ceaeef7f632653266d0e1236431a950cfe52a52ae" + }, + { + "type": "scripthash", + "redeemScript": "OP_0", + "redeemScriptSig": "OP_0", + "scriptSigHex": "000100" } ], "invalid": { diff --git a/test/scripts.js b/test/scripts.js index 0ad6c26..35cccdb 100644 --- a/test/scripts.js +++ b/test/scripts.js @@ -64,9 +64,15 @@ describe('Scripts', function () { var expected = type.toLowerCase() === f.type if (inputFn && f.scriptSig) { - it('returns ' + expected + ' for ' + f.scriptSig, function () { - var script = Script.fromASM(f.scriptSig) + var script + + if (f.scriptSig) { + script = Script.fromASM(f.scriptSig) + } else { + script = Script.fromHex(f.scriptSigHex) + } + it('returns ' + expected + ' for ' + f.scriptSig, function () { assert.equal(inputFn(script), expected) }) @@ -74,8 +80,6 @@ describe('Scripts', function () { var expectedIncomplete = type.toLowerCase() === f.typeIncomplete it('returns ' + expected + ' for ' + f.scriptSig, function () { - var script = Script.fromASM(f.scriptSig) - assert.equal(inputFn(script, true), expectedIncomplete) }) } @@ -85,9 +89,15 @@ describe('Scripts', function () { if (!(inputFnName in fixtures.invalid)) return fixtures.invalid[inputFnName].forEach(function (f) { - if (inputFn && f.scriptSig) { - it('returns false for ' + f.description + ' (' + f.scriptSig + ')', function () { - var script = Script.fromASM(f.scriptSig) + if (inputFn && (f.scriptSig || f.scriptSigHex)) { + it('returns false for ' + f.description + ' (' + (f.scriptSig || f.scriptSigHex) + ')', function () { + var script + + if (f.scriptSig) { + script = Script.fromASM(f.scriptSig) + } else { + script = Script.fromHex(f.scriptSigHex) + } assert.equal(inputFn(script), false) }) @@ -240,7 +250,11 @@ describe('Scripts', function () { it('returns ' + f.scriptSig, function () { var scriptSig = scripts.scriptHashInput(redeemScriptSig, redeemScript) - assert.equal(scriptSig.toASM(), f.scriptSig) + if (f.scriptSig) { + assert.equal(scriptSig.toASM(), f.scriptSig) + } else { + assert.equal(scriptSig.toHex(), f.scriptSigHex) + } }) }) }) @@ -248,10 +262,10 @@ describe('Scripts', function () { describe('scriptHashOutput', function () { fixtures.valid.forEach(function (f) { if (f.type !== 'scripthash') return - - var redeemScript = Script.fromASM(f.redeemScript) + if (!f.scriptPubKey) return it('returns ' + f.scriptPubKey, function () { + var redeemScript = Script.fromASM(f.redeemScript) var scriptPubKey = scripts.scriptHashOutput(redeemScript.getHash()) assert.equal(scriptPubKey.toASM(), f.scriptPubKey)