@@ -1506,9 +1506,9 @@ bool AcceptToMemoryPoolWorker(CTxMemPool& pool, CValidationState& state, const C
15061506 // SCRIPT_VERIFY_CLEANSTACK requires SCRIPT_VERIFY_WITNESS, so we
15071507 // need to turn both off, and compare against just turning off CLEANSTACK
15081508 // to see if the failure is specifically due to witness validation.
1509- if (CheckInputs (tx, state, view, true , scriptVerifyFlags & ~(SCRIPT_VERIFY_WITNESS | SCRIPT_VERIFY_CLEANSTACK), true , txdata) &&
1509+ if (tx. wit . IsNull () && CheckInputs (tx, state, view, true , scriptVerifyFlags & ~(SCRIPT_VERIFY_WITNESS | SCRIPT_VERIFY_CLEANSTACK), true , txdata) &&
15101510 !CheckInputs (tx, state, view, true , scriptVerifyFlags & ~SCRIPT_VERIFY_CLEANSTACK, true , txdata)) {
1511- // Only the witness is wrong , so the transaction itself may be fine.
1511+ // Only the witness is missing , so the transaction itself may be fine.
15121512 state.SetCorruptionPossible ();
15131513 }
15141514 return false ;
@@ -5505,7 +5505,7 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv,
55055505 else if (!fMissingInputs2 )
55065506 {
55075507 int nDos = 0 ;
5508- if (stateDummy.IsInvalid (nDos) && nDos > 0 && (!state. CorruptionPossible () || State (fromPeer)-> fHaveWitness ) )
5508+ if (stateDummy.IsInvalid (nDos) && nDos > 0 )
55095509 {
55105510 // Punish peer that gave us an invalid orphan tx
55115511 Misbehaving (fromPeer, nDos);
@@ -5516,7 +5516,10 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv,
55165516 // Probably non-standard or insufficient fee/priority
55175517 LogPrint (" mempool" " removed orphan tx %s\n " ToString ());
55185518 vEraseQueue.push_back (orphanHash);
5519- if (!stateDummy.CorruptionPossible ()) {
5519+ if (orphanTx.wit .IsNull () && !stateDummy.CorruptionPossible ()) {
5520+ // Do not use rejection cache for witness transactions or
5521+ // witness-stripped transactions, as they can have been malleated.
5522+ // See https://github.com/bitcoin/bitcoin/issues/8279 for details.
55205523 assert (recentRejects);
55215524 recentRejects->insert (orphanHash);
55225525 }
@@ -5554,7 +5557,10 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv,
55545557 LogPrint (" mempool" " not keeping orphan with rejected parents %s\n " GetHash ().ToString ());
55555558 }
55565559 } else {
5557- if (!state.CorruptionPossible ()) {
5560+ if (tx.wit .IsNull () && !state.CorruptionPossible ()) {
5561+ // Do not use rejection cache for witness transactions or
5562+ // witness-stripped transactions, as they can have been malleated.
5563+ // See https://github.com/bitcoin/bitcoin/issues/8279 for details.
55585564 assert (recentRejects);
55595565 recentRejects->insert (tx.GetHash ());
55605566 }
@@ -5586,9 +5592,7 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv,
55865592 if (state.GetRejectCode () < REJECT_INTERNAL) // Never send AcceptToMemoryPool's internal codes over P2P
55875593 pfrom->PushMessage (NetMsgType::REJECT, strCommand, (unsigned char )state.GetRejectCode (),
55885594 state.GetRejectReason ().substr (0 , MAX_REJECT_MESSAGE_LENGTH), inv.hash );
5589- if (nDoS > 0 && (!state.CorruptionPossible () || State (pfrom->id )->fHaveWitness )) {
5590- // When a non-witness-supporting peer gives us a transaction that would
5591- // be accepted if witness validation was off, we can't blame them for it.
5595+ if (nDoS > 0 ) {
55925596 Misbehaving (pfrom->GetId (), nDoS);
55935597 }
55945598 }
0 commit comments