CVE-2017-12842 mitigation

ComputerCraftr · ComputerCraftr · commit 549c6962eb42 · 2025-07-21T23:07:59.000-07:00
diff --git a/src/consensus/tx_check.cpp b/src/consensus/tx_check.cpp
@@ -3,6 +3,7 @@
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <consensus/tx_check.h>
+#include <xep/consensus/tx_check.h>
 
 #include <consensus/amount.h>
 #include <primitives/transaction.h>
@@ -16,9 +17,13 @@ bool CheckTransaction(const CTransaction& tx, TxValidationState& state)
     if (tx.vout.empty())
         return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-vout-empty");
     // Size limits (this doesn't take the witness into account, as that hasn't been checked for malleability)
-    if (::GetSerializeSize(TX_NO_WITNESS(tx)) * WITNESS_SCALE_FACTOR > MAX_BLOCK_WEIGHT) {
+    const size_t size = ::GetSerializeSize(TX_NO_WITNESS(tx));
+    if (size * WITNESS_SCALE_FACTOR > MAX_BLOCK_WEIGHT) {
         return state.Invalid(TxValidationResult::TX_CONSENSUS, "bad-txns-oversize");
     }
+    if (!XEP_CheckTransactionSize(state, size)) {
+        return false;
+    }
 
     // Check for negative or overflow output values (see CVE-2010-5139)
     CAmount nValueOut = 0;
diff --git a/src/test/data/tx_invalid.json b/src/test/data/tx_invalid.json
@@ -149,7 +149,7 @@
 [[["0000000000000000000000000000000000000000000000000000000000000100", 0, "-1 CHECKLOCKTIMEVERIFY"]],
 "01000000010001000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000065cd1d", "CHECKLOCKTIMEVERIFY"],
 [[["0000000000000000000000000000000000000000000000000000000000000100", 0, "1"]],
-"010000000100010000000000000000000000000000000000000000000000000000000000000000000004005194b1010000000100000000000000000002000000", "CHECKLOCKTIMEVERIFY"],
+"01000000010001000000000000000000000000000000000000000000000000000000000000000000000500005194b1010000000100000000000000000002000000", "CHECKLOCKTIMEVERIFY"],
 
 ["Input locked"],
 [[["0000000000000000000000000000000000000000000000000000000000000100", 0, "0 CHECKLOCKTIMEVERIFY 1"]],
diff --git a/src/validation.cpp b/src/validation.cpp
@@ -794,10 +794,6 @@ bool MemPoolAccept::PreChecks(ATMPArgs& args, Workspace& ws)
         return state.Invalid(TxValidationResult::TX_NOT_STANDARD, reason);
     }
 
-    // Transactions smaller than 65 non-witness bytes are not relayed to mitigate CVE-2017-12842.
-    if (::GetSerializeSize(TX_NO_WITNESS(tx)) < MIN_STANDARD_TX_NONWITNESS_SIZE)
-        return state.Invalid(TxValidationResult::TX_NOT_STANDARD, "tx-size-small");
-
     // Only accept nLockTime-using transactions that can be mined in the next
     // block; we don't want our mempool filled up with transactions that can't
     // be mined yet.
diff --git a/src/xep/consensus/tx_check.h b/src/xep/consensus/tx_check.h
@@ -0,0 +1,20 @@
+// Copyright (c) 2020-2025 The XEP Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef ELECTRAPROTOCOL_CONSENSUS_TX_CHECK_H
+#define ELECTRAPROTOCOL_CONSENSUS_TX_CHECK_H
+
+#include <consensus/validation.h>
+
+bool XEP_CheckTransactionSize(TxValidationState& state, size_t size)
+{
+    // 64-byte transactions are rejected to mitigate CVE-2017-12842
+    if (size == 64) {
+        return state.Invalid(TxValidationResult::TX_CONSENSUS, "tx-size-small");
+    } else {
+        return true;
+    }
+};
+
+#endif // ELECTRAPROTOCOL_CONSENSUS_TX_CHECK_H
