- 01 May, 2018 1 commit
-
-
Alessandro Sorniotti authored
The aim of this change set is to apply the well-established "Secure by default" security principle to the way the validator validates transactions in a block. The current code behaves as follows: create an array of validation codes, set by default to "all transactions are valid"; then perform validation which may mark transactions as invalid. Furthermore, in other parts of the code, if no array of validation codes is yet persent in the block, a new one is indiscriminately created (again, marking all transactions as valid). This approach is a security anti-pattern because it opens up to attacks where an adversary may force the code through a path where the default "tx is valid" validation code is maintained even for invalid txes. This change set ensures that validation code arrays are created and set to a new value (TxValidationCode_NOT_VALIDATED) which ensures that a transaction that hasn't been validated cannot be mistaken for a valid one. Change-Id: I5dbb18dd77af3cd14b168042ae660e4e27bf29dd Signed-off-by:
Alessandro Sorniotti <ale.linux@sopit.net>
-
- 01 Aug, 2017 1 commit
-
-
Baohua Yang authored
This patchset helps clean up the code and docs: * Fix redundant parenthesese. * Fix mismatching params in func return. * Fix variable name collides with imported package name and builtin function or reserved words. * Fix word typos. Change-Id: I30304c233067ead7e74d18e3caf2604b3ed1490a Signed-off-by:
Baohua Yang <yangbaohua@gmail.com>
-
- 27 Feb, 2017 1 commit
-
-
Ruslan Kryukov authored
https://jira.hyperledger.org/browse/FAB-2243 Switch valid flag from a boolean to an enum, so that we can indicate the reason for the invalidation (txid already exists, vscc validation failure (endorsement policy failure), mvcc validation failure, etc) This change adds invalidation reason codes, sets them in the block as a uint8 (byte) array, and returns validation result in GetTransactionById. Change-Id: I3593bf6aa4f35bb01b14f8fb3d9950b405f84660 Signed-off-by:
Ruslan Kryukov <ruslan.kryukov@ru.ibm.com>
-