Merge #863: Fix HasValidFee potential overflow

98e42a0 Fix HasValidFee potential overflow (Steven Roose)

Pull request description:

  Dmitry pointed out this potential overflow. They can't really happen
  because of the `CheckTransaction` check on explicit amounts that
  happens earlier in the verification chain. But it's a good idea to
  add the check here as well so that a potential relaxing of other rules
  cannot accidentally introduce an overflow risk.

Tree-SHA512: 0c6abb7719d4cf84596da5cb31e700bee53d26d6ffc6da0ba8f1300b3357ca3d29fb46e2754d182e64cb5794fd58fa1efed5ebf9c1bd58d08e2fb7841725ca66

Author: stevenroose

src/confidential_validation.cpp

@@ -33,9 +33,12 @@ bool HasValidFee(const CTransaction& tx) {
             if (fee == 0 || !MoneyRange(fee))
                 return false;
             totalFee[tx.vout[i].nAsset.GetAsset()] += fee;
+            if (!MoneyRange(totalFee)) {
+                return false;
+            }
         }
     }
-    return MoneyRange(totalFee);
+    return true;
 }
 
 CAmountMap GetFeeMap(const CTransaction& tx) {

src/consensus/tx_verify.cpp

@@ -306,6 +306,9 @@ bool CheckTxInputs(const CTransaction& tx, CValidationState& state, const CCoins
             return state.DoS(100, false, REJECT_INVALID, "bad-txns-in-ne-out", false, "value in != value out");
         }
         fee_map += GetFeeMap(tx);
+        if (!MoneyRange(fee_map)) {
+            return state.DoS(100, false, REJECT_INVALID, "bad-block-total-fee-outofrange");
+        }
     } else {
         const CAmount value_out = tx.GetValueOutMap()[CAsset()];
         if (nValueIn < value_out) {