From be853f563a54a30e50eb81f756a0543edda2fdd8 Mon Sep 17 00:00:00 2001 From: Christian Decker Date: Thu, 25 Apr 2019 00:56:52 +0200 Subject: [PATCH] wallet: Clamp maxheight to positive number for large minconf Fixes #2518 Signed-off-by: Christian Decker Changelog-fixed: `minconf` no longer gets wrapped around for large values, which was causing funds with insufficient confirmations to be selected. --- common/wallet_tx.h | 6 ++++++ tests/test_misc.py | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/common/wallet_tx.h b/common/wallet_tx.h index 2c3ec62a6..1a748b0eb 100644 --- a/common/wallet_tx.h +++ b/common/wallet_tx.h @@ -38,6 +38,12 @@ static inline u32 minconf_to_maxheight(u32 minconf, struct lightningd *ld) * selection */ if (minconf == 0) return 0; + + /* Avoid wrapping around and suddenly allowing any confirmed + * outputs. Since we can't have a coinbase output, and 0 is taken for + * the disable case, we can just clamp to 1. */ + if (minconf >= ld->topology->tip->height) + return 1; return ld->topology->tip->height - minconf + 1; } #endif /* LIGHTNING_COMMON_WALLET_TX_H */ diff --git a/tests/test_misc.py b/tests/test_misc.py index 70608dd67..c0a8608c5 100644 --- a/tests/test_misc.py +++ b/tests/test_misc.py @@ -482,7 +482,7 @@ def test_withdraw(node_factory, bitcoind): with pytest.raises(RpcError, match=r'Cannot afford transaction'): l1.rpc.withdraw(waddr, 'all') -@pytest.mark.xfail(strict=True) + def test_minconf_withdraw(node_factory, bitcoind): """Issue 2518: ensure that ridiculous confirmation levels don't overflow