Merge pull request #2188

a5031a7d core: forbid duplicate ring members from v6 (moneromooo-monero)

src/cryptonote_core/cryptonote_core.cpp

@@ -660,6 +660,12 @@ namespace cryptonote
       return false;
     }
 
+    if (!check_tx_inputs_ring_members_diff(tx))
+    {
+      MERROR_VER("tx uses duplicate ring members");
+      return false;
+    }
+
     if (!check_tx_inputs_keyimages_domain(tx))
     {
       MERROR_VER("tx uses key image not in the valid domain");
@@ -752,6 +758,22 @@ namespace cryptonote
     return true;
   }
   //-----------------------------------------------------------------------------------------------
+  bool core::check_tx_inputs_ring_members_diff(const transaction& tx) const
+  {
+    const uint8_t version = m_blockchain_storage.get_current_hard_fork_version();
+    if (version >= 6)
+    {
+      for(const auto& in: tx.vin)
+      {
+        CHECKED_GET_SPECIFIC_VARIANT(in, const txin_to_key, tokey_in, false);
+        for (size_t n = 1; n < tokey_in.key_offsets.size(); ++n)
+          if (tokey_in.key_offsets[n] == 0)
+            return false;
+      }
+    }
+    return true;
+  }
+  //-----------------------------------------------------------------------------------------------
   bool core::check_tx_inputs_keyimages_domain(const transaction& tx) const
   {
     std::unordered_set<crypto::key_image> ki;

src/cryptonote_core/cryptonote_core.h

@@ -780,6 +780,15 @@ namespace cryptonote
       */
      bool check_tx_inputs_keyimages_diff(const transaction& tx) const;
 
+     /**
+      * @brief verify that each ring uses distinct members
+      *
+      * @param tx the transaction to check
+      *
+      * @return false if any ring uses duplicate members, true otherwise
+      */
+     bool check_tx_inputs_ring_members_diff(const transaction& tx) const;
+
      /**
       * @brief verify that each input key image in a transaction is in
       * the valid domain