From 04fe03441e34220649d05b180c4394905dd9aa6f Mon Sep 17 00:00:00 2001
From: John Jones <jmjatlanta@gmail.com>
Date: Mon, 30 Apr 2018 15:36:06 -0500
Subject: [PATCH 1/2] Verify active witness before applying block

---
 libraries/chain/db_block.cpp | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/libraries/chain/db_block.cpp b/libraries/chain/db_block.cpp
index b571f88748..7b6f948307 100644
--- a/libraries/chain/db_block.cpp
+++ b/libraries/chain/db_block.cpp
@@ -131,8 +131,19 @@ bool database::_push_block(const signed_block& new_block)
    uint32_t skip = get_node_properties().skip_flags;
    if( !(skip&skip_fork_db) )
    {
-      /// TODO: if the block is greater than the head block and before the next maitenance interval
-      // verify that the block signer is in the current set of active witnesses.
+
+      // If the block is greater than the head block and before the next maintenance interval
+      if (new_block.block_num() > head_block_num()
+            && new_block.timestamp <  get<dynamic_global_property_object>(dynamic_global_property_id_type()).next_maintenance_time )
+      {
+         // make sure the block signer is in the current set of active witnesses
+         //TODO: Do we need to validate signature, or has this already been done?
+         auto witnesses = get_global_properties().active_witnesses;
+         if (std::find(witnesses.begin(), witnesses.end(), new_block.witness ) == witnesses.end())
+         {
+            return false;
+         }
+      }
 
       shared_ptr<fork_item> new_head = _fork_db.push_block(new_block);
       //If the head block from the longest chain does not build off of the current head, we need to switch forks.

From 8b0a50541caa5d445eff1b6fd337d22e3fcb9cee Mon Sep 17 00:00:00 2001
From: John Jones <jmjatlanta@gmail.com>
Date: Fri, 4 May 2018 04:12:23 -0500
Subject: [PATCH 2/2] Throwing exception on block witness not being an active
 witness

---
 libraries/chain/db_block.cpp | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/libraries/chain/db_block.cpp b/libraries/chain/db_block.cpp
index 7b6f948307..6c6e3f1d6a 100644
--- a/libraries/chain/db_block.cpp
+++ b/libraries/chain/db_block.cpp
@@ -134,14 +134,14 @@ bool database::_push_block(const signed_block& new_block)
 
       // If the block is greater than the head block and before the next maintenance interval
       if (new_block.block_num() > head_block_num()
-            && new_block.timestamp <  get<dynamic_global_property_object>(dynamic_global_property_id_type()).next_maintenance_time )
+            && new_block.timestamp < get_dynamic_global_properties().next_maintenance_time )
       {
          // make sure the block signer is in the current set of active witnesses
-         //TODO: Do we need to validate signature, or has this already been done?
-         auto witnesses = get_global_properties().active_witnesses;
-         if (std::find(witnesses.begin(), witnesses.end(), new_block.witness ) == witnesses.end())
+         const auto& witnesses = get_global_properties().active_witnesses;
+         witnesses.find(new_block.witness);
+         if ( witnesses.find(new_block.witness) == witnesses.end() )
          {
-            return false;
+            FC_THROW_EXCEPTION(fc::assert_exception, "database::_push_block: Block witness not in list of active witnesses.");
          }
       }