[op_2dup, op_2dup, op_2dup, op_2dup, op_2dup, ...(to limit)..., op_2dup, op_hash160, <addr_hash>, op_equalverify, op_checksig]

This still seems to be valid AFAICS, and may be a potential attack vector?

Thanks.