public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: bitcoin-list@bluematt.me
To: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] IMPORTANT: if you are running latest git HEAD
Date: Sun, 25 Dec 2011 13:15:22 -0800	[thread overview]
Message-ID: <ed6f69e1-0374-4a64-b4d5-5ea3d4d96a0d@email.android.com> (raw)
In-Reply-To: <CABsx9T0AQMYxBh_Bq3ZfviU94CbszP264eKJHwj5akQNbTTrNA@mail.gmail.com>

Couldn't your net testing code be modified to do that to some extent?

Gavin Andresen <gavinandresen@gmail.com> wrote:

>Reposted from the forums:
>
>makomk reported a remote vulnerability that I pulled into the master
>bitcoin/bitcoin tree on December 20. If you are running git-HEAD code
>on the production network you should pull the latest code to get the
>bug fixed.
>
>This affects only anybody who has pulled and compiled their own
>bitcoind/bitcoin-qt from the source tree in the last 5 days.
>
>Gory details:
>
>I made a mistake.  I refactored the ConnectInputs() function into two
>pieces (FetchInputs() and ConnectInputs()), and should have duplicated
>a check in ConnectInputs for an out-of-range
>previous-transaction-output in the FetchInputs() method.  The result
>was a new method I wrote to help prevent a possible OP_EVAL-related
>denial-of-service attack (AreInputsStandard()) could crash with an
>out-of-bounds memory access if given an invalid transaction.
>
>The bug-fix puts a check in FetchInputs and an assertion in
>AreInputsStandard. This does not affect the back-ported "mining only"
>code I wrote that some miners and pools have started using.
>
>The good news is this was found and reported before binaries with the
>vulnerability were released; the bad news is this was not found before
>the code was pulled and could have made it into the next release if
>makomk had not been testing some unrelated code.
>
>Before releasing 0.6, I would like to have an "intelligent,
>bitcoin-specific fuzzing tool" that automatically finds this type of
>bug that we can run before every release. If anybody already has one,
>please speak up!
>
>-- 
>--
>Gavin Andresen
>
>------------------------------------------------------------------------------
>Write once. Port to many.
>Get the SDK and tools to simplify cross-platform app development.
>Create 
>new or port existing apps to sell to consumers worldwide. Explore the 
>Intel AppUpSM program developer opportunity.
>appdeveloper.intel.com/join
>http://p.sf.net/sfu/intel-appdev
>_______________________________________________
>Bitcoin-development mailing list
>Bitcoin-development@lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/bitcoin-development




      reply	other threads:[~2011-12-25 21:15 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-12-25 16:05 [Bitcoin-development] IMPORTANT: if you are running latest git HEAD Gavin Andresen
2011-12-25 21:15 ` bitcoin-list [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ed6f69e1-0374-4a64-b4d5-5ea3d4d96a0d@email.android.com \
    --to=bitcoin-list@bluematt.me \
    --cc=bitcoin-development@lists.sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox