public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
* [Bitcoin-development] IMPORTANT: if you are running latest git HEAD
@ 2011-12-25 16:05 Gavin Andresen
  2011-12-25 21:15 ` bitcoin-list
  0 siblings, 1 reply; 2+ messages in thread
From: Gavin Andresen @ 2011-12-25 16:05 UTC (permalink / raw)
  To: Bitcoin Dev

Reposted from the forums:

makomk reported a remote vulnerability that I pulled into the master
bitcoin/bitcoin tree on December 20. If you are running git-HEAD code
on the production network you should pull the latest code to get the
bug fixed.

This affects only anybody who has pulled and compiled their own
bitcoind/bitcoin-qt from the source tree in the last 5 days.

Gory details:

I made a mistake.  I refactored the ConnectInputs() function into two
pieces (FetchInputs() and ConnectInputs()), and should have duplicated
a check in ConnectInputs for an out-of-range
previous-transaction-output in the FetchInputs() method.  The result
was a new method I wrote to help prevent a possible OP_EVAL-related
denial-of-service attack (AreInputsStandard()) could crash with an
out-of-bounds memory access if given an invalid transaction.

The bug-fix puts a check in FetchInputs and an assertion in
AreInputsStandard. This does not affect the back-ported "mining only"
code I wrote that some miners and pools have started using.

The good news is this was found and reported before binaries with the
vulnerability were released; the bad news is this was not found before
the code was pulled and could have made it into the next release if
makomk had not been testing some unrelated code.

Before releasing 0.6, I would like to have an "intelligent,
bitcoin-specific fuzzing tool" that automatically finds this type of
bug that we can run before every release. If anybody already has one,
please speak up!

-- 
--
Gavin Andresen



^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [Bitcoin-development] IMPORTANT: if you are running latest git HEAD
  2011-12-25 16:05 [Bitcoin-development] IMPORTANT: if you are running latest git HEAD Gavin Andresen
@ 2011-12-25 21:15 ` bitcoin-list
  0 siblings, 0 replies; 2+ messages in thread
From: bitcoin-list @ 2011-12-25 21:15 UTC (permalink / raw)
  To: Bitcoin Dev

Couldn't your net testing code be modified to do that to some extent?

Gavin Andresen <gavinandresen@gmail.com> wrote:

>Reposted from the forums:
>
>makomk reported a remote vulnerability that I pulled into the master
>bitcoin/bitcoin tree on December 20. If you are running git-HEAD code
>on the production network you should pull the latest code to get the
>bug fixed.
>
>This affects only anybody who has pulled and compiled their own
>bitcoind/bitcoin-qt from the source tree in the last 5 days.
>
>Gory details:
>
>I made a mistake.  I refactored the ConnectInputs() function into two
>pieces (FetchInputs() and ConnectInputs()), and should have duplicated
>a check in ConnectInputs for an out-of-range
>previous-transaction-output in the FetchInputs() method.  The result
>was a new method I wrote to help prevent a possible OP_EVAL-related
>denial-of-service attack (AreInputsStandard()) could crash with an
>out-of-bounds memory access if given an invalid transaction.
>
>The bug-fix puts a check in FetchInputs and an assertion in
>AreInputsStandard. This does not affect the back-ported "mining only"
>code I wrote that some miners and pools have started using.
>
>The good news is this was found and reported before binaries with the
>vulnerability were released; the bad news is this was not found before
>the code was pulled and could have made it into the next release if
>makomk had not been testing some unrelated code.
>
>Before releasing 0.6, I would like to have an "intelligent,
>bitcoin-specific fuzzing tool" that automatically finds this type of
>bug that we can run before every release. If anybody already has one,
>please speak up!
>
>-- 
>--
>Gavin Andresen
>
>------------------------------------------------------------------------------
>Write once. Port to many.
>Get the SDK and tools to simplify cross-platform app development.
>Create 
>new or port existing apps to sell to consumers worldwide. Explore the 
>Intel AppUpSM program developer opportunity.
>appdeveloper.intel.com/join
>http://p.sf.net/sfu/intel-appdev
>_______________________________________________
>Bitcoin-development mailing list
>Bitcoin-development@lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/bitcoin-development




^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2011-12-25 21:15 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-12-25 16:05 [Bitcoin-development] IMPORTANT: if you are running latest git HEAD Gavin Andresen
2011-12-25 21:15 ` bitcoin-list

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox