Hacker News new | ask | show | jobs
by narcissus 2663 days ago
"This is why the buffer is smaller in bitcoin than in these scamcoins."

Are you saying that the buffer is smaller in Bitcoin because of that CVE issue? As in, the issue was discovered and the solution was the make the buffer smaller, instead of resolving the issue correctly?

Because reading that article seems to imply, at least, that core is affected that issue or am I reading that wrong? Or do you mean something like "lucky the buffer is smaller in core"? Saying that 'something is why something else' reads like that something else is what caused the something, and like I say, I find it hard to believe that the solution to that CVE was "forget fixing the actual problem, we'll just make the buffer smaller"...
1 comments
nullc 2663 days ago
The buffers in Bitcoin were specifically sized in response to known vulnerabilities long ago, some of which have been reintroduced by clones.

Appropriately sizing buffers is the correct fix in some cases... For example, when the vulnerability is that an attacker can make N connections and begin N max_size messages, causing the allocation of N*max_size ram a perfectly reasonable fix is making sure that the protocol guarantees that the maximum size of any single message is small enough that decoding N in parallel isn't an issue.

link
narcissus 2663 days ago
That's fair... I was completely misunderstanding the problem.

So is it that core is not affected by that last CVE at all, or just not as much as the others?

link
nullc 2663 days ago
> So is it that core is not affected by that last CVE at all

Not at all.

"re: deserialization memory allocation: as should be obvious from the code snippet in the report, the Unersialize_impl function for vector types does not allocate more than 5MB at a time, instead ensuring the input stream has the neccessary amount of data to fill the allocation first. Thus, this function will never allocate (materially) more than the input stream, which in this case is limited by the maximum message size. In the case of Bitcoin Core this is limited to around 4MB, though again, I understand Bitcoin SV has significantly increased this limit. Thanks again for the report!"

link
narcissus 2663 days ago
Nice. I know this is a thing that I should be able to just read myself, but it's way too early (or is it late?) here, so I appreciate the information! Thanks.
link