[nullc]

The buffers in Bitcoin were specifically sized in response to known vulnerabilities long ago, some of which have been reintroduced by clones.

Appropriately sizing buffers is the correct fix in some cases... For example, when the vulnerability is that an attacker can make N connections and begin N max_size messages, causing the allocation of N*max_size ram a perfectly reasonable fix is making sure that the protocol guarantees that the maximum size of any single message is small enough that decoding N in parallel isn't an issue.

[narcissus]

That's fair... I was completely misunderstanding the problem.

So is it that core is not affected by that last CVE at all, or just not as much as the others?

[nullc]

> So is it that core is not affected by that last CVE at all

Not at all.

"re: deserialization memory allocation: as should be obvious from the code snippet in the report, the Unersialize_impl function for vector types does not allocate more than 5MB at a time, instead ensuring the input stream has the neccessary amount of data to fill the allocation first. Thus, this function will never allocate (materially) more than the input stream, which in this case is limited by the maximum message size. In the case of Bitcoin Core this is limited to around 4MB, though again, I understand Bitcoin SV has significantly increased this limit. Thanks again for the report!"

[narcissus]

Nice. I know this is a thing that I should be able to just read myself, but it's way too early (or is it late?) here, so I appreciate the information! Thanks.