Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Frontier/sec 29 #588

Merged
merged 5 commits into from
Apr 1, 2015
Merged

Frontier/sec 29 #588

merged 5 commits into from
Apr 1, 2015

Conversation

zelig
Copy link
Contributor

@zelig zelig commented Mar 28, 2015

I confirm #506
Simply because by sending empty payload new block massages you can take down the client, this was a massive vulnarability.
I am adding message data validations and tests.

  • NewBlockMsg
  • StatusMsg
  • BlocksMsg
  • BlockHashesMsg
  • TxMsg

@fjl
Copy link
Contributor

fjl commented Mar 28, 2015 

                                                                                  consider calling the block method ValidateFields to avoid confusion with the actual block validation.

@zelig
Copy link
Contributor Author

zelig commented Mar 28, 2015

very good advice. i will

@zelig zelig force-pushed the frontier/SEC-29 branch from 2912b63 to c38364e Compare March 30, 2015 12:53
@zelig zelig added this to the Frontier milestone Mar 30, 2015
@zelig zelig self-assigned this Mar 30, 2015
zelig added 5 commits April 1, 2015 12:32
@zelig
eth: SEC-29 eth wire protocol decoding invalid message data crashes c…
e1be34b 
…lient

- add validate method to types.Block
- validate after Decode -> error
- add tests for NewBlockMsg
@zelig
add tests for valid blocks msg handling
d677190
@zelig
test for invalid rlp encoding of block in BlocksMsg
82da6bf 
- rename Validate -> ValidateFields not to confure consensus block validation
- add nil transaction and nil uncle header validation
- remove bigint field checks: rlp already decodes *big.Int to big.NewInt(0)
- add test for nil header, nil transaction
@zelig
check TxMsg
6ffea34 
- add validation on TxMsg checking for nil
- add test for nil transaction
- add test for zero value transaction (no extra validation needed)
@zelig
change StatusMsgData.TD back to pointer type *big.Int
f56fc9c
@zelig zelig force-pushed the frontier/SEC-29 branch from 870bcfc to f56fc9c Compare April 1, 2015 11:37
obscuren added a commit that referenced this pull request Apr 1, 2015
@obscuren
Merge pull request #588 from ethersphere/frontier/SEC-29
4a4da9a 
Frontier/sec 29
@obscuren obscuren merged commit 4a4da9a into ethereum:develop Apr 1, 2015
@obscuren obscuren mentioned this pull request Apr 1, 2015
Closed
@zelig zelig deleted the frontier/SEC-29 branch December 8, 2015 20:51
ngtuna added a commit to ngtuna/tomochain that referenced this pull request Jul 29, 2019
@ngtuna
Merge pull request ethereum#588 from ngtuna/remove-order-mongo
56610b5 
remove processed order in mongodb, only keep cancelled order
maoueh pushed a commit to streamingfast/go-ethereum that referenced this pull request Jan 6, 2023
@temaniarpit27
Merge pull request ethereum#588 from maticnetwork/arpit/qa-to-develop
b1739f6 
qa to develop
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@zelig zelig

Labels
None yet
Projects
None yet
Milestone
Frontier
Development

Successfully merging this pull request may close these issues.
3 participants
@zelig @fjl @obscuren