Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 0AE3A305 for ; Wed, 4 Jan 2017 00:14:06 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from dmz-mailsec-scanner-8.mit.edu (dmz-mailsec-scanner-8.mit.edu [18.7.68.37]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id F09E1157 for ; Wed, 4 Jan 2017 00:14:04 +0000 (UTC) X-AuditID: 12074425-59fff700000068fb-f4-586c3e4a1240 Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by (Symantec Messaging Gateway) with SMTP id 88.5B.26875.A4E3C685; Tue, 3 Jan 2017 19:14:03 -0500 (EST) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id v040E2wH011634 for ; Tue, 3 Jan 2017 19:14:02 -0500 Received: from mail-wj0-f171.google.com (mail-wj0-f171.google.com [209.85.210.171]) (authenticated bits=0) (User authenticated as jlrubin@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id v040E0DZ026336 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT) for ; Tue, 3 Jan 2017 19:14:01 -0500 Received: by mail-wj0-f171.google.com with SMTP id c11so252283129wjx.3 for ; Tue, 03 Jan 2017 16:14:01 -0800 (PST) X-Gm-Message-State: AIkVDXJRWbH2VOk7XhvSmi25HVLh9QcdPBdh0/p8L2dA0QDuCCLhMM7tM945oU5HRgafXrQXb8nTKT4IoIMgQg== X-Received: by 10.194.145.197 with SMTP id sw5mr55171876wjb.156.1483488839914; Tue, 03 Jan 2017 16:13:59 -0800 (PST) MIME-Version: 1.0 Received: by 10.194.23.8 with HTTP; Tue, 3 Jan 2017 16:13:39 -0800 (PST) In-Reply-To: <6A91D4E4-750D-42C0-B593-3D5014B8A3F7@xbt.hk> References: <400152B9-1838-432A-829E-13E4FC54320C@gmail.com> <6A91D4E4-750D-42C0-B593-3D5014B8A3F7@xbt.hk> From: Jeremy Date: Tue, 3 Jan 2017 19:13:39 -0500 X-Gmail-Original-Message-ID: Message-ID: To: Johnson Lau Content-Type: multipart/alternative; boundary=089e012285be54ddd9054539a99b X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrLKsWRmVeSWpSXmKPExsUixG6nouttlxNh8GKCiUXTa1sHRo/fPyYz BjBGcdmkpOZklqUW6dslcGXsXTiFsWCOW8XBZx9ZGxjn2XcxcnJICJhINJ1fyt7FyMUhJNDG JNG64iMrhHOHUeLxlutsEM5nJomVH+4xQziLGCVa5h5hhejPkVj84DgLhF0mcXr9BmYQm1dA UOLkzCdgcSEBD4nOS/vZQGxOASuJQ5/XQu37xShxaFY30CAODjYBOYkPv0xBalgEVCT+Pf3C DDEzUWLR3BPsEDMDJDY/uw+2V1jASGLL34tMILaIgLzE+bWLwI5jFpjIKDHtfiNYA7OAl8Sz /hbmCYzCs5DcNAtJahbQamYBdYn184QgwtoSyxa+Zoaw1SRub7vKjiy+gJFtFaNsSm6Vbm5i Zk5xarJucXJiXl5qka6FXm5miV5qSukmRnCcuKjuYJzz1+sQowAHoxIP74pF2RFCrIllxZW5 hxglOZiURHkLRHIihPiS8lMqMxKLM+KLSnNSiw8xSnAwK4nw3rICyvGmJFZWpRblw6SkOViU xHkvZbpHCAmkJ5akZqemFqQWwWRlODiUJHh/2QA1ChalpqdWpGXmlCCkmTg4QYbzAA1vBKnh LS5IzC3OTIfIn2I05jg2a/FTJo5dnWueMgmx5OXnpUqJ8yrbApUKgJRmlObBTQOluouhl1a/ YhQHek6YNwOkigeYJuHmvQJaxQS0antANsiqkkSElFQDI59OYLw8+1WDK8HdYkYLHBbwqxVo 3X0kJOB2wyV2W9zv4qK+z67e67/FSuZuDcysecTeIXOucrXizbvS3n9nK0/zD/8hWD/15c8N LRu52PYUdMjE7DS54rdNSLG/TuDRM3Nbx+fXf6nzf294wKss9OzAu09H15yZd+rbvDUHzRIk 7lnmz4+bp8RSnJFoqMVcVJwIAODxuY9QAwAA X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,HTML_MESSAGE, RCVD_IN_DNSWL_MED,RCVD_IN_SORBS_SPAM,RP_MATCHES_RCVD autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: bitcoin-dev , Steve Davis Subject: Re: [bitcoin-dev] Script Abuse Potential? X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jan 2017 00:14:06 -0000 --089e012285be54ddd9054539a99b Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Sure, was just upper bounding it anyways. Even less of a problem! RE: OP_CAT, not as OP_CAT was specified, which is why it was disabled. As far as I know, the elements alpha proposal to reenable a limited op_cat to 520 bytes is somewhat controversial... -- @JeremyRubin On Mon, Jan 2, 2017 at 10:39 PM, Johnson Lau wrote: > No, there could only have not more than 201 opcodes in a script. So you > may have 198 OP_2DUP at most, i.e. 198 * 520 * 2 =3D 206kB > > For OP_CAT, just check if the returned item is within the 520 bytes limit= . > > On 3 Jan 2017, at 11:27, Jeremy via bitcoin-dev < > bitcoin-dev@lists.linuxfoundation.org> wrote: > > It is an unfortunate script, but can't actually > =E2=80=8Bdo > that much > =E2=80=8B it seems=E2=80=8B > . The MAX_SCRIPT_ELEMENT_SIZE =3D 520 Bytes. > =E2=80=8B Thus, it would seem the worst you could do with this would be t= o (10000-520*2)*520*2 > bytes ~=3D~ 10 MB. > > =E2=80=8BMuch more concerning would be the op_dup/op_cat style bug, which= under a > similar script =E2=80=8Bwould certainly cause out of memory errors :) > > > > -- > @JeremyRubin > > > On Mon, Jan 2, 2017 at 4:39 PM, Steve Davis via bitcoin-dev < > bitcoin-dev@lists.linuxfoundation.org> wrote: > >> Hi all, >> >> Suppose someone were to use the following pk_script: >> >> [op_2dup, op_2dup, op_2dup, op_2dup, op_2dup, ...(to limit)..., >> op_2dup, op_hash160, , op_equalverify, op_checksig] >> >> This still seems to be valid AFAICS, and may be a potential attack vecto= r? >> >> Thanks. >> >> >> _______________________________________________ >> bitcoin-dev mailing list >> bitcoin-dev@lists.linuxfoundation.org >> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev >> >> > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > > > --089e012285be54ddd9054539a99b Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Sure, was just upper boun= ding it anyways. Even less of a problem!


RE: OP_CAT, not as OP_CAT was specified, which is why it was= disabled. As far as I know, the elements alpha proposal to reenable a limi= ted op_cat to 520 bytes is somewhat controversial...



-= -
@JeremyR= ubin<= /div>

On Mon, Jan 2, 2017 at 10:39 PM, Johnson Lau= <j= l2012@xbt.hk> wrote:
No, there could only have not more than = 201 opcodes in a script. So you may have 198 OP_2DUP at most, i.e. 198 * 52= 0 * 2 =3D 206kB

For OP_CAT, just check if the retu= rned item is within the 520 bytes limit.

On 3 Jan 2017, at 1= 1:27, Jeremy via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org= > wrote:

It is an unfortunate script, but can't actually=C2=A0
=E2=80=8Bdo
= =C2=A0that much
=E2=80=8B it seems=E2=80=8B
. The MAX_SCRIPT_ELEMENT_SIZE =3D 520 Bytes.
=E2=80=8B Thus, it would seem the worst you could do with this would b= e to=C2=A0(10000-520*2)*520*2 bytes =C2=A0~=3D~ 10 MB.

=E2=80=8BMuch more concerning w= ould be the op_dup/op_cat style bug, which under a similar script =E2=80=8B= would certainly cause out of memory errors :)


On Mon, Jan 2, 2017 at 4:39 PM, Steve Davis = via bitcoin-dev <bitcoin-dev@lists.linuxfoundatio= n.org> wrote:
Hi all,

Suppose someone were to use the followi= ng pk_script:

[op_2dup, op_2dup, op_2dup, = op_2dup, op_2dup, ...(to limit)..., op_2dup,=C2=A0op_hash160, <addr_hash= >, op_equalverify, op_checksig]

Thi= s still seems to be valid AFAICS, and may be a potential attack vector?

Thanks.


___= ____________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org= /mailman/listinfo/bitcoin-dev


_______________________________________________
bitcoin-dev mailing= list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev<= /a>

--089e012285be54ddd9054539a99b--