Return-Path: <jl2012@xbt.hk> Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 5B67B2C for <bitcoin-dev@lists.linuxfoundation.org>; Tue, 3 Jan 2017 03:54:37 +0000 (UTC) X-Greylist: delayed 00:15:04 by SQLgrey-1.7.6 Received: from sender-of-o52.zoho.com (sender-of-o52.zoho.com [135.84.80.217]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 713D0134 for <bitcoin-dev@lists.linuxfoundation.org>; Tue, 3 Jan 2017 03:54:35 +0000 (UTC) Received: from [192.168.1.111] (137.189.135.19 [137.189.135.19]) by mx.zohomail.com with SMTPS id 148341476514442.140201455812075; Mon, 2 Jan 2017 19:39:25 -0800 (PST) From: Johnson Lau <jl2012@xbt.hk> Message-Id: <6A91D4E4-750D-42C0-B593-3D5014B8A3F7@xbt.hk> Content-Type: multipart/alternative; boundary="Apple-Mail=_4D9A32A2-08CF-4030-98EA-EE8CF86DD278" Mime-Version: 1.0 (Mac OS X Mail 10.0 \(3226\)) Date: Tue, 3 Jan 2017 11:39:19 +0800 In-Reply-To: <CAD5xwhjHFzFzKws10TG-XioZoRVZ_oZbMF_xDOy5xNWtzFTsEw@mail.gmail.com> To: Jeremy <jlrubin@mit.edu>, bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> References: <mailman.11263.1483391161.31141.bitcoin-dev@lists.linuxfoundation.org> <400152B9-1838-432A-829E-13E4FC54320C@gmail.com> <CAD5xwhjHFzFzKws10TG-XioZoRVZ_oZbMF_xDOy5xNWtzFTsEw@mail.gmail.com> X-Mailer: Apple Mail (2.3226) X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,HTML_MESSAGE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Steve Davis <steven.charles.davis@gmail.com> Subject: Re: [bitcoin-dev] Script Abuse Potential? X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> X-List-Received-Date: Tue, 03 Jan 2017 03:54:37 -0000 --Apple-Mail=_4D9A32A2-08CF-4030-98EA-EE8CF86DD278 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 No, there could only have not more than 201 opcodes in a script. So you = may have 198 OP_2DUP at most, i.e. 198 * 520 * 2 =3D 206kB For OP_CAT, just check if the returned item is within the 520 bytes = limit. > On 3 Jan 2017, at 11:27, Jeremy via bitcoin-dev = <bitcoin-dev@lists.linuxfoundation.org> wrote: >=20 > It is an unfortunate script, but can't actually =E2=80=8Bdo that = much=E2=80=8B it seems=E2=80=8B. The MAX_SCRIPT_ELEMENT_SIZE =3D 520 = Bytes.=E2=80=8B Thus, it would seem the worst you could do with this = would be to (10000-520*2)*520*2 bytes ~=3D~ 10 MB. >=20 > =E2=80=8BMuch more concerning would be the op_dup/op_cat style bug, = which under a similar script =E2=80=8Bwould certainly cause out of = memory errors :) >=20 >=20 >=20 > -- > @JeremyRubin <https://twitter.com/JeremyRubin> = <https://twitter.com/JeremyRubin> > On Mon, Jan 2, 2017 at 4:39 PM, Steve Davis via bitcoin-dev = <bitcoin-dev@lists.linuxfoundation.org = <mailto:bitcoin-dev@lists.linuxfoundation.org>> wrote: > Hi all, >=20 > Suppose someone were to use the following pk_script: >=20 > [op_2dup, op_2dup, op_2dup, op_2dup, op_2dup, ...(to limit)..., = op_2dup, op_hash160, <addr_hash>, op_equalverify, op_checksig] >=20 > This still seems to be valid AFAICS, and may be a potential attack = vector? >=20 > Thanks. >=20 >=20 > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org = <mailto:bitcoin-dev@lists.linuxfoundation.org> > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev = <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev> >=20 >=20 > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev --Apple-Mail=_4D9A32A2-08CF-4030-98EA-EE8CF86DD278 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 <html><head><meta http-equiv=3D"Content-Type" content=3D"text/html = charset=3Dutf-8"></head><body style=3D"word-wrap: break-word; = -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" = class=3D""><div class=3D"">No, there could only have not more than 201 = opcodes in a script. So you may have 198 OP_2DUP at most, i.e. 198 * 520 = * 2 =3D 206kB</div><div class=3D""><br class=3D""></div><div = class=3D"">For OP_CAT, just check if the returned item is within the 520 = bytes limit.</div><br class=3D""><div><blockquote type=3D"cite" = class=3D""><div class=3D"">On 3 Jan 2017, at 11:27, Jeremy via = bitcoin-dev <<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" = class=3D"">bitcoin-dev@lists.linuxfoundation.org</a>> wrote:</div><br = class=3D"Apple-interchange-newline"><div class=3D""><div dir=3D"ltr" = class=3D""><div class=3D"gmail_default" style=3D"font-family: arial, = helvetica, sans-serif; font-size: small;"><span = style=3D"font-family:arial,sans-serif;color:rgb(34,34,34);font-size:12.800= 000190734863px" class=3D"">It is an unfortunate script, but can't = actually </span><div class=3D"gmail_default" = style=3D"display:inline">=E2=80=8Bdo</div><span = style=3D"font-family:arial,sans-serif;color:rgb(34,34,34);font-size:12.800= 000190734863px" class=3D""> that much</span><div = class=3D"gmail_default" style=3D"display:inline">=E2=80=8B it = seems=E2=80=8B</div><span = style=3D"font-family:arial,sans-serif;color:rgb(34,34,34);font-size:12.800= 000190734863px" class=3D"">. The MAX_SCRIPT_ELEMENT_SIZE =3D 520 = Bytes.</span><div class=3D"gmail_default" = style=3D"font-family:arial,sans-serif;color:rgb(34,34,34);font-size:12.800= 000190734863px;display:inline"><font face=3D"arial, helvetica, = sans-serif" class=3D"">=E2=80=8B Thus, it would seem the worst you could = do with this would be to </font>(10000-520*2)*520*2 bytes ~=3D~= 10 MB.</div></div><div style=3D"font-size:12.800000190734863px" = class=3D""><br class=3D""></div><div = style=3D"font-size:12.800000190734863px" class=3D""><div = class=3D"gmail_default" style=3D"font-family: arial, helvetica, = sans-serif; font-size: small;">=E2=80=8BMuch more concerning would be = the op_dup/op_cat style bug, which under a similar script =E2=80=8Bwould = certainly cause out of memory errors :)</div><div class=3D""><br = class=3D""></div></div></div><div class=3D"gmail_extra"><br clear=3D"all" = class=3D""><div class=3D""><br clear=3D"all" class=3D""><div = class=3D""><div class=3D"gmail_signature" = data-smartmail=3D"gmail_signature"><div dir=3D"ltr" class=3D"">--<br = class=3D""><a href=3D"https://twitter.com/JeremyRubin" target=3D"_blank" = class=3D"">@JeremyRubin</a><a href=3D"https://twitter.com/JeremyRubin" = target=3D"_blank" class=3D""></a></div></div></div> </div> <br class=3D""><div class=3D"gmail_quote">On Mon, Jan 2, 2017 at 4:39 = PM, Steve Davis via bitcoin-dev <span dir=3D"ltr" class=3D""><<a = href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank" = class=3D"">bitcoin-dev@lists.linuxfoundation.org</a>></span> = wrote:<br class=3D""><blockquote class=3D"gmail_quote" style=3D"margin:0 = 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div = style=3D"word-wrap:break-word" class=3D""><div class=3D""><div = style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.800= 000190734863px" class=3D"">Hi all,</div><div = style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.800= 000190734863px" class=3D""><br class=3D""></div><div = style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.800= 000190734863px" class=3D"">Suppose someone were to use the following = pk_script:</div><div = style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.800= 000190734863px" class=3D""><br class=3D""></div><div = class=3D"m_-8615729711671762748m_8591747901013163489gmail_signature" = style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.800= 000190734863px"><div dir=3D"ltr" class=3D"">[op_2dup, op_2dup, op_2dup, = op_2dup, op_2dup, ...(to limit)..., op_2dup, op_hash160, = <addr_hash>, op_equalverify, op_checksig]</div><div dir=3D"ltr" = class=3D""><br class=3D""></div><div class=3D"">This still seems to be = valid AFAICS, and may be a potential attack vector?</div><div = class=3D""><br class=3D""></div><div = class=3D"">Thanks.</div></div></div><div class=3D""><br = class=3D""></div></div><br class=3D"">______________________________<wbr = class=3D"">_________________<br class=3D""> bitcoin-dev mailing list<br class=3D""> <a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" = class=3D"">bitcoin-dev@lists.<wbr class=3D"">linuxfoundation.org</a><br = class=3D""> <a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev"= rel=3D"noreferrer" target=3D"_blank" = class=3D"">https://lists.linuxfoundation.<wbr = class=3D"">org/mailman/listinfo/bitcoin-<wbr class=3D"">dev</a><br = class=3D""> <br class=3D""></blockquote></div><br class=3D""></div> _______________________________________________<br class=3D"">bitcoin-dev = mailing list<br class=3D""><a = href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" = class=3D"">bitcoin-dev@lists.linuxfoundation.org</a><br = class=3D"">https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev<= br class=3D""></div></blockquote></div><br class=3D""></body></html>= --Apple-Mail=_4D9A32A2-08CF-4030-98EA-EE8CF86DD278--