1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
Return-Path: <simon@bitcartel.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 9562586
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 2 Dec 2015 07:33:34 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-pa0-f47.google.com (mail-pa0-f47.google.com
[209.85.220.47])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 6B8DF12D
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 2 Dec 2015 07:33:33 +0000 (UTC)
Received: by padhx2 with SMTP id hx2so32690538pad.1
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 01 Dec 2015 23:33:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=bitcartel-com.20150623.gappssmtp.com; s=20150623;
h=subject:to:references:cc:from:message-id:date:user-agent
:mime-version:in-reply-to:content-type:content-transfer-encoding;
bh=ASj30KmPhEwJPehDMHjfZQZhRJwfjVdM8nCMq6F/pcI=;
b=Rr4TSH1dVlye8kZ/PNY4X+b4QKmRyZJQU1gylgB0KiloG9BTt6CKseYOiV9SgPYudn
KS8dm/7Z+mNm5X97/TECgiKOIb8GtewkjcIVbR5LPKSmkafBlQiu7N4oSYNQ9S/zO+ZB
DRp4Ov33n9kCEg1jR7ubOBo112cAKcU28S0jnyYgAbF+RrogS0PGdsO7FJ/48uB/I/7i
j8LXybYMIwAp2Paaih9+DoH8i0/KaQAOnE/AFF0T/pKeUIyrngxkBoRs8nJ2YKmbK/zN
RPCsFoG+F+IJI8RNSYzOkqjGvbT5jldOB2uzsJBJEnutO7tQ7bpikH5Ia0urlqN8ZL2k
O0pg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:subject:to:references:cc:from:message-id:date
:user-agent:mime-version:in-reply-to:content-type
:content-transfer-encoding;
bh=ASj30KmPhEwJPehDMHjfZQZhRJwfjVdM8nCMq6F/pcI=;
b=aUnng3CpsplvrCfyqVMcTQ8MS3U9TfbUnh/DP2sfG4LY5Nk8N2qu4ZHRTxLpyEC4Mo
n8Uc2GVEyf463kGL5P4toGt3TgVhXS1D8e/FO+8DEZFm24Nvx3w0AxCXGA5s18KckC2M
LAUuKWA6rv7jk1sJ6NR+r4P+4p38r0m0mtosif5887PXIyB/h0itNp8MABIjSUE0OttR
wtZzYvUaavfVOCwz4MySDwxfiPyqWsdE3ZS/PiQUK9w7AXfy0nwiPauiC24+uDCoTTXO
oqYYmzL09PeJNviGJ2lTJX0vkf/+MVMnlSsdVwcpM/Ptjxllnr9jC5zibbo01XENFzUd
YSbw==
X-Gm-Message-State: ALoCoQkvZt8b3RRTJcjN1bmZMp+YZpMf2ockltT8KTIMjCRWuX2hXg4XWi5R22qnP0oYbdPVPe8T
X-Received: by 10.98.15.215 with SMTP id 84mr2501612pfp.49.1449041613095;
Tue, 01 Dec 2015 23:33:33 -0800 (PST)
Received: from [192.168.2.5] (c-73-162-159-241.hsd1.ca.comcast.net.
[73.162.159.241]) by smtp.googlemail.com with ESMTPSA id
7sm2190586pfb.78.2015.12.01.23.33.27
(version=TLSv1/SSLv3 cipher=OTHER);
Tue, 01 Dec 2015 23:33:28 -0800 (PST)
To: =?UTF-8?Q?Pavel_Jan=c3=adk?= <Pavel@Janik.cz>
References: <565CD7D8.3070102@gmail.com>
<90EF4E6C-9A71-4A35-A938-EAFC1A24DD24@mattcorallo.com>
<04188281-6A0C-4178-B2CA-BDE799C4FE9F@Janik.cz>
<565E30C6.1010002@bitcartel.com>
<AF49F870-0600-47D1-8AC6-EEBFAA5B1C24@Janik.cz>
From: Simon Liu <simon@bitcartel.com>
Message-ID: <565E9EC7.50003@bitcartel.com>
Date: Tue, 1 Dec 2015 23:33:27 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <AF49F870-0600-47D1-8AC6-EEBFAA5B1C24@Janik.cz>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Wed, 02 Dec 2015 15:42:41 +0000
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] [BIP Draft] Datastream compression of Blocks and
Transactions
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2015 07:33:34 -0000
Hi Pavel,
(my earlier email was moderated, so the list can only see it via your
reply),
Yes, an attacker could try and send malicious data to take advantage of
a compression library vulnerability... but is it that much worse than
existing attack vectors which might also result in denial of service,
crashes, remote execution?
Peter, perhaps your BIP can look at possible ways to isolate the
decompression phase, such as having incoming compressed blocks be saved
to a quarantine folder and an external process/daemon decompress and
verify the block's hash?
Regards,
Simon
On 12/01/2015 10:47 PM, Pavel Janík wrote:
>
>> On 02 Dec 2015, at 00:44, Simon Liu <simon@bitcartel.com> wrote:
>>
>> Hi Matt/Pavel,
>>
>> Why is it scary/undesirable? Thanks.
>
> Select your preferable compression library and google for it with +CVE.
>
> E.g. in zlib:
>
> http://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-1820/GNU-Zlib.html
>
> …allows remote attackers to cause a denial of service (crash) via a crafted compressed stream…
> …allows remote attackers to cause a denial of service (application crash)…
> etc.
>
> Do you want to expose such lib to the potential attacker?
> --
> Pavel Janík
>
>
>
>
|