gitea-mirror/monero
1
0
Fork 0
mirror of https://github.com/monero-project/monero.git synced 2025-12-22 23:26:44 -08:00
Code Issues Packages Projects Releases Wiki Activity

cryptonote_protocol_handler: prevent potential DoS

Browse Source 
Essentially, one can send such a large amount of IDs that core exhausts
all free memory. This issue can theoretically be exploited using very
large CN blockchains, such as Monero.

This is a partial fix. Thanks and credit given to CryptoNote author
'cryptozoidberg' for collaboration and the fix. Also thanks to
'moneromooo'. Referencing HackerOne report #506595.
This commit is contained in:
anonimal
2019-03-09 09:11:44 +00:00
committed by moneromooo-monero
parent 39169ace09
commit 8f66b7053a
2 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/cryptonote_protocol/cryptonote_protocol_handler.h
View File

@@ -52,6 +52,7 @@ PUSH_WARNINGS
DISABLE_VS_WARNINGS(4355)
#define LOCALHOST_INT 2130706433
#define CURRENCY_PROTOCOL_MAX_BLOCKS_REQUEST_COUNT 500
namespace cryptonote
{