Riccardo Spagni
1d5e8f461d
Merge pull request #5639
...
2eef90d6 rpc: restrict the recent cutoff size in restricted RPC mode (moneromooo-monero)
0564da5f ensure no NULL is passed to memcpy (moneromooo-monero)
bc09766b abstract_tcp_server2: improve DoS resistance (moneromooo-monero)
1387549e serialization: check stream good flag at the end (moneromooo-monero)
a00cabd4 tree-hash: allocate variable memory on heap, not stack (moneromooo-monero)
f2152192 cryptonote: throw on tx hash calculation error (moneromooo-monero)
db2b9fba serialization: fail on read_varint error (moneromooo-monero)
68ad5481 cryptonote_protocol: fix another potential P2P DoS (moneromooo-monero)
1cc61018 cryptonote_protocol: expand basic DoS protection (moneromooo-monero)
8f66b705 cryptonote_protocol_handler: prevent potential DoS (anonimal)
39169ace epee: basic sanity check on allocation size from untrusted source (moneromooo-monero)
2019-06-14 16:19:45 +02:00
Riccardo Spagni
633f1542e2
prep for 0.14.1 release
2019-06-14 16:16:52 +02:00
moneromooo-monero
2eef90d6ef
rpc: restrict the recent cutoff size in restricted RPC mode
2019-06-14 08:47:33 +00:00
moneromooo-monero
0564da5fdc
ensure no NULL is passed to memcpy
...
NULL is valid when size is 0, but memcpy uses nonnull attributes,
so let's not poke the bear
2019-06-14 08:47:29 +00:00
moneromooo-monero
bc09766bf9
abstract_tcp_server2: improve DoS resistance
2019-06-14 08:47:26 +00:00
moneromooo-monero
1387549e90
serialization: check stream good flag at the end
...
just in case
2019-06-14 08:47:23 +00:00
moneromooo-monero
a00cabd4f3
tree-hash: allocate variable memory on heap, not stack
...
Large amounts might run out of stack
Reported by guidov
2019-06-14 08:47:20 +00:00
moneromooo-monero
f215219252
cryptonote: throw on tx hash calculation error
2019-06-14 08:47:17 +00:00
moneromooo-monero
db2b9fba65
serialization: fail on read_varint error
2019-06-14 08:47:14 +00:00
moneromooo-monero
68ad548193
cryptonote_protocol: fix another potential P2P DoS
...
When asking for txes in a fluffy transaction, one might ask
for the same (large) tx many times
2019-06-14 08:47:11 +00:00
moneromooo-monero
1cc61018e5
cryptonote_protocol: expand basic DoS protection
...
Count transactions as well
2019-06-14 08:47:08 +00:00
anonimal
8f66b7053a
cryptonote_protocol_handler: prevent potential DoS
...
Essentially, one can send such a large amount of IDs that core exhausts
all free memory. This issue can theoretically be exploited using very
large CN blockchains, such as Monero.
This is a partial fix. Thanks and credit given to CryptoNote author
'cryptozoidberg' for collaboration and the fix. Also thanks to
'moneromooo'. Referencing HackerOne report #506595 .
2019-06-14 08:47:05 +00:00
moneromooo-monero
39169ace09
epee: basic sanity check on allocation size from untrusted source
...
Reported by guidov
2019-06-14 08:47:01 +00:00
moneromooo-monero
69f9420489
core: do not complain about low block rate if disconnected
...
In that case, we'll still keep the "Monero is now disconnected
from the network" near the end of the log
2019-06-13 10:25:30 +00:00
moneromooo-monero
b712ae0af2
rpc: work around a GCC 7.4.0 (at least) bug
...
In static member function ‘static boost::optional<cryptonote::rpc::output_distribution_data> cryptonote::rpc::RpcHandler::get_output_distribution(const std::function<bool(long unsigned int, long unsigned int, long unsigned int, long unsigned int&, std::vector<long unsigned int>&, long unsigned int&)>&, uint64_t, uint64_t, uint64_t, const std::function<crypto::hash(long unsigned int)>&, bool, uint64_t)’:
cc1plus: warning: ‘void* __builtin_memset(void*, int, long unsigned int)’: specified size 18446744073709551536 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
2019-06-12 22:27:07 +00:00
luigi1111
7b3df89bd4
Merge pull request #5632
...
3a0fbea Don't use -march=native (hyc)
f8b2f25 Allow parallel make (hyc)
01ced20 Delete redundant cppzmq dependency (hyc)
1dc4ebf Use 9 digit build IDs (hyc)
2019-06-12 14:47:33 -05:00
luigi1111
a22bb544a3
Merge pull request #5552
...
c27d961 [depends] update openssl to 1.0.2r (who-biz)
2019-06-12 14:43:51 -05:00
Howard Chu
1dc4ebfd6c
Use 9 digit build IDs
2019-06-12 16:47:33 +01:00
moneromooo-monero
03aa14ec87
tx_sanity_check: don't print an error when not enough outs to check
2019-06-12 12:06:14 +00:00
moneromooo-monero
14881094af
rpc: fix get_transactions getting v1 txes from the txpool
...
It would try to get their prunable hash, but v1 txes don't have one
2019-06-12 11:59:13 +00:00
Howard Chu
01ced20eca
Delete redundant cppzmq dependency
2019-06-12 10:20:44 +01:00
Howard Chu
f8b2f250b7
Allow parallel make
2019-06-12 09:00:50 +01:00
Howard Chu
3a0fbea1ff
Don't use -march=native
2019-06-12 09:00:44 +01:00
luigi1111
fd0cf689dd
Merge pull request #5619
...
f2f207d miner: fix double free of thread attributes (ston1th)
2019-06-11 18:17:11 -05:00
luigi1111
9c0e9c40ec
Merge pull request #5618
...
b0a04f7 epee: fix SSL autodetect on reconnection (xiphon)
2019-06-11 18:15:48 -05:00
luigi1111
425e61ca6d
Merge pull request #5616
...
643c86a miniupnpc: update to build on BSD (moneromooo-monero)
2019-06-11 18:14:17 -05:00
luigi1111
c48722caa9
Merge pull request #5613
...
2cbe756 p2p: fix GCC 9.1 crash (moneromooo-monero)
35c20c4 Fix GCC 9.1 build warnings (moneromooo-monero)
e284889 cmake: do not use -mmitigate-rop on GCC >= 9.1 (moneromooo-monero)
2019-06-11 18:13:09 -05:00
Your Name
6b41bd8eb5
Delete more include string.h
2019-06-11 16:08:42 +08:00
xiphon
b8cfa92b7e
rpc: implement set_bootstrap_daemon method
2019-06-10 21:10:08 +00:00
xiphon
b0a04f7d45
epee: fix SSL autodetect on reconnection
2019-06-10 10:40:16 +00:00
ston1th
c88d6a9e5b
tests: fixed file exec permissions
2019-06-09 17:00:45 +02:00
moneromooo-monero
e2848894c9
cmake: do not use -mmitigate-rop on GCC >= 9.1
...
It was removed, but it still accepted by the compiler, which warns
for every file
2019-06-09 09:40:47 +00:00
moneromooo-monero
35c20c4332
Fix GCC 9.1 build warnings
...
GCC wants operator= aand copy ctor to be both defined, or neither
2019-06-09 09:39:18 +00:00
ston1th
f2f207d635
miner: fix double free of thread attributes
...
issue: #5568
2019-06-09 10:51:18 +02:00
moneromooo-monero
643c86a62a
miniupnpc: update to build on BSD
2019-06-08 18:38:51 +00:00
moneromooo-monero
2cbe75661c
p2p: fix GCC 9.1 crash
2019-06-08 17:52:53 +00:00
moneromooo-monero
068fa1ca5c
p2p: delay IGP probing on startup
...
We might have external access without having to do this
2019-06-06 10:33:02 +00:00
moneromooo-monero
c820e1839f
simplewallet: print errors on exceptions creating wallets
...
Exceptions would otherwise terminate the process silently
2019-06-06 09:49:47 +00:00
xiphon
cf8cb6873a
rpc: use ip address string representation for peer::host field
2019-06-04 19:33:35 +00:00
erciccione
46c1d88565
add 'sponsor' button on GitHub
2019-06-03 15:50:56 +02:00
Howard Chu
dd58057126
Remember RPC version on initial connect
...
Don't keep asking for it on an intact connection
Wallet is too chatty over the wire
2019-06-02 09:31:50 +01:00
Riccardo Spagni
51766d026b
Merge pull request #5583
...
77594c4f functional_tests: fix python3 compatibility (moneromooo-monero)
2019-06-01 20:27:41 +02:00
Riccardo Spagni
62d32e955a
Merge pull request #5577
...
f950517a core: update pruning if using --prune-blockchain on a pruned blockchain (moneromooo-monero)
2019-06-01 20:25:19 +02:00
Riccardo Spagni
7e417dd408
Merge pull request #5571
...
35da33be blockchain: do not try to pop blocks down to the genesis block (moneromooo-monero)
4b51f9a3 core: do not commit half constructed batch db txn (moneromooo-monero)
2019-06-01 20:22:19 +02:00
Riccardo Spagni
14d3295649
Merge pull request #5561
...
9bfa4c20 Fix allow any cert mode in wallet rpc when configured over rpc (Lee Clagett)
3544596f Add ssl_options support to monerod's rpc mode. (Lee Clagett)
c9aaccf3 Fix configuration bug; wallet2 --daemon-ssl-allow-any-cert now works. (Lee Clagett)
2019-06-01 20:21:45 +02:00
Riccardo Spagni
42e2ed31ae
Merge pull request #5558
...
4ac52e52 functional_tests: fix rare get_output_distribution failure (moneromooo-monero)
2019-06-01 20:21:22 +02:00
Riccardo Spagni
df20bcdac5
Merge pull request #5557
...
dbecfe7d unit_tests: make the density test a bit less stringent (moneromooo-monero)
2019-06-01 20:21:03 +02:00
Riccardo Spagni
fccfc1aa25
Merge pull request #5555
...
b6830db2 Fix #5553 (Howard Chu)
2019-06-01 20:20:39 +02:00
Jethro Grassie
343c0b4255
add a command line option to disable ZMQ server
2019-06-01 13:03:37 -04:00
moneromooo-monero
880ebfdeea
daemon: add more chain specific info in alt_chain_info
2019-06-01 15:43:52 +00:00