aboutsummaryrefslogtreecommitdiff
path: root/ANONYMITY_NETWORKS.md
diff options
context:
space:
mode:
authoranonimal <anonimal@getmonero.org>2019-03-09 09:11:44 +0000
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2019-06-14 08:47:05 +0000
commit8f66b7053a8e4521fdd68c1d74718e73345fb158 (patch)
treeb669995624bedf1c4377c32d1183dede4545434d /ANONYMITY_NETWORKS.md
parentepee: basic sanity check on allocation size from untrusted source (diff)
downloadmonero-8f66b7053a8e4521fdd68c1d74718e73345fb158.tar.xz
cryptonote_protocol_handler: prevent potential DoS
Essentially, one can send such a large amount of IDs that core exhausts all free memory. This issue can theoretically be exploited using very large CN blockchains, such as Monero. This is a partial fix. Thanks and credit given to CryptoNote author 'cryptozoidberg' for collaboration and the fix. Also thanks to 'moneromooo'. Referencing HackerOne report #506595.
Diffstat (limited to 'ANONYMITY_NETWORKS.md')
0 files changed, 0 insertions, 0 deletions