📅 Original date posted:2011-09-15
🗒️ Summary of this message: A discussion about a potential mem exhaustion DoS attack in the p2p network code of Bitcoin, with no patch submitted yet.
📝 Original message:On Sep 15, 2011, at 1:17 PM, Gavin Andresen wrote:
>> On Sep 15, 2011 11:20 AM, "Gavin Andresen" <gavinandresen at gmail.com> wrote:
>>> I'm ignoring bandwidth DoS attacks-- we already have the
>>> -maxreceivebuffer option to deal with those.
>>
>> I disagree with this comment. The way this is currently implemented is a mem
>> exhaustion dos in itself waiting to happen and does nothing to prevent
>> network flooding.
>
> Have you submitted a patch to fix it?
No, it requires the entirety of the p2p network code be reworked and large patches aren't accepted.
No reason to take that off list, it's an issue that's been acknowledged on irc numerous times and is in the public channel logs.
--
Douglas Huff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20110915/1aa29047/attachment.sig>;
Douglas Huff [ARCHIVE] /
npub1xp…c6eq0
2023-06-07 02:27:01
in reply to nevent1q…n4hj
Author Public Key
npub1xpryrka5nmn2vq9uum4qfjcvkfdne95l3ug4sxhdkcnndu4uu6eqrc6eq0Published at
2023-06-07 02:27:01Event JSON
{
"id": "9e08aeb41de5c968e0219a36413d2b0c02ff8b31efeef25d1fed9e779ba57f6a",
"pubkey": "304641dbb49ee6a600bce6ea04cb0cb25b3c969f8f11581aedb62736f2bce6b2",
"created_at": 1686104821,
"kind": 1,
"tags": [
[
"e",
"e29ff4d93432370a19179a042d2501986d93a8b4cdbf351edfd1916f772bb3bb",
"",
"root"
],
[
"e",
"ba12ff50ac94a84a25c43567187b50a2a584eb46a6e2a49009510586506d487f",
"",
"reply"
],
[
"p",
"d52a1b72551bba47beb14639a1b6f5e6cd98603ecbaaa6ab02031708d9cc4473"
]
],
"content": "📅 Original date posted:2011-09-15\n🗒️ Summary of this message: A discussion about a potential mem exhaustion DoS attack in the p2p network code of Bitcoin, with no patch submitted yet.\n📝 Original message:On Sep 15, 2011, at 1:17 PM, Gavin Andresen wrote:\n\n\u003e\u003e On Sep 15, 2011 11:20 AM, \"Gavin Andresen\" \u003cgavinandresen at gmail.com\u003e wrote:\n\u003e\u003e\u003e I'm ignoring bandwidth DoS attacks-- we already have the\n\u003e\u003e\u003e -maxreceivebuffer option to deal with those.\n\u003e\u003e \n\u003e\u003e I disagree with this comment. The way this is currently implemented is a mem\n\u003e\u003e exhaustion dos in itself waiting to happen and does nothing to prevent\n\u003e\u003e network flooding.\n\u003e \n\u003e Have you submitted a patch to fix it?\n\nNo, it requires the entirety of the p2p network code be reworked and large patches aren't accepted.\n\nNo reason to take that off list, it's an issue that's been acknowledged on irc numerous times and is in the public channel logs.\n\n-- \nDouglas Huff\n-------------- next part --------------\nA non-text attachment was scrubbed...\nName: signature.asc\nType: application/pgp-signature\nSize: 801 bytes\nDesc: Message signed with OpenPGP using GPGMail\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20110915/1aa29047/attachment.sig\u003e",
"sig": "7ef45c2a39ab1387bda7faca095f5dee25e4796bd307c2662b6f8528918ad45deeb3bba655792ad2da936e4baebfce14ec112de05f1a3a613900358255bfa8ce"
}