đź“… Original date posted:2017-01-03
đź“ť Original message:It is an unfortunate script, but can't actually
​do
that much
​ it seems​
. The MAX_SCRIPT_ELEMENT_SIZE = 520 Bytes.
​ Thus, it would seem the worst you could do with this would be to
(10000-520*2)*520*2
bytes ~=~ 10 MB.
​Much more concerning would be the op_dup/op_cat style bug, which under a
similar script ​would certainly cause out of memory errors :)
--
@JeremyRubin <https://twitter.com/JeremyRubin>;
<https://twitter.com/JeremyRubin>;
On Mon, Jan 2, 2017 at 4:39 PM, Steve Davis via bitcoin-dev <
bitcoin-dev at lists.linuxfoundation.org> wrote:
> Hi all,
>
> Suppose someone were to use the following pk_script:
>
> [op_2dup, op_2dup, op_2dup, op_2dup, op_2dup, ...(to limit)...,
> op_2dup, op_hash160, <addr_hash>, op_equalverify, op_checksig]
>
> This still seems to be valid AFAICS, and may be a potential attack vector?
>
> Thanks.
>
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20170102/91e5e8d8/attachment.html>;
Jeremy [ARCHIVE] /
npub1q8…8qwta
2023-06-07 17:55:17
in reply to nevent1q…shl5
Author Public Key
npub1q86n5vtxkwerzwfqza3hwls8pl8764244464talfqy2vpj0qaz6q38qwtaSeen on
wss://relay.nostr.bandPublished at
2023-06-07 17:55:17Event JSON
{
"id": "09ac1ac8da19d49779c72f7e715e1acb008a54fefde00763c77da2383a5d08a0",
"pubkey": "01f53a3166b3b23139201763777e070fcfed5555ad7555f7e90114c0c9e0e8b4",
"created_at": 1686160517,
"kind": 1,
"tags": [
[
"e",
"043f6ae3bedb0353c85b6fa3949c825b98fc4c39925e6a24626844479be4b554",
"",
"root"
],
[
"e",
"20a9c06ede59cfc77276e9a92901f8e8e323937a6919a7455337b9d9fc0a4ff7",
"",
"reply"
],
[
"p",
"9a6b73449cedd35eb88283522be919f8cf94d5a720336c8e843c2dcd56d53e3c"
]
],
"content": "📅 Original date posted:2017-01-03\n📝 Original message:It is an unfortunate script, but can't actually\n​do\n that much\n​ it seems​\n. The MAX_SCRIPT_ELEMENT_SIZE = 520 Bytes.\n​ Thus, it would seem the worst you could do with this would be to\n(10000-520*2)*520*2\nbytes ~=~ 10 MB.\n\n​Much more concerning would be the op_dup/op_cat style bug, which under a\nsimilar script ​would certainly cause out of memory errors :)\n\n\n\n--\n@JeremyRubin \u003chttps://twitter.com/JeremyRubin\u003e\n\u003chttps://twitter.com/JeremyRubin\u003e\n\nOn Mon, Jan 2, 2017 at 4:39 PM, Steve Davis via bitcoin-dev \u003c\nbitcoin-dev at lists.linuxfoundation.org\u003e wrote:\n\n\u003e Hi all,\n\u003e\n\u003e Suppose someone were to use the following pk_script:\n\u003e\n\u003e [op_2dup, op_2dup, op_2dup, op_2dup, op_2dup, ...(to limit)...,\n\u003e op_2dup, op_hash160, \u003caddr_hash\u003e, op_equalverify, op_checksig]\n\u003e\n\u003e This still seems to be valid AFAICS, and may be a potential attack vector?\n\u003e\n\u003e Thanks.\n\u003e\n\u003e\n\u003e _______________________________________________\n\u003e bitcoin-dev mailing list\n\u003e bitcoin-dev at lists.linuxfoundation.org\n\u003e https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev\n\u003e\n\u003e\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20170102/91e5e8d8/attachment.html\u003e",
"sig": "6e574267419f02ac0cbe4759c54cca14126a53d568e08836a283af85605077c96216937a591b0ec59cceb65c7c5d259c3a637671d33cd46fc7e3ce4b98a7a173"
}