đź“… Original date posted:2015-12-02
đź“ť Original message:Hi Pavel,
(my earlier email was moderated, so the list can only see it via your
reply),
Yes, an attacker could try and send malicious data to take advantage of
a compression library vulnerability... but is it that much worse than
existing attack vectors which might also result in denial of service,
crashes, remote execution?
Peter, perhaps your BIP can look at possible ways to isolate the
decompression phase, such as having incoming compressed blocks be saved
to a quarantine folder and an external process/daemon decompress and
verify the block's hash?
Regards,
Simon
On 12/01/2015 10:47 PM, Pavel JanĂk wrote:
>
>> On 02 Dec 2015, at 00:44, Simon Liu <simon at bitcartel.com> wrote:
>>
>> Hi Matt/Pavel,
>>
>> Why is it scary/undesirable? Thanks.
>
> Select your preferable compression library and google for it with +CVE.
>
> E.g. in zlib:
>
> http://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-1820/GNU-Zlib.html
>
> …allows remote attackers to cause a denial of service (crash) via a crafted compressed stream…
> …allows remote attackers to cause a denial of service (application crash)…
> etc.
>
> Do you want to expose such lib to the potential attacker?
> --
> Pavel JanĂk
>
>
>
>
Simon Liu [ARCHIVE] /
npub1a3…r6s85
2023-06-07 17:45:28
in reply to nevent1q…9ecz
Author Public Key
npub1a3zpmn53lhv8jv7vjg3daletu2e6e9ce88737ga2r7dkr7yc7dss7r6s85Seen on
wss://relay.nostr.bandPublished at
2023-06-07 17:45:28Event JSON
{
"id": "489915d94817c8d82b31868a47e789d77847bd4a7f0af1130f2b80c359d59f42",
"pubkey": "ec441dce91fdd87933cc9222deff2be2b3ac971939fd1f23aa1f9b61f898f361",
"created_at": 1686159928,
"kind": 1,
"tags": [
[
"e",
"66e2fed0b01e52e71a1dd6b42fe6a9fda1f0a599c3d79a1ed608f15fbb8c1ad3",
"",
"root"
],
[
"e",
"967b741350e5dff0b5429f82c16819ed64e7926b66891f79c55be083ce58e853",
"",
"reply"
],
[
"p",
"d2fc92ecd9d7550ff504a6cac34209a57de565581b702092d5c17d367f2bcbae"
]
],
"content": "đź“… Original date posted:2015-12-02\nđź“ť Original message:Hi Pavel,\n\n(my earlier email was moderated, so the list can only see it via your\nreply),\n\nYes, an attacker could try and send malicious data to take advantage of\na compression library vulnerability... but is it that much worse than\nexisting attack vectors which might also result in denial of service,\ncrashes, remote execution?\n\nPeter, perhaps your BIP can look at possible ways to isolate the\ndecompression phase, such as having incoming compressed blocks be saved\nto a quarantine folder and an external process/daemon decompress and\nverify the block's hash?\n\nRegards,\nSimon\n\n\nOn 12/01/2015 10:47 PM, Pavel JanĂk wrote:\n\u003e \n\u003e\u003e On 02 Dec 2015, at 00:44, Simon Liu \u003csimon at bitcartel.com\u003e wrote:\n\u003e\u003e\n\u003e\u003e Hi Matt/Pavel,\n\u003e\u003e\n\u003e\u003e Why is it scary/undesirable? Thanks.\n\u003e \n\u003e Select your preferable compression library and google for it with +CVE.\n\u003e \n\u003e E.g. in zlib:\n\u003e \n\u003e http://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-1820/GNU-Zlib.html\n\u003e \n\u003e …allows remote attackers to cause a denial of service (crash) via a crafted compressed stream…\n\u003e …allows remote attackers to cause a denial of service (application crash)…\n\u003e etc.\n\u003e \n\u003e Do you want to expose such lib to the potential attacker?\n\u003e -- \n\u003e Pavel JanĂk\n\u003e \n\u003e \n\u003e \n\u003e",
"sig": "1851832149d368e296651424d03f04b394e24ee2f9a773f89c724cdc519714702faf4a06f8ef624298fd9af16242a875ef942b0ede3d20648c8fa940ed119cd7"
}