moneromooo-monero
bc09766bf9
abstract_tcp_server2: improve DoS resistance
5 years ago
moneromooo-monero
1387549e90
serialization: check stream good flag at the end
...
just in case
5 years ago
moneromooo-monero
a00cabd4f3
tree-hash: allocate variable memory on heap, not stack
...
Large amounts might run out of stack
Reported by guidov
5 years ago
moneromooo-monero
f215219252
cryptonote: throw on tx hash calculation error
5 years ago
moneromooo-monero
db2b9fba65
serialization: fail on read_varint error
5 years ago
moneromooo-monero
68ad548193
cryptonote_protocol: fix another potential P2P DoS
...
When asking for txes in a fluffy transaction, one might ask
for the same (large) tx many times
5 years ago
moneromooo-monero
1cc61018e5
cryptonote_protocol: expand basic DoS protection
...
Count transactions as well
5 years ago
anonimal
8f66b7053a
cryptonote_protocol_handler: prevent potential DoS
...
Essentially, one can send such a large amount of IDs that core exhausts
all free memory. This issue can theoretically be exploited using very
large CN blockchains, such as Monero.
This is a partial fix. Thanks and credit given to CryptoNote author
'cryptozoidberg' for collaboration and the fix. Also thanks to
'moneromooo'. Referencing HackerOne report #506595 .
5 years ago
moneromooo-monero
39169ace09
epee: basic sanity check on allocation size from untrusted source
...
Reported by guidov
5 years ago
luigi1111
7b3df89bd4
Merge pull request #5632
...
3a0fbea
Don't use -march=native (hyc)
f8b2f25
Allow parallel make (hyc)
01ced20
Delete redundant cppzmq dependency (hyc)
1dc4ebf
Use 9 digit build IDs (hyc)
5 years ago
luigi1111
a22bb544a3
Merge pull request #5552
...
c27d961
[depends] update openssl to 1.0.2r (who-biz)
5 years ago
Howard Chu
1dc4ebfd6c
Use 9 digit build IDs
5 years ago
Howard Chu
01ced20eca
Delete redundant cppzmq dependency
5 years ago
Howard Chu
f8b2f250b7
Allow parallel make
5 years ago
Howard Chu
3a0fbea1ff
Don't use -march=native
5 years ago
luigi1111
fd0cf689dd
Merge pull request #5619
...
f2f207d
miner: fix double free of thread attributes (ston1th)
5 years ago
luigi1111
9c0e9c40ec
Merge pull request #5618
...
b0a04f7
epee: fix SSL autodetect on reconnection (xiphon)
5 years ago
luigi1111
425e61ca6d
Merge pull request #5616
...
643c86a
miniupnpc: update to build on BSD (moneromooo-monero)
5 years ago
luigi1111
c48722caa9
Merge pull request #5613
...
2cbe756
p2p: fix GCC 9.1 crash (moneromooo-monero)
35c20c4
Fix GCC 9.1 build warnings (moneromooo-monero)
e284889
cmake: do not use -mmitigate-rop on GCC >= 9.1 (moneromooo-monero)
5 years ago
xiphon
b0a04f7d45
epee: fix SSL autodetect on reconnection
5 years ago
moneromooo-monero
e2848894c9
cmake: do not use -mmitigate-rop on GCC >= 9.1
...
It was removed, but it still accepted by the compiler, which warns
for every file
5 years ago
moneromooo-monero
35c20c4332
Fix GCC 9.1 build warnings
...
GCC wants operator= aand copy ctor to be both defined, or neither
5 years ago
ston1th
f2f207d635
miner: fix double free of thread attributes
...
issue: #5568
5 years ago
moneromooo-monero
643c86a62a
miniupnpc: update to build on BSD
5 years ago
moneromooo-monero
2cbe75661c
p2p: fix GCC 9.1 crash
5 years ago
Riccardo Spagni
51766d026b
Merge pull request #5583
...
77594c4f
functional_tests: fix python3 compatibility (moneromooo-monero)
5 years ago
Riccardo Spagni
62d32e955a
Merge pull request #5577
...
f950517a
core: update pruning if using --prune-blockchain on a pruned blockchain (moneromooo-monero)
5 years ago
Riccardo Spagni
7e417dd408
Merge pull request #5571
...
35da33be
blockchain: do not try to pop blocks down to the genesis block (moneromooo-monero)
4b51f9a3
core: do not commit half constructed batch db txn (moneromooo-monero)
5 years ago
Riccardo Spagni
14d3295649
Merge pull request #5561
...
9bfa4c20
Fix allow any cert mode in wallet rpc when configured over rpc (Lee Clagett)
3544596f
Add ssl_options support to monerod's rpc mode. (Lee Clagett)
c9aaccf3
Fix configuration bug; wallet2 --daemon-ssl-allow-any-cert now works. (Lee Clagett)
5 years ago
Riccardo Spagni
42e2ed31ae
Merge pull request #5558
...
4ac52e52
functional_tests: fix rare get_output_distribution failure (moneromooo-monero)
5 years ago
Riccardo Spagni
df20bcdac5
Merge pull request #5557
...
dbecfe7d
unit_tests: make the density test a bit less stringent (moneromooo-monero)
5 years ago
Riccardo Spagni
fccfc1aa25
Merge pull request #5555
...
b6830db2
Fix #5553 (Howard Chu)
5 years ago
moneromooo-monero
77594c4f4a
functional_tests: fix python3 compatibility
...
Also add missing bans test to the default tests
5 years ago
moneromooo-monero
f950517a08
core: update pruning if using --prune-blockchain on a pruned blockchain
...
Avoids a massive amount of spurious warnings if the last update before
the daemon exited was a while ago and the daemon was syncing
5 years ago
moneromooo-monero
35da33bea9
blockchain: do not try to pop blocks down to the genesis block
5 years ago
moneromooo-monero
4b51f9a34f
core: do not commit half constructed batch db txn
5 years ago
Lee Clagett
9bfa4c20ca
Fix allow any cert mode in wallet rpc when configured over rpc
5 years ago
Lee Clagett
3544596f9f
Add ssl_options support to monerod's rpc mode.
5 years ago
Lee Clagett
c9aaccf346
Fix configuration bug; wallet2 --daemon-ssl-allow-any-cert now works.
5 years ago
moneromooo-monero
4ac52e523d
functional_tests: fix rare get_output_distribution failure
...
When the wallet auto refreshes after mining the last two blocks
but before popping them, it will then try to use outputs which
are not unlocked yet. This is really a wallet problem, which
will be fixed later.
5 years ago
moneromooo-monero
dbecfe7d5d
unit_tests: make the density test a bit less stringent
...
It's an inherently random test
5 years ago
Howard Chu
b6830db2d4
Fix #5553
...
Make sure the tip hash still matches the cached block
5 years ago
who-biz
c27d96129e
[depends] update openssl to 1.0.2r
...
- This addresses https://www.openssl.org/news/secadv/20190226.txt (CVE: 2019-1559) which impacted all versions of openssl-1.0.
Note that this does not address CVE-2019-1543 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1543 ), which impacts all versions of openssl 1.1 through 1.1.0j and 1.1.1b.
The above (1.1) is patched in openssl, where it was marked as low severity. Similar issues possibly present in monero, should be looked into w.r.t. CVE-2019-1543.
5 years ago
Riccardo Spagni
5fbfa8a656
Merge pull request #5548
...
915f59e3
wallet: add unlock_time details to show_transfers (moneromooo-monero)
5 years ago
moneromooo-monero
915f59e3c0
wallet: add unlock_time details to show_transfers
...
also add a note when receiving the tx, because the user
might not notice the "XXX blocks to unlock" in the balance.
5 years ago
Riccardo Spagni
e8487fa46b
Merge pull request #5539
...
3f612cda
Changed odd bullet point to low level header (Rohaq)
af9bc4ec
Used subeaders to avoid slightly wonky looking formatting (Rohaq)
1873af35
Made code block usage consistent across all .md files (Rohaq)
68103075
Updated Copyright notice (Rohaq)
39bd157f
Added Table of Contents to main README.md (Rohaq)
5 years ago
Riccardo Spagni
5e80b3c3ef
Merge pull request #5535
...
e1016bce
password: do not use line input on windows (moneromooo-monero)
5 years ago
luigi1111
1607419e38
Merge pull request #5538
...
615f287
wallet: fix certificate fingerprint length check (moneromooo-monero)
5 years ago
luigi1111
eedf5106f5
Merge pull request #5532
...
46244dd
wallet_rpc_server: use original addresses in destinations in get_transfers (moneromooo-monero)
5 years ago
luigi1111
14723fc6e7
Merge pull request #5527
...
9a7a453
net_ssl: free certs after setting them up (moneromooo-monero)
5 years ago