Bitcoin Forum
November 18, 2024, 07:13:32 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Warning: One or more bitcointalk.org users have reported that they believe that the creator of this topic displays some red flags which make them high-risk. (Login to see the detailed trust ratings.) While the bitcointalk.org administration does not verify such claims, you should proceed with extreme caution.
Pages: « 1 [2] 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 ... 65 »
  Print  
Author Topic: Nxt source code flaw reports  (Read 113375 times)
Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
January 03, 2014, 01:10:02 PM
 #21

Code:
(amount + fee) * 100L > account.unconfirmedBalance
That bug with overflow when (amount + fee) * 100L > int_max?

No, 100L tells that the result will be a 64-bit number.

Really? http://ideone.com/5zWQ0C

Perhaps u mean (amount + fee) part? amount and fee is checked above, they can't exceed 1'000'000'000.
BloodyRookie
Hero Member
*****
Offline Offline

Activity: 687
Merit: 500


View Profile
January 03, 2014, 01:26:34 PM
 #22

Original:
Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) {....}

Since the method can throw an unhandled Exceptions it should be

Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) throws Exception {...}

Nothing Else Matters
NEM: NALICE-LGU3IV-Y4DPJK-HYLSSV-YFFWYS-5QPLYE-ZDJJ
NXT: 11095639652683007953
Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
January 03, 2014, 01:28:45 PM
 #23

Original:
Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) {....}

Since the method can throw an unhandled Exceptions it should be

Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) throws Exception {...}


Which line can throw the exception?
EmoneyRu
Hero Member
*****
Offline Offline

Activity: 600
Merit: 500

Nxt-kit developer


View Profile
January 03, 2014, 01:31:03 PM
 #24

Perhaps u mean (amount + fee) part? amount and fee is checked above, they can't exceed 1'000'000'000.

There is no 1'000'000'000 comparison in case "sendMoney" block

Code:
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
...
if (userPasscode == null) { // false
...
 } else {
...
if (allowedUserHosts != null && !allowedUserHosts.contains(req.getRemoteHost())) // false
..
switch (req.getParameter("requestType"))
...
case "sendMoney": {
...
Peer.sendToAllPeers(peerRequest);
..

Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
January 03, 2014, 01:33:16 PM
 #25

Perhaps u mean (amount + fee) part? amount and fee is checked above, they can't exceed 1'000'000'000.

There is no 1'000'000'000 comparison in case "sendMoney" block

Code:
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
...
if (userPasscode == null) { // false
...
 } else {
...
if (allowedUserHosts != null && !allowedUserHosts.contains(req.getRemoteHost())) // false
..
switch (req.getParameter("requestType"))
...
case "sendMoney": {
...
Peer.sendToAllPeers(peerRequest);
..

No need to check for overflow coz the transaction will be validated by peers.
haigent
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
January 03, 2014, 01:35:37 PM
 #26

Nxt source code has been released - https://bitcointalk.org/index.php?topic=345619.msg4287127#msg4287127

The code contains 3 flaws - serious, critical and fatal. The 1st person who reports these flaws will get 1'000, 10'000 or 100'000 NXT reward accordingly.

Each flaw has a small description. Here r SHA256 hashes of these descriptions:

bd34c891e9e3df9ea8b8eafc4dc3edc129f81365d42bf204ea58271e320f3ce5 - 1K reward
888f278c773d39b8334a651d84ee78871bd0e5d45e09be8fdb190ba1b2969530 - 10K reward
f5236644f4306699bb0fa90a905afe2454683c0aad6995e4433d712e2fdb257c - 100K reward

The flaws must be reported before the 3rd of April, after that date they can be revealed at any moment.

If u think that u found a flaw, post here its description. Mathematical proof is not necessary, common sense should be enough. If ur guess is correct u may* get the reward, if u find a non-injected flaw then u'll be asked for more formal proof (u may get a reward too).

NB: Some guys mentioned that they would just decompile 0.4.7e binaries and compare the source codes to find the flaws. As a countermeasure against such the trick u still must explain why there is a flaw.

-------------
* - BCNext reserves the right to refuse to pay a reward without any explanation. This is an anti-troll countermeasure.


Three is only one file which is a 6812 lies Nxt.java.

 I must say I'm impressed(thinking of how high NXT cap is).

This whole thing is like a joke.


ImmortAlex
Hero Member
*****
Offline Offline

Activity: 784
Merit: 501


View Profile
January 03, 2014, 01:39:58 PM
 #27

Three is only one file which is a 6812 lies Nxt.java.
It is not a news for those who tries to decompile it since first version Smiley
BloodyRookie
Hero Member
*****
Offline Offline

Activity: 687
Merit: 500


View Profile
January 03, 2014, 01:42:26 PM
 #28

Original:
Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) {....}

Since the method can throw an unhandled Exceptions it should be

Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) throws Exception {...}


Which line can throw the exception?

Buffer operations like buffer.getInt(), get(byte[] dst) can throw exceptions.
Memory allocations can throw exception.

Nothing Else Matters
NEM: NALICE-LGU3IV-Y4DPJK-HYLSSV-YFFWYS-5QPLYE-ZDJJ
NXT: 11095639652683007953
ManuelJ
Newbie
*
Offline Offline

Activity: 12
Merit: 0


View Profile
January 03, 2014, 01:42:50 PM
 #29

6821 lines java class?. THAT is more than a fatal flaw.

Looking at the code is giving me a headache. Angry
exokk
Full Member
***
Offline Offline

Activity: 124
Merit: 100


View Profile
January 03, 2014, 01:49:06 PM
 #30

6821 lines java class?. THAT is more than a fatal flaw.

Looking at the code is giving me a headache. Angry

most lines are empty and for style reasons (single brackets etc). I thought it would be more tbh Wink

xibeijan
Legendary
*
Offline Offline

Activity: 1232
Merit: 1001


View Profile
January 03, 2014, 01:50:47 PM
 #31

I really don't care how many lines of code are spread over how many files.

This isn't a beauty contest.  There are plenty of open source projects with crap looking code, but they are successful because, at the end of the day, it works and it's clever.

Also, I know plenty of algorithmists who don't spend time on prettiness, but still write solid, correct, code.  Oh, and it does things a billion times better than other code, because they're good with algorithms and maths.

Notable projects 2019: Semux, Dero, Wagerr, BEAM
laowai80
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
January 03, 2014, 01:51:30 PM
 #32

I wonder how many lines the 0.1-alpha bitcoin code had Smiley

and if NXT was written in perl, it'd be a one liner Cheesy
ImmortAlex
Hero Member
*****
Offline Offline

Activity: 784
Merit: 501


View Profile
January 03, 2014, 01:52:35 PM
 #33

6821 lines java class?. THAT is more than a fatal flaw.

Looking at the code is giving me a headache. Angry
It's not a problem with any modern IDE. Just use code folding.
utopianfuture
Sr. Member
****
Offline Offline

Activity: 602
Merit: 268

Internet of Value


View Profile
January 03, 2014, 01:55:15 PM
 #34

I really don't care how many lines of code are spread over how many files.

This isn't a beauty contest.  There are plenty of open source projects with crap looking code, but they are successful because, at the end of the day, it works and it's clever.  For example, consider the OpenSSL source code.

Also, I know plenty of algorithmists who don't spend time on prettiness, but still write solid, correct, code.  Oh, and it does things a billion times better than other code, because they're good with algorithms and maths.

I remember about the reclusive mathematician who released pages upon pages of his handwriting about the the proof for the Fermat's theorem that shocks the world. Yes, it is not a beauty contest.
Could you take a look at the code and give some comments ?


░░░░░░▄▄▄████████▄▄▄
░░░░▄████████████████▄
░░▄███████████████████▄
███████████████████████
▐████████████████████████▌
█████████████████████████
█████████████████████████
█████████████████████████
▐██████████████████████▌
████████████████████████
░░▀████████████████████▀
░░░░▀████████████████▀
░░░░░░▀▀▀████████▀▀▀
  TomoChain  •    •  TomoChain 
░░░░░░▄▄▄████████▄▄▄
░░░░▄████████████████▄
░░▄███████████████████▄
███████████████████████
▐████████████████████████▌
█████████████████████████
█████████████████████████
█████████████████████████
▐██████████████████████▌
████████████████████████
░░▀████████████████████▀
░░░░▀████████████████▀
░░░░░░▀▀▀████████▀▀▀
Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
January 03, 2014, 01:57:19 PM
 #35

Original:
Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) {....}

Since the method can throw an unhandled Exceptions it should be

Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) throws Exception {...}


Which line can throw the exception?

Buffer operations like buffer.getInt(), get(byte[] dst) can throw exceptions.
Memory allocations can throw exception.


Ok. This is not an injected flaw though.
mcjavar
Hero Member
*****
Offline Offline

Activity: 784
Merit: 500


View Profile
January 03, 2014, 01:58:26 PM
 #36

Original:
Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) {....}

Since the method can throw an unhandled Exceptions it should be

Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) throws Exception {...}


Which line can throw the exception?

Buffer operations like buffer.getInt(), get(byte[] dst) can throw exceptions.
Memory allocations can throw exception.


Ok. This is not an injected flaw though.

But shouldn´t he get a bounty for pointig it out?
Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
January 03, 2014, 01:59:56 PM
 #37

But shouldn´t he get a bounty for pointig it out?

No. This code won't throw an exception coz buffer capacity is validated.
mcjavar
Hero Member
*****
Offline Offline

Activity: 784
Merit: 500


View Profile
January 03, 2014, 02:00:20 PM
 #38

But shouldn´t he get a bounty for pointig it out?

No. This code won't throw an exception coz buffer capacity is validated.

Ah, ok, I see.
getfun12345
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
January 03, 2014, 02:01:37 PM
 #39

Quote

         int amount = 0;
         for (long transactionId : Block.getLastBlock().transactions) {
            
            Transaction transaction = transactions.get(transactionId);
            if (transaction.recipient == id) {
               
               amount += transaction.amount;
               
            }
            
         }

         return (int)(balance / 100) - amount;


amount added the recieve coins, but didn't minus the coins send out.
EffectiveBalance can be a negative number.
Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
January 03, 2014, 02:05:52 PM
 #40

amount added the recieve coins, but didn't minus the coins send out.
EffectiveBalance can be a negative number.

No.

Edit: I can't explain why, coz I can leak info about a flaw accidentally, sorry.
Pages: « 1 [2] 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 ... 65 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!