Commit Graph

577 Commits

Author SHA1 Message Date
moneromooo-monero 372754a66e
storages: overridable limits for loading portable_storage from binary 2021-01-07 20:24:29 +00:00
luigi1111 e144dd5b15
Merge pull request #7281
b9092dd epee: also limit number of strings in portable_storage (moneromooo-monero)
2021-01-06 21:11:09 -05:00
moneromooo-monero b9092ddb5c
epee: also limit number of strings in portable_storage
They require at least 24 bytes
2021-01-05 17:54:25 +00:00
Alexander Blair 7264d64856
Merge pull request #7263
b652d598d add a max levin packet size by command type (moneromooo-monero)
2021-01-03 18:23:57 -08:00
moneromooo-monero b652d598d1
add a max levin packet size by command type 2021-01-03 14:07:45 +00:00
moneromooo-monero 5cd6fda1ee
portable_storage: better sanity checking 2021-01-02 12:34:28 +00:00
Alexander Blair 16c780d568
Merge pull request #7250
61b6e4cc6 Add aggressive restrictions to pre-handshake p2p buffer limit (Lee Clagett)
2021-01-01 22:35:59 -08:00
Alexander Blair 175aa2497a
Merge pull request #7243
8e2caf3fb portable_storage: check object limit where appropriate (moneromooo)
2021-01-01 22:32:53 -08:00
Alexander Blair 5917aec4a1
Merge pull request #7220
20bdbd7aa portable_storage: forbid unnamed sections (xiphon)
2021-01-01 22:28:21 -08:00
moneromooo 8e2caf3fb4
portable_storage: check object limit where appropriate
also fix pedantic off by one in check
2020-12-31 22:35:17 +00:00
Alexander Blair 88b7bc394e
Merge pull request #7218
353f93ee1 portable_storage: remove array element limit (moneromooo-monero)
2020-12-29 10:44:05 -08:00
Alexander Blair d4636a9258
Merge pull request #7207
f7ab8bc6d ssl: buffered handshake detection (anon)
2020-12-29 10:43:50 -08:00
xiphon 20bdbd7aab portable_storage: forbid unnamed sections 2020-12-28 23:51:25 +00:00
moneromooo-monero 353f93ee1a
portable_storage: remove array element limit
some people don't want it
2020-12-28 21:04:58 +00:00
anon f7ab8bc6d4 ssl: buffered handshake detection 2020-12-28 14:25:37 +01:00
moneromooo-monero bc97eb8a33
portable_storage: remove overly aggressive cutoff 2020-12-27 12:44:38 +00:00
Alexander Blair 7438617bbf
Merge pull request #7192
95575cda6 epee: fix some issues using connections after shutdown (moneromooo-monero)
2020-12-26 13:44:10 -08:00
Alexander Blair bc9fce0d32
Merge pull request #7190
7f407c027 portable_storage: add some sanity checks on data size (moneromooo-monero)
2020-12-26 13:43:48 -08:00
Alexander Blair b9e444da5e
Merge pull request #7098
c0c75ac19 Fixed issues found by static analysis (SChernykh)
2020-12-26 13:36:01 -08:00
moneromooo-monero 95575cda6e
epee: fix some issues using connections after shutdown 2020-12-26 14:14:55 +00:00
moneromooo-monero 7f407c0274
portable_storage: add some sanity checks on data size
especially when allocated size is >> serialized data size
2020-12-26 03:22:59 +00:00
Lee Clagett 187b4d7521 Restrict duplicate keys in epee binary format 2020-12-20 03:47:32 +00:00
Lee Clagett 61b6e4cc67 Add aggressive restrictions to pre-handshake p2p buffer limit 2020-12-17 00:36:10 +00:00
Lee Clagett 4978f69d7a Fix byte_stream::put_n 2020-12-14 14:45:24 -05:00
Alexander Blair 1e9483a2d5
Merge pull request #7009
7414e2bac Change epee binary output from std::stringstream to byte_stream (Lee Clagett)
2020-12-10 17:34:50 -08:00
Alexander Blair 6bddd54f9d
Merge pull request #7003
08eb0949f Change to more efficient allocation strategy in byte_stream (Lee Clagett)
2020-12-10 17:33:50 -08:00
SChernykh c0c75ac19d Fixed issues found by static analysis
- rolling_median: tried to free uninitialized pointer in a constructor
- net_node.inl: erase-remove idiom was used incorrectly. remove_if doesn't actually remove elements, see http://cpp.sh/6fcjv
- bulletproofs.cc: call to sizeof() instead of vector.size(), luckily it only impacts performance and not code logic there
2020-12-08 18:43:44 +01:00
moneromooo-monero c5f6629f4a
epee: tighten the URL parsing regexp a little
fixes massive amounts of time spent on pathological inputs

Found by OSS-Fuzz
2020-11-09 13:05:39 +00:00
Lee Clagett 08eb0949f3 Change to more efficient allocation strategy in byte_stream 2020-10-13 15:10:54 +00:00
Lee Clagett 7414e2bac1 Change epee binary output from std::stringstream to byte_stream 2020-10-10 15:28:40 +00:00
Lee Clagett b641e0a2c0 Add clear method to byte_stream 2020-08-17 21:30:34 -04:00
Alexander Blair 43a4fd9e16
Merge pull request #6736
05ad4fa39 epee: further defending against exceptions in command handlers (moneromooo-monero)
2020-08-16 12:56:35 -07:00
Alexander Blair d73b1b6560
Merge pull request #6727
13eee1d6a rpc: reject wrong sized txid (moneromooo-monero)
92e6b7df2 easylogging++: fix crash with reentrant logging (moneromooo-monero)
6dd95d530 epee: guard against exceptions in RPC handlers (moneromooo-monero)
90016ad74 blockchain: guard against exceptions in add_new_block/children (moneromooo-monero)
2020-08-16 12:55:25 -07:00
Alexander Blair 7db379cc82
Merge pull request #6720
86abf558c epee: Remove unused functions in local_ip.h (Jean Pierre Dudey)
2020-08-16 12:54:17 -07:00
Alexander Blair 10ad0d7eb2
Merge pull request #6718
85efc88c1 Fix overflow issue in epee:misc_utils::rolling_median_t and median(), with unit test (koe)
2020-08-16 12:53:50 -07:00
Alexander Blair 01b512f3a9
Merge pull request #6716
76c16822d wallet2_api: implement runtime proxy configuration (xiphon)
2020-08-16 12:52:21 -07:00
moneromooo-monero 05ad4fa397
epee: further defending against exceptions in command handlers 2020-08-02 00:22:47 +00:00
moneromooo-monero 6dd95d5308
epee: guard against exceptions in RPC handlers 2020-07-30 22:52:12 +00:00
rbrunner7 fb31167b12 Wallet, daemon: From 'help_advanced' back to 'help', and new 'apropos' command 2020-07-24 07:12:11 +02:00
koe 85efc88c1e Fix overflow issue in epee:misc_utils::rolling_median_t and median(), with unit test 2020-07-23 03:36:05 -05:00
Jean Pierre Dudey 86abf558cb epee: Remove unused functions in local_ip.h
Signed-off-by: Jean Pierre Dudey <me@jeandudey.tech>
2020-07-22 19:06:01 -05:00
xiphon 76c16822d0 wallet2_api: implement runtime proxy configuration 2020-07-20 13:45:12 +00:00
Alexander Blair 3ba6c7fd30
Merge pull request #6516
8656a8c9f remove double includes (sumogr)
2020-07-19 03:34:28 -07:00
Alexander Blair a0d179e528
Merge pull request #6512
5ef0607da Update copyright year to 2020 (SomaticFanatic)
2020-07-19 03:32:59 -07:00
moneromooo-monero 3721d5688f epee: fix array underflow in unicode parsing
Reported by minerscan

Also independently found by OSS-Fuzz just recently
2020-06-21 18:22:16 +00:00
luigi1111 e27604ff10
Merge pull request #6539
85164a8 epee: use memwipe rather than memset for md5 secrets (moneromooo-monero)
2020-06-08 14:09:22 -05:00
Lee Clagett 7aeb503547 Fix boost <1.60 compilation and fix boost 1.73+ warnings 2020-05-31 21:18:11 -04:00
moneromooo-monero 85164a8daf
epee: use memwipe rather than memset for md5 secrets
That's used by HTTP auth now
2020-05-16 18:12:55 +00:00
selsta f35ced6d7f
build: fix boost 1.73 compatibility 2020-05-14 22:57:53 +02:00
sumogr 8656a8c9ff remove double includes 2020-05-11 13:53:17 +00:00