Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix V-DOGE-VUL-005 & V-DOGE-VUL-006 #39

Merged
merged 5 commits into from
May 19, 2022
Merged

Fix V-DOGE-VUL-005 & V-DOGE-VUL-006 #39

merged 5 commits into from
May 19, 2022

Conversation

DarianShawn
Copy link
Collaborator

Description

A malicious node could respond a maliciously-crafted header response to all its peers, which conduct a denial of service attack to bring down nodes in the network. The PR do reject all blocks from it when receiving nil header data.

Changes include

  • Bugfix (non-breaking change that solves an issue)
  • Hotfix (change that solves an urgent issue, and requires immediate attention)
  • New feature (non-breaking change that adds functionality)
  • Breaking change (change that is not backwards-compatible and/or changes current functionality)

Checklist

  • I have assigned this PR to myself
  • I have added at least 1 reviewer
  • I have added the relevant labels
  • I have updated the official documentation
  • I have added sufficient documentation in code

Testing

  • I have tested this code with the official test suite
  • I have tested this code manually

@DarianShawn DarianShawn added the hotfix Major bug fix that should be merged ASAP label May 16, 2022
@DarianShawn DarianShawn self-assigned this May 16, 2022
@DarianShawn DarianShawn changed the title Fix V-DOGE-VUL-005 Fix V-DOGE-VUL-005 & V-DOGE-VUL-006 May 16, 2022
abrahamcruise321
abrahamcruise321 reviewed May 18, 2022
View reviewed changes
Copy link
Collaborator

@abrahamcruise321 abrahamcruise321 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

update, pls

protocol/skeleton.go Show resolved Hide resolved
protocol/syncer.go Show resolved Hide resolved
DarianShawn
DarianShawn commented May 18, 2022
View reviewed changes
Copy link
Collaborator Author

@DarianShawn DarianShawn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the suggestion, which I wrote the feedback.

protocol/skeleton.go Show resolved Hide resolved
protocol/syncer.go Show resolved Hide resolved
abrahamcruise321
abrahamcruise321 approved these changes May 19, 2022
View reviewed changes
Copy link
Collaborator

@abrahamcruise321 abrahamcruise321 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok

@abrahamcruise321 abrahamcruise321 merged commit 3c8a86f into dev May 19, 2022
@github-actions github-actions bot locked and limited conversation to collaborators May 19, 2022
@DarianShawn DarianShawn deleted the fix/V-DOGE-VUL-005 branch May 19, 2022 08:33
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@abrahamcruise321 abrahamcruise321 abrahamcruise321 approved these changes

Assignees

@DarianShawn DarianShawn

Labels
hotfix Major bug fix that should be merged ASAP
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DarianShawn @abrahamcruise321