Follow

Looking for the code fix for this bug (CVE-2010-5141), but can't find version 0.3.5 which is stated to be the version with the fix.

What commit represents 0.3.5?

There's no tag for it, nor are there any traces of that version in the history of setup.nsi or serialize.h.

en.bitcoin.it/wiki/Common_Vuln

@kalle also the version was bumped straight from v0.3.3 to v0.3.6 and there's a giant consensus change in the v0.3.6 tagged commit a75560d828464c3f1138f52cf247e956fc8f937d.

Also: I'm really happy I was not a code reviewer back then. These commits change things all over the place, would never get merged these days :-)

@kalle this should make the diff slightly less unreadable:
git show --color-moved --color-moved-ws=allow-indentation-change a75560d828464c3f1138f52cf247e956fc8f937d

@kalle Github desktop, with whitespace ignored, does a descent job too.

This single commit:
* limits script size to 20.000, stack to 1000
* returns false if an exception is thrown (rather than crash?)
* adds the OP_NOP future softfork codes
* disables OP_VER((NOT)IF)
* adds a failure case to OP_VERIFY, OP_CHECKSIGVERIFY, OP_RSHIFT
* makes OP_RETURN stop processing

Those last 3 sound like vulnerability fixes, especially OP_RETURN.

* enforces nMaxNumSize
* prevents OP_(L/R)SHIFT overflow

@kalle I guess I was talking into a void the whole time because I misconfigured my Mastodon instance. Can you see the above thread now?

@sjors Sorry for late response. YES, I can see the above now. Thanks for the input!

This is what I gathered from my own and others' investigations: github.com/kallerosenbaum/btcp

As stated there, 0.3.5 was a BINARY ONLY release that didn't even work. Then he committed 0.3.6 that did work.

Sign in to participate in the conversation
Bitcoin Mastodon

Bitcoin Maston Instance