< phantomcircuit> wump, the payment protocol appears to be exposing a very large attack surface, this glibc exploit being a prime example
< btcdrak> You mean wumpus I assume :-)
< Luke-Jr> phantomcircuit: indeed
< Luke-Jr> would be nice to somehow sandbox it
< Luke-Jr> but even moving it to another process may be useless
< phantomcircuit> btcdrak, i do, but his nick has changed for some reason
< Luke-Jr> at least we build with hardening options
< phantomcircuit> Luke-Jr, it seems like disabling it by default is necessary
< Luke-Jr> phantomcircuit: noooooooo then people will use addresses :<
< phantomcircuit> Luke-Jr, have you looked at the code?
< Luke-Jr> no
< phantomcircuit> it's attack surface alone is larger than the entire rest of bitcoin-qt
< Luke-Jr> of course it is
< phantomcircuit> all of openssl tls, all of protobufs
< Luke-Jr> that's inherent in doing secure connections with third parties
< phantomcircuit> protobufs machine generated code
< gmaxwell> "errors": "WARNING: abnormally high number of blocks generated, 191 blocks received in the last 4 hours (24 expected)"
< gmaxwell> ... syncing a brand new testnet node.
< warren> Hmm, I saw complaints about that warning on the forums lately. It might be buggy.
< gmaxwell> it has several issues; they're known. just irritates me.
< warren> I wonder if people ignore the warnings coming from the API because of false warnings.
< gmaxwell> basically I think the _only_ requirement for hurestic danger condition warnings is that they be effectively free of false positives.
< btcdrak> gmaxwell: is there any open issue about it?
< gmaxwell> yes
< Luke-Jr> dunno, I'd expect that on testnet regardles
< phantomcircuit> gmaxwell, the warning is actually correct on testnet, although not by anywhere near the margin in the error
< GitHub39> [bitcoin] fanquake opened pull request #7548: Correct duplicate names in release notes (0.12...fix-release-note-names) https://github.com/bitcoin/bitcoin/pull/7548
< Luke-Jr> wump: we should switch from a time-based release schedule to block height :D
< warren> Luke-Jr: miners get to choose the release schedule in addition to the rules!
< Luke-Jr> XD
< GitHub85> [bitcoin] laanwj pushed 2 new commits to 0.12: https://github.com/bitcoin/bitcoin/compare/b4662646352d...188ca9c305d3
< GitHub85> bitcoin/0.12 ea52530 fanquake: Fix duplicate names in release notes...
< GitHub159> [bitcoin] laanwj closed pull request #7548: Correct duplicate names in release notes (0.12...fix-release-note-names) https://github.com/bitcoin/bitcoin/pull/7548
< GitHub85> bitcoin/0.12 188ca9c Wladimir J. van der Laan: Merge #7548: Correct duplicate names in release notes...
< wumpus> phantomcircuit: yes, sandboxing that code would be nice. Although arguably, against libc exploits, no one stands a chance. If bitcoin-qt doesn't get exploited itself some other service or process will, and they'll pwn the box anyway.
< wumpus> I'm competely shocked that there is an exploitable vulnerability in DNS lookup in 2016, in the early days of the internet this wouldn't have been so surprising, but this really makes me sad. It fits in the category of 'winnuke' anno 1995.
< Luke-Jr> wumpus: I didn't read all the details, but from what I saw, it looked like a potential intentional exploit
< wumpus> well if this vulnerability was created intentionall ywith our taxpayer dollars that woud be sad^infinity, the human race is doomed
< gmaxwell> Luke-Jr: come on, it's not like there is some big attacker with global infrastructure specifically built to monitor and spoof/race DNS responses in real time-- that would be needed to really make the best use of this.
< Luke-Jr> gmaxwell: lol (that's sarcasm, right?)
< gmaxwell> right.
< wumpus> I can believe in stupidity, but such level of malice...
< Luke-Jr> hm, ttyl I guess :|
< Luke-Jr> [09:29:25] [Notice] -kloeri- [Global Notice] It's upgrade all the things day which also means lots of reboots. This will unfortunately be quite noisy. Remember connecting to chat.freenode.net, stay calm and don't panic!
< wumpus> later
< Luke-Jr> fwiw here's the Gentoo bug: https://bugs.gentoo.org/show_bug.cgi?id=574880
< Luke-Jr> wumpus: AIUI, basically they allocated the buffer correctly, but "forgot" to set the old pointer var to the new buffer, while using the newly allocated buffer's size still
< wumpus> Luke-Jr: that would be problematic on the heap, but with alloca doubly so, as stack overflows are much easier to exploit
< Luke-Jr> there was also something removed by the patch that explicitly disabled GCC warnings about something too, not sure if related
< Luke-Jr> actually, I think that's on the Gentoo side of the merge, nm
< wumpus> at least stack canaries should be some help, given that there's not some convenient heartbleed-like leak somewhere, or a convenient variable to overwrite on the stack before the canary; after all, alloca() by necessity gets allocated *before* the rest of the stack frame so it can overwrite anything else on it
< gmaxwell> the problem is that honest mistakes tend to look more suspicious than bugdoors.
< Luke-Jr> gmaxwell: that's a good point
< gmaxwell> because a mistake is a roll of dice, you didn't intend to make it-- so if it's suspicious looking or not is pure chance... while a bugdoor is intentional and can be carefully crafted to look accidental.
< gmaxwell> Luke-Jr: gentoo has updated ebuilds but they're still masked. 2.21-r2 and 2.22-r2
< wumpus> yes, that's true
< randy-waterhouse> more like a welcome mat than a bugdoor
< GitHub5> [bitcoin] ptschip opened pull request #7549: Fix for locking issue and compile warning (master...BUIP010_pt3) https://github.com/bitcoin/bitcoin/pull/7549
< GitHub100> [bitcoin] ptschip closed pull request #7549: Fix for locking issue and compile warning (master...BUIP010_pt3) https://github.com/bitcoin/bitcoin/pull/7549
< GitHub33> [bitcoin] laanwj opened pull request #7550: rpc: Input-from-stdin mode for bitcoin-cli (master...2016_02_cli_stdin2) https://github.com/bitcoin/bitcoin/pull/7550
< GitHub144> [bitcoin] pedrobranco opened pull request #7551: Add importmulti RPC call (master...feature/rpc-import-multi) https://github.com/bitcoin/bitcoin/pull/7551
< GitHub6> [bitcoin] laanwj opened pull request #7552: rpc: Add `verifyrawtransactions` call (master...2016_02_verifytransaction) https://github.com/bitcoin/bitcoin/pull/7552
< AndreySamohvalov> Hi!
< btcdrak> hi