< GitHub85>
bitcoin/0.12 188ca9c Wladimir J. van der Laan: Merge #7548: Correct duplicate names in release notes...
< wumpus>
phantomcircuit: yes, sandboxing that code would be nice. Although arguably, against libc exploits, no one stands a chance. If bitcoin-qt doesn't get exploited itself some other service or process will, and they'll pwn the box anyway.
< wumpus>
I'm competely shocked that there is an exploitable vulnerability in DNS lookup in 2016, in the early days of the internet this wouldn't have been so surprising, but this really makes me sad. It fits in the category of 'winnuke' anno 1995.
< Luke-Jr>
wumpus: I didn't read all the details, but from what I saw, it looked like a potential intentional exploit
< wumpus>
well if this vulnerability was created intentionall ywith our taxpayer dollars that woud be sad^infinity, the human race is doomed
< gmaxwell>
Luke-Jr: come on, it's not like there is some big attacker with global infrastructure specifically built to monitor and spoof/race DNS responses in real time-- that would be needed to really make the best use of this.
< Luke-Jr>
gmaxwell: lol (that's sarcasm, right?)
< gmaxwell>
right.
< wumpus>
I can believe in stupidity, but such level of malice...
< Luke-Jr>
hm, ttyl I guess :|
< Luke-Jr>
[09:29:25] [Notice] -kloeri- [Global Notice] It's upgrade all the things day which also means lots of reboots. This will unfortunately be quite noisy. Remember connecting to chat.freenode.net, stay calm and don't panic!
< Luke-Jr>
wumpus: AIUI, basically they allocated the buffer correctly, but "forgot" to set the old pointer var to the new buffer, while using the newly allocated buffer's size still
< wumpus>
Luke-Jr: that would be problematic on the heap, but with alloca doubly so, as stack overflows are much easier to exploit
< Luke-Jr>
there was also something removed by the patch that explicitly disabled GCC warnings about something too, not sure if related
< Luke-Jr>
actually, I think that's on the Gentoo side of the merge, nm
< wumpus>
at least stack canaries should be some help, given that there's not some convenient heartbleed-like leak somewhere, or a convenient variable to overwrite on the stack before the canary; after all, alloca() by necessity gets allocated *before* the rest of the stack frame so it can overwrite anything else on it
< gmaxwell>
the problem is that honest mistakes tend to look more suspicious than bugdoors.
< Luke-Jr>
gmaxwell: that's a good point
< gmaxwell>
because a mistake is a roll of dice, you didn't intend to make it-- so if it's suspicious looking or not is pure chance... while a bugdoor is intentional and can be carefully crafted to look accidental.
< gmaxwell>
Luke-Jr: gentoo has updated ebuilds but they're still masked. 2.21-r2 and 2.22-r2
< wumpus>
yes, that's true
< randy-waterhouse>
more like a welcome mat than a bugdoor