Pages:
Author

Topic: Nxt source code flaw reports - page 64. (Read 113369 times)

legendary
Activity: 2142
Merit: 1010
Newbie
January 03, 2014, 09:05:52 AM
#40
amount added the recieve coins, but didn't minus the coins send out.
EffectiveBalance can be a negative number.

No.

Edit: I can't explain why, coz I can leak info about a flaw accidentally, sorry.
newbie
Activity: 42
Merit: 0
January 03, 2014, 09:01:37 AM
#39
Quote

         int amount = 0;
         for (long transactionId : Block.getLastBlock().transactions) {
            
            Transaction transaction = transactions.get(transactionId);
            if (transaction.recipient == id) {
               
               amount += transaction.amount;
               
            }
            
         }

         return (int)(balance / 100) - amount;


amount added the recieve coins, but didn't minus the coins send out.
EffectiveBalance can be a negative number.
hero member
Activity: 784
Merit: 500
January 03, 2014, 09:00:20 AM
#38
But shouldn´t he get a bounty for pointig it out?

No. This code won't throw an exception coz buffer capacity is validated.

Ah, ok, I see.
legendary
Activity: 2142
Merit: 1010
Newbie
January 03, 2014, 08:59:56 AM
#37
But shouldn´t he get a bounty for pointig it out?

No. This code won't throw an exception coz buffer capacity is validated.
hero member
Activity: 784
Merit: 500
January 03, 2014, 08:58:26 AM
#36
Original:
Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) {....}

Since the method can throw an unhandled Exceptions it should be

Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) throws Exception {...}


Which line can throw the exception?

Buffer operations like buffer.getInt(), get(byte[] dst) can throw exceptions.
Memory allocations can throw exception.


Ok. This is not an injected flaw though.

But shouldn´t he get a bounty for pointig it out?
legendary
Activity: 2142
Merit: 1010
Newbie
January 03, 2014, 08:57:19 AM
#35
Original:
Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) {....}

Since the method can throw an unhandled Exceptions it should be

Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) throws Exception {...}


Which line can throw the exception?

Buffer operations like buffer.getInt(), get(byte[] dst) can throw exceptions.
Memory allocations can throw exception.


Ok. This is not an injected flaw though.
sr. member
Activity: 602
Merit: 268
Internet of Value
January 03, 2014, 08:55:15 AM
#34
I really don't care how many lines of code are spread over how many files.

This isn't a beauty contest.  There are plenty of open source projects with crap looking code, but they are successful because, at the end of the day, it works and it's clever.  For example, consider the OpenSSL source code.

Also, I know plenty of algorithmists who don't spend time on prettiness, but still write solid, correct, code.  Oh, and it does things a billion times better than other code, because they're good with algorithms and maths.

I remember about the reclusive mathematician who released pages upon pages of his handwriting about the the proof for the Fermat's theorem that shocks the world. Yes, it is not a beauty contest.
Could you take a look at the code and give some comments ?
hero member
Activity: 784
Merit: 501
January 03, 2014, 08:52:35 AM
#33
6821 lines java class?. THAT is more than a fatal flaw.

Looking at the code is giving me a headache. Angry
It's not a problem with any modern IDE. Just use code folding.
member
Activity: 98
Merit: 10
January 03, 2014, 08:51:30 AM
#32
I wonder how many lines the 0.1-alpha bitcoin code had Smiley

and if NXT was written in perl, it'd be a one liner Cheesy
legendary
Activity: 1232
Merit: 1001
January 03, 2014, 08:50:47 AM
#31
I really don't care how many lines of code are spread over how many files.

This isn't a beauty contest.  There are plenty of open source projects with crap looking code, but they are successful because, at the end of the day, it works and it's clever.

Also, I know plenty of algorithmists who don't spend time on prettiness, but still write solid, correct, code.  Oh, and it does things a billion times better than other code, because they're good with algorithms and maths.
full member
Activity: 124
Merit: 100
January 03, 2014, 08:49:06 AM
#30
6821 lines java class?. THAT is more than a fatal flaw.

Looking at the code is giving me a headache. Angry

most lines are empty and for style reasons (single brackets etc). I thought it would be more tbh Wink
newbie
Activity: 12
Merit: 0
January 03, 2014, 08:42:50 AM
#29
6821 lines java class?. THAT is more than a fatal flaw.

Looking at the code is giving me a headache. Angry
hero member
Activity: 687
Merit: 500
January 03, 2014, 08:42:26 AM
#28
Original:
Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) {....}

Since the method can throw an unhandled Exceptions it should be

Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) throws Exception {...}


Which line can throw the exception?

Buffer operations like buffer.getInt(), get(byte[] dst) can throw exceptions.
Memory allocations can throw exception.
hero member
Activity: 784
Merit: 501
January 03, 2014, 08:39:58 AM
#27
Three is only one file which is a 6812 lies Nxt.java.
It is not a news for those who tries to decompile it since first version Smiley
newbie
Activity: 24
Merit: 0
January 03, 2014, 08:35:37 AM
#26
Nxt source code has been released - https://bitcointalksearch.org/topic/m.4287127

The code contains 3 flaws - serious, critical and fatal. The 1st person who reports these flaws will get 1'000, 10'000 or 100'000 NXT reward accordingly.

Each flaw has a small description. Here r SHA256 hashes of these descriptions:

bd34c891e9e3df9ea8b8eafc4dc3edc129f81365d42bf204ea58271e320f3ce5 - 1K reward
888f278c773d39b8334a651d84ee78871bd0e5d45e09be8fdb190ba1b2969530 - 10K reward
f5236644f4306699bb0fa90a905afe2454683c0aad6995e4433d712e2fdb257c - 100K reward

The flaws must be reported before the 3rd of April, after that date they can be revealed at any moment.

If u think that u found a flaw, post here its description. Mathematical proof is not necessary, common sense should be enough. If ur guess is correct u may* get the reward, if u find a non-injected flaw then u'll be asked for more formal proof (u may get a reward too).

NB: Some guys mentioned that they would just decompile 0.4.7e binaries and compare the source codes to find the flaws. As a countermeasure against such the trick u still must explain why there is a flaw.

-------------
* - BCNext reserves the right to refuse to pay a reward without any explanation. This is an anti-troll countermeasure.


Three is only one file which is a 6812 lies Nxt.java.

 I must say I'm impressed(thinking of how high NXT cap is).

This whole thing is like a joke.


legendary
Activity: 2142
Merit: 1010
Newbie
January 03, 2014, 08:33:16 AM
#25
Perhaps u mean (amount + fee) part? amount and fee is checked above, they can't exceed 1'000'000'000.

There is no 1'000'000'000 comparison in case "sendMoney" block

Code:
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
...
if (userPasscode == null) { // false
...
 } else {
...
if (allowedUserHosts != null && !allowedUserHosts.contains(req.getRemoteHost())) // false
..
switch (req.getParameter("requestType"))
...
case "sendMoney": {
...
Peer.sendToAllPeers(peerRequest);
..

No need to check for overflow coz the transaction will be validated by peers.
hero member
Activity: 600
Merit: 500
Nxt-kit developer
January 03, 2014, 08:31:03 AM
#24
Perhaps u mean (amount + fee) part? amount and fee is checked above, they can't exceed 1'000'000'000.

There is no 1'000'000'000 comparison in case "sendMoney" block

Code:
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
...
if (userPasscode == null) { // false
...
 } else {
...
if (allowedUserHosts != null && !allowedUserHosts.contains(req.getRemoteHost())) // false
..
switch (req.getParameter("requestType"))
...
case "sendMoney": {
...
Peer.sendToAllPeers(peerRequest);
..
legendary
Activity: 2142
Merit: 1010
Newbie
January 03, 2014, 08:28:45 AM
#23
Original:
Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) {....}

Since the method can throw an unhandled Exceptions it should be

Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) throws Exception {...}


Which line can throw the exception?
hero member
Activity: 687
Merit: 500
January 03, 2014, 08:26:34 AM
#22
Original:
Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) {....}

Since the method can throw an unhandled Exceptions it should be

Code:
static boolean pushBlock(ByteBuffer buffer, boolean savingFlag) throws Exception {...}
legendary
Activity: 2142
Merit: 1010
Newbie
January 03, 2014, 08:10:02 AM
#21
Code:
(amount + fee) * 100L > account.unconfirmedBalance
That bug with overflow when (amount + fee) * 100L > int_max?

No, 100L tells that the result will be a 64-bit number.

Really? http://ideone.com/5zWQ0C

Perhaps u mean (amount + fee) part? amount and fee is checked above, they can't exceed 1'000'000'000.
Pages:
Jump to: