Issue 29: Active adversaries and garbage collection - VIFF Issue Tracker

Title	Active adversaries and garbage collection
Type	bug	Status	chatting
Importance	30.0
Superseder		Nosy List	mg, mk
Assigned To		Keywords	active-security

Created on 2008-04-01.14:15:04 by mg, last changed 2008-09-23.17:50:47 by mg.

Messages
msg215 (view)	Author: mg	Date: 2008-09-23.17:46:31
This is a potential security bug -- it can lead to denial of service attacks.
msg59 (view)	Author: mg	Date: 2008-04-01.14:15:04
As discussed in Issue 25, we have a problem when malicious players wont send us their shares: the incoming_data dictionaries will keep holding on to the Deferreds that has been created in expectation of the shares needed. In most cases we will be able to detect when we have moved on and when the Deferreds can be deleted. An unexpect_data method could be called to delete the data in that case. But if a player sends us data out of the blue, then what to do? We must be able to distinguish junk data from legitimete data, but currrently we just collect the data and store it away in one of the incoming_data dictionaries. That makes for a simple DOS attack...

History
Date	User	Action	Args
2008-09-23 17:50:47	mg	set	importance: 30.0
2008-09-23 17:46:31	mg	set	status: unread -> chatting type: feature -> bug messages: + msg215
2008-09-23 16:21:40	tpj	set	type: feature
2008-04-01 15:59:55	mk	set	nosy: + mk
2008-04-01 14:21:32	mg	set	title: Garbage collect in presence of active adversaries -> Active adversaries and garbage collection
2008-04-01 14:17:24	mg	set	priority: None keyword: + active-security
2008-04-01 14:15:04	mg	create
Note:
The indicated property no longer exists