Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-46359: Transactions fail to be committed · Issue #2124 · FISCO-BCOS/FISCO-BCOS

FISCO-BCOS release-3.0.0-rc2 contains a denial of service vulnerability. Some transactions may not be committed successfully, and malicious users may use this to achieve double-spending attacks.

CVE
Open in Source
#vulnerability#ubuntu#dos#js#git

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Transactions fail to be committed #2124

Open

fCorleone opened this issue

Jan 12, 2022

· 1 comment

Assignees

@cyjseagull

Comments

@fCorleone

Describe the bug
I use the testing programs to send 500000 transactions to a group with 4 nodes, it seems that over 100 of the transactions cannot be committed successfully.
wecom-temp-675e4c5843084c7034a92e2e2b2a83be

To Reproduce
Steps to reproduce the behavior:

  1. Setup a group with 4 nodes, each with a small size of tx pool.
  2. Constantly sending txs to the group
  3. The tx pool of some nodes are full and txs forwarded from other nodes are rejected
  4. If the tx pool of the leader node is empty and the txpool of less than f nodes are empty, the txs of non-leader node will not be handled, the bug will be triggered.

Expected behavior
All transactions should be commited successfully.

Environment (please complete the following information):

  • OS: Ubuntu 20.04
  • FISCO BCOS release-3.0.0-rc2

@fCorleone fCorleone changed the title Transactions fail to be committed and the consensus process is stuck Transactions fail to be committed

Jan 12, 2022

@cyjseagull

Bug analysis

  1. After the txppool is full, the current logic will reject the txs forwarded by other nodes from P2P, resulting in some txs only exist in less than f nodes
  2. As the stress test progresses, txs in the txpool with more than (2*f+1) nodes will be processed, causes the txpool of more than (2f+1) nodes are empty and less than (f) nodes are non-empty.
  3. If the subsequent consensus leader does not belong to the non-empty node combination, it will not seal and generate new block, resulting in some transactions not being processed.

Solution

Please refer to PR #2123

  • Even if the node txpool is full, accept txs forwarded from P2P by other nodes, ensure that txs received by some consensus node are broadcast to all other consensus nodes that may act as leaders

2 participants

@cyjseagull@fCorleone

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE