Using the RPC method 'getrpcinfo', I can't seem to produce a parallel RPC evaluation, even though I am using 4 RPC threads.If anyone wants to reproduce, you can simulate asynchronous calls in Bash or another shell:bitcoin-cli getblockchaininfo &bitcoin-cli getrpcinfoThe output of the second command on my machine is:{"active_commands": [{"method": "getrpcinfo","duration": 58}],"logpath": "/home/zenulabidin/.bitcoin/debug.log"}
I see that there is a global work queue shared by all the threads from which they get the RPC request from: (https://github.com/bitcoin/bitcoin/blob/0f0e36de5f53f82d31416dc05a24d2885781ce57/src/httpserver.cpp#L70-L125)So as I understand it, the system doesn't actually make use of the JSON-RPC metadata such as id, but it's just distributing the work in the queue to different threads. So it is not possible to use the id to corrupt the work queue.However, what I did notice is that the internal evhttp_request variables can (theoretically) be edited to resolve to a different pointer in order to achieve the same effect, of receiving a different JSON reply. This would require some form of memory corruption bug to be found in Bitcoin Core that affects some global data structure that comes close enough before g_work_queue or the queue itself, so for linux-gcc on x86 platforms at least, any of these variables: (https://github.com/bitcoin/bitcoin/blob/0f0e36de5f53f82d31416dc05a24d2885781ce57/src/httpserver.cpp#L141-L147)But it would be more likely to cause a node crash than the intended result, I think.Obviously I'm not a security researcher but I do have a good grasp of C++, so just doing my due diligence to check what kind of attack vectors exist in my program's dependencies.---AliOn Sunday, April 7th, 2024 at 6:33 AM, hashnoncemessage <hashnonc...@proton.me> wrote:
As I understand it, the json rpc server responds directly to the (http) request initiated by the client.Request IDs are used for correlation of different requests from the same client.Core will not send your client’s response to a different client/connection.
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/a358aaac-62d5-4d30-a599-40c94da66c4fn%40googlegroups.com.