Harden RTM template parsing to prevent DoS on malformed/unbounded tx data by MoneroOcean · Pull Request #25 · MoneroOcean/node-blocktemplate

MoneroOcean · 2026-05-29T17:22:55Z

Prevent availability attacks where a malicious or compromised RTM daemon can supply an unbounded or malformed transaction list that forces large allocations, synchronous parsing, extensive per-transaction logging, or uncaught exceptions in the single-threaded Node process.
Restore bounds and defensive checks to the RTM merkle recomputation path so daemon-supplied template data cannot trigger excessive work or crash the pool.

Add a hard cap MAX_TEMPLATE_TRANSACTIONS = 5000 and validate the decoded transaction count, rejecting counts outside the allowed range.
Validate transaction offsets against blob_in.length and throw on out-of-range offsets to avoid reading past the buffer.
Wrap rtm.readTransaction in try/catch and validate the returned parsed.offset to ensure parsed sizes are sane before advancing.
Guard public RTM entrypoints convertRtmBlob and constructNewRtmBlob with try/catch around update_merkle_root_hash so malformed daemon templates do not crash the process while preserving return shapes.

Harden RTM merkle parsing against malformed templates

268cb7c

MoneroOcean added aardvark codex labels May 29, 2026 — with ChatGPT Codex Connector

MoneroOcean added aardvark codex labels May 29, 2026

MoneroOcean merged commit 496cf10 into master May 29, 2026
3 checks passed

MoneroOcean deleted the codex/propose-fix-for-rtm-transaction-parsing-dos branch May 29, 2026 18:08

Provide feedback