[OTR-dev] Possible infinate loop flaw in CVS

Alex alex323 at gmail.com
Sat Nov 5 23:14:08 EST 2005


Alex and Bob are talking on a secure channel. Alex has OTR version 2.
Bob is using version 1. Both Alex and Bob have OPPORTUNISTIC set. The
following message is sent to Bob from Alex:

(23:05:21) *Alex:* Anyway, OTRv2 has been released to CVS.

The following messages are flooded back and fourth, causing an infinate
loop (notice timestamps):

(23:05:21) *OTR Error: You transmitted a malformed data message*
(23:05:22) *Successfully refreshed the private conversation with Bob.
Warning: using old protocol version 1.*
(23:05:22) *Successfully refreshed the private conversation with Bob.
Warning: using old protocol version 1.*
(23:05:22) *The last message to Bob was resent.*
(23:05:22) *OTR Error: You transmitted a malformed data message*
(23:05:22) *Successfully refreshed the private conversation with Bob.
Warning: using old protocol version 1.*
(23:05:22) *The last message to Bob was resent.*
(23:05:22) *OTR Error: You transmitted a malformed data message*
(23:05:22) *Successfully refreshed the private conversation with Bob.
Warning: using old protocol version 1.*
(23:05:23) *Successfully refreshed the private conversation with Bob.
Warning: using old protocol version 1.*
(23:05:23) *The last message to Bob was resent.*
(23:05:23) *OTR Error: You transmitted a malformed data message*
(23:05:23) *Successfully refreshed the private conversation with Bob.
Warning: using old protocol version 1.*
(23:05:23) *OTR Error: You transmitted a malformed data message*
(23:05:23) *OTR Error: You transmitted a malformed data message*
(23:05:23) *Successfully refreshed the private conversation with Bob.
Warning: using old protocol version 1.*
(23:05:23) *The last message to Bob was resent.*
(23:05:23) *Successfully refreshed the private conversation with Bob.
Warning: using old protocol version 1.*
(23:05:23) *Successfully refreshed the private conversation with Bob.
Warning: using old protocol version 1.*
(23:05:23) *Successfully refreshed the private conversation with Bob.
Warning: using old protocol version 1.

*At this point, I am throttled by the AIM servers (rate limiting error).

Just thought you'd like to know.

 - Alex
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20051105/0ffa3d7c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 827 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20051105/0ffa3d7c/attachment.pgp>


More information about the OTR-dev mailing list