diff options
| author | Péter Szilágyi <peterke@gmail.com> | 2015-05-21 13:07:58 +0800 |
|---|---|---|
| committer | Péter Szilágyi <peterke@gmail.com> | 2015-05-21 13:07:58 +0800 |
| commit | e8b22b9253da400cc350dbc673d07789f93f57bc (patch) | |
| tree | 1adbaecbf50945f6bf913ceba8cbee2ad386068e /eth/downloader/downloader_test.go | |
| parent | 79042223dc5f2ae5d4a2ed73d18907440a963093 (diff) | |
| download | dexon-e8b22b9253da400cc350dbc673d07789f93f57bc.tar dexon-e8b22b9253da400cc350dbc673d07789f93f57bc.tar.gz dexon-e8b22b9253da400cc350dbc673d07789f93f57bc.tar.bz2 dexon-e8b22b9253da400cc350dbc673d07789f93f57bc.tar.lz dexon-e8b22b9253da400cc350dbc673d07789f93f57bc.tar.xz dexon-e8b22b9253da400cc350dbc673d07789f93f57bc.tar.zst dexon-e8b22b9253da400cc350dbc673d07789f93f57bc.zip | |
eth/downloader: prevent a peer from dripping bad hashes
Diffstat (limited to 'eth/downloader/downloader_test.go')
| -rw-r--r-- | eth/downloader/downloader_test.go | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/eth/downloader/downloader_test.go b/eth/downloader/downloader_test.go index 19d64ac67..8ed3289c6 100644 --- a/eth/downloader/downloader_test.go +++ b/eth/downloader/downloader_test.go @@ -53,6 +53,8 @@ type downloadTester struct { blocks map[common.Hash]*types.Block // Blocks associated with the hashes chain []common.Hash // Block-chain being constructed + maxHashFetch int // Overrides the maximum number of retrieved hashes + t *testing.T pcount int done chan bool @@ -133,8 +135,12 @@ func (dl *downloadTester) getBlock(hash common.Hash) *types.Block { // getHashes retrieves a batch of hashes for reconstructing the chain. func (dl *downloadTester) getHashes(head common.Hash) error { + limit := maxHashFetch + if dl.maxHashFetch > 0 { + limit = dl.maxHashFetch + } // Gather the next batch of hashes - hashes := make([]common.Hash, 0, maxHashFetch) + hashes := make([]common.Hash, 0, limit) for i, hash := range dl.hashes { if hash == head { i++ @@ -469,6 +475,23 @@ func TestMadeupHashChainAttack(t *testing.T) { } } +// Tests that if a malicious peer makes up a random hash chain, and tries to push +// indefinitely, one hash at a time, it actually gets caught with it. The reason +// this is separate from the classical made up chain attack is that sending hashes +// one by one prevents reliable block/parent verification. +func TestMadeupHashChainDrippingAttack(t *testing.T) { + // Create a random chain of hashes to drip + hashes := createHashes(0, 16*blockCacheLimit) + tester := newTester(t, hashes, nil) + + // Try and sync with the attacker, one hash at a time + tester.maxHashFetch = 1 + tester.newPeer("attack", big.NewInt(10000), hashes[0]) + if _, err := tester.syncTake("attack", hashes[0]); err != ErrStallingPeer { + t.Fatalf("synchronisation error mismatch: have %v, want %v", err, ErrStallingPeer) + } +} + // Tests that if a malicious peer makes up a random block chain, and tried to // push indefinitely, it actually gets caught with it. func TestMadeupBlockChainAttack(t *testing.T) { |