diff options
author | Martin Holst Swende <martin@swende.se> | 2019-07-08 17:42:22 +0800 |
---|---|---|
committer | Felix Lange <fjl@twurst.com> | 2019-07-08 17:42:22 +0800 |
commit | cdfe9a3a2a257dcd2506e9a0eaf3bf3b0986c43a (patch) | |
tree | a6889c88919d76f825514c2cecc789fc6f62a39d /les/handler.go | |
parent | 5bc9ccfa0af6e2892c1f40689dfb90a056ba81d6 (diff) | |
download | go-tangerine-cdfe9a3a2a257dcd2506e9a0eaf3bf3b0986c43a.tar go-tangerine-cdfe9a3a2a257dcd2506e9a0eaf3bf3b0986c43a.tar.gz go-tangerine-cdfe9a3a2a257dcd2506e9a0eaf3bf3b0986c43a.tar.bz2 go-tangerine-cdfe9a3a2a257dcd2506e9a0eaf3bf3b0986c43a.tar.lz go-tangerine-cdfe9a3a2a257dcd2506e9a0eaf3bf3b0986c43a.tar.xz go-tangerine-cdfe9a3a2a257dcd2506e9a0eaf3bf3b0986c43a.tar.zst go-tangerine-cdfe9a3a2a257dcd2506e9a0eaf3bf3b0986c43a.zip |
eth, les: add sanity checks for unbounded block fields (#19573)
This PR adds some hardening in the lower levels of the protocol stack, to bail early on invalid data. Primarily, attacks that this PR protects against are on the "annoyance"-level, which would otherwise write a couple of megabytes of data into the log output, which is a bit resource intensive.
Diffstat (limited to 'les/handler.go')
-rw-r--r-- | les/handler.go | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/les/handler.go b/les/handler.go index d9d07f014..ea2ec3324 100644 --- a/les/handler.go +++ b/les/handler.go @@ -442,7 +442,9 @@ func (pm *ProtocolManager) handleMsg(p *peer) error { if err := msg.Decode(&req); err != nil { return errResp(ErrDecode, "%v: %v", msg, err) } - + if err := req.sanityCheck(); err != nil { + return err + } update, size := req.Update.decode() if p.rejectUpdate(size) { return errResp(ErrRequestRejected, "") |