diff options
| author | Ferenc Szabo <frncmx@gmail.com> | 2018-09-21 18:56:43 +0800 |
|---|---|---|
| committer | Ferenc Szabo <frncmx@gmail.com> | 2018-09-21 18:56:43 +0800 |
| commit | d3f056bd68fb6a8e9ffa3938d5404c6a209e0313 (patch) | |
| tree | 352c72814bee027cf61bfe7b83482e8f4fcfe8a7 /swarm/network/stream/messages.go | |
| parent | 81080bf8cb7f60f59a68cf48998a29a1a2e10cb9 (diff) | |
| download | go-tangerine-d3f056bd68fb6a8e9ffa3938d5404c6a209e0313.tar go-tangerine-d3f056bd68fb6a8e9ffa3938d5404c6a209e0313.tar.gz go-tangerine-d3f056bd68fb6a8e9ffa3938d5404c6a209e0313.tar.bz2 go-tangerine-d3f056bd68fb6a8e9ffa3938d5404c6a209e0313.tar.lz go-tangerine-d3f056bd68fb6a8e9ffa3938d5404c6a209e0313.tar.xz go-tangerine-d3f056bd68fb6a8e9ffa3938d5404c6a209e0313.tar.zst go-tangerine-d3f056bd68fb6a8e9ffa3938d5404c6a209e0313.zip | |
swarm/network/stream: fix DoS invalid hash length (#927)
Diffstat (limited to 'swarm/network/stream/messages.go')
| -rw-r--r-- | swarm/network/stream/messages.go | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/swarm/network/stream/messages.go b/swarm/network/stream/messages.go index 2e1a81e82..62c46b120 100644 --- a/swarm/network/stream/messages.go +++ b/swarm/network/stream/messages.go @@ -26,7 +26,7 @@ import ( bv "github.com/ethereum/go-ethereum/swarm/network/bitvector" "github.com/ethereum/go-ethereum/swarm/spancontext" "github.com/ethereum/go-ethereum/swarm/storage" - opentracing "github.com/opentracing/opentracing-go" + "github.com/opentracing/opentracing-go" ) var syncBatchTimeout = 30 * time.Second @@ -195,10 +195,16 @@ func (p *Peer) handleOfferedHashesMsg(ctx context.Context, req *OfferedHashesMsg if err != nil { return err } + hashes := req.Hashes - want, err := bv.New(len(hashes) / HashSize) + lenHashes := len(hashes) + if lenHashes%HashSize != 0 { + return fmt.Errorf("error invalid hashes length (len: %v)", lenHashes) + } + + want, err := bv.New(lenHashes / HashSize) if err != nil { - return fmt.Errorf("error initiaising bitvector of length %v: %v", len(hashes)/HashSize, err) + return fmt.Errorf("error initiaising bitvector of length %v: %v", lenHashes/HashSize, err) } ctr := 0 @@ -206,7 +212,7 @@ func (p *Peer) handleOfferedHashesMsg(ctx context.Context, req *OfferedHashesMsg ctx, cancel := context.WithTimeout(ctx, syncBatchTimeout) ctx = context.WithValue(ctx, "source", p.ID().String()) - for i := 0; i < len(hashes); i += HashSize { + for i := 0; i < lenHashes; i += HashSize { hash := hashes[i : i+HashSize] if wait := c.NeedData(ctx, hash); wait != nil { |