Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
whqwjb
go-ethereum
提交
4b6824e0
G
go-ethereum
项目概览
whqwjb
/
go-ethereum
与 Fork 源项目一致
从无法访问的项目Fork
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
go-ethereum
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
4b6824e0
编写于
9月 26, 2018
作者:
V
Viktor Trón
提交者:
GitHub
9月 26, 2018
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #17734 from frncmx/fix-dos-attack-invalid-hash-length
swarm/network/stream: fix DoS invalid offered hashes length
上级
26cf8663
d3f056bd
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
82 addition
and
9 deletion
+82
-9
swarm/network/stream/messages.go
swarm/network/stream/messages.go
+10
-4
swarm/network/stream/streamer_test.go
swarm/network/stream/streamer_test.go
+72
-5
未找到文件。
swarm/network/stream/messages.go
浏览文件 @
4b6824e0
...
...
@@ -26,7 +26,7 @@ import (
bv
"github.com/ethereum/go-ethereum/swarm/network/bitvector"
"github.com/ethereum/go-ethereum/swarm/spancontext"
"github.com/ethereum/go-ethereum/swarm/storage"
opentracing
"github.com/opentracing/opentracing-go"
"github.com/opentracing/opentracing-go"
)
var
syncBatchTimeout
=
30
*
time
.
Second
...
...
@@ -195,10 +195,16 @@ func (p *Peer) handleOfferedHashesMsg(ctx context.Context, req *OfferedHashesMsg
if
err
!=
nil
{
return
err
}
hashes
:=
req
.
Hashes
want
,
err
:=
bv
.
New
(
len
(
hashes
)
/
HashSize
)
lenHashes
:=
len
(
hashes
)
if
lenHashes
%
HashSize
!=
0
{
return
fmt
.
Errorf
(
"error invalid hashes length (len: %v)"
,
lenHashes
)
}
want
,
err
:=
bv
.
New
(
lenHashes
/
HashSize
)
if
err
!=
nil
{
return
fmt
.
Errorf
(
"error initiaising bitvector of length %v: %v"
,
len
(
hashes
)
/
HashSize
,
err
)
return
fmt
.
Errorf
(
"error initiaising bitvector of length %v: %v"
,
len
Hashes
/
HashSize
,
err
)
}
ctr
:=
0
...
...
@@ -206,7 +212,7 @@ func (p *Peer) handleOfferedHashesMsg(ctx context.Context, req *OfferedHashesMsg
ctx
,
cancel
:=
context
.
WithTimeout
(
ctx
,
syncBatchTimeout
)
ctx
=
context
.
WithValue
(
ctx
,
"source"
,
p
.
ID
()
.
String
())
for
i
:=
0
;
i
<
len
(
hashes
)
;
i
+=
HashSize
{
for
i
:=
0
;
i
<
len
Hashes
;
i
+=
HashSize
{
hash
:=
hashes
[
i
:
i
+
HashSize
]
if
wait
:=
c
.
NeedData
(
ctx
,
hash
);
wait
!=
nil
{
...
...
swarm/network/stream/streamer_test.go
浏览文件 @
4b6824e0
...
...
@@ -19,6 +19,7 @@ package stream
import
(
"bytes"
"context"
"errors"
"testing"
"time"
...
...
@@ -55,11 +56,12 @@ func TestStreamerRequestSubscription(t *testing.T) {
}
var
(
hash0
=
sha3
.
Sum256
([]
byte
{
0
})
hash1
=
sha3
.
Sum256
([]
byte
{
1
})
hash2
=
sha3
.
Sum256
([]
byte
{
2
})
hashesTmp
=
append
(
hash0
[
:
],
hash1
[
:
]
...
)
hashes
=
append
(
hashesTmp
,
hash2
[
:
]
...
)
hash0
=
sha3
.
Sum256
([]
byte
{
0
})
hash1
=
sha3
.
Sum256
([]
byte
{
1
})
hash2
=
sha3
.
Sum256
([]
byte
{
2
})
hashesTmp
=
append
(
hash0
[
:
],
hash1
[
:
]
...
)
hashes
=
append
(
hashesTmp
,
hash2
[
:
]
...
)
corruptHashes
=
append
(
hashes
[
:
40
])
)
type
testClient
struct
{
...
...
@@ -459,6 +461,71 @@ func TestStreamerUpstreamSubscribeLiveAndHistory(t *testing.T) {
}
}
func
TestStreamerDownstreamCorruptHashesMsgExchange
(
t
*
testing
.
T
)
{
tester
,
streamer
,
_
,
teardown
,
err
:=
newStreamerTester
(
t
)
defer
teardown
()
if
err
!=
nil
{
t
.
Fatal
(
err
)
}
stream
:=
NewStream
(
"foo"
,
""
,
true
)
var
tc
*
testClient
streamer
.
RegisterClientFunc
(
"foo"
,
func
(
p
*
Peer
,
t
string
,
live
bool
)
(
Client
,
error
)
{
tc
=
newTestClient
(
t
)
return
tc
,
nil
})
peerID
:=
tester
.
IDs
[
0
]
err
=
streamer
.
Subscribe
(
peerID
,
stream
,
NewRange
(
5
,
8
),
Top
)
if
err
!=
nil
{
t
.
Fatalf
(
"Expected no error, got %v"
,
err
)
}
err
=
tester
.
TestExchanges
(
p2ptest
.
Exchange
{
Label
:
"Subscribe message"
,
Expects
:
[]
p2ptest
.
Expect
{
{
Code
:
4
,
Msg
:
&
SubscribeMsg
{
Stream
:
stream
,
History
:
NewRange
(
5
,
8
),
Priority
:
Top
,
},
Peer
:
peerID
,
},
},
},
p2ptest
.
Exchange
{
Label
:
"Corrupt offered hash message"
,
Triggers
:
[]
p2ptest
.
Trigger
{
{
Code
:
1
,
Msg
:
&
OfferedHashesMsg
{
HandoverProof
:
&
HandoverProof
{
Handover
:
&
Handover
{},
},
Hashes
:
corruptHashes
,
From
:
5
,
To
:
8
,
Stream
:
stream
,
},
Peer
:
peerID
,
},
},
})
if
err
!=
nil
{
t
.
Fatal
(
err
)
}
expectedError
:=
errors
.
New
(
"Message handler error: (msg code 1): error invalid hashes length (len: 40)"
)
if
err
:=
tester
.
TestDisconnected
(
&
p2ptest
.
Disconnect
{
Peer
:
tester
.
IDs
[
0
],
Error
:
expectedError
});
err
!=
nil
{
t
.
Fatal
(
err
)
}
}
func
TestStreamerDownstreamOfferedHashesMsgExchange
(
t
*
testing
.
T
)
{
tester
,
streamer
,
_
,
teardown
,
err
:=
newStreamerTester
(
t
)
defer
teardown
()
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录