mirror of
https://github.com/monero-project/monero.git
synced 2025-01-03 17:40:06 +00:00
add a sanity check to RPC input data size
reported by m31007
This commit is contained in:
parent
fb1ef3349e
commit
c624d05de6
4 changed files with 15 additions and 0 deletions
|
@ -56,6 +56,7 @@ namespace net_utils
|
||||||
std::string m_folder;
|
std::string m_folder;
|
||||||
std::vector<std::string> m_access_control_origins;
|
std::vector<std::string> m_access_control_origins;
|
||||||
boost::optional<login> m_user;
|
boost::optional<login> m_user;
|
||||||
|
size_t m_max_content_length{std::numeric_limits<size_t>::max()};
|
||||||
critical_section m_lock;
|
critical_section m_lock;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -142,6 +143,7 @@ namespace net_utils
|
||||||
config_type& m_config;
|
config_type& m_config;
|
||||||
bool m_want_close;
|
bool m_want_close;
|
||||||
size_t m_newlines;
|
size_t m_newlines;
|
||||||
|
size_t m_bytes_read;
|
||||||
protected:
|
protected:
|
||||||
i_service_endpoint* m_psnd_hndlr;
|
i_service_endpoint* m_psnd_hndlr;
|
||||||
t_connection_context& m_conn_context;
|
t_connection_context& m_conn_context;
|
||||||
|
|
|
@ -206,6 +206,7 @@ namespace net_utils
|
||||||
m_config(config),
|
m_config(config),
|
||||||
m_want_close(false),
|
m_want_close(false),
|
||||||
m_newlines(0),
|
m_newlines(0),
|
||||||
|
m_bytes_read(0),
|
||||||
m_psnd_hndlr(psnd_hndlr),
|
m_psnd_hndlr(psnd_hndlr),
|
||||||
m_conn_context(conn_context)
|
m_conn_context(conn_context)
|
||||||
{
|
{
|
||||||
|
@ -221,6 +222,7 @@ namespace net_utils
|
||||||
m_query_info.clear();
|
m_query_info.clear();
|
||||||
m_len_summary = 0;
|
m_len_summary = 0;
|
||||||
m_newlines = 0;
|
m_newlines = 0;
|
||||||
|
m_bytes_read = 0;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
//--------------------------------------------------------------------------------------------
|
//--------------------------------------------------------------------------------------------
|
||||||
|
@ -243,6 +245,14 @@ namespace net_utils
|
||||||
|
|
||||||
size_t ndel;
|
size_t ndel;
|
||||||
|
|
||||||
|
m_bytes_read += buf.size();
|
||||||
|
if (m_bytes_read > m_config.m_max_content_length)
|
||||||
|
{
|
||||||
|
LOG_ERROR("simple_http_connection_handler::handle_buff_in: Too much data: got " << m_bytes_read);
|
||||||
|
m_state = http_state_error;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
if(m_cache.size())
|
if(m_cache.size())
|
||||||
m_cache += buf;
|
m_cache += buf;
|
||||||
else
|
else
|
||||||
|
|
|
@ -126,6 +126,7 @@
|
||||||
|
|
||||||
#define COMMAND_RPC_GET_BLOCKS_FAST_MAX_BLOCK_COUNT 1000
|
#define COMMAND_RPC_GET_BLOCKS_FAST_MAX_BLOCK_COUNT 1000
|
||||||
#define COMMAND_RPC_GET_BLOCKS_FAST_MAX_TX_COUNT 20000
|
#define COMMAND_RPC_GET_BLOCKS_FAST_MAX_TX_COUNT 20000
|
||||||
|
#define MAX_RPC_CONTENT_LENGTH 1048576 // 1 MB
|
||||||
|
|
||||||
#define P2P_LOCAL_WHITE_PEERLIST_LIMIT 1000
|
#define P2P_LOCAL_WHITE_PEERLIST_LIMIT 1000
|
||||||
#define P2P_LOCAL_GRAY_PEERLIST_LIMIT 5000
|
#define P2P_LOCAL_GRAY_PEERLIST_LIMIT 5000
|
||||||
|
|
|
@ -344,6 +344,8 @@ namespace cryptonote
|
||||||
if (m_rpc_payment)
|
if (m_rpc_payment)
|
||||||
m_net_server.add_idle_handler([this](){ return m_rpc_payment->on_idle(); }, 60 * 1000);
|
m_net_server.add_idle_handler([this](){ return m_rpc_payment->on_idle(); }, 60 * 1000);
|
||||||
|
|
||||||
|
m_net_server.get_config_object().m_max_content_length = MAX_RPC_CONTENT_LENGTH;
|
||||||
|
|
||||||
auto rng = [](size_t len, uint8_t *ptr){ return crypto::rand(len, ptr); };
|
auto rng = [](size_t len, uint8_t *ptr){ return crypto::rand(len, ptr); };
|
||||||
return epee::http_server_impl_base<core_rpc_server, connection_context>::init(
|
return epee::http_server_impl_base<core_rpc_server, connection_context>::init(
|
||||||
rng, std::move(port), std::move(bind_ip_str),
|
rng, std::move(port), std::move(bind_ip_str),
|
||||||
|
|
Loading…
Reference in a new issue