diff options
| author | luigi1111 <luigi1111w@gmail.com> | 2022-04-25 10:22:31 -0500 |
|---|---|---|
| committer | luigi1111 <luigi1111w@gmail.com> | 2022-04-25 10:22:31 -0500 |
| commit | 424e4de16b98506170db7b0d7d87a79ccf541744 (patch) | |
| tree | 94c3bdc645883b373b93a6845a5692826cfcaf68 | |
| parent | Merge pull request #8273 (diff) | |
| parent | add a sanity check to RPC input data size (diff) | |
| download | monero-0.17.3.2.tar.xz | |
c624d05 add a sanity check to RPC input data size (moneromooo-monero)
| -rw-r--r-- | contrib/epee/include/net/http_protocol_handler.h | 2 | ||||
| -rw-r--r-- | contrib/epee/include/net/http_protocol_handler.inl | 10 | ||||
| -rw-r--r-- | src/cryptonote_config.h | 1 | ||||
| -rw-r--r-- | src/rpc/core_rpc_server.cpp | 2 |
4 files changed, 15 insertions, 0 deletions
diff --git a/contrib/epee/include/net/http_protocol_handler.h b/contrib/epee/include/net/http_protocol_handler.h index a29f141e8..e84a373d7 100644 --- a/contrib/epee/include/net/http_protocol_handler.h +++ b/contrib/epee/include/net/http_protocol_handler.h @@ -56,6 +56,7 @@ namespace net_utils std::string m_folder; std::vector<std::string> m_access_control_origins; boost::optional<login> m_user; + size_t m_max_content_length{std::numeric_limits<size_t>::max()}; critical_section m_lock; }; @@ -142,6 +143,7 @@ namespace net_utils config_type& m_config; bool m_want_close; size_t m_newlines; + size_t m_bytes_read; protected: i_service_endpoint* m_psnd_hndlr; t_connection_context& m_conn_context; diff --git a/contrib/epee/include/net/http_protocol_handler.inl b/contrib/epee/include/net/http_protocol_handler.inl index 0f4a28c99..de806fad4 100644 --- a/contrib/epee/include/net/http_protocol_handler.inl +++ b/contrib/epee/include/net/http_protocol_handler.inl @@ -206,6 +206,7 @@ namespace net_utils m_config(config), m_want_close(false), m_newlines(0), + m_bytes_read(0), m_psnd_hndlr(psnd_hndlr), m_conn_context(conn_context) { @@ -221,6 +222,7 @@ namespace net_utils m_query_info.clear(); m_len_summary = 0; m_newlines = 0; + m_bytes_read = 0; return true; } //-------------------------------------------------------------------------------------------- @@ -243,6 +245,14 @@ namespace net_utils size_t ndel; + m_bytes_read += buf.size(); + if (m_bytes_read > m_config.m_max_content_length) + { + LOG_ERROR("simple_http_connection_handler::handle_buff_in: Too much data: got " << m_bytes_read); + m_state = http_state_error; + return false; + } + if(m_cache.size()) m_cache += buf; else diff --git a/src/cryptonote_config.h b/src/cryptonote_config.h index 80534fbc0..7c6a9a661 100644 --- a/src/cryptonote_config.h +++ b/src/cryptonote_config.h @@ -126,6 +126,7 @@ #define COMMAND_RPC_GET_BLOCKS_FAST_MAX_BLOCK_COUNT 1000 #define COMMAND_RPC_GET_BLOCKS_FAST_MAX_TX_COUNT 20000 +#define MAX_RPC_CONTENT_LENGTH 1048576 // 1 MB #define P2P_LOCAL_WHITE_PEERLIST_LIMIT 1000 #define P2P_LOCAL_GRAY_PEERLIST_LIMIT 5000 diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp index 757e73906..126616243 100644 --- a/src/rpc/core_rpc_server.cpp +++ b/src/rpc/core_rpc_server.cpp @@ -344,6 +344,8 @@ namespace cryptonote if (m_rpc_payment) m_net_server.add_idle_handler([this](){ return m_rpc_payment->on_idle(); }, 60 * 1000); + m_net_server.get_config_object().m_max_content_length = MAX_RPC_CONTENT_LENGTH; + auto rng = [](size_t len, uint8_t *ptr){ return crypto::rand(len, ptr); }; return epee::http_server_impl_base<core_rpc_server, connection_context>::init( rng, std::move(port), std::move(bind_ip_str), |