cryptonote_protocol_handler: prevent potential DoS

Essentially, one can send such a large amount of IDs that core exhausts all free memory. This issue can theoretically be exploited using very large CN blockchains, such as Monero. This is a partial fix. Thanks and credit given to CryptoNote author 'cryptozoidberg' for collaboration and the fix. Also thanks to 'moneromooo'. Referencing HackerOne report #506595.
author: anonimal <anonimal@getmonero.org> 2019-03-09 09:11:44 +0000
committer: moneromooo-monero <moneromooo-monero@users.noreply.github.com> 2019-06-14 08:47:05 +0000
commit: 8f66b7053a8e4521fdd68c1d74718e73345fb158 (patch)
tree: b669995624bedf1c4377c32d1183dede4545434d /src/cryptonote_protocol/cryptonote_protocol_handler.h
parent: epee: basic sanity check on allocation size from untrusted source (diff)
download: monero-8f66b7053a8e4521fdd68c1d74718e73345fb158.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/src/cryptonote_protocol/cryptonote_protocol_handler.h b/src/cryptonote_protocol/cryptonote_protocol_handler.h
index 0927b5d7f..f1fd69960 100644
--- a/src/cryptonote_protocol/cryptonote_protocol_handler.h
+++ b/src/cryptonote_protocol/cryptonote_protocol_handler.h
@@ -52,6 +52,7 @@ PUSH_WARNINGS
 DISABLE_VS_WARNINGS(4355)
 
 #define LOCALHOST_INT 2130706433
+#define CURRENCY_PROTOCOL_MAX_BLOCKS_REQUEST_COUNT 500
 
 namespace cryptonote
 {
author	anonimal <anonimal@getmonero.org>	2019-03-09 09:11:44 +0000
committer	moneromooo-monero <moneromooo-monero@users.noreply.github.com>	2019-06-14 08:47:05 +0000
commit	8f66b7053a8e4521fdd68c1d74718e73345fb158 (patch)
tree	b669995624bedf1c4377c32d1183dede4545434d /src/cryptonote_protocol/cryptonote_protocol_handler.h
parent	epee: basic sanity check on allocation size from untrusted source (diff)
download	monero-8f66b7053a8e4521fdd68c1d74718e73345fb158.tar.xz