aboutsummaryrefslogtreecommitdiff
path: root/src/cryptonote_protocol/cryptonote_protocol_handler.inl
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2019-03-09 09:08:53 +0000
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2019-06-14 08:47:11 +0000
commit68ad548193134c111c75382939f7d77dbd15ad3f (patch)
tree40aed53f538b549b83f85d02b3f58bc6055f17b5 /src/cryptonote_protocol/cryptonote_protocol_handler.inl
parentcryptonote_protocol: expand basic DoS protection (diff)
downloadmonero-68ad548193134c111c75382939f7d77dbd15ad3f.tar.xz
cryptonote_protocol: fix another potential P2P DoS
When asking for txes in a fluffy transaction, one might ask for the same (large) tx many times
Diffstat (limited to 'src/cryptonote_protocol/cryptonote_protocol_handler.inl')
-rw-r--r--src/cryptonote_protocol/cryptonote_protocol_handler.inl15
1 files changed, 15 insertions, 0 deletions
diff --git a/src/cryptonote_protocol/cryptonote_protocol_handler.inl b/src/cryptonote_protocol/cryptonote_protocol_handler.inl
index 78acb3179..b38407840 100644
--- a/src/cryptonote_protocol/cryptonote_protocol_handler.inl
+++ b/src/cryptonote_protocol/cryptonote_protocol_handler.inl
@@ -809,12 +809,27 @@ namespace cryptonote
NOTIFY_NEW_FLUFFY_BLOCK::request fluffy_response;
fluffy_response.b.block = t_serializable_object_to_blob(b);
fluffy_response.current_blockchain_height = arg.current_blockchain_height;
+ std::vector<bool> seen(b.tx_hashes.size(), false);
for(auto& tx_idx: arg.missing_tx_indices)
{
if(tx_idx < b.tx_hashes.size())
{
MDEBUG(" tx " << b.tx_hashes[tx_idx]);
+ if (seen[tx_idx])
+ {
+ LOG_ERROR_CCONTEXT
+ (
+ "Failed to handle request NOTIFY_REQUEST_FLUFFY_MISSING_TX"
+ << ", request is asking for duplicate tx "
+ << ", tx index = " << tx_idx << ", block tx count " << b.tx_hashes.size()
+ << ", block_height = " << arg.current_blockchain_height
+ << ", dropping connection"
+ );
+ drop_connection(context, true, false);
+ return 1;
+ }
txids.push_back(b.tx_hashes[tx_idx]);
+ seen[tx_idx] = true;
}
else
{