diff options
author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2020-12-10 14:00:40 +0000 |
---|---|---|
committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2020-12-10 17:23:50 +0000 |
commit | 0f34cabb98687eb9c5d68e7d7c439489bca27031 (patch) | |
tree | 122d5c30f3fd1f812da27e710f947e2bfa7a1696 /src/cryptonote_protocol | |
parent | Merge pull request #7072 (diff) | |
download | monero-0f34cabb98687eb9c5d68e7d7c439489bca27031.tar.xz |
protocol: more restrictive checks on chain entry response
Diffstat (limited to 'src/cryptonote_protocol')
-rw-r--r-- | src/cryptonote_protocol/cryptonote_protocol_handler.inl | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/cryptonote_protocol/cryptonote_protocol_handler.inl b/src/cryptonote_protocol/cryptonote_protocol_handler.inl index 25b14d903..82c89381c 100644 --- a/src/cryptonote_protocol/cryptonote_protocol_handler.inl +++ b/src/cryptonote_protocol/cryptonote_protocol_handler.inl @@ -2486,7 +2486,7 @@ skip: drop_connection(context, true, false); return 1; } - if (arg.total_height < arg.m_block_ids.size() || arg.start_height > arg.total_height - arg.m_block_ids.size()) + if (arg.total_height < arg.m_block_ids.size() || arg.start_height > arg.total_height - arg.m_block_ids.size() || arg.start_height >= m_core.get_current_blockchain_height()) { LOG_ERROR_CCONTEXT("sent invalid start/nblocks/height, dropping connection"); drop_connection(context, true, false); @@ -2532,8 +2532,15 @@ skip: context.m_needed_objects.clear(); uint64_t added = 0; + std::unordered_set<crypto::hash> blocks_found; for (size_t i = 0; i < arg.m_block_ids.size(); ++i) { + if (!blocks_found.insert(arg.m_block_ids[i]).second) + { + LOG_ERROR_CCONTEXT("Duplicate blocks in chain entry response, dropping connection"); + drop_connection(context, true, false); + return 1; + } const uint64_t block_weight = arg.m_block_weights.empty() ? 0 : arg.m_block_weights[i]; context.m_needed_objects.push_back(std::make_pair(arg.m_block_ids[i], block_weight)); if (++added == n_use_blocks) |