aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authormoneromooo-monero <moneromooo-monero@users.noreply.github.com>2020-12-10 14:00:40 +0000
committermoneromooo-monero <moneromooo-monero@users.noreply.github.com>2020-12-10 17:24:16 +0000
commitf47f1a069193f2c62a9e45ea83a972a7f6665f67 (patch)
treed0bf08e24b64cf05f4a5bcd66671fde0924f2b82 /src
parentMerge pull request #7010 (diff)
downloadmonero-f47f1a069193f2c62a9e45ea83a972a7f6665f67.tar.xz
protocol: more restrictive checks on chain entry response
Diffstat (limited to 'src')
-rw-r--r--src/cryptonote_protocol/cryptonote_protocol_handler.inl9
1 files changed, 8 insertions, 1 deletions
diff --git a/src/cryptonote_protocol/cryptonote_protocol_handler.inl b/src/cryptonote_protocol/cryptonote_protocol_handler.inl
index a72b7db79..3209fcb14 100644
--- a/src/cryptonote_protocol/cryptonote_protocol_handler.inl
+++ b/src/cryptonote_protocol/cryptonote_protocol_handler.inl
@@ -2428,7 +2428,7 @@ skip:
drop_connection(context, true, false);
return 1;
}
- if (arg.total_height < arg.m_block_ids.size() || arg.start_height > arg.total_height - arg.m_block_ids.size())
+ if (arg.total_height < arg.m_block_ids.size() || arg.start_height > arg.total_height - arg.m_block_ids.size() || arg.start_height >= m_core.get_current_blockchain_height())
{
LOG_ERROR_CCONTEXT("sent invalid start/nblocks/height, dropping connection");
drop_connection(context, true, false);
@@ -2469,8 +2469,15 @@ skip:
context.m_needed_objects.clear();
uint64_t added = 0;
+ std::unordered_set<crypto::hash> blocks_found;
for (size_t i = 0; i < arg.m_block_ids.size(); ++i)
{
+ if (!blocks_found.insert(arg.m_block_ids[i]).second)
+ {
+ LOG_ERROR_CCONTEXT("Duplicate blocks in chain entry response, dropping connection");
+ drop_connection(context, true, false);
+ return 1;
+ }
const uint64_t block_weight = arg.m_block_weights.empty() ? 0 : arg.m_block_weights[i];
context.m_needed_objects.push_back(std::make_pair(arg.m_block_ids[i], block_weight));
if (++added == n_use_blocks)