mirror of
https://codeberg.org/anoncontributorxmr/monero.git
synced 2024-11-23 02:27:37 -07:00
Merge pull request #8275
9209880
add a sanity check to RPC input data size (moneromooo-monero)
This commit is contained in:
commit
67e5ca9ad6
@ -55,6 +55,7 @@ namespace net_utils
|
|||||||
std::string m_folder;
|
std::string m_folder;
|
||||||
std::vector<std::string> m_access_control_origins;
|
std::vector<std::string> m_access_control_origins;
|
||||||
boost::optional<login> m_user;
|
boost::optional<login> m_user;
|
||||||
|
size_t m_max_content_length{std::numeric_limits<size_t>::max()};
|
||||||
critical_section m_lock;
|
critical_section m_lock;
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -141,6 +142,7 @@ namespace net_utils
|
|||||||
config_type& m_config;
|
config_type& m_config;
|
||||||
bool m_want_close;
|
bool m_want_close;
|
||||||
size_t m_newlines;
|
size_t m_newlines;
|
||||||
|
size_t m_bytes_read;
|
||||||
protected:
|
protected:
|
||||||
i_service_endpoint* m_psnd_hndlr;
|
i_service_endpoint* m_psnd_hndlr;
|
||||||
t_connection_context& m_conn_context;
|
t_connection_context& m_conn_context;
|
||||||
|
@ -206,6 +206,7 @@ namespace net_utils
|
|||||||
m_config(config),
|
m_config(config),
|
||||||
m_want_close(false),
|
m_want_close(false),
|
||||||
m_newlines(0),
|
m_newlines(0),
|
||||||
|
m_bytes_read(0),
|
||||||
m_psnd_hndlr(psnd_hndlr),
|
m_psnd_hndlr(psnd_hndlr),
|
||||||
m_conn_context(conn_context)
|
m_conn_context(conn_context)
|
||||||
{
|
{
|
||||||
@ -221,6 +222,7 @@ namespace net_utils
|
|||||||
m_query_info.clear();
|
m_query_info.clear();
|
||||||
m_len_summary = 0;
|
m_len_summary = 0;
|
||||||
m_newlines = 0;
|
m_newlines = 0;
|
||||||
|
m_bytes_read = 0;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
//--------------------------------------------------------------------------------------------
|
//--------------------------------------------------------------------------------------------
|
||||||
@ -243,6 +245,14 @@ namespace net_utils
|
|||||||
|
|
||||||
size_t ndel;
|
size_t ndel;
|
||||||
|
|
||||||
|
m_bytes_read += buf.size();
|
||||||
|
if (m_bytes_read > m_config.m_max_content_length)
|
||||||
|
{
|
||||||
|
LOG_ERROR("simple_http_connection_handler::handle_buff_in: Too much data: got " << m_bytes_read);
|
||||||
|
m_state = http_state_error;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
if(m_cache.size())
|
if(m_cache.size())
|
||||||
m_cache += buf;
|
m_cache += buf;
|
||||||
else
|
else
|
||||||
|
@ -126,6 +126,7 @@
|
|||||||
|
|
||||||
#define COMMAND_RPC_GET_BLOCKS_FAST_MAX_BLOCK_COUNT 1000
|
#define COMMAND_RPC_GET_BLOCKS_FAST_MAX_BLOCK_COUNT 1000
|
||||||
#define COMMAND_RPC_GET_BLOCKS_FAST_MAX_TX_COUNT 20000
|
#define COMMAND_RPC_GET_BLOCKS_FAST_MAX_TX_COUNT 20000
|
||||||
|
#define MAX_RPC_CONTENT_LENGTH 1048576 // 1 MB
|
||||||
|
|
||||||
#define P2P_LOCAL_WHITE_PEERLIST_LIMIT 1000
|
#define P2P_LOCAL_WHITE_PEERLIST_LIMIT 1000
|
||||||
#define P2P_LOCAL_GRAY_PEERLIST_LIMIT 5000
|
#define P2P_LOCAL_GRAY_PEERLIST_LIMIT 5000
|
||||||
|
@ -365,6 +365,8 @@ namespace cryptonote
|
|||||||
std::move(rpc_config->access_control_origins), std::move(http_login), std::move(rpc_config->ssl_options)
|
std::move(rpc_config->access_control_origins), std::move(http_login), std::move(rpc_config->ssl_options)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
m_net_server.get_config_object().m_max_content_length = MAX_RPC_CONTENT_LENGTH;
|
||||||
|
|
||||||
if (store_ssl_key && inited)
|
if (store_ssl_key && inited)
|
||||||
{
|
{
|
||||||
// new keys were generated, store for next run
|
// new keys were generated, store for next run
|
||||||
|
Loading…
Reference in New Issue
Block a user