RanchiMall/electrumx
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Introduce incoming buffer size limit

Browse Source 
- incoming buffered network requests limited to 150,000 bytes
  which I believe is ample for a genuine client
- if exceeded, the connection is dropped
- raise outgoing data limit for RPC connections to 5 MB - expect
  sessions calls can be long and connection is implicitly trusted
- similarly raise incoming buffered data limit to 5 MB for RPC
  connections
This commit is contained in:
Neil Booth 2016-11-29 20:20:18 +09:00
parent c6d8440b3d
commit c9a10be5ba
3 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
electrumx_rpc.py
View File

@ -23,6 +23,8 @@ from server.protocol import ServerManager
class RPCClient(JSONRPC): class RPCClient(JSONRPC):
async def send_and_wait(self, method, params, timeout=None): async def send_and_wait(self, method, params, timeout=None):
# Raise incoming buffer size - presumably connection is trusted
self.max_buffer_size = 5000000
self.send_json_request(method, id_=method, params=params) self.send_json_request(method, id_=method, params=params)
future = asyncio.ensure_future(self.messages.get()) future = asyncio.ensure_future(self.messages.get())

13
lib/jsonrpc.py
View File

@ -96,6 +96,8 @@ class JSONRPC(asyncio.Protocol, LoggedClass):
# connection. The request causing it is logged. Values under # connection. The request causing it is logged. Values under
# 1000 are treated as 1000. # 1000 are treated as 1000.
self.max_send = 0 self.max_send = 0
# If buffered incoming data exceeds this the connection is closed
self.max_buffer_size = 150000
self.anon_logs = False self.anon_logs = False
def peername(self, *, for_log=True): def peername(self, *, for_log=True):
@ -122,6 +124,17 @@ class JSONRPC(asyncio.Protocol, LoggedClass):
decode_message for handling. decode_message for handling.
''' '''
self.recv_size += len(data) self.recv_size += len(data)
# Close abuvsive connections where buffered data exceeds limit
buffer_size = len(data) + sum(len(part) for part in self.parts)
if buffer_size > self.max_buffer_size:
self.logger.error('read buffer of {:,d} bytes exceeds {:,d} '
'byte limit, closing {}'
.format(buffer_size, self.max_buffer_size,
self.peername()))
self.transport.close()
# Do nothing if this connection is closing
if self.transport.is_closing(): if self.transport.is_closing():
return return

1
server/protocol.py
View File

@ -923,3 +923,4 @@ class LocalRPC(Session):
self.handlers = {cmd: getattr(self.manager, 'rpc_{}'.format(cmd)) self.handlers = {cmd: getattr(self.manager, 'rpc_{}'.format(cmd))
for cmd in cmds} for cmd in cmds}
self.client = 'RPC' self.client = 'RPC'
self.max_send = 5000000