Skip to content

Limit message sizes before receiving. #5843

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 6, 2015
Merged

Limit message sizes before receiving. #5843

merged 1 commit into from
Mar 6, 2015

Conversation

sipa
Copy link
Member

@sipa sipa commented Mar 1, 2015

There is currently no message over 2 MiB that is acceptable anyway, no need to support them inside our network buffers.

This is done by a dispatch mechanism in net, rather than a direct check, to support future modularity (where message handling is split over different modules). It's also required to deal with DoS management correctly (which is done outside of net).

It also doesn't touch serialize.h's MAX_SIZE, as it's a global for all serialization usage, including non-protocol processing.

@sipa sipa mentioned this pull request Mar 1, 2015
Closed
@gmaxwell
Copy link
Contributor

gmaxwell commented Mar 2, 2015

Tested by IBDing a node running this against a node running this.

@laanwj laanwj added the P2P label Mar 2, 2015
@laanwj
Copy link
Member

laanwj commented Mar 2, 2015

Code looks correct to me, going to test.

laanwj
laanwj reviewed Mar 3, 2015
View reviewed changes
src/main.cpp
if (msg->nMessageSize > MAX_PROTOCOL_MESSAGE_LENGTH) {
LOCK(cs_main);
Misbehaving(pnode->GetId(), 100);
LogPrintf("net", "Oversized message from peer=%d (size=%d)\n", pnode->GetId(), msg->nMessageSize);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I lobbed a 4MB message at my node and it crashed here:

EXCEPTION: St13runtime_error       
tinyformat: Not enough conversion specifiers in format string       
bitcoin in net

As a category is passed, this should be LogPrint, not LogPrintf [yes, stupid naming.].

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed.

@gmaxwell
Copy link
Contributor

gmaxwell commented Mar 3, 2015

Retesting.

@laanwj
Copy link
Member

laanwj commented Mar 3, 2015

Tested ACK

2015-03-03 19:19:20 initial getheaders (324870) to peer=1 (startheight:0)
2015-03-03 19:19:20 sending: getheaders (997 bytes) peer=1
2015-03-03 19:19:20 Misbehaving: 127.0.0.1:57403 (0 -> 100) BAN THRESHOLD EXCEEDED
2015-03-03 19:19:20 Oversized message from peer=1 (size=4194304)
2015-03-03 19:19:20 socket closed
2015-03-03 19:19:20 disconnecting peer=1

@sipa
Copy link
Member Author

sipa commented Mar 5, 2015

@gmaxwell Please test again?

@gmaxwell
Copy link
Contributor

gmaxwell commented Mar 5, 2015

Hurray, It disconnects now, but as I pointed out-- while it grants misbehaving-- it does not attempt to ban because now it disconnects before it gets a chance to do so. If it's not going to ban, there is no point in setting the misbehaving, and a simpler patch which doesn't use the signals would work the same. (though I suppose we should have the combiner fix for the other signal that uses the return value!).

@gavinandresen
Copy link
Contributor

ACK on the signal combiner.

RE: Misbehaving/banning: seems like it should ban, but instead of introducing Yet Another Signal, seems to me a check for state->fShouldBan in main.cpp FinalizeNode (called when net disconnects a peer) might be the right approach.

@gavinandresen
Copy link
Contributor

@sipa : nit: I think the combiner code could be replaced with boost::bind(boost::algorithm::all_of_equal, _1, _2, true)

@sipa sipa mentioned this pull request Mar 6, 2015
Merged
@sipa
Copy link
Member Author

sipa commented Mar 6, 2015

Moved the combiner logic, and simplified the code here.

A more complex signals-based solution can be done later.

@sipa
Limit message sizes before transfer
ba04c4a 
This introduces a fixed limit for the size of p2p messages, and enforces it
before download.
@gmaxwell
Copy link
Contributor

gmaxwell commented Mar 6, 2015

I was a little surprised that you went with logging at only debug=net level, but it works. ACK.

@laanwj laanwj merged commit ba04c4a into bitcoin:master Mar 6, 2015
laanwj added a commit that referenced this pull request Mar 6, 2015
@laanwj
Merge pull request #5843
51377c2 
ba04c4a Limit message sizes before transfer (Pieter Wuille)
@laanwj
Copy link
Member

laanwj commented Mar 6, 2015

I like the simpler solution. ACK.

@jgarzik
Copy link
Contributor

jgarzik commented Mar 8, 2015

posthumous ACK for simpler solution

sipa added a commit that referenced this pull request Mar 9, 2015
@sipa @laanwj
Limit message sizes before transfer
d5d8998 
This introduces a fixed limit for the size of p2p messages, and enforces it
before download.

Rebased-From: ba04c4a
Github-Pull: #5843
@defuse defuse mentioned this pull request Aug 16, 2016
Open
reddink pushed a commit to reddcoin-project/reddcoin-3.10 that referenced this pull request May 27, 2020
@sipa @reddink
Limit message sizes before transfer
d02aa11 
This introduces a fixed limit for the size of p2p messages, and enforces it
before download.

Rebased-From: ba04c4a
Github-Pull: bitcoin#5843
(cherry picked from commit d5d8998)
@bitcoin bitcoin locked as resolved and limited conversation to collaborators Sep 8, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
P2P
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@sipa @gmaxwell @laanwj @gavinandresen @jgarzik