From c38dbdb64056e8a35117d0ef719d6d68d80d83e4 Mon Sep 17 00:00:00 2001 From: Anton Kaliaev Date: Wed, 16 Oct 2019 19:34:49 -0500 Subject: [PATCH] cs: limit max bit array size and block parts count --- consensus/reactor.go | 9 +++++++++ types/params.go | 3 +++ types/vote_set.go | 6 ++++++ 3 files changed, 18 insertions(+) diff --git a/consensus/reactor.go b/consensus/reactor.go index dc3514b21..e0ad61abd 100644 --- a/consensus/reactor.go +++ b/consensus/reactor.go @@ -1458,6 +1458,9 @@ func (m *NewValidBlockMessage) ValidateBasic() error { m.BlockParts.Size(), m.BlockPartsHeader.Total) } + if m.BlockParts.Size() > types.MaxBlockPartsCount { + return errors.Errorf("BlockParts bit array is too big: %d, max: %d", m.BlockParts.Size(), types.MaxBlockPartsCount) + } return nil } @@ -1504,6 +1507,9 @@ func (m *ProposalPOLMessage) ValidateBasic() error { if m.ProposalPOL.Size() == 0 { return errors.New("Empty ProposalPOL bit array") } + if m.ProposalPOL.Size() > types.MaxVotesCount { + return errors.Errorf("ProposalPOL bit array is too big: %d, max: %d", m.ProposalPOL.Size(), types.MaxVotesCount) + } return nil } @@ -1647,6 +1653,9 @@ func (m *VoteSetBitsMessage) ValidateBasic() error { return fmt.Errorf("Wrong BlockID: %v", err) } // NOTE: Votes.Size() can be zero if the node does not have any + if m.Votes.Size() > types.MaxVotesCount { + return fmt.Errorf("Votes bit array is too big: %d, max: %d", m.Votes.Size(), types.MaxVotesCount) + } return nil } diff --git a/types/params.go b/types/params.go index c9ab4aaf7..834178f73 100644 --- a/types/params.go +++ b/types/params.go @@ -14,6 +14,9 @@ const ( // BlockPartSizeBytes is the size of one block part. BlockPartSizeBytes = 65536 // 64kB + + // MaxBlockPartsCount is the maximum count of block parts. + MaxBlockPartsCount = MaxBlockSizeBytes / BlockPartSizeBytes ) // ConsensusParams contains consensus critical parameters that determine the diff --git a/types/vote_set.go b/types/vote_set.go index 56dd9a13c..0d7a5c579 100644 --- a/types/vote_set.go +++ b/types/vote_set.go @@ -11,6 +11,12 @@ import ( cmn "github.com/tendermint/tendermint/libs/common" ) +const ( + // MaxVotesCount is the maximum votes count. Used in ValidateBasic funcs for + // protection against DOS attacks. + MaxVotesCount = 10000 +) + // UNSTABLE // XXX: duplicate of p2p.ID to avoid dependence between packages. // Perhaps we can have a minimal types package containing this (and other things?)