diff options
author | zelig <viktor.tron@gmail.com> | 2015-03-28 08:48:37 +0800 |
---|---|---|
committer | zelig <viktor.tron@gmail.com> | 2015-04-01 19:32:42 +0800 |
commit | e1be34bce1ddf662bca58a37a6f38fea63a2a70f (patch) | |
tree | 5751601efa7f3f88ffd5f9903aa0fecb38667bd4 /eth/protocol.go | |
parent | 936ddf2ad1b7306dfe7f5ae9ca122a4968dd98e8 (diff) | |
download | dexon-e1be34bce1ddf662bca58a37a6f38fea63a2a70f.tar.gz dexon-e1be34bce1ddf662bca58a37a6f38fea63a2a70f.tar.zst dexon-e1be34bce1ddf662bca58a37a6f38fea63a2a70f.zip |
eth: SEC-29 eth wire protocol decoding invalid message data crashes client
- add validate method to types.Block
- validate after Decode -> error
- add tests for NewBlockMsg
Diffstat (limited to 'eth/protocol.go')
-rw-r--r-- | eth/protocol.go | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/eth/protocol.go b/eth/protocol.go index e32ea233b..0a3f67b62 100644 --- a/eth/protocol.go +++ b/eth/protocol.go @@ -105,7 +105,7 @@ type getBlockHashesMsgData struct { type statusMsgData struct { ProtocolVersion uint32 NetworkId uint32 - TD *big.Int + TD big.Int CurrentBlock common.Hash GenesisBlock common.Hash } @@ -276,6 +276,9 @@ func (self *ethProtocol) handle() error { if err := msg.Decode(&request); err != nil { return self.protoError(ErrDecode, "%v: %v", msg, err) } + if err := request.Block.Validate(); err != nil { + return self.protoError(ErrDecode, "block validation %v: %v", msg, err) + } hash := request.Block.Hash() _, chainHead, _ := self.chainManager.Status() @@ -335,7 +338,7 @@ func (self *ethProtocol) handleStatus() error { return self.protoError(ErrProtocolVersionMismatch, "%d (!= %d)", status.ProtocolVersion, self.protocolVersion) } - _, suspended := self.blockPool.AddPeer(status.TD, status.CurrentBlock, self.id, self.requestBlockHashes, self.requestBlocks, self.protoErrorDisconnect) + _, suspended := self.blockPool.AddPeer(&status.TD, status.CurrentBlock, self.id, self.requestBlockHashes, self.requestBlocks, self.protoErrorDisconnect) if suspended { return self.protoError(ErrSuspendedPeer, "") } @@ -366,7 +369,7 @@ func (self *ethProtocol) sendStatus() error { return p2p.Send(self.rw, StatusMsg, &statusMsgData{ ProtocolVersion: uint32(self.protocolVersion), NetworkId: uint32(self.networkId), - TD: td, + TD: *td, CurrentBlock: currentBlock, GenesisBlock: genesisBlock, }) |