diff options
author | Felföldi Zsolt <zsfelfoldi@gmail.com> | 2018-06-05 15:23:00 +0800 |
---|---|---|
committer | Péter Szilágyi <peterke@gmail.com> | 2018-06-05 15:23:00 +0800 |
commit | a5237a27eaf81946a3edb4fafe13ed6359d119e4 (patch) | |
tree | 72108de3c3096961554d8141ed97292fa157e524 /les | |
parent | 7a22e89080b2be624c2659c8ea9dc34820400ffd (diff) | |
download | dexon-a5237a27eaf81946a3edb4fafe13ed6359d119e4.tar.gz dexon-a5237a27eaf81946a3edb4fafe13ed6359d119e4.tar.zst dexon-a5237a27eaf81946a3edb4fafe13ed6359d119e4.zip |
les: add Skip overflow check to GetBlockHeadersMsg handler (#16891)
Diffstat (limited to 'les')
-rw-r--r-- | les/handler.go | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/les/handler.go b/les/handler.go index 22899eb1b..1b6916578 100644 --- a/les/handler.go +++ b/les/handler.go @@ -19,6 +19,7 @@ package les import ( "encoding/binary" + "encoding/json" "errors" "fmt" "math/big" @@ -441,7 +442,7 @@ func (pm *ProtocolManager) handleMsg(p *peer) error { // Advance to the next header of the query switch { - case query.Origin.Hash != (common.Hash{}) && query.Reverse: + case hashMode && query.Reverse: // Hash based traversal towards the genesis block for i := 0; i < int(query.Skip)+1; i++ { if header := pm.blockchain.GetHeader(query.Origin.Hash, number); header != nil { @@ -452,16 +453,26 @@ func (pm *ProtocolManager) handleMsg(p *peer) error { break } } - case query.Origin.Hash != (common.Hash{}) && !query.Reverse: + case hashMode && !query.Reverse: // Hash based traversal towards the leaf block - if header := pm.blockchain.GetHeaderByNumber(origin.Number.Uint64() + query.Skip + 1); header != nil { - if pm.blockchain.GetBlockHashesFromHash(header.Hash(), query.Skip+1)[query.Skip] == query.Origin.Hash { - query.Origin.Hash = header.Hash() + var ( + current = origin.Number.Uint64() + next = current + query.Skip + 1 + ) + if next <= current { + infos, _ := json.MarshalIndent(p.Peer.Info(), "", " ") + p.Log().Warn("GetBlockHeaders skip overflow attack", "current", current, "skip", query.Skip, "next", next, "attacker", infos) + unknown = true + } else { + if header := pm.blockchain.GetHeaderByNumber(next); header != nil { + if pm.blockchain.GetBlockHashesFromHash(header.Hash(), query.Skip+1)[query.Skip] == query.Origin.Hash { + query.Origin.Hash = header.Hash() + } else { + unknown = true + } } else { unknown = true } - } else { - unknown = true } case query.Reverse: // Number based traversal towards the genesis block |