lukechilds
/
electrumx
mirror of https://github.com/lukechilds/electrumx.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Introduce incoming buffer size limit 

- incoming buffered network requests limited to 150,000 bytes
  which I believe is ample for a genuine client
- if exceeded, the connection is dropped
- raise outgoing data limit for RPC connections to 5 MB - expect
  sessions calls can be long and connection is implicitly trusted
- similarly raise incoming buffered data limit to 5 MB for RPC
  connections
master
Neil Booth 8 years ago
parent
c6d8440b3d
commit
c9a10be5ba
3 changed files with 16 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      electrumx_rpc.py
  2. 13
      lib/jsonrpc.py
  3. 1
      server/protocol.py

2
electrumx_rpc.py
View File

@ -23,6 +23,8 @@ from server.protocol import ServerManager
class RPCClient(JSONRPC): class RPCClient(JSONRPC):
async def send_and_wait(self, method, params, timeout=None): async def send_and_wait(self, method, params, timeout=None):
# Raise incoming buffer size - presumably connection is trusted
self.max_buffer_size = 5000000
self.send_json_request(method, id_=method, params=params) self.send_json_request(method, id_=method, params=params)
future = asyncio.ensure_future(self.messages.get()) future = asyncio.ensure_future(self.messages.get())

13
lib/jsonrpc.py
View File

@ -96,6 +96,8 @@ class JSONRPC(asyncio.Protocol, LoggedClass):
# connection. The request causing it is logged. Values under # connection. The request causing it is logged. Values under
# 1000 are treated as 1000. # 1000 are treated as 1000.
self.max_send = 0 self.max_send = 0
# If buffered incoming data exceeds this the connection is closed
self.max_buffer_size = 150000
self.anon_logs = False self.anon_logs = False
def peername(self, *, for_log=True): def peername(self, *, for_log=True):
@ -122,6 +124,17 @@ class JSONRPC(asyncio.Protocol, LoggedClass):
decode_message for handling. decode_message for handling.
''' '''
self.recv_size += len(data) self.recv_size += len(data)
# Close abuvsive connections where buffered data exceeds limit
buffer_size = len(data) + sum(len(part) for part in self.parts)
if buffer_size > self.max_buffer_size:
self.logger.error('read buffer of {:,d} bytes exceeds {:,d} '
'byte limit, closing {}'
.format(buffer_size, self.max_buffer_size,
self.peername()))
self.transport.close()
# Do nothing if this connection is closing
if self.transport.is_closing(): if self.transport.is_closing():
return return

1
server/protocol.py
View File

@ -923,3 +923,4 @@ class LocalRPC(Session):
self.handlers = {cmd: getattr(self.manager, 'rpc_{}'.format(cmd)) self.handlers = {cmd: getattr(self.manager, 'rpc_{}'.format(cmd))
for cmd in cmds} for cmd in cmds}
self.client = 'RPC' self.client = 'RPC'
self.max_send = 5000000

Write Preview
Loading…
Cancel
Save