From 7514a87b5e8541431e52b47f0ce082f2a77529f1 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Fri, 6 Sep 2019 15:39:39 +0930 Subject: [PATCH] common/gossip_rcvd_filter: avoid DoS. If they don't send us a gossip timestamp filter, we won't be sending them any gossip, thus won't be aging the gossip_rcvd_filter. So restrict it to 10,000 elements just to be sure. Signed-off-by: Rusty Russell --- common/gossip_rcvd_filter.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/common/gossip_rcvd_filter.c b/common/gossip_rcvd_filter.c index 8e0797691..329f46341 100644 --- a/common/gossip_rcvd_filter.c +++ b/common/gossip_rcvd_filter.c @@ -73,9 +73,13 @@ void gossip_rcvd_filter_add(struct gossip_rcvd_filter *f, const u8 *msg) u64 key; /* We don't attach destructor here directly to tag; would be neat, - * but it's also an extra allocation */ - if (extract_msg_key(msg, &key)) + * but it's also an extra allocation. */ + if (extract_msg_key(msg, &key)) { htable_add(f->cur, key, tal_dup(f->cur, u64, &key)); + /* Don't let it fill up forever though. */ + if (htable_count(f->cur) > 10000) + gossip_rcvd_filter_age(f); + } } /* htable is fast, but it's also horribly manual. */