This repository has been archived by the owner on Jun 11, 2024. It is now read-only.
Enforce limits on the size of inbound messages/requests in P2P #3335
Comments
jondubois
changed the title
This was referenced Jul 4, 2019
shuse2
added a commit
that referenced
this issue
Jul 8, 2019
Set websocket maxPayload on P2P library - Closes #3335
|
Solution does not work after merge development into last state of 2.3 version. |
jondubois
added a commit
that referenced
this issue
Jul 25, 2019
Enforce limits on the size of inbound messages/requests in P2P - Closes #3335
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Expected behavior
Messages and requests which are too large should be rejected to prevent DoS against nodes. Ideally, this value should be configurable.
This is particularly important when dealing with peer info. Right now there is no limit as to how big the custom
optionsobject inP2PDiscoveredPeerInfocan be; so peers could just spam us with lots of data inside the options object to fill up our memory (since we keep a list ofP2PDiscoveredPeerInfo).Actual behavior
There is no size limit on messages and requests.
The text was updated successfully, but these errors were encountered: