Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Cap state queue used by receiver, even if sender is malicious

  • Loading branch information...
commit e5f8ed757948c4525b49778f89446c0a034862b4 1 parent 1cf12f9
@keithw authored
Showing with 15 additions and 2 deletions.
  1. +15 −2 src/network/networktransport.cc
View
17 src/network/networktransport.cc
@@ -92,6 +92,21 @@ void Transport<MyState, RemoteState>::recv( void )
return; /* this is security-sensitive and part of how we enforce idempotency */
}
+ /* Do not accept state if our queue is full */
+ /* This is better than dropping states from the middle of the
+ queue (as sender does), because we don't want to ACK a state
+ and then discard it later. */
+
+ process_throwaway_until( inst.throwaway_num() );
+
+ if ( received_states.size() > 1024 ) { /* limit on state queue */
+ if ( verbose ) {
+ fprintf( stderr, "[%u] Receiver queue full, discarding %d (malicious sender or long-unidirectional connectivity?)\n",
+ (unsigned int)(timestamp() % 100000), (int)inst.new_num() );
+ }
+ return;
+ }
+
/* apply diff to reference state */
TimestampedState<RemoteState> new_state = *reference_state;
new_state.timestamp = timestamp();
@@ -101,8 +116,6 @@ void Transport<MyState, RemoteState>::recv( void )
new_state.state.apply_string( inst.diff() );
}
- process_throwaway_until( inst.throwaway_num() );
-
/* Insert new state in sorted place */
for ( typename list< TimestampedState<RemoteState> >::iterator i = received_states.begin();
i != received_states.end();
Please sign in to comment.
Something went wrong with that request. Please try again.