aboutsummaryrefslogtreecommitdiff
path: root/src/main.cpp
diff options
context:
space:
mode:
authorGavin Andresen <gavinandresen@gmail.com>2012-08-26 17:08:18 -0400
committerGavin Andresen <gavinandresen@gmail.com>2012-08-26 17:08:18 -0400
commitd5a52d9b3edaae6c273b732456d98e6b28ed7b31 (patch)
tree9c41c7b28fabdd7e831128d37071d53bd3b4e4c5 /src/main.cpp
parent772351b0d5b298a93bb90b403b4ec151ca5f9770 (diff)
Alert system DoS prevention
This fixes two alert system vulnerabilities found by Sergio Lerner; you could send peers unlimited numbers of invalid alert message to try to either fill up their debug.log with messages and/or keep their CPU busy checking signatures. Fixed by disconnecting/banning peers if they send 10 or more bad (invalid/expired/cancelled) alerts.
Diffstat (limited to 'src/main.cpp')
-rw-r--r--src/main.cpp25
1 files changed, 19 insertions, 6 deletions
diff --git a/src/main.cpp b/src/main.cpp
index f71cfe7caa..e9bd610377 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -2997,14 +2997,27 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv)
CAlert alert;
vRecv >> alert;
- if (alert.ProcessAlert())
+ uint256 alertHash = alert.GetHash();
+ if (pfrom->setKnown.count(alertHash) == 0)
{
- // Relay
- pfrom->setKnown.insert(alert.GetHash());
+ if (alert.ProcessAlert())
{
- LOCK(cs_vNodes);
- BOOST_FOREACH(CNode* pnode, vNodes)
- alert.RelayTo(pnode);
+ // Relay
+ pfrom->setKnown.insert(alertHash);
+ {
+ LOCK(cs_vNodes);
+ BOOST_FOREACH(CNode* pnode, vNodes)
+ alert.RelayTo(pnode);
+ }
+ }
+ else {
+ // Small DoS penalty so peers that send us lots of
+ // duplicate/expired/invalid-signature/whatever alerts
+ // eventually get banned.
+ // This isn't a Misbehaving(100) (immediate ban) because the
+ // peer might be an older or different implementation with
+ // a different signature key, etc.
+ pfrom->Misbehaving(10);
}
}
}