diff options
| author | Vasil Dimov <vd@FreeBSD.org> | 2021-03-10 12:07:08 +0100 |
|---|---|---|
| committer | Vasil Dimov <vd@FreeBSD.org> | 2021-03-16 11:00:57 +0100 |
| commit | 80a5a8ea2b7ad512c74c29df5b504e9be6cf23a0 (patch) | |
| tree | 4afdcf0bdbde9a1692073c09d5f66aa04efc3a5c /src/util/sock.h | |
| parent | 7cdadf91d513250b983b6a1c4672a6acc0dcf074 (diff) | |
| download | bitcoin-80a5a8ea2b7ad512c74c29df5b504e9be6cf23a0.tar.xz | |
i2p: limit the size of incoming messages
Put a limit on the amount of data `Sock::RecvUntilTerminator()` can read
if no terminator is received.
In the case of I2P this avoids a runaway (or malicious) I2P proxy
sending us tons of data without a terminator before a timeout is
triggered.
Diffstat (limited to 'src/util/sock.h')
| -rw-r--r-- | src/util/sock.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/util/sock.h b/src/util/sock.h index ecebb84205..4b0618dcff 100644 --- a/src/util/sock.h +++ b/src/util/sock.h @@ -135,13 +135,16 @@ public: * @param[in] terminator Character up to which to read from the socket. * @param[in] timeout Timeout for the entire operation. * @param[in] interrupt If this is signaled then the operation is canceled. + * @param[in] max_data The maximum amount of data (in bytes) to receive. If this many bytes + * are received and there is still no terminator, then this method will throw an exception. * @return The data that has been read, without the terminating character. * @throws std::runtime_error if the operation cannot be completed. In this case some bytes may * have been consumed from the socket. */ virtual std::string RecvUntilTerminator(uint8_t terminator, std::chrono::milliseconds timeout, - CThreadInterrupt& interrupt) const; + CThreadInterrupt& interrupt, + size_t max_data) const; /** * Check if still connected. |