From 5029698186445bf3cd69d0e720f019c472661bff Mon Sep 17 00:00:00 2001
From: kazcw <keziahw@gmail.com>
Date: Wed, 16 Jul 2014 14:31:41 -0700
Subject: prevent peer flooding request queue for an inv

mapAlreadyAskedFor does not keep track of which peer has a request queued for a
particular tx. As a result, a peer can blind a node to a tx indefinitely by
sending many invs for the same tx, and then never replying to getdatas for it.
Each inv received will be placed 2 minutes farther back in mapAlreadyAskedFor,
so a short message containing 10 invs would render that tx unavailable for 20
minutes.

This is fixed by disallowing a peer from having more than one entry for a
particular inv in mapAlreadyAskedFor at a time.
---
 src/net.cpp | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/net.cpp')

diff --git a/src/net.cpp b/src/net.cpp
index cff4c54505..04119e9ddd 100644
--- a/src/net.cpp
+++ b/src/net.cpp
@@ -2410,6 +2410,10 @@ void CNode::AskFor(const CInv& inv)
 {
     if (mapAskFor.size() > MAPASKFOR_MAX_SZ)
         return;
+    // a peer may not occupy multiple positions in an inv's request queue
+    if (!setAskFor.insert(inv.hash).second)
+        return;
+
     // We're using mapAskFor as a priority queue,
     // the key is the earliest time the request can be sent
     int64_t nRequestTime;
-- 
cgit v1.2.3


From ebb25f4c23adbcb55796c402bafd6064a136f16f Mon Sep 17 00:00:00 2001
From: Gregory Maxwell <greg@xiph.org>
Date: Mon, 23 Nov 2015 01:54:23 +0000
Subject: Limit setAskFor and retire requested entries only when a getdata
 returns.

The setAskFor duplicate elimination was too eager and removed entries
 when we still had no getdata response, allowing the peer to keep
 INVing and not responding.
---
 src/net.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/net.cpp')

diff --git a/src/net.cpp b/src/net.cpp
index 04119e9ddd..a8b6ca9c5b 100644
--- a/src/net.cpp
+++ b/src/net.cpp
@@ -2408,9 +2408,9 @@ CNode::~CNode()
 
 void CNode::AskFor(const CInv& inv)
 {
-    if (mapAskFor.size() > MAPASKFOR_MAX_SZ)
+    if (mapAskFor.size() > MAPASKFOR_MAX_SZ || setAskFor.size() > SETASKFOR_MAX_SZ)
         return;
-    // a peer may not occupy multiple positions in an inv's request queue
+    // a peer may not have multiple non-responded queue positions for a single inv item
     if (!setAskFor.insert(inv.hash).second)
         return;
 
-- 
cgit v1.2.3