gaspersic/go-ethereum
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

eth: SEC-29 eth wire protocol decoding invalid message data crashes client

Browse Source 
- add validate method to types.Block
- validate after Decode -> error
- add tests for NewBlockMsg
This commit is contained in:
zelig
2015-03-28 00:48:37 +00:00
parent 936ddf2ad1
commit e1be34bce1
3 changed files with 124 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
eth/protocol.go
View File

@ -105,7 +105,7 @@ type getBlockHashesMsgData struct {
type statusMsgData struct {
ProtocolVersion uint32
NetworkId uint32
TD *big.Int
TD big.Int
CurrentBlock common.Hash
GenesisBlock common.Hash
}
@ -276,6 +276,9 @@ func (self *ethProtocol) handle() error {
if err := msg.Decode(&request); err != nil {
return self.protoError(ErrDecode, "%v: %v", msg, err)
}
if err := request.Block.Validate(); err != nil {
return self.protoError(ErrDecode, "block validation %v: %v", msg, err)
}
hash := request.Block.Hash()
_, chainHead, _ := self.chainManager.Status()
@ -335,7 +338,7 @@ func (self *ethProtocol) handleStatus() error {
return self.protoError(ErrProtocolVersionMismatch, "%d (!= %d)", status.ProtocolVersion, self.protocolVersion)
}
_, suspended := self.blockPool.AddPeer(status.TD, status.CurrentBlock, self.id, self.requestBlockHashes, self.requestBlocks, self.protoErrorDisconnect)
_, suspended := self.blockPool.AddPeer(&status.TD, status.CurrentBlock, self.id, self.requestBlockHashes, self.requestBlocks, self.protoErrorDisconnect)
if suspended {
return self.protoError(ErrSuspendedPeer, "")
}
@ -366,7 +369,7 @@ func (self *ethProtocol) sendStatus() error {
return p2p.Send(self.rw, StatusMsg, &statusMsgData{
ProtocolVersion: uint32(self.protocolVersion),
NetworkId: uint32(self.networkId),
TD: td,
TD: *td,
CurrentBlock: currentBlock,
GenesisBlock: genesisBlock,
})