RPC: Limit getProgramAccounts memcpy filter string to 128 bytes (bp #15483) (#15490)

* Limit getProgramAccounts memcpy filter string to 128 bytes (cherry picked from commit 65f1afe5e1) * Limit the number of getProgramAccounts filters (cherry picked from commit 4b0114b991) Co-authored-by: Michael Vines <mvines@gmail.com>
2021-02-23 19:57:46 +00:00
parent e5bb1597a4
commit e255c85bef
4 changed files with 56 additions and 10 deletions
--- a/client/src/rpc_filter.rs
+++ b/client/src/rpc_filter.rs
@@ -16,10 +16,15 @@ impl RpcFilterType {
                match encoding {
                    MemcmpEncoding::Binary => {
                        let MemcmpEncodedBytes::Binary(bytes) = &compare.bytes;
-                        bs58::decode(&bytes)
-                            .into_vec()
-                            .map(|_| ())
-                            .map_err(|e| e.into())
+
+                        if bytes.len() > 128 {
+                            Err(RpcFilterError::Base58DataTooLarge)
+                        } else {
+                            bs58::decode(&bytes)
+                                .into_vec()
+                                .map(|_| ())
+                                .map_err(|e| e.into())
+                        }
                    }
                }
            }
@@ -27,10 +32,12 @@ impl RpcFilterType {
    }
 }

-#[derive(Error, Debug)]
+#[derive(Error, PartialEq, Debug)]
 pub enum RpcFilterError {
    #[error("bs58 decode error")]
    DecodeError(#[from] bs58::decode::Error),
+    #[error("encoded binary (base 58) data should be less than 129 bytes")]
+    Base58DataTooLarge,
 }

 #[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
@@ -140,4 +147,36 @@ mod tests {
        }
        .bytes_match(&data));
    }
+
+    #[test]
+    fn test_verify_memcmp() {
+        let base58_bytes = "\
+            1111111111111111111111111111111111111111111111111111111111111111\
+            1111111111111111111111111111111111111111111111111111111111111111";
+        assert_eq!(base58_bytes.len(), 128);
+        assert_eq!(
+            RpcFilterType::Memcmp(Memcmp {
+                offset: 0,
+                bytes: MemcmpEncodedBytes::Binary(base58_bytes.to_string()),
+                encoding: None,
+            })
+            .verify(),
+            Ok(())
+        );
+
+        let base58_bytes = "\
+            1111111111111111111111111111111111111111111111111111111111111111\
+            1111111111111111111111111111111111111111111111111111111111111111\
+            1";
+        assert_eq!(base58_bytes.len(), 129);
+        assert_eq!(
+            RpcFilterType::Memcmp(Memcmp {
+                offset: 0,
+                bytes: MemcmpEncodedBytes::Binary(base58_bytes.to_string()),
+                encoding: None,
+            })
+            .verify(),
+            Err(RpcFilterError::Base58DataTooLarge)
+        );
+    }
 }
--- a/client/src/rpc_request.rs
+++ b/client/src/rpc_request.rs
@@ -127,6 +127,7 @@ pub const MAX_GET_CONFIRMED_BLOCKS_RANGE: u64 = 500_000;
 pub const MAX_GET_CONFIRMED_SIGNATURES_FOR_ADDRESS2_LIMIT: usize = 1_000;
 pub const MAX_MULTIPLE_ACCOUNTS: usize = 100;
 pub const NUM_LARGEST_ACCOUNTS: usize = 20;
+pub const MAX_GET_PROGRAM_ACCOUNT_FILTERS: usize = 4;

 // Validators that are this number of slots behind are considered delinquent
 pub const DELINQUENT_VALIDATOR_SLOT_DISTANCE: u64 = 128;