Reject unreasonably large messages
We allocate a []byte to read the message into, so if the header says the messages is several gigabytes large we may run into trouble. In reality, a message should never be that large so we impose a limit.
This commit is contained in:
Jakob Borg
parent
c6f5075721
commit
f769df16e8
11
protocol.go
11
protocol.go
@ -15,7 +15,11 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
BlockSize = 128 * 1024
|
// Data block size (128 KiB)
|
||||||
|
BlockSize = 128 << 10
|
||||||
|
|
||||||
|
// We reject messages larger than this when encountered on the wire. (64 MiB)
|
||||||
|
MaxMessageLen = 64 << 20
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -383,6 +387,11 @@ func (c *rawConnection) readMessage() (hdr header, msg encodable, err error) {
|
|||||||
l.Debugf("read header %v (msglen=%d)", hdr, msglen)
|
l.Debugf("read header %v (msglen=%d)", hdr, msglen)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if msglen > MaxMessageLen {
|
||||||
|
err = fmt.Errorf("message length %d exceeds maximum %d", msglen, MaxMessageLen)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
if hdr.version != 0 {
|
if hdr.version != 0 {
|
||||||
err = fmt.Errorf("unknown protocol version 0x%x", hdr.version)
|
err = fmt.Errorf("unknown protocol version 0x%x", hdr.version)
|
||||||
return
|
return
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user