fix(p2p): correlate NOTIFY responses with prior requests; cap flash heights#198
Open
raw391 wants to merge 1 commit into
Open
fix(p2p): correlate NOTIFY responses with prior requests; cap flash heights#198raw391 wants to merge 1 commit into
raw391 wants to merge 1 commit into
Conversation
…eights Four NOTIFY handlers in cryptonote_protocol_handler.inl accept incoming messages without verifying correlation against pending requests. handle_response_get_blocks at line 1216 derefs context.m_last_request_time without checking it; an unsolicited NOTIFY_RESPONSE_GET_BLOCKS reaches that line and crashes the daemon. Adds per-request correlation tokens: - m_requested_objects (existing) for GET_BLOCKS (must be non-empty) - m_requested_objects (existing) for CHAIN_ENTRY (must be empty; chain responses do not consume a pending block-response timer) - new m_requested_flash_heights field on connection_context populated at the NOTIFY_REQUEST_BLOCK_FLASHES send-site for BLOCK_FLASHES responses - CURRENCY_PROTOCOL_MAX_OBJECT_REQUEST_COUNT cap on NOTIFY_REQUEST_BLOCK_FLASHES heights
raw391
force-pushed
the
fix/p2p-response-correlation-gate
branch
from
77a30a3 to
27d94d9
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Four NOTIFY handlers in
cryptonote_protocol_handler.inlaccept incoming messages without verifying correlation against pending requests.handle_response_get_blocksat line 1216 derefscontext.m_last_request_timewithout checking it; an unsolicitedNOTIFY_RESPONSE_GET_BLOCKSreaches that line and crashes the daemon. Siblingshandle_response_chain_entry(line 2426) andhandle_response_block_flashes(line 2513) accept unsolicited responses;handle_request_block_flashes(line 2500) has no heights cap.Patch adds per-request correlation tokens:
m_requested_objects(existing field) for GET_BLOCKS and CHAIN_ENTRY (non-empty and empty respectively, since a chain response should not consume a pending block-response timer), newm_requested_flash_heightsfield on connection_context populated at the request send-site for BLOCK_FLASHES, and a heights cap reusingCURRENCY_PROTOCOL_MAX_OBJECT_REQUEST_COUNTfor the flash request handler.