Use unordered_multimap for ingoingQueue

This will avoid the possibility for a malicious node to cause a memory
leak and smash items in incoming queue of others nodes
This commit is contained in:
Gioacchino Mazzurco 2017-02-22 13:34:36 +01:00
parent b9091c4ad8
commit 77c430d553
2 changed files with 16 additions and 13 deletions

View File

@ -568,19 +568,20 @@ void p3GxsMails::processOutgoingRecord(OutgoingRecord& pr)
case GxsMailStatus::PENDING_RECEIPT_RECEIVE:
{
RS_STACK_MUTEX(ingoingMutex);
auto it = ingoingQueue.find(pr.mailItem.mailId);
if (it == ingoingQueue.end()) break;
RsGxsMailPresignedReceipt* rt =
dynamic_cast<RsGxsMailPresignedReceipt*>(it->second);
if( !rt || !idService.isOwnId(rt->meta.mAuthorId) ) break;
ingoingQueue.erase(it); delete rt;
pr.status = GxsMailStatus::RECEIPT_RECEIVED;
// TODO: Malicious adversary could forge messages with same mailId and
// could end up overriding the legit receipt in ingoingQueue, and
// causing also a memleak(using unordered_multimap for ingoingQueue
// may fix this?)
auto range = ingoingQueue.equal_range(pr.mailItem.mailId);
for( auto it = range.first; it != range.second; ++it)
{
RsGxsMailPresignedReceipt* rt =
dynamic_cast<RsGxsMailPresignedReceipt*>(it->second);
if(rt && idService.isOwnId(rt->meta.mAuthorId))
{
ingoingQueue.erase(it); delete rt;
pr.status = GxsMailStatus::RECEIPT_RECEIVED;
break;
}
}
// TODO: Resend message if older then treshold
break;
}
case GxsMailStatus::RECEIPT_RECEIVED:
break;

View File

@ -18,6 +18,8 @@
*/
#include <stdint.h>
#include <unordered_map>
#include <map>
#include "retroshare/rsgxsifacetypes.h" // For RsGxsId, RsGxsCircleId
#include "gxs/gxstokenqueue.h" // For GxsTokenQueue
@ -184,7 +186,7 @@ private:
RsMutex outgoingMutex;
void processOutgoingRecord(OutgoingRecord& r);
typedef std::map<RsGxsMailId, RsGxsMailBaseItem*> inMap;
typedef std::unordered_multimap<RsGxsMailId, RsGxsMailBaseItem*> inMap;
inMap ingoingQueue;
RsMutex ingoingMutex;