Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-08-07 05:42:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use unordered_multimap for ingoingQueue

Browse source 
This will avoid the possibility for a malicious node to cause a memory
leak and smash items in incoming queue of others nodes
This commit is contained in:
Gioacchino Mazzurco 2017-02-22 13:34:36 +01:00
parent b9091c4ad8
commit 77c430d553
2 changed files with 16 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

25
libretroshare/src/services/p3gxsmails.cpp
View file

@ -568,19 +568,20 @@ void p3GxsMails::processOutgoingRecord(OutgoingRecord& pr)
case GxsMailStatus::PENDING_RECEIPT_RECEIVE:
{
RS_STACK_MUTEX(ingoingMutex);
auto it = ingoingQueue.find(pr.mailItem.mailId);
if (it == ingoingQueue.end()) break;
RsGxsMailPresignedReceipt* rt =
dynamic_cast<RsGxsMailPresignedReceipt*>(it->second);
if( !rt || !idService.isOwnId(rt->meta.mAuthorId) ) break;
ingoingQueue.erase(it); delete rt;
pr.status = GxsMailStatus::RECEIPT_RECEIVED;
// TODO: Malicious adversary could forge messages with same mailId and
// could end up overriding the legit receipt in ingoingQueue, and
// causing also a memleak(using unordered_multimap for ingoingQueue
// may fix this?)
auto range = ingoingQueue.equal_range(pr.mailItem.mailId);
for( auto it = range.first; it != range.second; ++it)
{
RsGxsMailPresignedReceipt* rt =
dynamic_cast<RsGxsMailPresignedReceipt*>(it->second);
if(rt && idService.isOwnId(rt->meta.mAuthorId))
{
ingoingQueue.erase(it); delete rt;
pr.status = GxsMailStatus::RECEIPT_RECEIVED;
break;
}
}
// TODO: Resend message if older then treshold
break;
}
case GxsMailStatus::RECEIPT_RECEIVED:
break;