Git-Mirrors/monero
1
0
Fork 0
mirror of https://github.com/monero-project/monero.git synced 2025-08-08 08:02:24 -04:00
Code Issues Projects Releases Packages Wiki Activity

add a sanity check to RPC input data size

Browse source 
reported by m31007
This commit is contained in:
moneromooo-monero 2022-03-16 22:16:52 +00:00
parent 9f814edbd7
commit 9209880e9c
No known key found for this signature in database
GPG key ID: 686F07454D6CEFC3
4 changed files with 15 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
contrib/epee/include/net/http_protocol_handler.inl
View file

@ -206,6 +206,7 @@ namespace net_utils
m_config(config),
m_want_close(false),
m_newlines(0),
m_bytes_read(0),
m_psnd_hndlr(psnd_hndlr),
m_conn_context(conn_context)
{
@ -221,6 +222,7 @@ namespace net_utils
m_query_info.clear();
m_len_summary = 0;
m_newlines = 0;
m_bytes_read = 0;
return true;
}
//--------------------------------------------------------------------------------------------
@ -243,6 +245,14 @@ namespace net_utils
size_t ndel;
m_bytes_read += buf.size();
if (m_bytes_read > m_config.m_max_content_length)
{
LOG_ERROR("simple_http_connection_handler::handle_buff_in: Too much data: got " << m_bytes_read);
m_state = http_state_error;
return false;
}
if(m_cache.size())
m_cache += buf;
else