p2p/discover/v5wire: reject packets smaller than 63 bytes (#25740)

This commit is contained in:
Seungbae Yu 2022-09-12 22:02:03 +09:00 committed by GitHub
parent b628d72766
commit 0c1888a367
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 3 deletions

View File

@ -90,6 +90,10 @@ const (
minVersion = 1 minVersion = 1
sizeofMaskingIV = 16 sizeofMaskingIV = 16
// The minimum size of any Discovery v5 packet is 63 bytes.
// Should reject packets smaller than minPacketSize.
minPacketSize = 63
minMessageSize = 48 // this refers to data after static headers minMessageSize = 48 // this refers to data after static headers
randomPacketMsgSize = 20 randomPacketMsgSize = 20
) )
@ -415,10 +419,10 @@ func (c *Codec) encryptMessage(s *session, p Packet, head *Header, headerData []
// Decode decodes a discovery packet. // Decode decodes a discovery packet.
func (c *Codec) Decode(input []byte, addr string) (src enode.ID, n *enode.Node, p Packet, err error) { func (c *Codec) Decode(input []byte, addr string) (src enode.ID, n *enode.Node, p Packet, err error) {
// Unmask the static header. if len(input) < minPacketSize {
if len(input) < sizeofStaticPacketData {
return enode.ID{}, nil, nil, errTooShort return enode.ID{}, nil, nil, errTooShort
} }
// Unmask the static header.
var head Header var head Header
copy(head.IV[:], input[:sizeofMaskingIV]) copy(head.IV[:], input[:sizeofMaskingIV])
mask := head.mask(c.localnode.ID()) mask := head.mask(c.localnode.ID())

View File

@ -274,7 +274,15 @@ func TestDecodeErrorsV5(t *testing.T) {
net := newHandshakeTest() net := newHandshakeTest()
defer net.close() defer net.close()
net.nodeA.expectDecodeErr(t, errTooShort, []byte{}) b := make([]byte, 0)
net.nodeA.expectDecodeErr(t, errTooShort, b)
b = make([]byte, 62)
net.nodeA.expectDecodeErr(t, errTooShort, b)
b = make([]byte, 63)
net.nodeA.expectDecodeErr(t, errInvalidHeader, b)
// TODO some more tests would be nice :) // TODO some more tests would be nice :)
// - check invalid authdata sizes // - check invalid authdata sizes
// - check invalid handshake data sizes // - check invalid handshake data sizes