forked from cerc-io/plugeth
ethstats: set readlimit on ethstats server connection (#26207)
This prevents DoS when connected to a malicious ethstats server.
This commit is contained in:
parent
97c563e055
commit
c2e0abce2e
@ -57,6 +57,8 @@ const (
|
|||||||
txChanSize = 4096
|
txChanSize = 4096
|
||||||
// chainHeadChanSize is the size of channel listening to ChainHeadEvent.
|
// chainHeadChanSize is the size of channel listening to ChainHeadEvent.
|
||||||
chainHeadChanSize = 10
|
chainHeadChanSize = 10
|
||||||
|
|
||||||
|
messageSizeLimit = 15 * 1024 * 1024
|
||||||
)
|
)
|
||||||
|
|
||||||
// backend encompasses the bare-minimum functionality needed for ethstats reporting
|
// backend encompasses the bare-minimum functionality needed for ethstats reporting
|
||||||
@ -121,6 +123,7 @@ type connWrapper struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func newConnectionWrapper(conn *websocket.Conn) *connWrapper {
|
func newConnectionWrapper(conn *websocket.Conn) *connWrapper {
|
||||||
|
conn.SetReadLimit(messageSizeLimit)
|
||||||
return &connWrapper{conn: conn}
|
return &connWrapper{conn: conn}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user