rnhmjoj/magnetico
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Limit metadata size

Browse Source 
Malicious or malfunctioning peer can try send a huge metadata size what causes huge memory usage and to overflow them.
This commit is contained in:
Adam Dobrawy 2017-04-30 21:00:33 +02:00 committed by GitHub
parent 2251664dbd
commit 14979c96ce
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
magneticod/magneticod/bittorrent.py
View File

@ -22,6 +22,7 @@ import os
from . import bencode from . import bencode
MAX_METADATA_SIZE = 5*1024*1024
InfoHash = bytes InfoHash = bytes
PeerAddress = typing.Tuple[str, int] PeerAddress = typing.Tuple[str, int]
@ -209,7 +210,8 @@ class DisposablePeer:
# Just to make sure that the remote peer supports ut_metadata extension: # Just to make sure that the remote peer supports ut_metadata extension:
ut_metadata = msg_dict[b"m"][b"ut_metadata"] ut_metadata = msg_dict[b"m"][b"ut_metadata"]
metadata_size = msg_dict[b"metadata_size"] metadata_size = msg_dict[b"metadata_size"]
assert metadata_size > 0 assert metadata_size > 0, "Invalid (empty) metada size"
assert metadata_size < MAX_METADATA_SIZE, "Malicious or malfunctioning peer tried send a huge metadata size"
except (AssertionError, KeyError): except (AssertionError, KeyError):
self.when_error() self.when_error()
return return