From 424fe2dea15d2957f13089cbe1263969ad2e20dc Mon Sep 17 00:00:00 2001 From: tnasu Date: Fri, 7 Jul 2023 18:39:29 +0900 Subject: [PATCH] Set a cap on the length of subscription queries. (#8349) A manual backport of #7263. As a safety measure, don't allow a query string to be unreasonably long. The query filter is not especially efficient, so a query that needs more than basic detail should filter coarsely in the subscriber and refine on the client side. This affects Subscribe and TxSearch queries. Co-authored-by: M. J. Fromberger --- rpc/core/events.go | 8 ++++++++ rpc/core/tx.go | 2 ++ 2 files changed, 10 insertions(+) diff --git a/rpc/core/events.go b/rpc/core/events.go index 2a3cdcd07..ce70ef82c 100644 --- a/rpc/core/events.go +++ b/rpc/core/events.go @@ -12,6 +12,12 @@ import ( rpctypes "github.com/Finschia/ostracon/rpc/jsonrpc/types" ) +const ( + // maxQueryLength is the maximum length of a query string that will be + // accepted. This is just a safety check to avoid outlandish queries. + maxQueryLength = 512 +) + // Subscribe for events via WebSocket. // More: https://docs.tendermint.com/master/rpc/#/Websocket/subscribe func Subscribe(ctx *rpctypes.Context, query string) (*ctypes.ResultSubscribe, error) { @@ -21,6 +27,8 @@ func Subscribe(ctx *rpctypes.Context, query string) (*ctypes.ResultSubscribe, er return nil, fmt.Errorf("max_subscription_clients %d reached", env.Config.MaxSubscriptionClients) } else if env.EventBus.NumClientSubscriptions(addr) >= env.Config.MaxSubscriptionsPerClient { return nil, fmt.Errorf("max_subscriptions_per_client %d reached", env.Config.MaxSubscriptionsPerClient) + } else if len(query) > maxQueryLength { + return nil, errors.New("maximum query length exceeded") } env.Logger.Info("Subscribe to query", "remote", addr, "query", query) diff --git a/rpc/core/tx.go b/rpc/core/tx.go index a80f24e5e..c30c2bb0a 100644 --- a/rpc/core/tx.go +++ b/rpc/core/tx.go @@ -65,6 +65,8 @@ func TxSearch( // if index is disabled, return error if _, ok := env.TxIndexer.(*null.TxIndex); ok { return nil, errors.New("transaction indexing is disabled") + } else if len(query) > maxQueryLength { + return nil, errors.New("maximum query length exceeded") } q, err := tmquery.New(query)