Skip to content
This repository has been archived by the owner on Aug 2, 2022. It is now read-only.

Commit

Permalink
Merge pull request #4981 from EOSIO/feature/1.1.2-security-omnibus
Browse files Browse the repository at this point in the history 
Consolidated Security Fixes for 1.1.2
  • Loading branch information
@b1bart
b1bart authored Aug 2, 2018
2 parents 9dec60f + 2bcf4a7 commit f86c71a
Show file tree
Hide file tree
Showing 8 changed files with 181 additions and 185 deletions.
3 changes: 2 additions & 1 deletion libraries/chain/controller.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -573,6 +573,7 @@ struct controller_impl {
in_trx_requiring_checks = true;

transaction_context trx_context( self, dtrx, gtrx.trx_id );
trx_context.leeway = fc::microseconds(0); // avoid stealing cpu resource
trx_context.deadline = deadline;
trx_context.billed_cpu_time_us = billed_cpu_time_us;
transaction_trace_ptr trace = trx_context.trace;
Expand Down Expand Up @@ -761,7 +762,7 @@ struct controller_impl {
void start_block( block_timestamp_type when, uint16_t confirm_block_count, controller::block_status s ) {
EOS_ASSERT( !pending, block_validate_exception, "pending block is not available" );

EOS_ASSERT( db.revision() == head->block_num, database_exception, "db revision is not on par with head block",
EOS_ASSERT( db.revision() == head->block_num, database_exception, "db revision is not on par with head block",
("db.revision()", db.revision())("controller_head_block", head->block_num)("fork_db_head_block", fork_db.head()->block_num) );

auto guard_pending = fc::make_scoped_exit([this](){
Expand Down
4 changes: 2 additions & 2 deletions libraries/chain/include/eosio/chain/webassembly/binaryen.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -358,7 +358,7 @@ struct intrinsic_invoker_impl<Ret, std::tuple<array_ptr<T>, size_t, Inputs...>>
T* base = array_ptr_impl<T>(interface, ptr, length);
if ( reinterpret_cast<uintptr_t>(base) % alignof(T) != 0 ) {
wlog( "misaligned array of const values" );
std::remove_const_t<T> copy[length];
std::vector<std::remove_const_t<T> > copy(length > 0 ? length : 1);
T* copy_ptr = &copy[0];
memcpy( (void*)copy_ptr, (void*)base, length * sizeof(T) );
return Then(interface, static_cast<array_ptr<T>>(copy_ptr), length, rest..., args, (uint32_t)offset - 2);
Expand All @@ -374,7 +374,7 @@ struct intrinsic_invoker_impl<Ret, std::tuple<array_ptr<T>, size_t, Inputs...>>
T* base = array_ptr_impl<T>(interface, ptr, length);
if ( reinterpret_cast<uintptr_t>(base) % alignof(T) != 0 ) {
wlog( "misaligned array of values" );
std::remove_const_t<T> copy[length];
std::vector<std::remove_const_t<T> > copy(length > 0 ? length : 1);
T* copy_ptr = &copy[0];
memcpy( (void*)copy_ptr, (void*)base, length * sizeof(T) );
Ret ret = Then(interface, static_cast<array_ptr<T>>(copy_ptr), length, rest..., args, (uint32_t)offset - 2);
Expand Down
4 changes: 2 additions & 2 deletions libraries/chain/include/eosio/chain/webassembly/wavm.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -383,7 +383,7 @@ struct intrinsic_invoker_impl<Ret, std::tuple<array_ptr<T>, size_t, Inputs...>,
T* base = array_ptr_impl<T>(ctx, (U32)ptr, length);
if ( reinterpret_cast<uintptr_t>(base) % alignof(T) != 0 ) {
wlog( "misaligned array of const values" );
std::remove_const_t<T> copy[length];
std::vector<std::remove_const_t<T> > copy(length > 0 ? length : 1);
T* copy_ptr = &copy[0];
memcpy( (void*)copy_ptr, (void*)base, length * sizeof(T) );
return Then(ctx, static_cast<array_ptr<T>>(copy_ptr), length, rest..., translated...);
Expand All @@ -398,7 +398,7 @@ struct intrinsic_invoker_impl<Ret, std::tuple<array_ptr<T>, size_t, Inputs...>,
T* base = array_ptr_impl<T>(ctx, (U32)ptr, length);
if ( reinterpret_cast<uintptr_t>(base) % alignof(T) != 0 ) {
wlog( "misaligned array of values" );
std::remove_const_t<T> copy[length];
std::vector<std::remove_const_t<T> > copy(length > 0 ? length : 1);
T* copy_ptr = &copy[0];
memcpy( (void*)copy_ptr, (void*)base, length * sizeof(T) );
Ret ret = Then(ctx, static_cast<array_ptr<T>>(copy_ptr), length, rest..., translated...);
Expand Down
75 changes: 31 additions & 44 deletions plugins/bnet_plugin/bnet_plugin.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -518,23 +518,22 @@ namespace eosio {
void on_accepted_block_header( const block_state_ptr& s ) {
verify_strand_in_this_thread(_strand, __func__, __LINE__);
// ilog( "accepted block header ${n}", ("n",s->block_num) );
const auto& id = s->id;

if( fc::time_point::now() - s->block->timestamp < fc::seconds(6) ) {
// ilog( "queue notice to peer that we have this block so hopefully they don't send it to us" );
auto itr = _block_status.find(s->id);
auto itr = _block_status.find( id );
if( !_remote_request_irreversible_only && ( itr == _block_status.end() || !itr->received_from_peer ) ) {
_block_header_notices.insert(s->id);
_block_header_notices.insert( id );
}
if( itr == _block_status.end() ) {
_block_status.insert( block_status(id, false, false) );
}
}

//idump((_block_status.size())(_transaction_status.size()));
auto id = s->id;
//ilog( "accepted block ${n}", ("n",s->block_num) );

auto itr = _block_status.find( id );
if( itr == _block_status.end() ) {
itr = _block_status.insert( block_status(id, false, false) ).first;
}

_local_head_block_id = id;
_local_head_block_num = block_header::num_from_id(id);

Expand All @@ -550,8 +549,8 @@ namespace eosio {
*/
for( const auto& receipt : s->block->transactions ) {
if( receipt.trx.which() == 1 ) {
auto id = receipt.trx.get<packed_transaction>().id();
auto itr = _transaction_status.find( id );
const auto tid = receipt.trx.get<packed_transaction>().id();
auto itr = _transaction_status.find( tid );
if( itr != _transaction_status.end() )
_transaction_status.erase(itr);
}
Expand Down Expand Up @@ -644,36 +643,24 @@ namespace eosio {
std::placeholders::_2 ) ) );
} FC_LOG_AND_RETHROW() }

void mark_block_known_by_peer( block_id_type id) {
auto itr = _block_status.find(id);
if( itr == _block_status.end() ) {
// optimization to avoid sending blocks to nodes that already know about them
// to avoid unbounded memory growth limit number tracked
auto min_block_num = std::min( _local_lib, _last_sent_block_num );
auto max_block_num = min_block_num + _max_block_status_range;
auto block_num = block_header::num_from_id(id);
if(block_num > min_block_num && block_num < max_block_num)
_block_status.insert( block_status(id, true, false) );
} else {
_block_status.modify( itr, [&]( auto& item ) {
item.known_by_peer = true;
});
}
}

void mark_block_recv_from_peer( block_id_type id ) {
auto itr = _block_status.find(id);
if( itr == _block_status.end() ) {
_block_status.insert( block_status(id, true, true) );
} else {
_block_status.modify( itr, [&]( auto& item ) {
item.known_by_peer = true;
item.received_from_peer = true;
});
}
void mark_block_status( const block_id_type& id, bool known_by_peer, bool recv_from_peer ) {
auto itr = _block_status.find(id);
if( itr == _block_status.end() ) {
// optimization to avoid sending blocks to nodes that already know about them
// to avoid unbounded memory growth limit number tracked
const auto min_block_num = std::min( _local_lib, _last_sent_block_num );
const auto max_block_num = min_block_num + _max_block_status_range;
const auto block_num = block_header::num_from_id( id );
if( block_num > min_block_num && block_num < max_block_num && _block_status.size() < _max_block_status_range )
_block_status.insert( block_status( id, known_by_peer, recv_from_peer ) );
} else {
_block_status.modify( itr, [&]( auto& item ) {
item.known_by_peer = known_by_peer;
if (recv_from_peer) item.received_from_peer = true;
});
}
}


/**
* This method will determine whether there is a message in the
* out queue, if so it returns. Otherwise it determines the best
Expand Down Expand Up @@ -819,7 +806,7 @@ namespace eosio {
return;
}

mark_block_known_by_peer( next_id );
mark_block_status( next_id, true, false );

_last_sent_block_id = next_id;
_last_sent_block_num = nextblock->block_num();
Expand Down Expand Up @@ -930,7 +917,7 @@ namespace eosio {
);
}

void on_message( const bnet_message& msg, fc::datastream<const char*>& ds ) {
void on_message( const bnet_message& msg, fc::datastream<const char*>& ds ) {
try {
switch( msg.which() ) {
case bnet_message::tag<hello>::value:
Expand Down Expand Up @@ -967,11 +954,11 @@ namespace eosio {
peer_ilog(this, "received block_notice");
for( const auto& id : notice.block_ids ) {
status( "received notice " + std::to_string( block_header::num_from_id(id) ) );
mark_block_known_by_peer( id );
mark_block_status( id, true, false );
}
}

void on( const hello& hi, fc::datastream<const char*>& ds );
void on( const hello& hi, fc::datastream<const char*>& ds );

void on( const ping& p ) {
peer_ilog(this, "received ping");
Expand Down Expand Up @@ -1009,7 +996,7 @@ namespace eosio {
status( "received block " + std::to_string(b->block_num()) );
//ilog( "recv block ${n}", ("n", b->block_num()) );
auto id = b->id();
mark_block_recv_from_peer( id );
mark_block_status( id, true, true );

app().get_channel<incoming::channels::block>().publish(b);

Expand Down Expand Up @@ -1526,7 +1513,7 @@ namespace eosio {
_remote_lib = hi.last_irr_block_num;

for( const auto& id : hi.pending_block_ids )
mark_block_known_by_peer( id );
mark_block_status( id, true, false );

check_for_redundant_connection();

Expand Down
32 changes: 9 additions & 23 deletions plugins/net_plugin/net_plugin.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -751,12 +751,7 @@ namespace eosio {
initialize();
}

connection::~connection() {
if(peer_addr.empty())
wlog( "released connection from client" );
else
wlog( "released connection to server at ${addr}", ("addr", peer_addr) );
}
connection::~connection() {}

void connection::initialize() {
auto *rnd = node_id.data();
Expand Down Expand Up @@ -2669,27 +2664,18 @@ namespace eosio {

void net_plugin_impl::connection_monitor( ) {
start_conn_timer();
vector <connection_ptr> discards;
num_clients = 0;
for( auto &c : connections ) {
if( !c->socket->is_open() && !c->connecting) {
if( c->peer_addr.length() > 0) {
connect(c);
auto it = connections.begin();
while(it != connections.end()) {
if( !(*it)->socket->is_open() && !(*it)->connecting) {
if( (*it)->peer_addr.length() > 0) {
connect(*it);
}
else {
discards.push_back( c);
}
} else {
if( c->socket->is_open() && c->peer_addr.empty()) {
num_clients++;
it = connections.erase(it);
continue;
}
}
}
if( discards.size( ) ) {
for( auto &c : discards) {
connections.erase( c );
c.reset();
}
++it;
}
}

Expand Down
3 changes: 2 additions & 1 deletion plugins/producer_plugin/include/eosio/producer_plugin/producer_plugin.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ class producer_plugin : public appbase::plugin<producer_plugin> {
fc::optional<int32_t> produce_time_offset_us;
fc::optional<int32_t> last_block_time_offset_us;
fc::optional<int32_t> subjective_cpu_leeway_us;
fc::optional<double> incoming_defer_ratio;
};

struct greylist_params {
Expand Down Expand Up @@ -62,6 +63,6 @@ class producer_plugin : public appbase::plugin<producer_plugin> {

} //eosio

FC_REFLECT(eosio::producer_plugin::runtime_options, (max_transaction_time)(max_irreversible_block_age)(produce_time_offset_us)(last_block_time_offset_us)(subjective_cpu_leeway_us));
FC_REFLECT(eosio::producer_plugin::runtime_options, (max_transaction_time)(max_irreversible_block_age)(produce_time_offset_us)(last_block_time_offset_us)(subjective_cpu_leeway_us)(incoming_defer_ratio));
FC_REFLECT(eosio::producer_plugin::greylist_params, (accounts));

Loading

0 comments on commit f86c71a

Please sign in to comment.