-
Notifications
You must be signed in to change notification settings - Fork 20k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
p2p/rlpx: 2KB maximum size for handshake messages #30029
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This make sense to me in general. The original motivation for setting the base protocol max msg size to 2 kb specifically mentions wanting to limit allocations due to untrusted nodes handshaking.
core/types/rlp_fuzzer_test.go
Outdated
@@ -104,7 +104,7 @@ func fuzzRlp(t *testing.T, input []byte) { | |||
{ | |||
var v struct { | |||
Byte [10]byte | |||
Rool [10]bool |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please revert this change.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Go
This PR adds a check to reject encrypted RLPx handshakes challenge/response messages that are larger than 2KB in size.
This is consistent with the
baseProtocolMaxMsgSize
(2KB) of all subsequent handshake related messages (enforced here). Since these initial encrypted handshake challenge messages are processed in a different part of the RLP handshake state handler, they are not currently enforced to a max of 2KB and can be as large as 65KB. This is due to the buffer read size being pulled from the message itself w the maximum size being what can be encoded in the 2 byte size prefix (essentiallyUINT16MAX
).I believe that 2KB is more than enough size to contain any valid encrypted RLP handshake auth or response packet as these messages are typically ~400 bytes max. 2KB also allows for forward compatibility in the case that something is added to the message's extra data
Rest
field while preventing any larger message size that could be abused and maintains consistency with thebaseProtocolMaxMsgSize
limits of the rest of the RLP handshake messages.