From 02494aee0f97469b9deb9c339b4075b14b69ff6f Mon Sep 17 00:00:00 2001 From: SW van Heerden Date: Wed, 9 Aug 2023 20:43:38 +0200 Subject: [PATCH] feat: ban peer unexpected response (#5608) Description --- ban a peer if they sent an unexpected message Motivation and Context --- audit finding, TARI-002 --- .../comms_interface/inbound_handlers.rs | 21 ++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/base_layer/core/src/base_node/comms_interface/inbound_handlers.rs b/base_layer/core/src/base_node/comms_interface/inbound_handlers.rs index 5e7671393a..ceb6cc2252 100644 --- a/base_layer/core/src/base_node/comms_interface/inbound_handlers.rs +++ b/base_layer/core/src/base_node/comms_interface/inbound_handlers.rs @@ -659,10 +659,10 @@ where B: BlockchainBackend + 'static match self .outbound_nci .request_blocks_by_hashes_from_peer(block_hash, Some(source_peer.clone())) - .await? + .await { - Some(block) => Ok(block), - None => { + Ok(Some(block)) => Ok(block), + Ok(None) => { if let Err(e) = self .connectivity .ban_peer_until( @@ -684,6 +684,21 @@ where B: BlockchainBackend + 'static source_peer ))) }, + Err(CommsInterfaceError::UnexpectedApiResponse) => { + debug!( + target: LOG_TARGET, + "Peer `{}` sent unexpected API response.", source_peer + ); + if let Err(e) = self + .connectivity + .ban_peer(source_peer.clone(), format!("Peer sen invalid API response")) + .await + { + error!(target: LOG_TARGET, "Failed to ban peer: {}", e); + } + Err(CommsInterfaceError::UnexpectedApiResponse) + }, + Err(e) => Err(e), } }