lnwire: add new package level mutex to limit # of concurrent zlib decodings

In this commit, we add a new package level mutex. Each time we decode a new set of chan IDs w/ zlib, we also grab this mutex. The purpose here is to ensure that we only EVER allocate the maxZlibBufSize globally across all peers. Otherwise, it may be possible for us to allocate up to 64 MB for _each_ peer, exposing an easy OOM attack vector.
2018-06-15 18:33:04 -07:00 · 2018-06-15 18:33:04 -07:00 · 5caf3d7310
commit 5caf3d7310
parent a0e2f8dbd1
1 changed files with 11 additions and 0 deletions
--- a/lnwire/query_short_chan_ids.go
+++ b/lnwire/query_short_chan_ids.go
@ -35,6 +35,11 @@ const (
 	maxZlibBufSize = 67413630
 )

+// zlibDecodeMtx is a package level mutex that we'll use in order to ensure
+// that we'll only attempt a single zlib decoding instance at a time. This
+// allows us to also further bound our memory usage.
+var zlibDecodeMtx sync.Mutex
+
 // ErrUnknownShortChanIDEncoding is a parametrized error that indicates that we
 // came across an unknown short channel ID encoding, and therefore were unable
 // to continue parsing.
@ -159,6 +164,12 @@ func decodeShortChanIDs(r io.Reader) (ShortChanIDEncoding, []ShortChannelID, err
 	// However, we'll pay attention to ensure that we don't open our selves
 	// up to a memory exhaustion attack.
 	case EncodingSortedZlib:
+		// We'll obtain an ultimately release the zlib decode mutex.
+		// This guards us against allocating too much memory to decode
+		// each instance from concurrent peers.
+		zlibDecodeMtx.Lock()
+		defer zlibDecodeMtx.Unlock()
+
 		// Before we start to decode, we'll create a limit reader over
 		// the current reader. This will ensure that we can control how
 		// much memory we're allocating during the decoding process.