From 5caf3d73105b9e068eecc38cfc689f1413075741 Mon Sep 17 00:00:00 2001 From: Olaoluwa Osuntokun Date: Fri, 15 Jun 2018 18:33:04 -0700 Subject: [PATCH] lnwire: add new package level mutex to limit # of concurrent zlib decodings In this commit, we add a new package level mutex. Each time we decode a new set of chan IDs w/ zlib, we also grab this mutex. The purpose here is to ensure that we only EVER allocate the maxZlibBufSize globally across all peers. Otherwise, it may be possible for us to allocate up to 64 MB for _each_ peer, exposing an easy OOM attack vector. --- lnwire/query_short_chan_ids.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/lnwire/query_short_chan_ids.go b/lnwire/query_short_chan_ids.go index f9ff58b5..a0e28f4d 100644 --- a/lnwire/query_short_chan_ids.go +++ b/lnwire/query_short_chan_ids.go @@ -35,6 +35,11 @@ const ( maxZlibBufSize = 67413630 ) +// zlibDecodeMtx is a package level mutex that we'll use in order to ensure +// that we'll only attempt a single zlib decoding instance at a time. This +// allows us to also further bound our memory usage. +var zlibDecodeMtx sync.Mutex + // ErrUnknownShortChanIDEncoding is a parametrized error that indicates that we // came across an unknown short channel ID encoding, and therefore were unable // to continue parsing. @@ -159,6 +164,12 @@ func decodeShortChanIDs(r io.Reader) (ShortChanIDEncoding, []ShortChannelID, err // However, we'll pay attention to ensure that we don't open our selves // up to a memory exhaustion attack. case EncodingSortedZlib: + // We'll obtain an ultimately release the zlib decode mutex. + // This guards us against allocating too much memory to decode + // each instance from concurrent peers. + zlibDecodeMtx.Lock() + defer zlibDecodeMtx.Unlock() + // Before we start to decode, we'll create a limit reader over // the current reader. This will ensure that we can control how // much memory we're allocating during the decoding process.