mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-01-11 12:22:39 -03:00
Merge #19514: [net/net processing] check banman pointer before dereferencing
ca3585a483
[net/net processing] check banman pointer before dereferencing (John Newbery) Pull request description: Although we currently don't do this, it should be possible to create a CConnman or PeerLogicValidation without a Banman instance. Therefore always check that banman exists before dereferencing the pointer. Also add comments to the m_banman members of CConnman and PeerLogicValidation to document that these may be nullptr. ACKs for top commit: jonatack: ACKca3585a
theStack: ACKca3585a483
Tree-SHA512: 726401c8921b9a502029ead34ae797473a1bc359d6e4e58dcbe3e25b70dde40bb100723be467fd3e2bf418892c493911998226de19c9d529d72034e3be26be48
This commit is contained in:
commit
1a655e89cb
4 changed files with 10 additions and 5 deletions
|
@ -1013,7 +1013,7 @@ void CConnman::AcceptConnection(const ListenSocket& hListenSocket) {
|
|||
SetSocketNoDelay(hSocket);
|
||||
|
||||
// Don't accept connections from banned peers.
|
||||
bool banned = m_banman->IsBanned(addr);
|
||||
bool banned = m_banman && m_banman->IsBanned(addr);
|
||||
if (!NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::PF_NOBAN) && banned)
|
||||
{
|
||||
LogPrint(BCLog::NET, "connection from %s dropped (banned)\n", addr.ToString());
|
||||
|
@ -1022,7 +1022,7 @@ void CConnman::AcceptConnection(const ListenSocket& hListenSocket) {
|
|||
}
|
||||
|
||||
// Only accept connections from discouraged peers if our inbound slots aren't (almost) full.
|
||||
bool discouraged = m_banman->IsDiscouraged(addr);
|
||||
bool discouraged = m_banman && m_banman->IsDiscouraged(addr);
|
||||
if (!NetPermissions::HasFlag(permissionFlags, NetPermissionFlags::PF_NOBAN) && nInbound + 1 >= nMaxInbound && discouraged)
|
||||
{
|
||||
LogPrint(BCLog::NET, "connection from %s dropped (discouraged)\n", addr.ToString());
|
||||
|
|
|
@ -447,6 +447,7 @@ private:
|
|||
std::atomic<int> nBestHeight;
|
||||
CClientUIInterface* clientInterface;
|
||||
NetEventsInterface* m_msgproc;
|
||||
/** Pointer to this node's banman. May be nullptr - check existence before dereferencing. */
|
||||
BanMan* m_banman;
|
||||
|
||||
/** SipHasher seeds for deterministic randomness */
|
||||
|
|
|
@ -2491,8 +2491,10 @@ void ProcessMessage(
|
|||
if (addr.nTime <= 100000000 || addr.nTime > nNow + 10 * 60)
|
||||
addr.nTime = nNow - 5 * 24 * 60 * 60;
|
||||
pfrom.AddAddressKnown(addr);
|
||||
if (banman->IsDiscouraged(addr)) continue; // Do not process banned/discouraged addresses beyond remembering we received them
|
||||
if (banman->IsBanned(addr)) continue;
|
||||
if (banman && (banman->IsDiscouraged(addr) || banman->IsBanned(addr))) {
|
||||
// Do not process banned/discouraged addresses beyond remembering we received them
|
||||
continue;
|
||||
}
|
||||
bool fReachable = IsReachable(addr);
|
||||
if (addr.nTime > nSince && !pfrom.fGetAddr && vAddr.size() <= 10 && addr.IsRoutable())
|
||||
{
|
||||
|
@ -3346,7 +3348,8 @@ void ProcessMessage(
|
|||
std::vector<CAddress> vAddr = connman->GetAddresses();
|
||||
FastRandomContext insecure_rand;
|
||||
for (const CAddress &addr : vAddr) {
|
||||
if (!banman->IsDiscouraged(addr) && !banman->IsBanned(addr)) {
|
||||
bool banned_or_discouraged = banman && (banman->IsDiscouraged(addr) || banman->IsBanned(addr));
|
||||
if (!banned_or_discouraged) {
|
||||
pfrom.PushAddress(addr, insecure_rand);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -29,6 +29,7 @@ static const int DISCOURAGEMENT_THRESHOLD{100};
|
|||
class PeerLogicValidation final : public CValidationInterface, public NetEventsInterface {
|
||||
private:
|
||||
CConnman* const connman;
|
||||
/** Pointer to this node's banman. May be nullptr - check existence before dereferencing. */
|
||||
BanMan* const m_banman;
|
||||
ChainstateManager& m_chainman;
|
||||
CTxMemPool& m_mempool;
|
||||
|
|
Loading…
Reference in a new issue