From ad616b6c013e69221f61b695c4ae09a3471c3f7c Mon Sep 17 00:00:00 2001
From: Antoine Poinsot <darosior@protonmail.com>
Date: Sun, 28 Jul 2024 10:54:38 +0200
Subject: [PATCH] doc: net: mention past vulnerability as rationale to limit
 incoming message size

---
 src/net.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/net.cpp b/src/net.cpp
index c722ddfcb5f..e3938842e32 100644
--- a/src/net.cpp
+++ b/src/net.cpp
@@ -761,6 +761,8 @@ int V1Transport::readHeader(Span<const uint8_t> msg_bytes)
     }
 
     // reject messages larger than MAX_SIZE or MAX_PROTOCOL_MESSAGE_LENGTH
+    // NOTE: failing to perform this check previously allowed a malicious peer to make us allocate 32MiB of memory per
+    // connection. See https://bitcoincore.org/en/2024/07/03/disclose_receive_buffer_oom.
     if (hdr.nMessageSize > MAX_SIZE || hdr.nMessageSize > MAX_PROTOCOL_MESSAGE_LENGTH) {
         LogDebug(BCLog::NET, "Header error: Size too large (%s, %u bytes), peer=%d\n", SanitizeString(hdr.GetMessageType()), hdr.nMessageSize, m_node_id);
         return -1;