Rooba
/
odyssey
mirror of https://github.com/yandex/odyssey.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improve protocol message validation

This commit is contained in:
Andrey Borodin 2019-04-30 14:32:08 +05:00
parent 8abed18d69
commit edd5477302
1 changed files with 19 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
sources/io.h
View File

@ -7,6 +7,8 @@
* Scalable PostgreSQL connection pooler. * Scalable PostgreSQL connection pooler.
*/ */
#include "macro.h"
typedef struct od_io od_io_t; typedef struct od_io od_io_t;
struct od_io struct od_io
@ -181,6 +183,14 @@ od_read_startup(od_io_t *io, uint32_t time_ms)
return msg; return msg;
} }
/*
* This macro lists the backend message types that could be "long" (more
* than a couple of kilobytes).
*/
#define VALID_LONG_MESSAGE_TYPE(id) \
((id) == 'T' || (id) == 'D' || (id) == 'd' || (id) == 'V' || \
(id) == 'E' || (id) == 'N' || (id) == 'A')
static inline machine_msg_t* static inline machine_msg_t*
od_read(od_io_t *io, uint32_t time_ms) od_read(od_io_t *io, uint32_t time_ms)
{ {
@ -192,9 +202,17 @@ od_read(od_io_t *io, uint32_t time_ms)
uint32_t size; uint32_t size;
size = kiwi_read_size((char*)&header, sizeof(header)); size = kiwi_read_size((char*)&header, sizeof(header));
if (size < sizeof(uint32_t) || header.type < 0x20) {
if ( od_unlikely(
size < sizeof(uint32_t) ||
header.type < 0x20 ||
(size > 30000 && !VALID_LONG_MESSAGE_TYPE(header.type)))
) {
// This is not a postgres fe protocol v3 message // This is not a postgres fe protocol v3 message
// We should drop connection ASAP // We should drop connection ASAP
// Validation is performed per PostgreSQL impl
// For reference see
// https://github.com/postgres/postgres/blob/7bac3acab4d5c3f2c35aa3a7bea08411d83fd5bc/src/interfaces/libpq/fe-protocol3.c#L91-L100
return NULL; return NULL;
} }
size -= sizeof(uint32_t); size -= sizeof(uint32_t);