From 0da92bf114be737d2e2f252350d439d8457c5652 Mon Sep 17 00:00:00 2001
From: Pierre Krieger <pierre.krieger1708@gmail.com>
Date: Thu, 7 Feb 2019 14:54:59 +0100
Subject: [PATCH] Protect against flood of addresses (#1718)

---
 substrate/core/network-libp2p/src/behaviour.rs           | 7 ++++++-
 .../core/network-libp2p/src/custom_proto/topology.rs     | 9 ++++++---
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/substrate/core/network-libp2p/src/behaviour.rs b/substrate/core/network-libp2p/src/behaviour.rs
index 196c1fa9c4f..fbc393953df 100644
--- a/substrate/core/network-libp2p/src/behaviour.rs
+++ b/substrate/core/network-libp2p/src/behaviour.rs
@@ -233,7 +233,7 @@ impl<TSubstream> NetworkBehaviourEventProcess<CustomProtosOut> for Behaviour<TSu
 impl<TSubstream> NetworkBehaviourEventProcess<IdentifyEvent> for Behaviour<TSubstream> {
 	fn inject_event(&mut self, event: IdentifyEvent) {
 		match event {
-			IdentifyEvent::Identified { peer_id, info, .. } => {
+			IdentifyEvent::Identified { peer_id, mut info, .. } => {
 				trace!(target: "sub-libp2p", "Identified {:?} => {:?}", peer_id, info);
 				// TODO: ideally we would delay the first identification to when we open the custom
 				//	protocol, so that we only report id info to the service about the nodes we
@@ -245,6 +245,11 @@ impl<TSubstream> NetworkBehaviourEventProcess<IdentifyEvent> for Behaviour<TSubs
 					warn!(target: "sub-libp2p", "Received identify response with empty list of \
 						addresses");
 				}
+				if info.listen_addrs.len() > 30 {
+					warn!(target: "sub-libp2p", "Node {:?} id reported more than 30 addresses",
+						peer_id);
+					info.listen_addrs.truncate(30);
+				}
 				for addr in &info.listen_addrs {
 					self.discovery.kademlia.add_address(&peer_id, addr.clone());
 				}
diff --git a/substrate/core/network-libp2p/src/custom_proto/topology.rs b/substrate/core/network-libp2p/src/custom_proto/topology.rs
index 6bc10eeea89..84d77b55a27 100644
--- a/substrate/core/network-libp2p/src/custom_proto/topology.rs
+++ b/substrate/core/network-libp2p/src/custom_proto/topology.rs
@@ -235,6 +235,11 @@ impl NetTopology {
 
 		let mut addrs: Vec<_> = addrs.collect();
 
+		if addrs.len() > 40 {
+			warn!(target: "sub-libp2p", "Attempt to add more than 40 addresses for {:?}", peer_id);
+			addrs.truncate(40);
+		}
+
 		let now_systime = SystemTime::now();
 		let now = Instant::now();
 
@@ -246,9 +251,7 @@ impl NetTopology {
 				if a.expires < now_systime && !a.is_connected() {
 					return false
 				}
-				while let Some(pos) = addrs.iter().position(|&(ref addr, _)| addr == &a.addr) {
-					addrs.remove(pos);
-				}
+				addrs.retain(|(addr, _)| *addr != a.addr);
 				true
 			})
 			.collect();
-- 
GitLab