From d2dff5f1c3f705c5acdad040447822f92bb02891 Mon Sep 17 00:00:00 2001
From: Alexandru Vasile <60601340+lexnv@users.noreply.github.com>
Date: Mon, 15 Jul 2024 11:31:06 +0300
Subject: [PATCH] network/tx: Ban peers with tx that fail to decode (#5002)

A malicious peer can submit random bytes on transaction protocol.
In this case, the peer is not disconnected or reported back to the
peerstore.

This PR ensures the peer's reputation is properly reported.

Discovered during testing:
- https://github.com/paritytech/polkadot-sdk/pull/4977


cc @paritytech/networking

Signed-off-by: Alexandru Vasile <alexandru.vasile@parity.io>
---
 substrate/client/network/transactions/src/lib.rs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/substrate/client/network/transactions/src/lib.rs b/substrate/client/network/transactions/src/lib.rs
index 3384aab5149..31ad0781035 100644
--- a/substrate/client/network/transactions/src/lib.rs
+++ b/substrate/client/network/transactions/src/lib.rs
@@ -368,7 +368,8 @@ where
 				{
 					self.on_transactions(peer, m);
 				} else {
-					warn!(target: "sub-libp2p", "Failed to decode transactions list");
+					warn!(target: "sub-libp2p", "Failed to decode transactions list from peer {peer}");
+					self.network.report_peer(peer, rep::BAD_TRANSACTION);
 				}
 			},
 		}
-- 
GitLab