Enforce maximum response size for 'getLogs' requests (#222)

Conflux-Chain · Sep 14, 2024 · 2da55bb · 2da55bb
1 parent e749b3f
commit 2da55bb
Show file tree

Hide file tree

Showing 4 changed files with 69 additions and 0 deletions.
diff --git a/config/config.yml b/config/config.yml
@@ -424,6 +424,10 @@ node:
 #     maxSplitEpochRange: 1000
 #     # Maximum block range for the log filter split to the full node
 #     maxSplitBlockRange: 1000
+#   # RPC handler
+#   rpc:
+#     # Maximum number of bytes for the response body of getLogs requests
+#     maxGetLogsResponseBytes: 10 * 1024 * 1024
 
 # # Go performance profiling
 # pprof:

diff --git a/rpc/handler/cfx_logs.go b/rpc/handler/cfx_logs.go
@@ -11,14 +11,32 @@ import (
 	"github.com/Conflux-Chain/confura/util/metrics"
 	sdk "github.com/Conflux-Chain/go-conflux-sdk"
 	"github.com/Conflux-Chain/go-conflux-sdk/types"
+	"github.com/Conflux-Chain/go-conflux-util/viper"
 	"github.com/ethereum/go-ethereum/common/hexutil"
 	"github.com/pkg/errors"
 )
 
 var (
+	// Maximum number of bytes for the response body of getLogs requests
+	maxGetLogsResponseBytes     uint64
+	errResponseBodySizeTooLarge error
+
 	errEventLogsTooStale = errors.New("event logs are too stale (already pruned)")
 )
 
+func Init() {
+	var constraint struct {
+		MaxGetLogsResponseBytes uint64 `default:"10485760"` // default 10MB
+	}
+	viper.MustUnmarshalKey("constraints.rpc", &constraint)
+
+	maxGetLogsResponseBytes = constraint.MaxGetLogsResponseBytes
+	errResponseBodySizeTooLarge = fmt.Errorf(
+		"result body size is too large with more than %d bytes, please narrow down your filter condition",
+		constraint.MaxGetLogsResponseBytes,
+	)
+}
+
 // CfxLogsApiHandler RPC handler to get core space event logs from store or fullnode.
 type CfxLogsApiHandler struct {
 	ms *mysql.MysqlStore
@@ -98,6 +116,7 @@ func (handler *CfxLogsApiHandler) getLogsReorgGuard(
 	}
 
 	var logs []types.Log
+	var bodySizeAccumulator responseBodySizeAccumulator
 
 	// query data from database
 	for i := range dbFilters {
@@ -110,6 +129,10 @@ func (handler *CfxLogsApiHandler) getLogsReorgGuard(
 		// succeeded to get logs from database
 		if err == nil {
 			for _, v := range dbLogs {
+				if err := bodySizeAccumulator.Add(len(v.Extra)); err != nil {
+					return nil, false, err
+				}
+
 				log, _ := v.ToCfxLog()
 				logs = append(logs, *log)
 			}
@@ -144,6 +167,11 @@ func (handler *CfxLogsApiHandler) getLogsReorgGuard(
 			return nil, false, err
 		}
 
+		for i := range fnLogs {
+			if err := bodySizeAccumulator.Add(len(fnLogs[i].Data)); err != nil {
+				return nil, false, err
+			}
+		}
 		logs = append(logs, fnLogs...)
 	}
 
@@ -164,6 +192,11 @@ func (handler *CfxLogsApiHandler) getLogsReorgGuard(
 			return nil, false, err
 		}
 
+		for i := range fnLogs {
+			if err := bodySizeAccumulator.Add(len(fnLogs[i].Data)); err != nil {
+				return nil, false, err
+			}
+		}
 		logs = append(logs, fnLogs...)
 	}
 
@@ -427,3 +460,21 @@ func calculateEpochRange(filter *types.LogFilter) (int64, bool) {
 
 	return epochTo - epochFrom + 1, true
 }
+
+// responseBodySizeAccumulator is a helper to check if the result body size exceeds the limit.
+type responseBodySizeAccumulator struct {
+	accumulator uint64
+}
+
+// Add adds the given size to the accumulator and checks if the result body size exceeds the limit.
+func (rb *responseBodySizeAccumulator) Add(size int) error {
+	// Add the new size to the accumulator.
+	rb.accumulator += uint64(size)
+
+	// If the accumulator exceeds the limit, return an error.
+	if rb.accumulator > maxGetLogsResponseBytes {
+		return errResponseBodySizeTooLarge
+	}
+
+	return nil
+}
diff --git a/rpc/handler/eth_logs.go b/rpc/handler/eth_logs.go
@@ -88,6 +88,7 @@ func (handler *EthLogsApiHandler) getLogsReorgGuard(
 	}
 
 	var logs []types.Log
+	var bodySizeAccumulator responseBodySizeAccumulator
 
 	// query data from database
 	if dbFilter != nil {
@@ -98,6 +99,10 @@ func (handler *EthLogsApiHandler) getLogsReorgGuard(
 		}
 
 		for _, v := range dbLogs {
+			if err := bodySizeAccumulator.Add(len(v.Extra)); err != nil {
+				return nil, false, err
+			}
+
 			cfxLog, ext := v.ToCfxLog()
 			logs = append(logs, *ethbridge.ConvertLog(cfxLog, ext))
 		}
@@ -120,6 +125,11 @@ func (handler *EthLogsApiHandler) getLogsReorgGuard(
 			return nil, false, err
 		}
 
+		for i := range fnLogs {
+			if err := bodySizeAccumulator.Add(len(fnLogs[i].Data)); err != nil {
+				return nil, false, err
+			}
+		}
 		logs = append(logs, fnLogs...)
 	}
 

diff --git a/rpc/server_middleware.go b/rpc/server_middleware.go
@@ -5,6 +5,7 @@ import (
 	"net/http"
 
 	"github.com/Conflux-Chain/confura/node"
+	"github.com/Conflux-Chain/confura/rpc/handler"
 	"github.com/Conflux-Chain/confura/util/rate"
 	"github.com/Conflux-Chain/confura/util/rpc/handlers"
 	"github.com/Conflux-Chain/confura/util/rpc/middlewares"
@@ -19,6 +20,9 @@ const (
 )
 
 func MustInit() {
+	// init handler
+	handler.Init()
+
 	// init metrics
 	initMetrics()