From 7b661e5c9dd20a29d36a60e107edc0c4a63b5b8e Mon Sep 17 00:00:00 2001 From: Jinghui Liao Date: Tue, 8 Feb 2022 02:32:04 -0500 Subject: [PATCH 1/7] add log when exception happens under debug mode (#686) --- src/DBFTPlugin/Consensus/ConsensusContext.MakePayload.cs | 3 ++- src/DBFTPlugin/Consensus/ConsensusContext.cs | 3 ++- src/DBFTPlugin/Consensus/ConsensusService.OnMessage.cs | 8 +++----- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/DBFTPlugin/Consensus/ConsensusContext.MakePayload.cs b/src/DBFTPlugin/Consensus/ConsensusContext.MakePayload.cs index e8af9f0ad..973ab34a5 100644 --- a/src/DBFTPlugin/Consensus/ConsensusContext.MakePayload.cs +++ b/src/DBFTPlugin/Consensus/ConsensusContext.MakePayload.cs @@ -47,8 +47,9 @@ private void SignPayload(ExtensiblePayload payload) sc = new ContractParametersContext(neoSystem.StoreView, payload, dbftSettings.Network); wallet.Sign(sc); } - catch (InvalidOperationException) + catch (InvalidOperationException exception) { + Utility.Log(nameof(ConsensusContext), LogLevel.Debug, exception.ToString()); return; } payload.Witness = sc.GetWitnesses()[0]; diff --git a/src/DBFTPlugin/Consensus/ConsensusContext.cs b/src/DBFTPlugin/Consensus/ConsensusContext.cs index 990b84961..dc0c3e1dc 100644 --- a/src/DBFTPlugin/Consensus/ConsensusContext.cs +++ b/src/DBFTPlugin/Consensus/ConsensusContext.cs @@ -160,8 +160,9 @@ public bool Load() { Deserialize(reader); } - catch + catch (Exception exception) { + Utility.Log(nameof(ConsensusContext), LogLevel.Debug, exception.ToString()); return false; } return true; diff --git a/src/DBFTPlugin/Consensus/ConsensusService.OnMessage.cs b/src/DBFTPlugin/Consensus/ConsensusService.OnMessage.cs index 32d2cce06..cc2baab60 100644 --- a/src/DBFTPlugin/Consensus/ConsensusService.OnMessage.cs +++ b/src/DBFTPlugin/Consensus/ConsensusService.OnMessage.cs @@ -24,14 +24,12 @@ private void OnConsensusPayload(ExtensiblePayload payload) { message = context.GetMessage(payload); } - catch (FormatException) - { - return; - } - catch (IOException) + catch (Exception ex) { + Utility.Log(nameof(ConsensusService), LogLevel.Debug, ex.ToString()); return; } + if (!message.Verify(neoSystem.Settings)) return; if (message.BlockIndex != context.Block.Index) { From 32aacc468ad43600817daabbec834e715017d962 Mon Sep 17 00:00:00 2001 From: Owen Zhang <38493437+superboyiii@users.noreply.github.com> Date: Tue, 8 Feb 2022 18:31:13 +0800 Subject: [PATCH 2/7] Revert "add log when exception happens under debug mode (#686)" (#689) This reverts commit 7b661e5c9dd20a29d36a60e107edc0c4a63b5b8e. --- src/DBFTPlugin/Consensus/ConsensusContext.MakePayload.cs | 3 +-- src/DBFTPlugin/Consensus/ConsensusContext.cs | 3 +-- src/DBFTPlugin/Consensus/ConsensusService.OnMessage.cs | 8 +++++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/DBFTPlugin/Consensus/ConsensusContext.MakePayload.cs b/src/DBFTPlugin/Consensus/ConsensusContext.MakePayload.cs index 973ab34a5..e8af9f0ad 100644 --- a/src/DBFTPlugin/Consensus/ConsensusContext.MakePayload.cs +++ b/src/DBFTPlugin/Consensus/ConsensusContext.MakePayload.cs @@ -47,9 +47,8 @@ private void SignPayload(ExtensiblePayload payload) sc = new ContractParametersContext(neoSystem.StoreView, payload, dbftSettings.Network); wallet.Sign(sc); } - catch (InvalidOperationException exception) + catch (InvalidOperationException) { - Utility.Log(nameof(ConsensusContext), LogLevel.Debug, exception.ToString()); return; } payload.Witness = sc.GetWitnesses()[0]; diff --git a/src/DBFTPlugin/Consensus/ConsensusContext.cs b/src/DBFTPlugin/Consensus/ConsensusContext.cs index dc0c3e1dc..990b84961 100644 --- a/src/DBFTPlugin/Consensus/ConsensusContext.cs +++ b/src/DBFTPlugin/Consensus/ConsensusContext.cs @@ -160,9 +160,8 @@ public bool Load() { Deserialize(reader); } - catch (Exception exception) + catch { - Utility.Log(nameof(ConsensusContext), LogLevel.Debug, exception.ToString()); return false; } return true; diff --git a/src/DBFTPlugin/Consensus/ConsensusService.OnMessage.cs b/src/DBFTPlugin/Consensus/ConsensusService.OnMessage.cs index cc2baab60..32d2cce06 100644 --- a/src/DBFTPlugin/Consensus/ConsensusService.OnMessage.cs +++ b/src/DBFTPlugin/Consensus/ConsensusService.OnMessage.cs @@ -24,12 +24,14 @@ private void OnConsensusPayload(ExtensiblePayload payload) { message = context.GetMessage(payload); } - catch (Exception ex) + catch (FormatException) + { + return; + } + catch (IOException) { - Utility.Log(nameof(ConsensusService), LogLevel.Debug, ex.ToString()); return; } - if (!message.Verify(neoSystem.Settings)) return; if (message.BlockIndex != context.Block.Index) { From 20784b88c4d41fd5fee8464e7c3143a7834532e5 Mon Sep 17 00:00:00 2001 From: Shargon Date: Sat, 26 Feb 2022 13:06:04 +0100 Subject: [PATCH 3/7] Prevent SSRF --- .../Protocols/OracleHttpsProtocol.cs | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/src/OracleService/Protocols/OracleHttpsProtocol.cs b/src/OracleService/Protocols/OracleHttpsProtocol.cs index 3fa20669f..1b8f5c3ed 100644 --- a/src/OracleService/Protocols/OracleHttpsProtocol.cs +++ b/src/OracleService/Protocols/OracleHttpsProtocol.cs @@ -12,7 +12,7 @@ namespace Neo.Plugins { class OracleHttpsProtocol : IOracleProtocol { - private readonly HttpClient client = new HttpClient(); + private readonly HttpClient client = new(new HttpClientHandler() { AllowAutoRedirect = false }); public OracleHttpsProtocol() { @@ -40,7 +40,7 @@ public void Dispose() if (!Settings.Default.AllowPrivateHost) { - IPHostEntry entry = await Dns.GetHostEntryAsync(uri.Host); + IPHostEntry entry = await Dns.GetHostEntryAsync(uri.Host, cancellation); if (entry.IsInternal()) return (OracleResponseCode.Forbidden, null); } @@ -48,7 +48,20 @@ public void Dispose() HttpResponseMessage message; try { + download: message = await client.GetAsync(uri, HttpCompletionOption.ResponseContentRead, cancellation); + if (message.StatusCode == HttpStatusCode.NotFound && message.Headers.Location is not null) + { + uri = message.Headers.Location; + if (!Settings.Default.AllowPrivateHost) + { + // Follow + IPHostEntry entry = await Dns.GetHostEntryAsync(uri.Host, cancellation); + if (entry.IsInternal()) + return (OracleResponseCode.Forbidden, null); + } + goto download; + } } catch { From e536fe9dd006a8d9e4b19a979b648bbb27acf69d Mon Sep 17 00:00:00 2001 From: Shargon Date: Thu, 3 Mar 2022 10:28:29 +0100 Subject: [PATCH 4/7] Update OracleHttpsProtocol.cs --- src/OracleService/Protocols/OracleHttpsProtocol.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/OracleService/Protocols/OracleHttpsProtocol.cs b/src/OracleService/Protocols/OracleHttpsProtocol.cs index 224bc807c..e2ea72d90 100644 --- a/src/OracleService/Protocols/OracleHttpsProtocol.cs +++ b/src/OracleService/Protocols/OracleHttpsProtocol.cs @@ -60,7 +60,7 @@ public void Dispose() { download: message = await client.GetAsync(uri, HttpCompletionOption.ResponseContentRead, cancellation); - if (message.StatusCode == HttpStatusCode.NotFound && message.Headers.Location is not null) + if (message.Headers.Location is not null) { uri = message.Headers.Location; if (!Settings.Default.AllowPrivateHost) From e6d7191d8d486566e317176084806acfa8df58de Mon Sep 17 00:00:00 2001 From: Shargon Date: Fri, 4 Mar 2022 09:27:58 +0100 Subject: [PATCH 5/7] remove goto --- .../Protocols/OracleHttpsProtocol.cs | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/src/OracleService/Protocols/OracleHttpsProtocol.cs b/src/OracleService/Protocols/OracleHttpsProtocol.cs index e2ea72d90..377f68138 100644 --- a/src/OracleService/Protocols/OracleHttpsProtocol.cs +++ b/src/OracleService/Protocols/OracleHttpsProtocol.cs @@ -58,20 +58,21 @@ public void Dispose() HttpResponseMessage message; try { - download: - message = await client.GetAsync(uri, HttpCompletionOption.ResponseContentRead, cancellation); - if (message.Headers.Location is not null) + do { - uri = message.Headers.Location; if (!Settings.Default.AllowPrivateHost) { - // Follow - IPHostEntry entry = await Dns.GetHostEntryAsync(uri.Host, cancellation); + var entry = await Dns.GetHostEntryAsync(uri.Host, cancellation); if (entry.IsInternal()) return (OracleResponseCode.Forbidden, null); } - goto download; - } + message = await client.GetAsync(uri, HttpCompletionOption.ResponseContentRead, cancellation); + if (message.Headers.Location is not null) + { + uri = message.Headers.Location; + message = null; + } + } while (message == null); } catch { From 55c0dd6f61186fd7fbe94c267938f2750ebed811 Mon Sep 17 00:00:00 2001 From: Erik Zhang Date: Wed, 9 Mar 2022 15:23:50 +0800 Subject: [PATCH 6/7] Remove redundant code --- src/OracleService/Protocols/OracleHttpsProtocol.cs | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/src/OracleService/Protocols/OracleHttpsProtocol.cs b/src/OracleService/Protocols/OracleHttpsProtocol.cs index 377f68138..2fc57b288 100644 --- a/src/OracleService/Protocols/OracleHttpsProtocol.cs +++ b/src/OracleService/Protocols/OracleHttpsProtocol.cs @@ -48,21 +48,15 @@ public void Dispose() { Utility.Log(nameof(OracleHttpsProtocol), LogLevel.Debug, $"Request: {uri.AbsoluteUri}"); - if (!Settings.Default.AllowPrivateHost) - { - IPHostEntry entry = await Dns.GetHostEntryAsync(uri.Host, cancellation); - if (entry.IsInternal()) - return (OracleResponseCode.Forbidden, null); - } - HttpResponseMessage message; + try { do { if (!Settings.Default.AllowPrivateHost) { - var entry = await Dns.GetHostEntryAsync(uri.Host, cancellation); + IPHostEntry entry = await Dns.GetHostEntryAsync(uri.Host, cancellation); if (entry.IsInternal()) return (OracleResponseCode.Forbidden, null); } From cfe5bb9a6655f7378c9864a25b212342b0722334 Mon Sep 17 00:00:00 2001 From: Erik Zhang Date: Wed, 9 Mar 2022 15:25:03 +0800 Subject: [PATCH 7/7] Remove empty line --- src/OracleService/Protocols/OracleHttpsProtocol.cs | 1 - 1 file changed, 1 deletion(-) diff --git a/src/OracleService/Protocols/OracleHttpsProtocol.cs b/src/OracleService/Protocols/OracleHttpsProtocol.cs index 2fc57b288..da0ad3fb2 100644 --- a/src/OracleService/Protocols/OracleHttpsProtocol.cs +++ b/src/OracleService/Protocols/OracleHttpsProtocol.cs @@ -49,7 +49,6 @@ public void Dispose() Utility.Log(nameof(OracleHttpsProtocol), LogLevel.Debug, $"Request: {uri.AbsoluteUri}"); HttpResponseMessage message; - try { do