diff options
Diffstat (limited to 'debug-me.hs')
-rw-r--r-- | debug-me.hs | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/debug-me.hs b/debug-me.hs index 3cc1f09..8ff38ed 100644 --- a/debug-me.hs +++ b/debug-me.hs @@ -5,6 +5,7 @@ module Main where import Types import Hash import Pty +import Memory import CmdLine import Log import Graphviz @@ -251,7 +252,8 @@ sendPtyInput ichan ochan p backlog logger = go bl <- readTVar backlog -- Don't need to retain backlog before the Activity -- that entered references. - let bl'@(Backlog bll) = truncateBacklog bl entered + let bl'@(Backlog bll) = reduceBacklog $ + truncateBacklog bl entered if isLegalEntered entered bl' then do let l = mkActivityLog (ActivityEntered entered) now @@ -293,6 +295,18 @@ truncateBacklog (Backlog (b :| l)) (Activity _ hp _) truncationpoint x@(ActivityLog { loggedActivity = ActivitySeen {}}) = Just (loggedHash x) == hp truncationpoint _ = False +-- | To avoid DOS attacks that try to fill up the backlog and so use all +-- memory, don't let the backlog contain more than 1000 items, or +-- more than 16 megabytes of total data. (Excluding the most recent +-- item). +reduceBacklog :: Backlog -> Backlog +reduceBacklog (Backlog (b :| l)) = Backlog (b :| go 0 (take 1000 l)) + where + go _ [] = [] + go n (x:xs) + | n > 16777216 = [] + | otherwise = x : go (n + dataSize x) xs + -- | Entered activity is legal when it points to the last Seen activvity, -- because this guarantees that the person who entered it saw -- the current state of the system before manipulating it. |