Low severity DoS forcing printf/OutputDebugStringF to dump too much info #1385

It is possible in many ways to force the application to dump to debug.log too much information for too little bytes sent. For example, sending a message header starting with an incorrect byte, and then sending a header containing an incorrect command padding we can force the application dump the following messages:

\n\nPROCESSMESSAGE SKIPPED 1 BYTES\n\n \n\nPROCESSMESSAGE: ERRORS IN HEADER 1234567890\n\n\n

That´s 85 bytes dumped for only 25 bytes sent by the wire. By sending the same chunk of bytes over and over, and assuming a connection with a bandwidth of 64 Kbytes/sec one can fill 18 Gb of victim´s hard disk in a day.

The vulnerability is not severe since each time the application restarts the log file is shrank, but still if the application is left running headless the attacker can fill an entire 500 Gb HD in a month.

There are other places in the code (such as in the processing of the command "getdata") where too much information is dumped with little data sent.

On possible solution is to reduce some of the log messages sizes. Other possible solution is to generate a DoS forced disconnection if too much info is dumped by actions originated from a client node.

Best regards! Sergio.

The logs are rotated and won't grow over 1GB IIRC

They are, but only when the application starts. Correct me if I'm wrong.

@SergioDemianLerner is correct, I believe.

The worst of these should be fixed with 0.9, as it divides the log messages into categories that are disabled by default.