diff options
| author | jar@google.com <jar@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-11-18 20:22:52 +0000 |
|---|---|---|
| committer | jar@google.com <jar@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-11-18 20:22:52 +0000 |
| commit | 075bc8cbe5826e1f0034b2a97a7b7bdda2ce4515 (patch) | |
| tree | b47a33238edb69aa6e5d6c22eaa0f3d472c0b750 /net/base/sdch_manager.h | |
| parent | c22e0ff76ca18e46d6b5f862807267e16f420834 (diff) | |
| download | chromium_src-075bc8cbe5826e1f0034b2a97a7b7bdda2ce4515.zip chromium_src-075bc8cbe5826e1f0034b2a97a7b7bdda2ce4515.tar.gz chromium_src-075bc8cbe5826e1f0034b2a97a7b7bdda2ce4515.tar.bz2 | |
Avoid plausible DOS attack by malicious SDCH server
Restrict SDCH to ONLY work with HTTP (fail safe security policy for this
experimental protocol).
Also add a histogram to see how often we encounter dictionary corruption
(which will evidence itself by having a multitude of dicitionaries
adverttised, with no real use server side).
r=ajenjo,kmixter
Review URL: http://codereview.chromium.org/11209
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@5628 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/sdch_manager.h')
| -rw-r--r-- | net/base/sdch_manager.h | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/net/base/sdch_manager.h b/net/base/sdch_manager.h index 69055f1..3a8158406 100644 --- a/net/base/sdch_manager.h +++ b/net/base/sdch_manager.h @@ -85,15 +85,27 @@ class SdchManager { DICTIONARY_SPECIFIES_TOP_LEVEL_DOMAIN, DICTIONARY_DOMAIN_NOT_MATCHING_SOURCE_URL, DICTIONARY_PORT_NOT_MATCHING_SOURCE_URL, + DICTIONARY_HAS_NO_TEXT, // Dictionary loading problems. DICTIONARY_LOAD_ATTEMPT_FROM_DIFFERENT_HOST = 30, DICTIONARY_SELECTED_FOR_SSL, DICTIONARY_ALREADY_LOADED, + DICTIONARY_SELECTED_FROM_NON_HTTP, + DICTIONARY_IS_TOO_LARGE, + DICTIONARY_COUNT_EXCEEDED, + + // Failsafe hack. + ATTEMPT_TO_DECODE_NON_HTTP_DATA = 40, MAX_PROBLEM_CODE // Used to bound histogram. }; + // Use the following static limits to block DOS attacks until we implement + // a cached dictionary evicition strategy. + static const size_t kMaxDictionarySize; + static const size_t kMaxDictionaryCount; + // There is one instance of |Dictionary| for each memory-cached SDCH // dictionary. class Dictionary : public base::RefCounted<Dictionary> { @@ -197,6 +209,11 @@ class SdchManager { // cached in memory. void FetchDictionary(const GURL& referring_url, const GURL& dictionary_url); + // Security test function used before initiating a fetch. + // Return true if fetch is legal. + bool CanFetchDictionary(const GURL& referring_url, + const GURL& dictionary_url) const; + // Add an SDCH dictionary to our list of availible dictionaries. This addition // will fail (return false) if addition is illegal (data in the dictionary is // not acceptable from the dictionary_url; dictionary already added, etc.). |