openethereum · 5chdn · Apr 27, 2018 · Apr 24, 2018 · Apr 25, 2018 · Apr 25, 2018
diff --git a/ethcore/src/client/client.rs b/ethcore/src/client/client.rs
@@ -62,7 +62,6 @@ use ethcore_miner::pool::VerifiedTransaction;
 use parking_lot::{Mutex, RwLock};
 use rand::OsRng;
 use receipt::{Receipt, LocalizedReceipt};
-use rlp::Rlp;
 use snapshot::{self, io as snapshot_io};
 use spec::Spec;
 use state_db::StateDB;
@@ -995,7 +994,7 @@ impl Client {
 
 		let txs: Vec<UnverifiedTransaction> = transactions
 			.iter()
-			.filter_map(|bytes| Rlp::new(bytes).as_val().ok())
+			.filter_map(|bytes| self.engine().decode_transaction(bytes.to_vec()).ok())
 			.collect();
 
 		self.notify(|notify| {

diff --git a/ethcore/src/engines/mod.rs b/ethcore/src/engines/mod.rs
@@ -426,6 +426,11 @@ pub trait EthEngine: Engine<::machine::EthereumMachine> {
 	fn additional_params(&self) -> HashMap<String, String> {
 		self.machine().additional_params()
 	}
+
+	/// Performs pre-validation of RLP decoded transaction before other processing
+	fn decode_transaction(&self, transaction: Bytes) -> Result<UnverifiedTransaction, transaction::Error> {
+		self.machine().decode_transaction(transaction)
+	}
 }
 
 // convenience wrappers for existing functions.

diff --git a/ethcore/src/machine.rs b/ethcore/src/machine.rs
@@ -33,7 +33,8 @@ use transaction::{self, SYSTEM_ADDRESS, UnverifiedTransaction, SignedTransaction
 use tx_filter::TransactionFilter;
 
 use ethereum_types::{U256, Address};
-use bytes::BytesRef;
+use bytes::{BytesRef, Bytes};
+use rlp::Rlp;
 use vm::{CallType, ActionParams, ActionValue, ParamsType};
 use vm::{EnvInfo, Schedule, CreateContractAddress};
 
@@ -376,6 +377,16 @@ impl EthereumMachine {
 			"registrar".to_owned() => format!("{:x}", self.params.registrar)
 		]
 	}
+
+	/// Performs pre-validation of RLP decoded transaction before other processing
+	pub fn decode_transaction(&self, transaction: Bytes) -> Result<UnverifiedTransaction, transaction::Error> {
+		let rlp = Rlp::new(&transaction);
+		if rlp.as_raw().len() > self.params().max_transaction_size {
+			debug!("Rejected oversized transaction of {} bytes", rlp.as_raw().len());
+			return Err(transaction::Error::TooBig)
+		}
+		rlp.as_val().map_err(|e| transaction::Error::InvalidRlp(e.to_string()))
+	}
 }
 
 /// Auxiliary data fetcher for an Ethereum machine. In Ethereum-like machines

diff --git a/ethcore/src/miner/miner.rs b/ethcore/src/miner/miner.rs
@@ -48,6 +48,7 @@ use header::{Header, BlockNumber};
 use miner;
 use miner::pool_client::{PoolClient, CachedNonceClient};
 use receipt::{Receipt, RichReceipt};
+use rlp::Encodable;
 use spec::Spec;
 use state::State;
 
@@ -768,6 +769,11 @@ impl miner::MinerService for Miner {
 
 		trace!(target: "own_tx", "Importing transaction: {:?}", pending);
 
+		// Verify RLP payload first
+		if let Err(err) = self.engine.decode_transaction(pending.transaction.rlp_bytes().to_vec()) {
+			return Err(err);
+		}
+
 		let client = self.pool_client(chain);
 		let imported = self.transaction_queue.import(
 			client,

diff --git a/ethcore/src/spec/spec.rs b/ethcore/src/spec/spec.rs
@@ -48,6 +48,8 @@ use trace::{NoopTracer, NoopVMTracer};
 
 pub use ethash::OptimizeFor;
 
+const MAX_TRANSACTION_SIZE: usize = 300 * 1024;
+
 // helper for formatting errors.
 fn fmt_err<F: ::std::fmt::Display>(f: F) -> String {
 	format!("Spec json is invalid: {}", f)
@@ -123,6 +125,8 @@ pub struct CommonParams {
 	pub max_code_size_transition: BlockNumber,
 	/// Transaction permission managing contract address.
 	pub transaction_permission_contract: Option<Address>,
+	/// Maximum size of transaction's RLP payload
+	pub max_transaction_size: usize,
 }
 
 impl CommonParams {
@@ -238,6 +242,7 @@ impl From<ethjson::spec::Params> for CommonParams {
 			registrar: p.registrar.map_or_else(Address::new, Into::into),
 			node_permission_contract: p.node_permission_contract.map(Into::into),
 			max_code_size: p.max_code_size.map_or(u64::max_value(), Into::into),
+			max_transaction_size: p.max_transaction_size.map_or(MAX_TRANSACTION_SIZE, Into::into),
 			max_code_size_transition: p.max_code_size_transition.map_or(0, Into::into),
 			transaction_permission_contract: p.transaction_permission_contract.map(Into::into),
 			wasm_activation_transition: p.wasm_activation_transition.map_or(

diff --git a/ethcore/sync/src/chain.rs b/ethcore/sync/src/chain.rs
@@ -140,7 +140,6 @@ const MAX_PEERS_PROPAGATION: usize = 128;
 const MAX_PEER_LAG_PROPAGATION: BlockNumber = 20;
 const MAX_NEW_HASHES: usize = 64;
 const MAX_NEW_BLOCK_AGE: BlockNumber = 20;
-const MAX_TRANSACTION_SIZE: usize = 300*1024;
 // maximal packet size with transactions (cannot be greater than 16MB - protocol limitation).
 const MAX_TRANSACTION_PACKET_SIZE: usize = 8 * 1024 * 1024;
 // Maximal number of transactions in sent in single packet.
@@ -1517,10 +1516,6 @@ impl ChainSync {
 		let mut transactions = Vec::with_capacity(item_count);
 		for i in 0 .. item_count {
 			let rlp = r.at(i)?;
-			if rlp.as_raw().len() > MAX_TRANSACTION_SIZE {
-				debug!("Skipped oversized transaction of {} bytes", rlp.as_raw().len());
-				continue;
-			}
 			let tx = rlp.as_raw().to_vec();
 			transactions.push(tx);
 		}

diff --git a/ethcore/transaction/src/error.rs b/ethcore/transaction/src/error.rs
@@ -18,6 +18,7 @@ use std::{fmt, error};
 
 use ethereum_types::U256;
 use ethkey;
+use rlp;
 use unexpected::OutOfBounds;
 
 #[derive(Debug, PartialEq, Clone)]
@@ -74,6 +75,10 @@ pub enum Error {
 	NotAllowed,
 	/// Signature error
 	InvalidSignature(String),
+	/// Transaction too big for transmition (its RLP payload size exceeds the limit)
+	TooBig,
+	/// Invalid RLP encoding
+	InvalidRlp(String),
 }
 
 impl From<ethkey::Error> for Error {
@@ -82,6 +87,12 @@ impl From<ethkey::Error> for Error {
 	}
 }
 
+impl From<rlp::DecoderError> for Error {
+	fn from(err: rlp::DecoderError) -> Self {
+		Error::InvalidRlp(format!("{}", err))
+	}
+}
+
 impl fmt::Display for Error {
 	fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
 		use self::Error::*;
@@ -106,6 +117,8 @@ impl fmt::Display for Error {
 			InvalidChainId => "Transaction of this chain ID is not allowed on this chain.".into(),
 			InvalidSignature(ref err) => format!("Transaction has invalid signature: {}.", err),
 			NotAllowed => "Sender does not have permissions to execute this type of transction".into(),
+			TooBig => "Transaction too big for transmition".into(),
+			InvalidRlp(ref err) => format!("Transaction has invalid RLP structure: {}.", err),
 		};
 
 		f.write_fmt(format_args!("Transaction error ({})", msg))

diff --git a/json/src/spec/params.rs b/json/src/spec/params.rs
@@ -113,6 +113,9 @@ pub struct Params {
 	/// See main EthashParams docs.
 	#[serde(rename="maxCodeSize")]
 	pub max_code_size: Option<Uint>,
+	/// Maximum size of transaction RLP payload.
+	#[serde(rename="maxTransactionSize")]
+	pub max_transaction_size: Option<Uint>,
 	/// See main EthashParams docs.
 	#[serde(rename="maxCodeSizeTransition")]
 	pub max_code_size_transition: Option<Uint>,

diff --git a/rpc/src/v1/helpers/errors.rs b/rpc/src/v1/helpers/errors.rs
@@ -338,6 +338,8 @@ pub fn transaction_message(error: &TransactionError) -> String {
 		RecipientBanned => "Recipient is banned in local queue.".into(),
 		CodeBanned => "Code is banned in local queue.".into(),
 		NotAllowed => "Transaction is not permitted.".into(),
+		TooBig => "Transaction is too big for transmition, see chain specification for the limit.".into(),
+		InvalidRlp(ref descr) => format!("Invalid RLP data: {}", descr),
 	}
 }