From a7d6037fc52efbb8ad34bd6693a72c7069e75883 Mon Sep 17 00:00:00 2001 From: Dmitri Bogomolov <4glitch@gmail.com> Date: Wed, 17 Mar 2021 22:47:26 +0200 Subject: [PATCH] Minimal useragent validation --- src/network/bmproto.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/network/bmproto.py b/src/network/bmproto.py index bf2de760..008eadb0 100644 --- a/src/network/bmproto.py +++ b/src/network/bmproto.py @@ -5,6 +5,7 @@ Class BMProto defines bitmessage's network protocol workflow. import base64 import hashlib import logging +import re import socket import struct import time @@ -535,6 +536,10 @@ class BMProto(AdvancedDispatcher, ObjectTracker): return True self.append_write_buf(protocol.CreatePacket('verack')) self.verackSent = True + ua_valid = re.match( + r'^/[a-zA-Z]+:[0-9]+\.?[\w\s\(\)\./:;-]*/$', self.userAgent) + if not ua_valid: + self.userAgent = '/INVALID:0/' if not self.isOutbound: self.append_write_buf(protocol.assembleVersionMessage( self.destination.host, self.destination.port, -- 2.45.1