gossip: fix DoS with malformed UDP header value/size

credits for finding this to Immunefi user `@bpop23293`

Author: two-heart

book/api/metrics-generated.md

@@ -944,6 +944,7 @@
 | <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;count</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">success_&#8203;prune</span>"} | counter |  (Prune (success)) |
 | <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;count</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">success_&#8203;ping</span>"} | counter |  (Ping (success)) |
 | <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;count</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">success_&#8203;pong</span>"} | counter |  (Pong (success)) |
+| <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;count</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">dropped_&#8203;malformed_&#8203;packet</span>"} | counter |  (Invalid UDP header values/size) |
 | <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;count</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">dropped_&#8203;unparseable</span>"} | counter |  (Unparseable) |
 | <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;count</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">dropped_&#8203;pull_&#8203;request_&#8203;not_&#8203;contact_&#8203;info</span>"} | counter |  (Pull Request (not contact info)) |
 | <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;count</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">dropped_&#8203;pull_&#8203;request_&#8203;loopback</span>"} | counter |  (Pull Request (loopback)) |
@@ -964,6 +965,7 @@
 | <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;bytes</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">success_&#8203;prune</span>"} | counter |  (Prune (success)) |
 | <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;bytes</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">success_&#8203;ping</span>"} | counter |  (Ping (success)) |
 | <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;bytes</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">success_&#8203;pong</span>"} | counter |  (Pong (success)) |
+| <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;bytes</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">dropped_&#8203;malformed_&#8203;packet</span>"} | counter |  (Invalid UDP header values/size) |
 | <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;bytes</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">dropped_&#8203;unparseable</span>"} | counter |  (Unparseable) |
 | <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;bytes</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">dropped_&#8203;pull_&#8203;request_&#8203;not_&#8203;contact_&#8203;info</span>"} | counter |  (Pull Request (not contact info)) |
 | <span class="metrics-name">gossvf_&#8203;message_&#8203;rx_&#8203;bytes</span><br/>{gossvf_&#8203;message_&#8203;outcome="<span class="metrics-enum">dropped_&#8203;pull_&#8203;request_&#8203;loopback</span>"} | counter |  (Pull Request (loopback)) |

src/disco/metrics/generated/fd_metrics_enums.h

@@ -675,7 +675,7 @@
 #define FD_METRICS_ENUM_GOSSIP_CRDS_OUTCOME_V_DROPPED_PUSH_DUPLICATE_NAME "dropped_push_duplicate"
 
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_NAME "gossvf_message_outcome"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_CNT (20UL)
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_CNT (21UL)
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_SUCCESS_PULL_REQUEST_IDX  0
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_SUCCESS_PULL_REQUEST_NAME "success_pull_request"
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_SUCCESS_PULL_RESPONSE_IDX  1
@@ -688,33 +688,35 @@
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_SUCCESS_PING_NAME "success_ping"
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_SUCCESS_PONG_IDX  5
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_SUCCESS_PONG_NAME "success_pong"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_UNPARSEABLE_IDX  6
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_MALFORMED_PACKET_IDX  6
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_MALFORMED_PACKET_NAME "dropped_malformed_packet"
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_UNPARSEABLE_IDX  7
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_UNPARSEABLE_NAME "dropped_unparseable"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_NOT_CONTACT_INFO_IDX  7
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_NOT_CONTACT_INFO_IDX  8
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_NOT_CONTACT_INFO_NAME "dropped_pull_request_not_contact_info"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_LOOPBACK_IDX  8
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_LOOPBACK_IDX  9
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_LOOPBACK_NAME "dropped_pull_request_loopback"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_INACTIVE_IDX  9
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_INACTIVE_IDX  10
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_INACTIVE_NAME "dropped_pull_request_inactive"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_WALLCLOCK_IDX  10
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_WALLCLOCK_IDX  11
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_WALLCLOCK_NAME "dropped_pull_request_wallclock"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_SIGNATURE_IDX  11
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_SIGNATURE_IDX  12
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_SIGNATURE_NAME "dropped_pull_request_signature"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_SHRED_VERSION_IDX  12
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_SHRED_VERSION_IDX  13
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_SHRED_VERSION_NAME "dropped_pull_request_shred_version"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PRUNE_DESTINATION_IDX  13
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PRUNE_DESTINATION_IDX  14
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PRUNE_DESTINATION_NAME "dropped_prune_destination"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PRUNE_WALLCLOCK_IDX  14
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PRUNE_WALLCLOCK_IDX  15
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PRUNE_WALLCLOCK_NAME "dropped_prune_wallclock"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PRUNE_SIGNATURE_IDX  15
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PRUNE_SIGNATURE_IDX  16
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PRUNE_SIGNATURE_NAME "dropped_prune_signature"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PUSH_NO_VALID_CRDS_IDX  16
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PUSH_NO_VALID_CRDS_IDX  17
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PUSH_NO_VALID_CRDS_NAME "dropped_push_no_valid_crds"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_RESPONSE_NO_VALID_CRDS_IDX  17
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_RESPONSE_NO_VALID_CRDS_IDX  18
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_RESPONSE_NO_VALID_CRDS_NAME "dropped_pull_response_no_valid_crds"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PING_SIGNATURE_IDX  18
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PING_SIGNATURE_IDX  19
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PING_SIGNATURE_NAME "dropped_ping_signature"
-#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PONG_SIGNATURE_IDX  19
+#define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PONG_SIGNATURE_IDX  20
 #define FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PONG_SIGNATURE_NAME "dropped_pong_signature"
 
 #define FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_NAME "gossvf_crds_outcome"

src/disco/metrics/generated/fd_metrics_gossvf.c

@@ -8,6 +8,7 @@ const fd_metrics_meta_t FD_METRICS_GOSSVF[FD_METRICS_GOSSVF_TOTAL] = {
     DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_COUNT, COUNTER, GOSSVF_MESSAGE_OUTCOME, SUCCESS_PRUNE ),
     DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_COUNT, COUNTER, GOSSVF_MESSAGE_OUTCOME, SUCCESS_PING ),
     DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_COUNT, COUNTER, GOSSVF_MESSAGE_OUTCOME, SUCCESS_PONG ),
+    DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_COUNT, COUNTER, GOSSVF_MESSAGE_OUTCOME, DROPPED_MALFORMED_PACKET ),
     DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_COUNT, COUNTER, GOSSVF_MESSAGE_OUTCOME, DROPPED_UNPARSEABLE ),
     DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_COUNT, COUNTER, GOSSVF_MESSAGE_OUTCOME, DROPPED_PULL_REQUEST_NOT_CONTACT_INFO ),
     DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_COUNT, COUNTER, GOSSVF_MESSAGE_OUTCOME, DROPPED_PULL_REQUEST_LOOPBACK ),
@@ -28,6 +29,7 @@ const fd_metrics_meta_t FD_METRICS_GOSSVF[FD_METRICS_GOSSVF_TOTAL] = {
     DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_BYTES, COUNTER, GOSSVF_MESSAGE_OUTCOME, SUCCESS_PRUNE ),
     DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_BYTES, COUNTER, GOSSVF_MESSAGE_OUTCOME, SUCCESS_PING ),
     DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_BYTES, COUNTER, GOSSVF_MESSAGE_OUTCOME, SUCCESS_PONG ),
+    DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_BYTES, COUNTER, GOSSVF_MESSAGE_OUTCOME, DROPPED_MALFORMED_PACKET ),
     DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_BYTES, COUNTER, GOSSVF_MESSAGE_OUTCOME, DROPPED_UNPARSEABLE ),
     DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_BYTES, COUNTER, GOSSVF_MESSAGE_OUTCOME, DROPPED_PULL_REQUEST_NOT_CONTACT_INFO ),
     DECLARE_METRIC_ENUM( GOSSVF_MESSAGE_RX_BYTES, COUNTER, GOSSVF_MESSAGE_OUTCOME, DROPPED_PULL_REQUEST_LOOPBACK ),