限制统计系统和浏览器的最大长度，减少随机UserAgent攻击影响

2025-11-04 16:00:25 +08:00 · 2023-03-11 11:58:05 +08:00
parent 339f0f6e94
commit cc7cf5f8c5
1 changed files with 6 additions and 2 deletions
--- a/internal/stats/http_request_stat_manager.go
+++ b/internal/stats/http_request_stat_manager.go
@@ -232,8 +232,10 @@ Loop:
 				if dotIndex > -1 {
 					osInfo.Version = osInfo.Version[:dotIndex]
 				}
+				if len(this.systemMap) < 100_000 { // 限制最大数据，防止攻击
 					this.systemMap[serverId+"@"+osInfo.Name+"@"+osInfo.Version]++
 				}
+			}

 			var browser, browserVersion = result.BrowserName, result.BrowserVersion
 			if len(browser) > 0 {
@@ -241,8 +243,10 @@ Loop:
 				if dotIndex > -1 {
 					browserVersion = browserVersion[:dotIndex]
 				}
+				if len(this.browserMap) < 100_000 { // 限制最大数据，防止攻击
 					this.browserMap[serverId+"@"+browser+"@"+browserVersion]++
 				}
+			}
 		case firewallRuleGroupString := <-this.firewallRuleGroupChan:
 			this.dailyFirewallRuleGroupMap[firewallRuleGroupString]++
 		case <-timeout.C: