Apply some limits to depth to counter abuse

* When creating a new event, cap its depth to 2^63 - 1 * When receiving events, reject any without a sensible depth As per https://docs.google.com/document/d/1I3fi2S-XnpO45qrpCsowZv8P8dHcNZ4fsBsbOW7KABI
author: Richard van der Hoff <richard@matrix.org> 2018-05-01 16:19:39 +0100
committer: Richard van der Hoff <richard@matrix.org> 2018-05-01 17:54:19 +0100
commit: 33f469ba19586bbafa0cf2c7d7c35463bdab87eb (patch)
tree: 10e97f31a3a34eafd12032236805190d2f63d90e /synapse/api
parent: update changelog and bump version to 0.28.0 (diff)
download: synapse-33f469ba19586bbafa0cf2c7d7c35463bdab87eb.tar.xz
1 files changed, 3 insertions, 0 deletions
diff --git a/synapse/api/constants.py b/synapse/api/constants.py
index 489efb7f86..5baba43966 100644
--- a/synapse/api/constants.py
+++ b/synapse/api/constants.py
@@ -16,6 +16,9 @@
 
 """Contains constants from the specification."""
 
+# the "depth" field on events is limited to 2**63 - 1
+MAX_DEPTH = 2**63 - 1
+
 
 class Membership(object):
author	Richard van der Hoff <richard@matrix.org>	2018-05-01 16:19:39 +0100
committer	Richard van der Hoff <richard@matrix.org>	2018-05-01 17:54:19 +0100
commit	33f469ba19586bbafa0cf2c7d7c35463bdab87eb (patch)
tree	10e97f31a3a34eafd12032236805190d2f63d90e /synapse/api
parent	update changelog and bump version to 0.28.0 (diff)
download	synapse-33f469ba19586bbafa0cf2c7d7c35463bdab87eb.tar.xz