@dropgate/core 3.0.0 → 3.0.1

package/dist/index.cjs

@@ -1129,6 +1129,7 @@ var P2P_END_ACK_RETRY_DELAY_MS = 100;
 var P2P_CLOSE_GRACE_PERIOD_MS = 2e3;
 
 // src/p2p/send.ts
+var P2P_UNACKED_CHUNK_TIMEOUT_MS = 3e4;
 function generateSessionId() {
   return crypto.randomUUID();
 }
@@ -1218,6 +1219,10 @@ async function startP2PSend(opts) {
   const unackedChunks = /* @__PURE__ */ new Map();
   let nextSeq = 0;
   let ackResolvers = [];
+  let transferEverStarted = false;
+  const connectionAttempts = [];
+  const MAX_CONNECTION_ATTEMPTS = 10;
+  const CONNECTION_RATE_WINDOW_MS = 1e4;
   const transitionTo = (newState) => {
     if (!ALLOWED_TRANSITIONS[state].includes(newState)) {
       console.warn(`[P2P Send] Invalid state transition: ${state} -> ${newState}`);
@@ -1328,6 +1333,12 @@ async function startP2PSend(opts) {
   const sendChunk = async (conn, data, offset, fileTotal) => {
     if (chunkAcknowledgments) {
       while (unackedChunks.size >= maxUnackedChunks) {
+        const now = Date.now();
+        for (const [_seq, chunk] of unackedChunks) {
+          if (now - chunk.sentAt > P2P_UNACKED_CHUNK_TIMEOUT_MS) {
+            throw new DropgateNetworkError("Receiver stopped acknowledging chunks");
+          }
+        }
         await Promise.race([
           waitForAck(),
           sleep(1e3)
@@ -1384,6 +1395,23 @@ async function startP2PSend(opts) {
   };
   peer.on("connection", (conn) => {
     if (isStopped()) return;
+    const now = Date.now();
+    while (connectionAttempts.length > 0 && connectionAttempts[0] < now - CONNECTION_RATE_WINDOW_MS) {
+      connectionAttempts.shift();
+    }
+    if (connectionAttempts.length >= MAX_CONNECTION_ATTEMPTS) {
+      console.warn("[P2P Send] Connection rate limit exceeded, rejecting connection");
+      try {
+        conn.send({ t: "error", message: "Too many connection attempts. Please wait." });
+      } catch {
+      }
+      try {
+        conn.close();
+      } catch {
+      }
+      return;
+    }
+    connectionAttempts.push(now);
     if (activeConn) {
       const isOldConnOpen = activeConn.open !== false;
       if (isOldConnOpen && state === "transferring") {
@@ -1402,6 +1430,17 @@ async function startP2PSend(opts) {
         } catch {
         }
         activeConn = null;
+        if (transferEverStarted) {
+          try {
+            conn.send({ t: "error", message: "Transfer already started with another receiver. Cannot reconnect." });
+          } catch {
+          }
+          try {
+            conn.close();
+          } catch {
+          }
+          return;
+        }
         state = "listening";
         sentBytes = 0;
         nextSeq = 0;
@@ -1531,6 +1570,7 @@ async function startP2PSend(opts) {
           }, heartbeatIntervalMs);
         }
         transitionTo("transferring");
+        transferEverStarted = true;
         let overallSentBytes = 0;
         for (let fi = 0; fi < files.length; fi++) {
           const currentFile = files[fi];
@@ -1702,6 +1742,10 @@ async function startP2PReceive(opts) {
   let fileList = null;
   let currentFileReceived = 0;
   let totalReceivedAllFiles = 0;
+  let expectedChunkSeq = 0;
+  let writeQueueDepth = 0;
+  const MAX_WRITE_QUEUE_DEPTH = 100;
+  const MAX_FILE_COUNT = 1e4;
   const transitionTo = (newState) => {
     if (!ALLOWED_TRANSITIONS2[state].includes(newState)) {
       console.warn(`[P2P Receive] Invalid state transition: ${state} -> ${newState}`);
@@ -1802,8 +1846,16 @@ async function startP2PReceive(opts) {
     });
     conn.on("data", async (data) => {
       try {
-        resetWatchdog();
         if (data instanceof ArrayBuffer || ArrayBuffer.isView(data) || typeof Blob !== "undefined" && data instanceof Blob) {
+          if (state !== "transferring") {
+            throw new DropgateValidationError(
+              "Received binary data before transfer was accepted. Possible malicious sender."
+            );
+          }
+          resetWatchdog();
+          if (writeQueueDepth >= MAX_WRITE_QUEUE_DEPTH) {
+            throw new DropgateNetworkError("Write queue overflow - receiver cannot keep up");
+          }
           let bufPromise;
           if (data instanceof ArrayBuffer) {
             bufPromise = Promise.resolve(new Uint8Array(data));
@@ -1817,9 +1869,22 @@ async function startP2PReceive(opts) {
             return;
           }
           const chunkSeq = pendingChunk?.seq ?? -1;
+          const expectedSize = pendingChunk?.size;
           pendingChunk = null;
+          writeQueueDepth++;
           writeQueue = writeQueue.then(async () => {
             const buf = await bufPromise;
+            if (expectedSize !== void 0 && buf.byteLength !== expectedSize) {
+              throw new DropgateValidationError(
+                `Chunk size mismatch: expected ${expectedSize}, got ${buf.byteLength}`
+              );
+            }
+            const newReceived = received + buf.byteLength;
+            if (total > 0 && newReceived > total) {
+              throw new DropgateValidationError(
+                `Received more data than expected: ${newReceived} > ${total}`
+              );
+            }
             if (onData) {
               await onData(buf);
             }
@@ -1841,6 +1906,8 @@ async function startP2PReceive(opts) {
             } catch {
             }
             safeError(err2);
+          }).finally(() => {
+            writeQueueDepth--;
           });
           return;
         }
@@ -1852,10 +1919,21 @@ async function startP2PReceive(opts) {
             transitionTo("negotiating");
             onStatus?.({ phase: "waiting", message: "Waiting for file details..." });
             break;
-          case "file_list":
-            fileList = msg;
-            total = fileList.totalSize;
+          case "file_list": {
+            const fileListMsg = msg;
+            if (fileListMsg.fileCount > MAX_FILE_COUNT) {
+              throw new DropgateValidationError(`Too many files: ${fileListMsg.fileCount}`);
+            }
+            const sumSize = fileListMsg.files.reduce((sum, f) => sum + f.size, 0);
+            if (sumSize !== fileListMsg.totalSize) {
+              throw new DropgateValidationError(
+                `File list size mismatch: declared ${fileListMsg.totalSize}, actual sum ${sumSize}`
+              );
+            }
+            fileList = fileListMsg;
+            total = fileListMsg.totalSize;
             break;
+          }
           case "meta": {
             if (state !== "negotiating" && !(state === "transferring" && fileList)) {
               return;
@@ -1917,9 +1995,22 @@ async function startP2PReceive(opts) {
             }
             break;
           }
-          case "chunk":
-            pendingChunk = msg;
+          case "chunk": {
+            const chunkMsg = msg;
+            if (state !== "transferring") {
+              throw new DropgateValidationError(
+                "Received chunk message before transfer was accepted."
+              );
+            }
+            if (chunkMsg.seq !== expectedChunkSeq) {
+              throw new DropgateValidationError(
+                `Chunk sequence error: expected ${expectedChunkSeq}, got ${chunkMsg.seq}`
+              );
+            }
+            expectedChunkSeq++;
+            pendingChunk = chunkMsg;
             break;
+          }
           case "ping":
             try {
               conn.send({ t: "pong", timestamp: Date.now() });