feat(jsonrpc): add resource restrict for jsonrpc

common/src/main/java/org/tron/common/parameter/CommonParameter.java

@@ -459,6 +459,15 @@ public class CommonParameter {
   @Getter
   @Setter
   public int jsonRpcMaxBlockFilterNum = 50000;
+  @Getter
+  @Setter
+  public int jsonRpcMaxBatchSize = 100;
+  @Getter
+  @Setter
+  public int jsonRpcMaxResponseSize = 25 * 1024 * 1024;
+  @Getter
+  @Setter
+  public int jsonRpcMaxAddressSize = 1000;
 
   @Getter
   @Setter

common/src/main/java/org/tron/core/config/args/NodeConfig.java

@@ -302,6 +302,9 @@ public void setHttpPBFTPort(int v) {
     private int maxBlockRange = 5000;
     private int maxSubTopics = 1000;
     private int maxBlockFilterNum = 50000;
+    private int maxBatchSize = 100;
+    private int maxResponseSize = 25 * 1024 * 1024;
+    private int maxAddressSize = 1000;
   }
 
   @Getter

common/src/main/resources/reference.conf

@@ -400,6 +400,15 @@ node {
 
     # Maximum number for blockFilter
     maxBlockFilterNum = 50000
+
+    # Maximum number of requests in a JSON-RPC batch, >0 otherwise no limit
+    maxBatchSize = 100
+
+    # Maximum response body size in bytes for JSON-RPC (default 25MB), >0 otherwise no limit
+    maxResponseSize = 26214400
+
+    # Maximum number of addresses in a single JSON-RPC request, >0 otherwise no limit
+    maxAddressSize = 1000
   }
 
   # Disabled API list (works for http, rpc and pbft, not jsonrpc). Case insensitive.

framework/build.gradle

@@ -58,6 +58,7 @@ dependencies {
     }
 
     testImplementation group: 'org.springframework', name: 'spring-test', version: "${springVersion}"
+    testImplementation group: 'javax.portlet', name: 'portlet-api', version: '3.0.1'
     implementation group: 'org.zeromq', name: 'jeromq', version: '0.5.3'
     api project(":chainbase")
     api project(":protocol")

framework/src/main/java/org/tron/core/config/args/Args.java

@@ -585,6 +585,9 @@ private static void applyNodeConfig(NodeConfig nc) {
     PARAMETER.jsonRpcMaxBlockRange = jsonrpc.getMaxBlockRange();
     PARAMETER.jsonRpcMaxSubTopics = jsonrpc.getMaxSubTopics();
     PARAMETER.jsonRpcMaxBlockFilterNum = jsonrpc.getMaxBlockFilterNum();
+    PARAMETER.jsonRpcMaxBatchSize = jsonrpc.getMaxBatchSize();
+    PARAMETER.jsonRpcMaxResponseSize = jsonrpc.getMaxResponseSize();
+    PARAMETER.jsonRpcMaxAddressSize = jsonrpc.getMaxAddressSize();
 
     // ---- P2P sub-bean ----
     PARAMETER.nodeP2pVersion = nc.getP2p().getVersion();

framework/src/main/java/org/tron/core/services/filter/BufferedResponseWrapper.java

@@ -0,0 +1,168 @@
+package org.tron.core.services.filter;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.PrintWriter;
+import javax.servlet.ServletOutputStream;
+import javax.servlet.WriteListener;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpServletResponseWrapper;
+import lombok.Getter;
+
+/**
+ * Buffers the response body without writing to the underlying response,
+ * so the caller can replay it after the handler returns.
+ *
+ * <p>If {@code maxBytes > 0} and the response would exceed that limit, the
+ * {@link #isOverflow()} flag is set instead of throwing. The caller should check this flag after
+ * the handler returns and write its own error response when true.
+ *
+ * <p>Header-mutating methods ({@code setStatus}, {@code setContentType}) are buffered here and
+ * only forwarded to the real response via {@link #commitToResponse()}.
+ */
+public class BufferedResponseWrapper extends HttpServletResponseWrapper {
+
+  private final HttpServletResponse actual;
+  private final ByteArrayOutputStream buffer = new ByteArrayOutputStream();
+  private final int maxBytes;
+  private int status = HttpServletResponse.SC_OK;
+  private String contentType;
+  private boolean committed = false;
+  @Getter
+  private volatile boolean overflow = false;
+
+  private final ServletOutputStream outputStream = new ServletOutputStream() {
+    @Override
+    public void write(int b) {
+      if (overflow) {
+        return;
+      }
+      if (maxBytes > 0 && buffer.size() >= maxBytes) {
+        markOverflow();
+        return;
+      }
+      buffer.write(b);
+    }
+
+    @Override
+    public void write(byte[] b, int off, int len) {
+      if (overflow) {
+        return;
+      }
+      if (maxBytes > 0 && buffer.size() + len > maxBytes) {
+        markOverflow();
+        return;
+      }
+      buffer.write(b, off, len);
+    }
+
+    @Override
+    public boolean isReady() {
+      return true;
+    }
+
+    @Override
+    public void setWriteListener(WriteListener writeListener) {
+    }
+  };
+
+  private final PrintWriter writer = new PrintWriter(outputStream, true);
+
+  /**
+   * @param response the wrapped response
+   * @param maxBytes max allowed response bytes; {@code 0} means no limit
+   */
+  public BufferedResponseWrapper(HttpServletResponse response, int maxBytes) {
+    super(response);
+    this.actual = response;
+    this.maxBytes = maxBytes;
+  }
+
+  private void markOverflow() {
+    overflow = true;
+    buffer.reset();
+  }
+
+  /**
+   * Early-detection path: if the framework reports the full content length before writing any
+   * bytes, we can flag overflow without buffering anything.
+   */
+  @Override
+  public void setContentLength(int len) {
+    if (maxBytes > 0 && len > maxBytes) {
+      markOverflow();
+    }
+  }
+
+  @Override
+  public void setContentLengthLong(long len) {
+    if (maxBytes > 0 && len > maxBytes) {
+      markOverflow();
+    }
+  }
+
+  @Override
+  public int getStatus() {
+    return this.status;
+  }
+
+  @Override
+  public void setStatus(int sc) {
+    this.status = sc;
+  }
+
+  @Override
+  public void setHeader(String name, String value) {
+    if ("content-length".equalsIgnoreCase(name)) {
+      try {
+        setContentLengthLong(Long.parseLong(value));
+      } catch (NumberFormatException ignored) {
+        // malformed value, skip overflow check
+      }
+    } else {
+      super.setHeader(name, value);
+    }
+  }
+
+  @Override
+  public void addHeader(String name, String value) {
+    if ("content-length".equalsIgnoreCase(name)) {
+      try {
+        setContentLengthLong(Long.parseLong(value));
+      } catch (NumberFormatException ignored) {
+        // malformed value, skip overflow check
+      }
+    } else {
+      super.addHeader(name, value);
+    }
+  }
+
+  @Override
+  public void setContentType(String type) {
+    this.contentType = type;
+  }
+
+  @Override
+  public ServletOutputStream getOutputStream() {
+    return outputStream;
+  }
+
+  @Override
+  public PrintWriter getWriter() {
+    return writer;
+  }
+
+  public void commitToResponse() throws IOException {
+    if (committed) {
+      throw new IllegalStateException("commitToResponse() already called");
+    }
+    committed = true;
+    if (contentType != null) {
+      actual.setContentType(contentType);
+    }
+    actual.setStatus(status);
+    actual.setContentLength(buffer.size());
+    buffer.writeTo(actual.getOutputStream());
+    actual.getOutputStream().flush();
+  }
+}

framework/src/main/java/org/tron/core/services/filter/CachedBodyRequestWrapper.java

@@ -0,0 +1,72 @@
+package org.tron.core.services.filter;
+
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.InputStreamReader;
+import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
+import javax.servlet.ReadListener;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+
+/**
+ * Wraps a request and replays a pre-read body from a byte array.
+ */
+public class CachedBodyRequestWrapper extends HttpServletRequestWrapper {
+
+  private enum BodyAccessor { NONE, STREAM, READER }
+
+  private final byte[] body;
+  private BodyAccessor accessor = BodyAccessor.NONE;
+
+  public CachedBodyRequestWrapper(HttpServletRequest request, byte[] body) {
+    super(request);
+    this.body = body;
+  }
+
+  @Override
+  public ServletInputStream getInputStream() {
+    if (accessor == BodyAccessor.READER) {
+      throw new IllegalStateException("getReader() has already been called on this request");
+    }
+    accessor = BodyAccessor.STREAM;
+    final ByteArrayInputStream bais = new ByteArrayInputStream(body);
+    return new ServletInputStream() {
+      @Override
+      public int read() {
+        return bais.read();
+      }
+
+      @Override
+      public int read(byte[] b, int off, int len) {
+        return bais.read(b, off, len);
+      }
+
+      @Override
+      public boolean isFinished() {
+        return bais.available() == 0;
+      }
+
+      @Override
+      public boolean isReady() {
+        return true;
+      }
+
+      @Override
+      public void setReadListener(ReadListener readListener) {
+      }
+    };
+  }
+
+  @Override
+  public BufferedReader getReader() {
+    if (accessor == BodyAccessor.STREAM) {
+      throw new IllegalStateException("getInputStream() has already been called on this request");
+    }
+    accessor = BodyAccessor.READER;
+    String encoding = getCharacterEncoding();
+    Charset charset = encoding != null ? Charset.forName(encoding) : StandardCharsets.UTF_8;
+    return new BufferedReader(new InputStreamReader(new ByteArrayInputStream(body), charset));
+  }
+}