1 /* 2 * Copyright (c) 2021-2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #include "publish_manager.h" 17 18 #include <cinttypes> 19 20 #include "event_log_wrapper.h" 21 #include "system_time.h" 22 23 namespace OHOS { 24 namespace EventFwk { PublishManager()25PublishManager::PublishManager() 26 {} 27 ~PublishManager()28PublishManager::~PublishManager() 29 {} 30 CheckIsFloodAttack(pid_t appUid)31bool PublishManager::CheckIsFloodAttack(pid_t appUid) 32 { 33 EVENT_LOGI("enter"); 34 std::lock_guard<std::mutex> lock(mutex_); 35 bool isAttacked = false; 36 int64_t now = SystemTime::GetNowSysTime(); 37 EVENT_LOGI("dispatch common event by app (uid = %{publish}d) at now = %{public}" PRId64, appUid, now); 38 auto iter = floodAttackAppStatistics_.find(appUid); 39 if (iter == floodAttackAppStatistics_.end()) { 40 floodAttackAppStatistics_[appUid].emplace_back(now); 41 return isAttacked; 42 } 43 // Remove expired record 44 auto iterVec = iter->second.begin(); 45 while (iterVec != iter->second.end()) { 46 if (now - *iterVec > FLOOD_ATTACK_INTERVAL_MAX) { 47 iterVec = iter->second.erase(iterVec); 48 } else { 49 break; 50 } 51 } 52 if (iter->second.size() + 1 > FLOOD_ATTACK_NUMBER_MAX) { 53 EVENT_LOGW("CES was maliciously attacked by app (uid = %{publish}d)", appUid); 54 isAttacked = true; 55 } 56 iter->second.emplace_back(now); 57 return isAttacked; 58 } 59 } // namespace EventFwk 60 } // namespace OHOS