logo

Database

Need

Prevent mass messages from being sent to a single user, causing resource saturation.

Context

• Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications

• Usage of Plug (1.12.0 and above) for building composable web application modules

• Usage of Bamboo (1.7.0 and above) for Email handling

Description

1. Non compliant code

defmodule MyApp.MessageController do
  use MyApp.Web, :controller

  def send_message(conn, %{"recipient" => recipient, "message" => message}) do
    MyApp.Messaging.send_email(recipient, message)
    MyApp.Messaging.send_sms(recipient, message)
    send_resp(conn, :ok, "Message sent")
end...

This code is insecure because it allows for repeated and rapid message sending to the same recipient without any form of rate limiting or restriction. This can lead to message flooding, causing the recipient's resources to be unnecessarily consumed and possibly causing important information to be lost in the flood.

2. Steps

• Implement a rate limiting mechanism to restrict the number of messages that can be sent to a single recipient in a given time frame.

• Monitor message sending patterns to detect and block any attempts at message flooding.

• Require users to confirm their email or phone number before allowing messages to be sent to them.

3. Secure code example

defmodule MyApp.MessageController do
  use MyApp.Web, :controller

  def send_message(conn, %{"recipient" => recipient, "message" => message}) do
    if MyApp.Messaging.can_send_message?(recipient) do
      MyApp.Messaging.send_email(recipient, message)
      MyApp.Messaging.send_sms(recipient, message)
      send_resp(conn, :ok, "Message sent")...

This code is secure because it implements a rate limiting mechanism that restricts the number of messages that can be sent to a single recipient in a given time frame. It checks if a message can be sent before actually sending the message and records the sent message for future checks. This prevents message flooding and conserves the recipient's resources.

References

231. Message Flooding