From 1442acf74b7fee98cfff950353a75f569932fbc9 Mon Sep 17 00:00:00 2001 From: Matt Corallo Date: Wed, 1 Jan 2020 21:13:48 -0500 Subject: [PATCH] Refuse to deserialize OnionHopDatas with values > 21 million We should probably do this for all values (and define a newtype for msat values), but this will do for now. --- lightning/src/ln/msgs.rs | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/lightning/src/ln/msgs.rs b/lightning/src/ln/msgs.rs index 294dbb965..e915f0415 100644 --- a/lightning/src/ln/msgs.rs +++ b/lightning/src/ln/msgs.rs @@ -33,6 +33,9 @@ use util::ser::{Readable, Writeable, Writer, FixedLengthReader, HighZeroBytesDro use ln::channelmanager::{PaymentPreimage, PaymentHash}; +/// 21 million * 10^8 * 1000 +pub(crate) const MAX_VALUE_MSAT: u64 = 21_000_000_0000_0000_000; + /// An error in decoding a message or struct. #[derive(Debug)] pub enum DecodeError { @@ -1053,6 +1056,11 @@ impl Readable for OnionHopData { short_channel_id, } } else { + if let &Some(ref data) = &payment_data { + if data.total_msat > MAX_VALUE_MSAT { + return Err(DecodeError::InvalidValue); + } + } OnionHopDataFormat::FinalNode { payment_data } @@ -1068,6 +1076,9 @@ impl Readable for OnionHopData { (format, amt, cltv_value) }; + if amt > MAX_VALUE_MSAT { + return Err(DecodeError::InvalidValue); + } Ok(OnionHopData { format, amt_to_forward: amt, -- 2.39.5