From 423073dfe53ee56b464fa042fe9b8f635a78c2f1 Mon Sep 17 00:00:00 2001 From: Matt Corallo Date: Thu, 12 Nov 2020 18:59:06 -0500 Subject: [PATCH] [netgraph] Do not allow capacity_sats * 1000 to overflow-panic In updating the router fuzzer, it discovered that a remote peer can cause us to overflow while multiplying the channel capacity value. Since the value should never exceed 21 million BTC, we just add a check for that. --- lightning/src/routing/network_graph.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lightning/src/routing/network_graph.rs b/lightning/src/routing/network_graph.rs index 308c0526e..e7431502f 100644 --- a/lightning/src/routing/network_graph.rs +++ b/lightning/src/routing/network_graph.rs @@ -716,8 +716,8 @@ impl NetworkGraph { if let Some(capacity_sats) = channel.capacity_sats { // It's possible channel capacity is available now, although it wasn't available at announcement (so the field is None). // Don't query UTXO set here to reduce DoS risks. - if htlc_maximum_msat > capacity_sats * 1000 { - return Err(LightningError{err: "htlc_maximum_msat is larger than channel capacity".to_owned(), action: ErrorAction::IgnoreError}); + if capacity_sats > MAX_VALUE_MSAT / 1000 || htlc_maximum_msat > capacity_sats * 1000 { + return Err(LightningError{err: "htlc_maximum_msat is larger than channel capacity or capacity is bogus".to_owned(), action: ErrorAction::IgnoreError}); } } } @@ -1302,7 +1302,7 @@ mod tests { match net_graph_msg_handler.handle_channel_update(&valid_channel_update) { Ok(_) => panic!(), - Err(e) => assert_eq!(e.err, "htlc_maximum_msat is larger than channel capacity") + Err(e) => assert_eq!(e.err, "htlc_maximum_msat is larger than channel capacity or capacity is bogus") }; unsigned_channel_update.htlc_maximum_msat = OptionalField::Absent; -- 2.39.5