projects
/
rust-lightning
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Refuse to deserialize OnionHopDatas with values > 21 million
[rust-lightning]
/
lightning
/
src
/
ln
/
msgs.rs
diff --git
a/lightning/src/ln/msgs.rs
b/lightning/src/ln/msgs.rs
index 294dbb965e781aebdfa90bcb00ca4e2fff081755..e915f04152092f77388f20af1ad5d1d495cc245a 100644
(file)
--- a/
lightning/src/ln/msgs.rs
+++ b/
lightning/src/ln/msgs.rs
@@
-33,6
+33,9
@@
use util::ser::{Readable, Writeable, Writer, FixedLengthReader, HighZeroBytesDro
use ln::channelmanager::{PaymentPreimage, PaymentHash};
use ln::channelmanager::{PaymentPreimage, PaymentHash};
+/// 21 million * 10^8 * 1000
+pub(crate) const MAX_VALUE_MSAT: u64 = 21_000_000_0000_0000_000;
+
/// An error in decoding a message or struct.
#[derive(Debug)]
pub enum DecodeError {
/// An error in decoding a message or struct.
#[derive(Debug)]
pub enum DecodeError {
@@
-1053,6
+1056,11
@@
impl Readable for OnionHopData {
short_channel_id,
}
} else {
short_channel_id,
}
} else {
+ if let &Some(ref data) = &payment_data {
+ if data.total_msat > MAX_VALUE_MSAT {
+ return Err(DecodeError::InvalidValue);
+ }
+ }
OnionHopDataFormat::FinalNode {
payment_data
}
OnionHopDataFormat::FinalNode {
payment_data
}
@@
-1068,6
+1076,9
@@
impl Readable for OnionHopData {
(format, amt, cltv_value)
};
(format, amt, cltv_value)
};
+ if amt > MAX_VALUE_MSAT {
+ return Err(DecodeError::InvalidValue);
+ }
Ok(OnionHopData {
format,
amt_to_forward: amt,
Ok(OnionHopData {
format,
amt_to_forward: amt,