X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Fblinded_path%2Fpayment.rs;h=7f938d6617f71a49ca65b5ddc9637ad9296b5665;hb=ef02b9e6f9caf1ce7a6bf625dc8b4b445d5cc699;hp=f4df1e379d931b3ac65cbcdae65441c629554c6c;hpb=db81c650baf2faa3a551bab216981ac84149176a;p=rust-lightning

diff --git a/lightning/src/blinded_path/payment.rs b/lightning/src/blinded_path/payment.rs
index f4df1e37..7f938d66 100644
--- a/lightning/src/blinded_path/payment.rs
+++ b/lightning/src/blinded_path/payment.rs
@@ -13,7 +13,7 @@ use crate::ln::features::BlindedHopFeatures;
 use crate::ln::msgs::DecodeError;
 use crate::offers::invoice::BlindedPayInfo;
 use crate::prelude::*;
-use crate::util::ser::{Readable, Writeable, Writer};
+use crate::util::ser::{HighZeroBytesDroppedBigSize, Readable, Writeable, Writer};
 
 use core::convert::TryFrom;
 
@@ -97,12 +97,24 @@ pub struct PaymentConstraints {
 	pub htlc_minimum_msat: u64,
 }
 
-impl From<CounterpartyForwardingInfo> for PaymentRelay {
-	fn from(info: CounterpartyForwardingInfo) -> Self {
+impl TryFrom<CounterpartyForwardingInfo> for PaymentRelay {
+	type Error = ();
+
+	fn try_from(info: CounterpartyForwardingInfo) -> Result<Self, ()> {
 		let CounterpartyForwardingInfo {
 			fee_base_msat, fee_proportional_millionths, cltv_expiry_delta
 		} = info;
-		Self { cltv_expiry_delta, fee_proportional_millionths, fee_base_msat }
+
+		// Avoid exposing esoteric CLTV expiry deltas
+		let cltv_expiry_delta = match cltv_expiry_delta {
+			0..=40 => 40,
+			41..=80 => 80,
+			81..=144 => 144,
+			145..=216 => 216,
+			_ => return Err(()),
+		};
+
+		Ok(Self { cltv_expiry_delta, fee_proportional_millionths, fee_base_msat })
 	}
 }
 
@@ -263,16 +275,35 @@ pub(super) fn compute_payinfo(
 	})
 }
 
-impl_writeable_msg!(PaymentRelay, {
-	cltv_expiry_delta,
-	fee_proportional_millionths,
-	fee_base_msat
-}, {});
+impl Writeable for PaymentRelay {
+	fn write<W: Writer>(&self, w: &mut W) -> Result<(), io::Error> {
+		self.cltv_expiry_delta.write(w)?;
+		self.fee_proportional_millionths.write(w)?;
+		HighZeroBytesDroppedBigSize(self.fee_base_msat).write(w)
+	}
+}
+impl Readable for PaymentRelay {
+	fn read<R: io::Read>(r: &mut R) -> Result<Self, DecodeError> {
+		let cltv_expiry_delta: u16 = Readable::read(r)?;
+		let fee_proportional_millionths: u32 = Readable::read(r)?;
+		let fee_base_msat: HighZeroBytesDroppedBigSize<u32> = Readable::read(r)?;
+		Ok(Self { cltv_expiry_delta, fee_proportional_millionths, fee_base_msat: fee_base_msat.0 })
+	}
+}
 
-impl_writeable_msg!(PaymentConstraints, {
-	max_cltv_expiry,
-	htlc_minimum_msat
-}, {});
+impl Writeable for PaymentConstraints {
+	fn write<W: Writer>(&self, w: &mut W) -> Result<(), io::Error> {
+		self.max_cltv_expiry.write(w)?;
+		HighZeroBytesDroppedBigSize(self.htlc_minimum_msat).write(w)
+	}
+}
+impl Readable for PaymentConstraints {
+	fn read<R: io::Read>(r: &mut R) -> Result<Self, DecodeError> {
+		let max_cltv_expiry: u32 = Readable::read(r)?;
+		let htlc_minimum_msat: HighZeroBytesDroppedBigSize<u64> = Readable::read(r)?;
+		Ok(Self { max_cltv_expiry, htlc_minimum_msat: htlc_minimum_msat.0 })
+	}
+}
 
 #[cfg(test)]
 mod tests {