]> git.bitcoin.ninja Git - rust-lightning/commitdiff
Handle feerates of `u32::MAX` without overflowing 2024-06-feerate-overflow
authorMatt Corallo <git@bluematt.me>
Wed, 26 Jun 2024 14:16:50 +0000 (14:16 +0000)
committerMatt Corallo <git@bluematt.me>
Wed, 26 Jun 2024 14:23:40 +0000 (14:23 +0000)
Though we generally shouldn't be seeing these, and the
`get_dust_buffer_feerate` implementation will still return
`u32::MAX` in spite of the overflow, we should handle the overflow
to avoid panic when `debug_assertions` are enabled.

Found by the `full_stack_target` fuzzer

lightning/src/ln/channel.rs

index f5c47260f6ef68842a0ff1c0d03e2935aa4a7560..5415eb2fc6f0197d91652cce336ba6c6281b36fd 100644 (file)
@@ -2768,7 +2768,7 @@ impl<SP: Deref> ChannelContext<SP> where SP::Target: SignerProvider  {
                        feerate_per_kw = cmp::max(feerate_per_kw, feerate);
                }
                let feerate_plus_quarter = feerate_per_kw.checked_mul(1250).map(|v| v / 1000);
-               cmp::max(feerate_per_kw + 2530, feerate_plus_quarter.unwrap_or(u32::max_value()))
+               cmp::max(feerate_per_kw.saturating_add(2530), feerate_plus_quarter.unwrap_or(u32::MAX))
        }
 
        /// Get forwarding information for the counterparty.