]> git.bitcoin.ninja Git - rust-lightning/commitdiff
Don't HTLC claim with no-possible-preimage in full_stack_target 2018-08-no-claim-fuzz-bug
authorMatt Corallo <git@bluematt.me>
Fri, 17 Aug 2018 15:53:47 +0000 (11:53 -0400)
committerMatt Corallo <git@bluematt.me>
Fri, 17 Aug 2018 16:34:09 +0000 (12:34 -0400)
fuzz/fuzz_targets/full_stack_target.rs

index e6515b41e7b087911c5796cc5f3caf661adb1c4e..55d9e6278da9dc2c74a58aa13cd725582633e1d6 100644 (file)
@@ -275,14 +275,17 @@ pub fn do_test(data: &[u8]) {
                        },
                        8 => {
                                for payment in payments_received.drain(..) {
-                                       let mut payment_preimage = [0; 32];
-                                       payment_preimage[0] = payment[0];
-                                       let mut sha = Sha256::new();
-                                       sha.input(&payment_preimage);
-                                       let mut payment_hash_check = [0; 32];
-                                       sha.result(&mut payment_hash_check);
-                                       assert!(payment_hash_check == payment);
-                                       channelmanager.claim_funds(payment_preimage);
+                                       // SHA256 is defined as XOR of all input bytes placed in the first byte, and 0s
+                                       // for the remaining bytes. Thus, if not all remaining bytes are 0s we cannot
+                                       // fulfill this HTLC, but if they are, we can just take the first byte and
+                                       // place that anywhere in our preimage.
+                                       if &payment[1..] != &[0; 31] {
+                                               channelmanager.fail_htlc_backwards(&payment);
+                                       } else {
+                                               let mut payment_preimage = [0; 32];
+                                               payment_preimage[0] = payment[0];
+                                               channelmanager.claim_funds(payment_preimage);
+                                       }
                                }
                        },
                        9 => {