From: Elias Rohrer Date: Fri, 8 Sep 2023 08:00:25 +0000 (+0200) Subject: Add length check for read ChannelMonitor keys X-Git-Tag: v0.0.117-alpha1~19^2 X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=commitdiff_plain;h=aeaed62894737b3de18a425cbf7b673764d46e4f;p=rust-lightning Add length check for read ChannelMonitor keys --- diff --git a/lightning/src/util/persist.rs b/lightning/src/util/persist.rs index ca0605c95..372a094a9 100644 --- a/lightning/src/util/persist.rs +++ b/lightning/src/util/persist.rs @@ -216,6 +216,12 @@ where for stored_key in kv_store.list( CHANNEL_MONITOR_PERSISTENCE_NAMESPACE, CHANNEL_MONITOR_PERSISTENCE_SUB_NAMESPACE)? { + if stored_key.len() < 66 { + return Err(io::Error::new( + io::ErrorKind::InvalidData, + "Stored key has invalid length")); + } + let txid = Txid::from_hex(stored_key.split_at(64).0).map_err(|_| { io::Error::new(io::ErrorKind::InvalidData, "Invalid tx ID in stored key") })?;