From: Matt Corallo <git@bluematt.me>
Date: Wed, 26 Sep 2018 14:48:30 +0000 (-0400)
Subject: Narrow check_spend_remote_htlc input/output count check.
X-Git-Tag: v0.0.12~300^2~2
X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=commitdiff_plain;h=ea8a1f350643ba9f1d7ed07deb31cbad20e36236;p=rust-lightning

Narrow check_spend_remote_htlc input/output count check.

This fixes a crash found by fuzztester where a 0-output tx causes a
[] panic (though this shouldn't happen in the real-world as
0-output txn should never be able to be mined).
---

diff --git a/src/ln/channelmonitor.rs b/src/ln/channelmonitor.rs
index f3c5c89f6..4b72a3cb6 100644
--- a/src/ln/channelmonitor.rs
+++ b/src/ln/channelmonitor.rs
@@ -1011,7 +1011,9 @@ impl ChannelMonitor {
 
 	/// Attempst to claim a remote HTLC-Success/HTLC-Timeout s outputs using the revocation key
 	fn check_spend_remote_htlc(&self, tx: &Transaction, commitment_number: u64) -> Option<Transaction> {
-		let htlc_txid = tx.txid(); //TODO: This is gonna be a performance bottleneck for watchtowers!
+		if tx.input.len() != 1 || tx.output.len() != 1 {
+			return None;
+		}
 
 		macro_rules! ignore_error {
 			( $thing : expr ) => {
@@ -1039,6 +1041,7 @@ impl ChannelMonitor {
 		};
 		let redeemscript = chan_utils::get_revokeable_redeemscript(&revocation_pubkey, self.their_to_self_delay.unwrap(), &delayed_key);
 		let revokeable_p2wsh = redeemscript.to_v0_p2wsh();
+		let htlc_txid = tx.txid(); //TODO: This is gonna be a performance bottleneck for watchtowers!
 
 		let mut inputs = Vec::new();
 		let mut amount = 0;