From 51be7c870fa1f171caee0cbabe5ac268c041d60c Mon Sep 17 00:00:00 2001 From: Matt Corallo Date: Wed, 1 Jan 2020 21:13:48 -0500 Subject: [PATCH] Refuse to deserialize OnionHopDatas with values > 21 million We should probably do this for all values (and define a newtype for msat values), but this will do for now. --- lightning/src/ln/msgs.rs | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/lightning/src/ln/msgs.rs b/lightning/src/ln/msgs.rs index a70da02ae..3ebbc7edf 100644 --- a/lightning/src/ln/msgs.rs +++ b/lightning/src/ln/msgs.rs @@ -33,6 +33,9 @@ use util::ser::{Readable, Writeable, Writer, FixedLengthReader, HighZeroBytesDro use ln::channelmanager::{PaymentPreimage, PaymentHash}; +/// 21 million * 10^8 * 1000 +pub(crate) const MAX_VALUE_MSAT: u64 = 21_000_000_0000_0000_000; + /// An error in decoding a message or struct. #[derive(Debug)] pub enum DecodeError { @@ -1093,6 +1096,11 @@ impl Readable for OnionHopData { short_channel_id, } } else { + if let &Some(ref data) = &payment_data { + if data.total_msat > MAX_VALUE_MSAT { + return Err(DecodeError::InvalidValue); + } + } OnionHopDataFormat::FinalNode { payment_data } @@ -1104,6 +1112,9 @@ impl Readable for OnionHopData { }; let amt: u64 = Readable::read(r)?; let cltv_value: u32 = Readable::read(r)?; + if amt > MAX_VALUE_MSAT { + return Err(DecodeError::InvalidValue); + } r.read_exact(&mut [0; 12])?; (format, amt, cltv_value) }; -- 2.39.5