From ea8a1f350643ba9f1d7ed07deb31cbad20e36236 Mon Sep 17 00:00:00 2001 From: Matt Corallo Date: Wed, 26 Sep 2018 10:48:30 -0400 Subject: [PATCH] Narrow check_spend_remote_htlc input/output count check. This fixes a crash found by fuzztester where a 0-output tx causes a [] panic (though this shouldn't happen in the real-world as 0-output txn should never be able to be mined). --- src/ln/channelmonitor.rs | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/ln/channelmonitor.rs b/src/ln/channelmonitor.rs index f3c5c89f6..4b72a3cb6 100644 --- a/src/ln/channelmonitor.rs +++ b/src/ln/channelmonitor.rs @@ -1011,7 +1011,9 @@ impl ChannelMonitor { /// Attempst to claim a remote HTLC-Success/HTLC-Timeout s outputs using the revocation key fn check_spend_remote_htlc(&self, tx: &Transaction, commitment_number: u64) -> Option { - let htlc_txid = tx.txid(); //TODO: This is gonna be a performance bottleneck for watchtowers! + if tx.input.len() != 1 || tx.output.len() != 1 { + return None; + } macro_rules! ignore_error { ( $thing : expr ) => { @@ -1039,6 +1041,7 @@ impl ChannelMonitor { }; let redeemscript = chan_utils::get_revokeable_redeemscript(&revocation_pubkey, self.their_to_self_delay.unwrap(), &delayed_key); let revokeable_p2wsh = redeemscript.to_v0_p2wsh(); + let htlc_txid = tx.txid(); //TODO: This is gonna be a performance bottleneck for watchtowers! let mut inputs = Vec::new(); let mut amount = 0; -- 2.39.5