lightningd/crypto_sync: fix sync_crypto_write / sync_crypto_read

wire_sync_write() adds length, but we already have it, so use write_all. sync_crypto_read() handed an on-stack buffer to cryptomsg_decrypt_header, which expected a tal() pointer, so use the known length instead. sync_crypto_read() also failed to read the tag; add that in (no overflow possible as 16 is an int, len is a u16). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2025-01-18 21:35:11 +01:00 · 2017-02-24 16:22:35 +10:30 · 2017-02-24 16:22:35 +10:30 · 13ac472062
commit 13ac472062
parent 51a22c4274
3 changed files with 6 additions and 8 deletions
--- a/lightningd/crypto_sync.c
+++ b/lightningd/crypto_sync.c
@ -8,7 +8,7 @@ bool sync_crypto_write(struct crypto_state *cs, int fd, const void *msg)
 	u8 *enc = cryptomsg_encrypt_msg(msg, cs, msg);
 	bool ret;

-	ret = wire_sync_write(fd, enc);
+	ret = write_all(fd, enc, tal_len(enc));
 	tal_free(enc);
 	return ret;
 }
@ -24,8 +24,8 @@ u8 *sync_crypto_read(const tal_t *ctx, struct crypto_state *cs, int fd)
 	if (!cryptomsg_decrypt_header(cs, hdr, &len))
 		return NULL;

-	enc = tal_arr(ctx, u8, len);
-	if (!read_all(fd, enc, len))
+	enc = tal_arr(ctx, u8, len + 16);
+	if (!read_all(fd, enc, tal_len(enc)))
 		return tal_free(enc);

 	dec = cryptomsg_decrypt_body(ctx, cs, enc);
--- a/lightningd/cryptomsg.c
+++ b/lightningd/cryptomsg.c
@ -142,7 +142,7 @@ static struct io_plan *peer_decrypt_body(struct io_conn *conn,
 	return plan;
 }

-bool cryptomsg_decrypt_header(struct crypto_state *cs, u8 *hdr, u16 *lenp)
+bool cryptomsg_decrypt_header(struct crypto_state *cs, u8 hdr[18], u16 *lenp)
 {
 	unsigned char npub[crypto_aead_chacha20poly1305_ietf_NPUBBYTES];
 	unsigned long long mlen;
@ -162,9 +162,7 @@ bool cryptomsg_decrypt_header(struct crypto_state *cs, u8 *hdr, u16 *lenp)
 	 */
 	if (crypto_aead_chacha20poly1305_ietf_decrypt((unsigned char *)&len,
 						      &mlen, NULL,
-						      memcheck(hdr,
-							       tal_count(hdr)),
-						      tal_count(hdr),
+						      memcheck(hdr, 18), 18,
 						      NULL, 0,
 						      npub, cs->rk.u.u8) != 0) {
 		/* FIXME: Report error! */
--- a/lightningd/cryptomsg.h
+++ b/lightningd/cryptomsg.h
@ -54,7 +54,7 @@ void fromwire_crypto_state(const u8 **ptr, size_t *max, struct crypto_state *cs)
 u8 *cryptomsg_encrypt_msg(const tal_t *ctx,
 			  struct crypto_state *cs,
 			  const u8 *msg);
-bool cryptomsg_decrypt_header(struct crypto_state *cs, u8 *hdr, u16 *lenp);
+bool cryptomsg_decrypt_header(struct crypto_state *cs, u8 hdr[18], u16 *lenp);
 u8 *cryptomsg_decrypt_body(const tal_t *ctx,
 			   struct crypto_state *cs, const u8 *in);
 #endif /* LIGHTNING_LIGHTNINGD_CRYPTOMSG_H */