From 2ecf5e6bd55bd5e23bcb67de70c7d9f2ab32e960 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Thu, 1 Aug 2024 09:33:34 +0930 Subject: [PATCH] BOLT12: reject zero-length blinded paths. This is a good idea, but also specifically called out in the latest BOLT spec. Signed-off-by: Rusty Russell --- common/bolt12.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/common/bolt12.c b/common/bolt12.c index ff1df9e04..3cf1143f5 100644 --- a/common/bolt12.c +++ b/common/bolt12.c @@ -228,6 +228,17 @@ struct tlv_offer *offer_decode(const tal_t *ctx, return tal_free(offer); } + /* BOLT-offers #12: + * - if `num_hops` is 0 in any `blinded_path` in `offer_paths`: + * - MUST NOT respond to the offer. + */ + for (size_t i = 0; i < tal_count(offer->offer_paths); i++) { + if (tal_count(offer->offer_paths[i]->path) == 0) { + *fail = tal_strdup(ctx, "Offer contains an empty offer_path"); + return tal_free(offer); + } + } + return offer; } @@ -285,6 +296,17 @@ struct tlv_invoice_request *invrequest_decode(const tal_t *ctx, return tal_free(invrequest); } + /* BOLT-offers #12: + * - if `num_hops` is 0 in any `blinded_path` in `invreq_paths`: + * - MUST fail the request. + */ + for (size_t i = 0; i < tal_count(invrequest->invreq_paths); i++) { + if (tal_count(invrequest->invreq_paths[i]->path) == 0) { + *fail = tal_strdup(ctx, "Invoice request contains an empty invreq_path"); + return tal_free(invrequest); + } + } + return invrequest; }