From dc56b2a9ac05ccf810ec27b31ba4f87bd0ee32cb Mon Sep 17 00:00:00 2001
From: Rusty Russell <rusty@rustcorp.com.au>
Date: Mon, 5 Sep 2022 16:10:33 +0930
Subject: [PATCH] connectd: better diagnostics on invalid gossip_store entries.

Should help diagnose https://github.com/ElementsProject/lightning/issues/5572
which hit the invalid csum on a >64MB entry, if it happens again.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
---
 common/gossip_store.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/common/gossip_store.c b/common/gossip_store.c
index 2522904e3..086232c29 100644
--- a/common/gossip_store.c
+++ b/common/gossip_store.c
@@ -115,6 +115,7 @@ u8 *gossip_store_next(const tal_t *ctx,
 		      size_t *off, size_t *end)
 {
 	u8 *msg = NULL;
+	size_t initial_off = *off;
 
 	while (!msg) {
 		struct gossip_hdr hdr;
@@ -146,6 +147,14 @@ u8 *gossip_store_next(const tal_t *ctx,
 			continue;
 		}
 
+		/* Messages can be up to 64k, but we also have internal ones:
+		 * 128k is plenty. */
+		if (msglen > 128 * 1024)
+			status_failed(STATUS_FAIL_INTERNAL_ERROR,
+				      "gossip_store: oversize msg len %u at"
+				      " offset %zu (was at %zu)",
+				      msglen, *off, initial_off);
+
 		checksum = be32_to_cpu(hdr.crc);
 		msg = tal_arr(ctx, u8, msglen);
 		r = pread(*gossip_store_fd, msg, msglen, *off + r);
@@ -155,8 +164,8 @@ u8 *gossip_store_next(const tal_t *ctx,
 		if (checksum != crc32c(be32_to_cpu(hdr.timestamp), msg, msglen))
 			status_failed(STATUS_FAIL_INTERNAL_ERROR,
 				      "gossip_store: bad checksum at offset %zu"
-				      ": %s",
-				      *off, tal_hex(tmpctx, msg));
+				      "(was at %zu): %s",
+				      *off, initial_off, tal_hex(tmpctx, msg));
 
 		/* Definitely processing it now */
 		*off += sizeof(hdr) + msglen;