Disallow sending invalid custom OM TLVs

Onion message data TLV types must be >= 64, enforce this on send
This commit is contained in:
Valentine Wallace 2022-10-18 13:33:45 -04:00
parent 7664957bc9
commit 4905268b65
No known key found for this signature in database
GPG key ID: FD3E106A2CE099B4
2 changed files with 32 additions and 0 deletions

View file

@ -217,6 +217,33 @@ fn reply_path() {
format!("Received an onion message with path_id None and a reply_path").to_string(), 2);
}
#[test]
fn invalid_custom_message_type() {
let nodes = create_nodes(2);
struct InvalidCustomMessage{}
impl CustomOnionMessageContents for InvalidCustomMessage {
fn tlv_type(&self) -> u64 {
// Onion message contents must have a TLV >= 64.
63
}
}
impl Writeable for InvalidCustomMessage {
fn write<W: Writer>(&self, _w: &mut W) -> Result<(), io::Error> { unreachable!() }
}
impl MaybeReadableArgs<u64> for InvalidCustomMessage {
fn read<R: io::Read>(_buffer: &mut R, _message_type: u64) -> Result<Option<Self>, DecodeError> where Self: Sized {
unreachable!()
}
}
let test_msg = OnionMessageContents::Custom(InvalidCustomMessage {});
let err = nodes[0].messenger.send_onion_message(&[], Destination::Node(nodes[1].get_node_pk()), test_msg, None).unwrap_err();
assert_eq!(err, SendError::InvalidMessage);
}
#[test]
fn peer_buffer_full() {
let nodes = create_nodes(2);

View file

@ -156,6 +156,8 @@ pub enum SendError {
TooFewBlindedHops,
/// Our next-hop peer was offline or does not support onion message forwarding.
InvalidFirstHop,
/// Onion message contents must have a TLV type >= 64.
InvalidMessage,
/// Our next-hop peer's buffer was full or our total outbound buffer was full.
BufferFull,
}
@ -205,6 +207,9 @@ impl<Signer: Sign, K: Deref, L: Deref, CMH: Deref> OnionMessenger<Signer, K, L,
return Err(SendError::TooFewBlindedHops);
}
}
let OnionMessageContents::Custom(ref msg) = message;
if msg.tlv_type() < 64 { return Err(SendError::InvalidMessage) }
let blinding_secret_bytes = self.keys_manager.get_secure_random_bytes();
let blinding_secret = SecretKey::from_slice(&blinding_secret_bytes[..]).expect("RNG is busted");
let (introduction_node_id, blinding_point) = if intermediate_nodes.len() != 0 {