From 9abe4bb23da245228abdde85e773837897bcb0ba Mon Sep 17 00:00:00 2001
From: Elias Rohrer <dev@tnull.de>
Date: Fri, 8 Sep 2023 09:40:45 +0200
Subject: [PATCH 1/2] Have `path_to_windows_str` take reference to avoid
 `clone`s

---
 lightning-persister/src/fs_store.rs | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/lightning-persister/src/fs_store.rs b/lightning-persister/src/fs_store.rs
index 56d071da9..81f9709c4 100644
--- a/lightning-persister/src/fs_store.rs
+++ b/lightning-persister/src/fs_store.rs
@@ -26,7 +26,7 @@ macro_rules! call {
 }
 
 #[cfg(target_os = "windows")]
-fn path_to_windows_str<T: AsRef<OsStr>>(path: T) -> Vec<u16> {
+fn path_to_windows_str<T: AsRef<OsStr>>(path: &T) -> Vec<u16> {
 	path.as_ref().encode_wide().chain(Some(0)).collect()
 }
 
@@ -164,8 +164,8 @@ impl KVStore for FilesystemStore {
 				let res = if dest_file_path.exists() {
 					call!(unsafe {
 						windows_sys::Win32::Storage::FileSystem::ReplaceFileW(
-							path_to_windows_str(dest_file_path.clone()).as_ptr(),
-							path_to_windows_str(tmp_file_path).as_ptr(),
+							path_to_windows_str(&dest_file_path).as_ptr(),
+							path_to_windows_str(&tmp_file_path).as_ptr(),
 							std::ptr::null(),
 							windows_sys::Win32::Storage::FileSystem::REPLACEFILE_IGNORE_MERGE_ERRORS,
 							std::ptr::null_mut() as *const core::ffi::c_void,
@@ -175,8 +175,8 @@ impl KVStore for FilesystemStore {
 				} else {
 					call!(unsafe {
 						windows_sys::Win32::Storage::FileSystem::MoveFileExW(
-							path_to_windows_str(tmp_file_path).as_ptr(),
-							path_to_windows_str(dest_file_path.clone()).as_ptr(),
+							path_to_windows_str(&tmp_file_path).as_ptr(),
+							path_to_windows_str(&dest_file_path).as_ptr(),
 							windows_sys::Win32::Storage::FileSystem::MOVEFILE_WRITE_THROUGH
 							| windows_sys::Win32::Storage::FileSystem::MOVEFILE_REPLACE_EXISTING,
 							)
@@ -263,8 +263,8 @@ impl KVStore for FilesystemStore {
 
 					call!(unsafe {
 						windows_sys::Win32::Storage::FileSystem::MoveFileExW(
-							path_to_windows_str(dest_file_path).as_ptr(),
-							path_to_windows_str(trash_file_path.clone()).as_ptr(),
+							path_to_windows_str(&dest_file_path).as_ptr(),
+							path_to_windows_str(&trash_file_path).as_ptr(),
 							windows_sys::Win32::Storage::FileSystem::MOVEFILE_WRITE_THROUGH
 							| windows_sys::Win32::Storage::FileSystem::MOVEFILE_REPLACE_EXISTING,
 							)

From aeaed62894737b3de18a425cbf7b673764d46e4f Mon Sep 17 00:00:00 2001
From: Elias Rohrer <dev@tnull.de>
Date: Fri, 8 Sep 2023 10:00:25 +0200
Subject: [PATCH 2/2] Add length check for read ChannelMonitor keys

---
 lightning/src/util/persist.rs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lightning/src/util/persist.rs b/lightning/src/util/persist.rs
index ca0605c95..372a094a9 100644
--- a/lightning/src/util/persist.rs
+++ b/lightning/src/util/persist.rs
@@ -216,6 +216,12 @@ where
 	for stored_key in kv_store.list(
 		CHANNEL_MONITOR_PERSISTENCE_NAMESPACE, CHANNEL_MONITOR_PERSISTENCE_SUB_NAMESPACE)?
 	{
+		if stored_key.len() < 66 {
+			return Err(io::Error::new(
+				io::ErrorKind::InvalidData,
+				"Stored key has invalid length"));
+		}
+
 		let txid = Txid::from_hex(stored_key.split_at(64).0).map_err(|_| {
 			io::Error::new(io::ErrorKind::InvalidData, "Invalid tx ID in stored key")
 		})?;