From 584ee262003eb3aa4d45e740a74103bcb18930e4 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Sun, 5 Aug 2018 15:16:32 +0930 Subject: [PATCH] gossipd: fix thinko in node_announcement address parsing which made us miss final address 'cursor < ser + max' isn't valid because we reduce 'max' as we go! Effectively we'll stop once we're past halfway, which can only happen with ipv6 + a torv2 address. Ths fix is one-line, but we rename 'max' to 'len' which makes its purpose clearer. Signed-off-by: Rusty Russell --- gossipd/routing.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/gossipd/routing.c b/gossipd/routing.c index 945dd43ab..541d74713 100644 --- a/gossipd/routing.c +++ b/gossipd/routing.c @@ -1228,15 +1228,16 @@ u8 *handle_channel_update(struct routing_state *rstate, const u8 *update, static struct wireaddr *read_addresses(const tal_t *ctx, const u8 *ser) { const u8 *cursor = ser; - size_t max = tal_count(ser); + size_t len = tal_count(ser); struct wireaddr *wireaddrs = tal_arr(ctx, struct wireaddr, 0); int numaddrs = 0; - while (cursor && cursor < ser + max) { + + while (cursor && len) { struct wireaddr wireaddr; /* Skip any padding */ - while (max && cursor[0] == ADDR_TYPE_PADDING) - fromwire_u8(&cursor, &max); + while (len && cursor[0] == ADDR_TYPE_PADDING) + fromwire_u8(&cursor, &len); /* BOLT #7: * @@ -1245,11 +1246,13 @@ static struct wireaddr *read_addresses(const tal_t *ctx, const u8 *ser) * - SHOULD ignore the first `address descriptor` that does * NOT match the types defined above. */ - if (!fromwire_wireaddr(&cursor, &max, &wireaddr)) { + if (!fromwire_wireaddr(&cursor, &len, &wireaddr)) { if (!cursor) /* Parsing address failed */ return tal_free(wireaddrs); /* Unknown type, stop there. */ + status_trace("read_addresses: unknown address type %u", + cursor[0]); break; }