From f541fd1574d749d954f4c41a1cdce3949b0ca698 Mon Sep 17 00:00:00 2001 From: Christian Decker Date: Mon, 30 Mar 2020 15:12:00 +0200 Subject: [PATCH] keysend: Ignore keysends if the payload contains unknown even fields We must really make sure that we understand the entire payload, not just the fields we are interested in. --- plugins/keysend.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/plugins/keysend.c b/plugins/keysend.c index 56b837133..e13052fbc 100644 --- a/plugins/keysend.c +++ b/plugins/keysend.c @@ -42,6 +42,8 @@ static struct command_result *htlc_accepted_call(struct command *cmd, const char char *hexpreimage, *hexpaymenthash; struct sha256 payment_hash; bigsize_t s; + bool unknown_even_type = false; + struct tlv_field *field; if (!payloadt) return htlc_accepted_continue(cmd); @@ -58,8 +60,12 @@ static struct command_result *htlc_accepted_call(struct command *cmd, const char /* Try looking for the field that contains the preimage */ for (int i=0; ifields); i++) { - if (payload->fields[i].numtype == PREIMAGE_TLV_TYPE) { - preimage_field = &payload->fields[i]; + field = &payload->fields[i]; + if (field->numtype == PREIMAGE_TLV_TYPE) { + preimage_field = field; + break; + } else if (field->numtype % 2 == 0 && field->meta == NULL) { + unknown_even_type = true; break; } } @@ -69,6 +75,15 @@ static struct command_result *htlc_accepted_call(struct command *cmd, const char if (preimage_field == NULL) return htlc_accepted_continue(cmd); + if (unknown_even_type) { + plugin_log(cmd->plugin, LOG_UNUSUAL, + "Payload contains unknown even TLV-type %" PRIu64 + ", can't safely accept the keysend. Deferring to " + "other plugins.", + preimage_field->numtype); + return htlc_accepted_continue(cmd); + } + /* If the preimage is not 32 bytes long then we can't accept the * payment. */ if (preimage_field->length != 32) {