routing: check for invalid routes

2025-07-12 14:12:27 +02:00 · 2019-12-11 08:56:41 +01:00
parent b8abae6a7e
commit 31b2c22cf5
5 changed files with 101 additions and 4 deletions
--- a/routing/payment_lifecycle.go
+++ b/routing/payment_lifecycle.go
@ -74,7 +74,9 @@ func (p *paymentLifecycle) resumePayment() ([32]byte, *route.Route, error) {
 			}
 		} else {
 			// If this was a resumed attempt, we must regenerate the
-			// circuit.
+			// circuit. We don't need to check for errors resulting
+			// from an invalid route, because the sphinx packet has
+			// been successfully generated before.
 			_, c, err := generateSphinxPacket(
 				&p.attempt.Route, p.payment.PaymentHash[:],
 				p.attempt.SessionKey,
@ -281,6 +283,24 @@ func (p *paymentLifecycle) createNewPaymentAttempt() (lnwire.ShortChannelID,
 	onionBlob, c, err := generateSphinxPacket(
 		rt, p.payment.PaymentHash[:], sessionKey,
 	)
+
+	// With SendToRoute, it can happen that the route exceeds protocol
+	// constraints. Mark the payment as failed with an internal error.
+	if err == route.ErrMaxRouteHopsExceeded ||
+		err == sphinx.ErrMaxRoutingInfoSizeExceeded {
+
+		log.Debugf("Invalid route provided for payment %x: %v",
+			p.payment.PaymentHash, err)
+
+		controlErr := p.router.cfg.Control.Fail(
+			p.payment.PaymentHash, channeldb.FailureReasonError,
+		)
+		if controlErr != nil {
+			return lnwire.ShortChannelID{}, nil, controlErr
+		}
+	}
+
+	// In any case, don't continue if there is an error.
 	if err != nil {
 		return lnwire.ShortChannelID{}, nil, err
 	}