highperfocused/lnd
1
0
Fork 0
mirror of https://github.com/lightningnetwork/lnd.git synced 2025-11-10 06:07:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

watchtower/wtdb: only accept properly sized blobs

Browse Source 
Modifies the bbolt and mock tower databases to only accept blobs that
are the expected size of the session's blob type. This prevents resource
exhaustion attacks where a client may provide disproportionately large
encrypted blob, even though all supported blob types are of fixed-size.
This commit is contained in:
Conner Fromknecht
2019-06-13 17:36:27 -07:00
parent dce24d1d47
commit 37052f1561
3 changed files with 44 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
watchtower/wtmock/tower_db.go
View File

@@ -37,6 +37,11 @@ func (db *TowerDB) InsertStateUpdate(update *wtdb.SessionStateUpdate) (uint16, e
return 0, wtdb.ErrSessionNotFound
}
// Assert that the blob is the correct size for the session's blob type.
if len(update.EncryptedBlob) != blob.Size(info.Policy.BlobType) {
return 0, wtdb.ErrInvalidBlobSize
}
err := info.AcceptUpdateSequence(update.SeqNum, update.LastApplied)
if err != nil {
return info.LastApplied, err