discovery+gossip: make sure we dont advertise node anns with bad DNS

We may have already persisted node announcements that have multiple DNS addresses since we may have received them before updating our code to check for this. So here we just make sure not to send these on to our peers.
2025-11-10 14:17:56 +01:00 · 2025-08-06 13:42:47 +02:00
parent f0a20c9d04
commit 70b5016bc8
2 changed files with 35 additions and 6 deletions
--- a/discovery/chan_series.go
+++ b/discovery/chan_series.go
@@ -231,6 +231,13 @@ func (c *ChanSeries) UpdatesInHorizon(chain chainhash.Hash,
 			return nil, err
 		}

+		if err := netann.ValidateNodeAnnFields(nodeUpdate); err != nil {
+			log.Debugf("Skipping forwarding invalid node "+
+				"announcement %x: %v", nodeAnn.PubKeyBytes, err)
+
+			continue
+		}
+
 		updates = append(updates, nodeUpdate)
 	}

@@ -282,6 +289,7 @@ func (c *ChanSeries) FilterChannelRange(_ chainhash.Hash, startHeight,
 // to reply to a QueryShortChanIDs message sent by a remote peer. The response
 // will contain a unique set of ChannelAnnouncements, the latest ChannelUpdate
 // for each of the announcements, and a unique set of NodeAnnouncements.
+// Invalid node announcements are skipped and logged for debugging purposes.
 //
 // NOTE: This is part of the ChannelGraphTimeSeries interface.
 func (c *ChanSeries) FetchChanAnns(chain chainhash.Hash,
@@ -335,10 +343,17 @@ func (c *ChanSeries) FetchChanAnns(chain chainhash.Hash,
 					return nil, err
 				}

+				err = netann.ValidateNodeAnnFields(nodeAnn)
+				if err != nil {
+					log.Debugf("Skipping forwarding "+
+						"invalid node announcement "+
+						"%x: %v", nodeAnn.NodeID, err)
+				} else {
 					chanAnns = append(chanAnns, nodeAnn)
 					nodePubsSent[nodePub] = struct{}{}
 				}
 			}
+		}
 		if edge2 != nil {
 			chanAnns = append(chanAnns, edge2)

@@ -354,11 +369,18 @@ func (c *ChanSeries) FetchChanAnns(chain chainhash.Hash,
 					return nil, err
 				}

+				err = netann.ValidateNodeAnnFields(nodeAnn)
+				if err != nil {
+					log.Debugf("Skipping forwarding "+
+						"invalid node announcement "+
+						"%x: %v", nodeAnn.NodeID, err)
+				} else {
 					chanAnns = append(chanAnns, nodeAnn)
 					nodePubsSent[nodePub] = struct{}{}
 				}
 			}
 		}
+	}

 	return chanAnns, nil
 }
--- a/discovery/gossiper.go
+++ b/discovery/gossiper.go
@@ -2229,7 +2229,9 @@ func (d *AuthenticatedGossiper) processZombieUpdate(_ context.Context,
 }

 // fetchNodeAnn fetches the latest signed node announcement from our point of
-// view for the node with the given public key.
+// view for the node with the given public key. It also validates the node
+// announcement fields and returns an error if they are invalid to prevent
+// forwarding invalid node announcements to our peers.
 func (d *AuthenticatedGossiper) fetchNodeAnn(ctx context.Context,
 	pubKey [33]byte) (*lnwire.NodeAnnouncement, error) {

@@ -2238,7 +2240,12 @@ func (d *AuthenticatedGossiper) fetchNodeAnn(ctx context.Context,
 		return nil, err
 	}

-	return node.NodeAnnouncement(true)
+	nodeAnn, err := node.NodeAnnouncement(true)
+	if err != nil {
+		return nil, err
+	}
+
+	return nodeAnn, netann.ValidateNodeAnnFields(nodeAnn)
 }

 // isMsgStale determines whether a message retrieved from the backing