htlcswitch/link: verify an htlc is not too large in HtlcSatifiesPolicy

Before forwarding an HTLC, ensure that the amount to forward including fees does not exceed the max HTLC set for the channel link.
2025-12-04 18:01:57 +01:00 · 2018-12-08 18:21:18 -08:00
parent 90cbf9fe35
commit f0e668974e
2 changed files with 94 additions and 0 deletions
--- a/htlcswitch/link.go
+++ b/htlcswitch/link.go
@@ -1967,6 +1967,25 @@ func (l *channelLink) HtlcSatifiesPolicy(payHash [32]byte,
 		return failure
 	}

+	// Next, ensure that the passed HTLC isn't too large. If so, we'll cancel
+	// the HTLC directly.
+	if policy.MaxHTLC != 0 && amtToForward > policy.MaxHTLC {
+		l.errorf("outgoing htlc(%x) is too large: max_htlc=%v, "+
+			"htlc_value=%v", payHash[:], policy.MaxHTLC, amtToForward)
+
+		// As part of the returned error, we'll send our latest routing policy
+		// so the sending node obtains the most up-to-date data.
+		var failure lnwire.FailureMessage
+		update, err := l.cfg.FetchLastChannelUpdate(l.ShortChanID())
+		if err != nil {
+			failure = &lnwire.FailTemporaryNodeFailure{}
+		} else {
+			failure = lnwire.NewTemporaryChannelFailure(update)
+		}
+
+		return failure
+	}
+
 	// Next, using the amount of the incoming HTLC, we'll calculate the
 	// expected fee this incoming HTLC must carry in order to satisfy the
 	// constraints of the outgoing link.