From f9ecc76d9925945546f50a17d8e9786d1e24ef00 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Wed, 7 Aug 2019 22:44:17 +0930 Subject: [PATCH] gossipd: check that we don't try to access a deleted gossip entry. We ignored this before, which meant that the DEVELOPER-mode check that we delete the correct record didn't check that it wasn't already deleted. Signed-off-by: Rusty Russell --- gossipd/gossip_store.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/gossipd/gossip_store.c b/gossipd/gossip_store.c index 752823425e0c..f2ef436aaa64 100644 --- a/gossipd/gossip_store.c +++ b/gossipd/gossip_store.c @@ -544,8 +544,13 @@ const u8 *gossip_store_get(const tal_t *ctx, offset, gs->len, strerror(errno)); } - /* FIXME: We should skip over these deleted entries! */ - msglen = be32_to_cpu(hdr.len) & ~GOSSIP_STORE_LEN_DELETED_BIT; + if (be32_to_cpu(hdr.len) & GOSSIP_STORE_LEN_DELETED_BIT) + status_failed(STATUS_FAIL_INTERNAL_ERROR, + "gossip_store: get delete entry offset %"PRIu64 + "/%"PRIu64"", + offset, gs->len); + + msglen = be32_to_cpu(hdr.len); checksum = be32_to_cpu(hdr.crc); msg = tal_arr(ctx, u8, msglen); if (pread(gs->fd, msg, msglen, offset + sizeof(hdr)) != msglen)