From 54790c17eaa237563ce7e0b3e44631a8e7662285 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Thu, 18 Jul 2019 14:35:55 +0930 Subject: [PATCH] wire: rename var_int to bigsize, and insist on minimal. The new TLV spec uses BigSize, like Bitcoin's CompactInt but *little-endian*. So change our name for clarity, and insist that decoding be minimal as the spec requires. Signed-off-by: Rusty Russell --- tools/generate-wire.py | 4 ++-- wire/fromwire.c | 21 ++++++++++++++++----- wire/towire.c | 8 ++++---- wire/wire.h | 4 ++-- 4 files changed, 24 insertions(+), 13 deletions(-) diff --git a/tools/generate-wire.py b/tools/generate-wire.py index 77fbd3184136..7e1ba2fe8605 100755 --- a/tools/generate-wire.py +++ b/tools/generate-wire.py @@ -1057,7 +1057,7 @@ def _inner_print_printwire_array(subcalls, basetype, f, num_elems, ref): \twhile (*plen) {{ \t\tmsg_type = fromwire_u8(p, plen); -\t\tmsg_len = fromwire_var_int(p, plen); +\t\tmsg_len = fromwire_bigsize(p, plen); \t\tif (*plen < msg_len) {{ \t\t\tfromwire_fail(p, plen); \t\t\tbreak; @@ -1103,7 +1103,7 @@ def _inner_print_printwire_array(subcalls, basetype, f, num_elems, ref): \twhile (cursor) {{ \t\tmsg_type = fromwire_u8(&cursor, &plen); -\t\tmsg_size = fromwire_var_int(&cursor, &plen); +\t\tmsg_size = fromwire_bigsize(&cursor, &plen); \t\tif (!cursor) \t\t\tbreak; \t\tswitch ((enum {tlv_name}_type)msg_type) {{ diff --git a/wire/fromwire.c b/wire/fromwire.c index a872ac8b3ad3..629683facc68 100644 --- a/wire/fromwire.c +++ b/wire/fromwire.c @@ -102,20 +102,31 @@ bool fromwire_bool(const u8 **cursor, size_t *max) return ret; } -u64 fromwire_var_int(const u8 **cursor, size_t *max) +u64 fromwire_bigsize(const u8 **cursor, size_t *max) { u8 flag = fromwire_u8(cursor, max); + u64 ret; switch(flag) { case 0xff: - return fromwire_u64(cursor, max); + ret = fromwire_u64(cursor, max); + if ((ret >> 32) == 0) + fromwire_fail(cursor, max); + break; case 0xfe: - return (u64)fromwire_u32(cursor, max); + ret = fromwire_u32(cursor, max); + if ((ret >> 16) == 0) + fromwire_fail(cursor, max); + break; case 0xfd: - return (u64)fromwire_u16(cursor, max); + ret = fromwire_u16(cursor, max); + if (ret < 0xfd) + fromwire_fail(cursor, max); + break; default: - return (u64)flag; + ret = flag; } + return ret; } void fromwire_pubkey(const u8 **cursor, size_t *max, struct pubkey *pubkey) diff --git a/wire/towire.c b/wire/towire.c index e097aa079355..4a5fac8217c2 100644 --- a/wire/towire.c +++ b/wire/towire.c @@ -55,16 +55,16 @@ void towire_bool(u8 **pptr, bool v) towire(pptr, &val, sizeof(val)); } -void towire_var_int(u8 **pptr, const u64 val) +void towire_bigsize(u8 **pptr, const u64 val) { if (val < 0xfd) { - towire_u8(pptr, (u8)val); + towire_u8(pptr, val); } else if (val <= 0xffff) { towire_u8(pptr, 0xfd); - towire_u16(pptr, (u16)val); + towire_u16(pptr, val); } else if (val <= 0xffffffff) { towire_u8(pptr, 0xfe); - towire_u32(pptr, (u32)val); + towire_u32(pptr, val); } else { towire_u8(pptr, 0xff); towire_u64(pptr, val); diff --git a/wire/wire.h b/wire/wire.h index 986732dc1703..90e237768189 100644 --- a/wire/wire.h +++ b/wire/wire.h @@ -69,7 +69,7 @@ void towire_u64(u8 **pptr, u64 v); void towire_double(u8 **pptr, const double *v); void towire_pad(u8 **pptr, size_t num); void towire_bool(u8 **pptr, bool v); -void towire_var_int(u8 **pptr, const u64 val); +void towire_bigsize(u8 **pptr, const u64 val); void towire_u8_array(u8 **pptr, const u8 *arr, size_t num); @@ -86,7 +86,7 @@ u32 fromwire_u32(const u8 **cursor, size_t *max); u64 fromwire_u64(const u8 **cursor, size_t *max); void fromwire_double(const u8 **cursor, size_t *max, double *v); bool fromwire_bool(const u8 **cursor, size_t *max); -u64 fromwire_var_int(const u8 **cursor, size_t *max); +u64 fromwire_bigsize(const u8 **cursor, size_t *max); void fromwire_secret(const u8 **cursor, size_t *max, struct secret *secret); void fromwire_privkey(const u8 **cursor, size_t *max, struct privkey *privkey); void fromwire_pubkey(const u8 **cursor, size_t *max, struct pubkey *pubkey);