Add length check for read ChannelMonitor keys

tnull · tnull · commit b2c28a6edfa4 · 2023-09-08T10:06:19.000+02:00
diff --git a/lightning/src/util/persist.rs b/lightning/src/util/persist.rs
@@ -179,6 +179,7 @@ impl<ChannelSigner: WriteableEcdsaChannelSigner, K: KVStore> Persist<ChannelSign
 
 	fn persist_new_channel(&self, funding_txo: OutPoint, monitor: &ChannelMonitor<ChannelSigner>, _update_id: MonitorUpdateId) -> chain::ChannelMonitorUpdateStatus {
 		let key = format!("{}_{}", funding_txo.txid.to_hex(), funding_txo.index);
+		debug_assert!(key.len() > 65);
 		match self.write(
 			CHANNEL_MONITOR_PERSISTENCE_NAMESPACE,
 			CHANNEL_MONITOR_PERSISTENCE_SUB_NAMESPACE,
@@ -191,6 +192,7 @@ impl<ChannelSigner: WriteableEcdsaChannelSigner, K: KVStore> Persist<ChannelSign
 
 	fn update_persisted_channel(&self, funding_txo: OutPoint, _update: Option<&ChannelMonitorUpdate>, monitor: &ChannelMonitor<ChannelSigner>, _update_id: MonitorUpdateId) -> chain::ChannelMonitorUpdateStatus {
 		let key = format!("{}_{}", funding_txo.txid.to_hex(), funding_txo.index);
+		debug_assert!(key.len() > 65);
 		match self.write(
 			CHANNEL_MONITOR_PERSISTENCE_NAMESPACE,
 			CHANNEL_MONITOR_PERSISTENCE_SUB_NAMESPACE,
@@ -216,6 +218,12 @@ where
 	for stored_key in kv_store.list(
 		CHANNEL_MONITOR_PERSISTENCE_NAMESPACE, CHANNEL_MONITOR_PERSISTENCE_SUB_NAMESPACE)?
 	{
+		if stored_key.len() < 65 {
+			return Err(io::Error::new(
+				io::ErrorKind::InvalidData,
+				"Stored key has invalid length"));
+		}
+
 		let txid = Txid::from_hex(stored_key.split_at(64).0).map_err(|_| {
 			io::Error::new(io::ErrorKind::InvalidData, "Invalid tx ID in stored key")
 		})?;
