davide/palladum-lightning
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity

common/bolt11: enforce minimum witness program length for fallback addresses

Browse Source 
BIP-141 specifies that a witness program must be between 2 and 40 bytes in
length. In our fallback address parsing, we were already checking the upper
bound, but missing the lower bound check. This commit adds validation to
ensure fallback address witness programs are at least 2 bytes long, bringing
our implementation in line with the spec and other implementations like
rust-lightning.

Changelog-Fixed: Enforced minimum witness program length of 2 bytes for
fallback addresses to comply with BIP-141 and prevent invalid decodings.
This commit is contained in:
Erick Cestari
2025-04-08 09:56:59 -03:00
committed by Rusty Russell
parent d3c7d2c419
commit d7319795b4
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
common/bolt11.c
View File

@@ -420,7 +420,7 @@ static const char *decode_f(struct bolt11 *b11,
"f: witness v1 bad length %zu",
tal_count(f));
}
if (tal_count(f) > 40) {
if (tal_count(f) > 40 || tal_count(f) < 2) {
return tal_fmt(b11,
"f: witness v%"PRIu64" bad length %zu",
version,