Skip to content

Commit 4538e37

Browse files
kwvgkwvg
committed
evo: fast-fail MnNetInfo::AddEntry() if invalid characters found
1 parent 4202a26 commit 4538e37

File tree

2 files changed

+19
-3
lines changed

2 files changed

+19
-3
lines changed

src/evo/netinfo.cpp

+17-1
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,8 @@ static std::unique_ptr<const CChainParams> g_main_params{nullptr};
1515
static std::once_flag g_main_params_flag;
1616
static const CService empty_service{CService()};
1717

18+
static constexpr std::string_view SAFE_CHARS_IPV4{"1234567890."};
19+
1820
bool IsNodeOnMainnet() { return Params().NetworkIDString() == CBaseChainParams::MAIN; }
1921
const CChainParams& MainParams()
2022
{
@@ -23,6 +25,11 @@ const CChainParams& MainParams()
2325
[&]() { g_main_params = CreateChainParams(ArgsManager{}, CBaseChainParams::MAIN); });
2426
return *Assert(g_main_params);
2527
}
28+
29+
bool MatchCharsFilter(std::string_view input, std::string_view filter)
30+
{
31+
return std::all_of(input.begin(), input.end(), [&filter](char c) { return filter.find(c) != std::string_view::npos; });
32+
}
2633
} // anonymous namespace
2734

2835
bool NetInfoEntry::operator==(const NetInfoEntry& rhs) const
@@ -162,7 +169,16 @@ NetInfoStatus MnNetInfo::AddEntry(const std::string& input)
162169
if (!IsEmpty()) {
163170
return NetInfoStatus::MaxLimit;
164171
}
165-
if (auto service_opt{Lookup(input, /*portDefault=*/Params().GetDefaultPort(), /*fAllowLookup=*/false)}) {
172+
173+
std::string addr;
174+
uint16_t port{Params().GetDefaultPort()};
175+
SplitHostPort(input, port, addr);
176+
// Contains invalid characters, unlikely to pass Lookup(), fast-fail
177+
if (!MatchCharsFilter(addr, SAFE_CHARS_IPV4)) {
178+
return NetInfoStatus::BadInput;
179+
}
180+
181+
if (auto service_opt{Lookup(addr, /*portDefault=*/port, /*fAllowLookup=*/false)}) {
166182
const auto ret{ValidateService(*service_opt)};
167183
if (ret == NetInfoStatus::Success) {
168184
m_addr = NetInfoEntry{*service_opt};

src/test/evo_netinfo_tests.cpp

+2-2
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ const std::vector<std::pair</*input=*/std::string, /*expected_ret=*/NetInfoStatu
2828
// Port greater than uint16_t max
2929
{"1.1.1.1:99999", NetInfoStatus::BadInput},
3030
// Only IPv4 allowed
31-
{"[2606:4700:4700::1111]:9999", NetInfoStatus::BadType},
31+
{"[2606:4700:4700::1111]:9999", NetInfoStatus::BadInput},
3232
// Domains are not allowed
3333
{"example.com:9999", NetInfoStatus::BadInput},
3434
// Incorrect IPv4 address
@@ -179,7 +179,7 @@ BOOST_AUTO_TEST_CASE(cservice_compatible)
179179
// Validation failure (non-IPv4 not allowed), MnNetInfo should remain empty if ValidateService() failed
180180
service = CService();
181181
netInfo.Clear();
182-
BOOST_CHECK_EQUAL(netInfo.AddEntry("[2606:4700:4700::1111]:9999"), NetInfoStatus::BadType);
182+
BOOST_CHECK_EQUAL(netInfo.AddEntry("[2606:4700:4700::1111]:9999"), NetInfoStatus::BadInput);
183183
BOOST_CHECK(CheckIfSerSame(service, netInfo));
184184
}
185185

0 commit comments

Comments
 (0)