evo: fast-fail MnNetInfo::AddEntry() if invalid characters found

kwvg · kwvg · commit 66ee55c6eaba · 2025-05-12T18:20:28.000Z
diff --git a/src/evo/netinfo.cpp b/src/evo/netinfo.cpp
@@ -15,6 +15,8 @@ static std::unique_ptr<const CChainParams> g_main_params{nullptr};
 static std::once_flag g_main_params_flag;
 static const CService empty_service{CService()};
 
+static constexpr std::string_view SAFE_CHARS_IPV4{"1234567890."};
+
 bool IsNodeOnMainnet() { return Params().NetworkIDString() == CBaseChainParams::MAIN; }
 const CChainParams& MainParams()
 {
@@ -23,6 +25,16 @@ const CChainParams& MainParams()
                    [&]() { g_main_params = CreateChainParams(ArgsManager{}, CBaseChainParams::MAIN); });
     return *Assert(g_main_params);
 }
+
+bool MatchCharsFilter(const std::string& input, const std::string_view& filter)
+{
+    for (char c : input) {
+        if (filter.find(c) == std::string::npos) {
+            return false;
+        }
+    }
+    return true;
+}
 } // anonymous namespace
 
 bool NetInfoEntry::operator==(const NetInfoEntry& rhs) const
@@ -162,8 +174,16 @@ NetInfoStatus MnNetInfo::AddEntry(const std::string& input)
     if (!IsEmpty()) {
         return NetInfoStatus::MaxLimit;
     }
-    if (auto service = Lookup(input, /*portDefault=*/Params().GetDefaultPort(), /*fAllowLookup=*/false);
-        service.has_value()) {
+
+    std::string addr;
+    uint16_t port{Params().GetDefaultPort()};
+    SplitHostPort(input, port, addr);
+    // Contains invalid characters, unlikely to pass Lookup(), fast-fail
+    if (!MatchCharsFilter(addr, SAFE_CHARS_IPV4)) {
+        return NetInfoStatus::BadInput;
+    }
+
+    if (auto service = Lookup(addr, /*portDefault=*/port, /*fAllowLookup=*/false); service.has_value()) {
         const auto ret = ValidateService(service.value());
         if (ret == NetInfoStatus::Success) {
             m_addr = NetInfoEntry{service.value()};
diff --git a/src/test/evo_netinfo_tests.cpp b/src/test/evo_netinfo_tests.cpp
@@ -27,7 +27,7 @@ const std::vector<std::pair</*input=*/std::string, /*expected_ret=*/NetInfoStatu
     // Port greater than uint16_t max
     {"1.1.1.1:99999", NetInfoStatus::BadInput},
     // Only IPv4 allowed
-    {"[2606:4700:4700::1111]:9999", NetInfoStatus::BadType},
+    {"[2606:4700:4700::1111]:9999", NetInfoStatus::BadInput},
     // Domains are not allowed
     {"example.com:9999", NetInfoStatus::BadInput},
     // Incorrect IPv4 address
@@ -105,7 +105,7 @@ BOOST_AUTO_TEST_CASE(cservice_compatible)
     // Validation failure (non-IPv4 not allowed), MnNetInfo should remain empty if ValidateService() failed
     service = CService();
     netInfo.Clear();
-    BOOST_CHECK_EQUAL(netInfo.AddEntry("[2606:4700:4700::1111]:9999"), NetInfoStatus::BadType);
+    BOOST_CHECK_EQUAL(netInfo.AddEntry("[2606:4700:4700::1111]:9999"), NetInfoStatus::BadInput);
     BOOST_CHECK(CheckIfSerSame(service, netInfo));
 }
 
