Skip to content

Commit c3e48ab

Browse files
kwvgkwvg
committed
evo: fast-fail MnNetInfo::AddEntry() if invalid characters found
1 parent e49f8e3 commit c3e48ab

File tree

2 files changed

+19
-3
lines changed

2 files changed

+19
-3
lines changed

src/evo/netinfo.cpp

+17-1
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,8 @@ static std::unique_ptr<const CChainParams> g_main_params{nullptr};
1515
static std::once_flag g_main_params_flag;
1616
static const CService empty_service{CService()};
1717

18+
static constexpr std::string_view SAFE_CHARS_IPV4{"1234567890."};
19+
1820
bool IsNodeOnMainnet() { return Params().NetworkIDString() == CBaseChainParams::MAIN; }
1921
const CChainParams& MainParams()
2022
{
@@ -23,6 +25,11 @@ const CChainParams& MainParams()
2325
[&]() { g_main_params = CreateChainParams(ArgsManager{}, CBaseChainParams::MAIN); });
2426
return *Assert(g_main_params);
2527
}
28+
29+
bool MatchCharsFilter(std::string_view input, std::string_view filter)
30+
{
31+
return std::all_of(input.begin(), input.end(), [&filter](char c) { return filter.find(c) != std::string_view::npos; });
32+
}
2633
} // anonymous namespace
2734

2835
bool NetInfoEntry::operator==(const NetInfoEntry& rhs) const
@@ -176,7 +183,16 @@ NetInfoStatus MnNetInfo::AddEntry(const std::string& input)
176183
if (!IsEmpty()) {
177184
return NetInfoStatus::MaxLimit;
178185
}
179-
if (auto service_opt{Lookup(input, /*portDefault=*/Params().GetDefaultPort(), /*fAllowLookup=*/false)}) {
186+
187+
std::string addr;
188+
uint16_t port{Params().GetDefaultPort()};
189+
SplitHostPort(input, port, addr);
190+
// Contains invalid characters, unlikely to pass Lookup(), fast-fail
191+
if (!MatchCharsFilter(addr, SAFE_CHARS_IPV4)) {
192+
return NetInfoStatus::BadInput;
193+
}
194+
195+
if (auto service_opt{Lookup(addr, /*portDefault=*/port, /*fAllowLookup=*/false)}) {
180196
const auto ret{ValidateService(*service_opt)};
181197
if (ret == NetInfoStatus::Success) {
182198
m_addr = NetInfoEntry{*service_opt};

src/test/evo_netinfo_tests.cpp

+2-2
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ const std::vector<std::pair</*input=*/std::string, /*expected_ret=*/NetInfoStatu
2828
// Port greater than uint16_t max
2929
{"1.1.1.1:99999", NetInfoStatus::BadInput},
3030
// Only IPv4 allowed
31-
{"[2606:4700:4700::1111]:9999", NetInfoStatus::BadType},
31+
{"[2606:4700:4700::1111]:9999", NetInfoStatus::BadInput},
3232
// Domains are not allowed
3333
{"example.com:9999", NetInfoStatus::BadInput},
3434
// Incorrect IPv4 address
@@ -210,7 +210,7 @@ BOOST_AUTO_TEST_CASE(cservice_compatible)
210210
// Validation failure (non-IPv4 not allowed), MnNetInfo should remain empty if ValidateService() failed
211211
service = CService();
212212
netInfo.Clear();
213-
BOOST_CHECK_EQUAL(netInfo.AddEntry("[2606:4700:4700::1111]:9999"), NetInfoStatus::BadType);
213+
BOOST_CHECK_EQUAL(netInfo.AddEntry("[2606:4700:4700::1111]:9999"), NetInfoStatus::BadInput);
214214
BOOST_CHECK(CheckIfSerSame(service, netInfo));
215215
}
216216

0 commit comments

Comments
 (0)