Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

discv4: Fix assert on invalid RLP list in Neighbours message #763

Merged
merged 1 commit into from
Dec 2, 2024

Conversation

kdeme
Copy link
Contributor

@kdeme kdeme commented Nov 29, 2024

The assert would occur when the rlp size of the a node in the nodes rlp list is incorrectly set too high and then the next listElem call for the next node will start from the incorrect data. When that data is not a list the assert in listElem will be triggered.

Fixed by adding a listLen call which checks if it is a list. Added also more strictness by:

  • Checking if that list is of len 4, which it must be
  • raising immediatly on invalid IP length
  • raising immediatly on invalid public key / node id
  • test cases

The assert would occur when the rlp size of the a node in the
nodes rlp list is incorrectly set too high and then the next
`listElem` call for the next node will start from the
incorrect data. When that data is not a list the assert in
`listElem` will be triggered.

Fixed by adding a `listLen` call which checks if it is a list.
Added also more strictness by:
- Checking if that list is of len 4, which it must be
- raising immediatly on invalid IP length
- raising immediatly on invalid public key / node id

+ test cases
@kdeme kdeme merged commit aa92ad4 into master Dec 2, 2024
18 checks passed
@kdeme kdeme deleted the fix-discv4-rlp-nodes branch December 2, 2024 08:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant