sphinx: max payload size check

Author: joostjager

sphinx.go

@@ -5,6 +5,7 @@ import (
 	"crypto/ecdsa"
 	"crypto/hmac"
 	"crypto/sha256"
+	"fmt"
 	"io"
 	"math/big"
 
@@ -73,6 +74,11 @@ const (
 	baseVersion = 0
 )
 
+var (
+	ErrMaxRoutingInfoSizeExceeded = fmt.Errorf(
+		"max routing info size of %v bytes exceeded", routingInfoSize)
+)
+
 // OnionPacket is the onion wrapped hop-to-hop routing information necessary to
 // propagate a message through the mix-net without intermediate nodes having
 // knowledge of their position within the route, the source, the destination,
@@ -186,6 +192,11 @@ func generateSharedSecrets(paymentPath []*btcec.PublicKey,
 func NewOnionPacket(paymentPath *PaymentPath, sessionKey *btcec.PrivateKey,
 	assocData []byte) (*OnionPacket, error) {
 
+	// Check whether total payload size doesn't exceed the hard maximum.
+	if paymentPath.TotalPayloadSize() > routingInfoSize {
+		return nil, ErrMaxRoutingInfoSizeExceeded
+	}
+
 	numHops := paymentPath.TrueRouteLength()
 
 	hopSharedSecrets := generateSharedSecrets(

sphinx_test.go

@@ -563,8 +563,7 @@ func newEOBRoute(numHops uint32,
 	)
 	fwdMsg, err := NewOnionPacket(&route, sessionKey, nil)
 	if err != nil {
-		return nil, nil, fmt.Errorf("unable to create forwarding "+
-			"message: %#v", err)
+		return nil, nil, err
 	}
 
 	return fwdMsg, nodes, nil
@@ -587,8 +586,9 @@ func TestSphinxHopVariableSizedPayloads(t *testing.T) {
 	t.Parallel()
 
 	var testCases = []struct {
-		numNodes   uint32
-		eobMapping map[int]HopPayload
+		numNodes      uint32
+		eobMapping    map[int]HopPayload
+		expectedError error
 	}{
 		// A single hop route with a payload going to the last hop in
 		// the route. The payload is enough to fit into what would be
@@ -678,16 +678,40 @@ func TestSphinxHopVariableSizedPayloads(t *testing.T) {
 				},
 			},
 		},
+
+		// A 3 hop route (4 nodes) that carries more data then what fits
+		// in the routing info.
+		{
+			numNodes: 3,
+			eobMapping: map[int]HopPayload{
+				0: HopPayload{
+					Type:    PayloadTLV,
+					Payload: bytes.Repeat([]byte("a"), 500),
+				},
+				1: HopPayload{
+					Type:    PayloadTLV,
+					Payload: bytes.Repeat([]byte("a"), 500),
+				},
+				2: HopPayload{
+					Type:    PayloadTLV,
+					Payload: bytes.Repeat([]byte("a"), 500),
+				},
+			},
+			expectedError: ErrMaxRoutingInfoSizeExceeded,
+		},
 	}
 
 	for testCaseNum, testCase := range testCases {
 		nextPkt, routers, err := newEOBRoute(
 			testCase.numNodes, testCase.eobMapping,
 		)
-		if err != nil {
+		if testCase.expectedError != err {
 			t.Fatalf("#%v: unable to create eob "+
 				"route: %v", testCase, err)
 		}
+		if err != nil {
+			continue
+		}
 
 		// We'll now walk thru manually each actual hop within the
 		// route. We use the size of the routers rather than the number