bolt11: validate recovery ID

Invalid recovery IDs cause secp256k1_ecdsa_recoverable_signature_parse_compact to abort, which crashes the entire node. We should return an error instead. Detected by libFuzzer: [libsecp256k1] illegal argument: recid >= 0 && recid <= 3
ElementsProject · Oct 17, 2023 · c1f2068 · c1f2068
1 parent 4b29502
commit c1f2068
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 0 deletions.
diff --git a/common/bolt11.c b/common/bolt11.c
@@ -923,6 +923,8 @@ struct bolt11 *bolt11_decode_nosig(const tal_t *ctx, const char *str,
 	return b11;
 }
 
+static bool valid_recovery_id(u8 recid) { return recid <= 3; }
+
 /* Decodes and checks signature; returns NULL on error. */
 struct bolt11 *bolt11_decode(const tal_t *ctx, const char *str,
 			     const struct feature_set *our_features,
@@ -963,6 +965,10 @@ struct bolt11 *bolt11_decode(const tal_t *ctx, const char *str,
 
 	assert(data_len == 0);
 
+	if (!valid_recovery_id(sig_and_recid[64]))
+		return decode_fail(b11, fail, "invalid recovery ID: %u",
+				   sig_and_recid[64]);
+
 	if (!secp256k1_ecdsa_recoverable_signature_parse_compact
 	    (secp256k1_ctx, &sig, sig_and_recid, sig_and_recid[64]))
 		return decode_fail(b11, fail, "signature invalid");

diff --git a/tests/fuzz/corpora/fuzz-bolt11/crash-02a760b43a1728ac699ca34f2a01d01cd4e6385f b/tests/fuzz/corpora/fuzz-bolt11/crash-02a760b43a1728ac699ca34f2a01d01cd4e6385f
@@ -0,0 +1 @@
+lnbc1qqygh9qpp5s7zxqqqqqqqqqqqqpjqqqqqqqqqqqqqqqqqqcqpjqqqsqqqqqqqqdqqqqqqqqqqqqqqqqqqqqqqqqqqqqquqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqzxqqqqqqqqqqqqqqqy6f523d