From 1e51ec0a2db723e4d94a20743d2b2942b3dbacdc Mon Sep 17 00:00:00 2001 From: Olaoluwa Osuntokun Date: Tue, 21 Apr 2020 16:42:52 -0700 Subject: [PATCH] lnrpc/invoicesrpc: clamp down on max invoice size In this commit, we move to clamp down somewhat on the max invoice size after the limit was removed as part of the mpp changes. In #4210, it was reported that a value of -1, would underflow and end up as 18 million BTC, which would trip checks w.r.t the max expressible value in mSAT. In this commit, we clamp things down to 100k BTC, which should be more than enough for anybody. Fixes #4210. --- lnrpc/invoicesrpc/addinvoice.go | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/lnrpc/invoicesrpc/addinvoice.go b/lnrpc/invoicesrpc/addinvoice.go index 24463ccb..c027208a 100644 --- a/lnrpc/invoicesrpc/addinvoice.go +++ b/lnrpc/invoicesrpc/addinvoice.go @@ -156,10 +156,22 @@ func AddInvoice(ctx context.Context, cfg *AddInvoiceConfig, len(invoice.DescriptionHash)) } + // We set the max invoice amount to 100k BTC, which itself is several + // multiples off the current block reward. + maxInvoiceAmt := btcutil.Amount(btcutil.SatoshiPerBitcoin * 100000) + + switch { // The value of the invoice must not be negative. - if invoice.Value < 0 { + case invoice.Value < 0: return nil, nil, fmt.Errorf("payments of negative value "+ "are not allowed, value is %v", invoice.Value) + + // Also ensure that the invoice is actually realistic, while preventing + // any issues due to underflow. + case invoice.Value.ToSatoshis() > maxInvoiceAmt: + return nil, nil, fmt.Errorf("invoice amount %v is "+ + "too large, max is %v", invoice.Value.ToSatoshis(), + maxInvoiceAmt) } amtMSat := invoice.Value