From fa2cc57ca6d0025733615124a2a2d8f28e0ea9af Mon Sep 17 00:00:00 2001
From: Wilmer Paulino <wilmer.paulino@gmail.com>
Date: Tue, 9 Jan 2018 01:04:58 -0500
Subject: [PATCH] invoice: sanity check routing info field

This commit allows parseRoutingInfo to return an error when parsing a
routing info field whose length is not a multiple of 51 bytes, rather
than crash.
---
 zpay32/invoice.go | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/zpay32/invoice.go b/zpay32/invoice.go
index 836d6887..e95d040a 100644
--- a/zpay32/invoice.go
+++ b/zpay32/invoice.go
@@ -37,6 +37,10 @@ const (
 	// with zeroes.
 	pubKeyBase32Len = 53
 
+	// routingInfoLen is the number of bytes needed to encode the extra
+	// routing info of a single private route.
+	routingInfoLen = 51
+
 	// The following byte values correspond to the supported field types.
 	// The field name is the character representing that 5-bit value in the
 	// bech32 string.
@@ -860,6 +864,11 @@ func parseRoutingInfo(data []byte) ([]ExtraRoutingInfo, error) {
 		return nil, err
 	}
 
+	if len(base256Data)%routingInfoLen != 0 {
+		return nil, fmt.Errorf("expected length multiple of %d bytes, got %d",
+			routingInfoLen, len(base256Data))
+	}
+
 	var routingInfo []ExtraRoutingInfo
 	info := ExtraRoutingInfo{}
 	for len(base256Data) > 0 {