Ignore incorrectly-serialized banlist.dat entries

apoelstra · Oct 12, 2020 · 886be97 · 886be97
1 parent 883cea7
commit 886be97
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 1 deletion.
diff --git a/src/banman.cpp b/src/banman.cpp
@@ -184,7 +184,7 @@ void BanMan::SweepBanned()
         while (it != m_banned.end()) {
             CSubNet sub_net = (*it).first;
             CBanEntry ban_entry = (*it).second;
-            if (now > ban_entry.nBanUntil) {
+            if (!sub_net.IsValid() || now > ban_entry.nBanUntil) {
                 m_banned.erase(it++);
                 m_is_dirty = true;
                 notify_ui = true;

diff --git a/src/netaddress.cpp b/src/netaddress.cpp
@@ -1109,6 +1109,17 @@ bool CSubNet::IsValid() const
     return valid;
 }
 
+bool CSubNet::SanityCheck() const
+{
+    if (!(network.IsIPv4() || network.IsIPv6())) return false;
+
+    for (size_t x = 0; x < network.m_addr.size(); ++x) {
+        if (network.m_addr[x] & ~netmask[x]) return false;
+    }
+
+    return true;
+}
+
 bool operator==(const CSubNet& a, const CSubNet& b)
 {
     return a.valid == b.valid && a.network == b.network && !memcmp(a.netmask, b.netmask, 16);

diff --git a/src/netaddress.h b/src/netaddress.h
@@ -451,6 +451,8 @@ class CSubNet
         /// Is this value valid? (only used to signal parse errors)
         bool valid;
 
+        bool SanityCheck() const;
+
     public:
         CSubNet();
         CSubNet(const CNetAddr& addr, uint8_t mask);
@@ -482,6 +484,8 @@ class CSubNet
                 READWRITE(obj.netmask);
             }
             READWRITE(obj.valid);
+            // Mark invalid if the result doesn't pass sanity checking.
+            SER_READ(obj, if (obj.valid) obj.valid = obj.SanityCheck());
         }
 };