item 4 - topeerid should validate []byte length (#14181)

Co-authored-by: Bolek <1416262+bolekk@users.noreply.github.com>
smartcontractkit · Aug 21, 2024 · ee57b4f · ee57b4f
1 parent fdf9d10
commit ee57b4f
Show file tree

Hide file tree

Showing 7 changed files with 34 additions and 7 deletions.
diff --git a/.changeset/tender-wombats-juggle.md b/.changeset/tender-wombats-juggle.md
@@ -0,0 +1,5 @@
+---
+"chainlink": patch
+---
+
+#internal topeerid should validate []byte length
diff --git a/core/capabilities/remote/target/request/client_request.go b/core/capabilities/remote/target/request/client_request.go
@@ -140,7 +140,10 @@ func (c *ClientRequest) OnMessage(_ context.Context, msg *types.MessageBody) err
 
 	c.lggr.Debugw("OnMessage called for client request", "messageID", msg.MessageId)
 
-	sender := remote.ToPeerID(msg.Sender)
+	sender, err := remote.ToPeerID(msg.Sender)
+	if err != nil {
+		return fmt.Errorf("failed to convert message sender to PeerID: %w", err)
+	}
 
 	received, expected := c.responseReceived[sender]
 	if !expected {

diff --git a/core/capabilities/remote/target/request/server_request.go b/core/capabilities/remote/target/request/server_request.go
@@ -74,7 +74,11 @@ func (e *ServerRequest) OnMessage(ctx context.Context, msg *types.MessageBody) e
 		return fmt.Errorf("sender missing from message")
 	}
 
-	requester := remote.ToPeerID(msg.Sender)
+	requester, err := remote.ToPeerID(msg.Sender)
+	if err != nil {
+		return fmt.Errorf("failed to convert message sender to PeerID: %w", err)
+	}
+
 	if err := e.addRequester(requester); err != nil {
 		return fmt.Errorf("failed to add requester to request: %w", err)
 	}

diff --git a/core/capabilities/remote/trigger_publisher.go b/core/capabilities/remote/trigger_publisher.go
@@ -87,7 +87,12 @@ func (p *triggerPublisher) Start(ctx context.Context) error {
 }
 
 func (p *triggerPublisher) Receive(_ context.Context, msg *types.MessageBody) {
-	sender := ToPeerID(msg.Sender)
+	sender, err := ToPeerID(msg.Sender)
+	if err != nil {
+		p.lggr.Errorw("failed to convert message sender to PeerID", "err", err)
+		return
+	}
+
 	if msg.Method == types.MethodRegisterTrigger {
 		req, err := pb.UnmarshalCapabilityRequest(msg.Payload)
 		if err != nil {

diff --git a/core/capabilities/remote/trigger_subscriber.go b/core/capabilities/remote/trigger_subscriber.go
@@ -175,7 +175,12 @@ func (s *triggerSubscriber) UnregisterTrigger(ctx context.Context, request commo
 }
 
 func (s *triggerSubscriber) Receive(_ context.Context, msg *types.MessageBody) {
-	sender := ToPeerID(msg.Sender)
+	sender, err := ToPeerID(msg.Sender)
+	if err != nil {
+		s.lggr.Errorw("failed to convert message sender to PeerID", "err", err)
+		return
+	}
+
 	if _, found := s.capDonMembers[sender]; !found {
 		s.lggr.Errorw("received message from unexpected node", "capabilityId", s.capInfo.ID, "sender", sender)
 		return

diff --git a/core/capabilities/remote/utils.go b/core/capabilities/remote/utils.go
@@ -48,10 +48,14 @@ func ValidateMessage(msg p2ptypes.Message, expectedReceiver p2ptypes.PeerID) (*r
 	return &body, nil
 }
 
-func ToPeerID(peerID []byte) p2ptypes.PeerID {
+func ToPeerID(peerID []byte) (p2ptypes.PeerID, error) {
+	if len(peerID) != p2ptypes.PeerIDLength {
+		return p2ptypes.PeerID{}, fmt.Errorf("invalid peer ID length: %d", len(peerID))
+	}
+
 	var id p2ptypes.PeerID
 	copy(id[:], peerID)
-	return id
+	return id, nil
 }
 
 // Default MODE Aggregator needs a configurable number of identical responses for aggregation to succeed

diff --git a/core/capabilities/remote/utils_test.go b/core/capabilities/remote/utils_test.go
@@ -84,7 +84,8 @@ func encodeAndSign(t *testing.T, senderPrivKey ed25519.PrivateKey, senderId p2pt
 }
 
 func TestToPeerID(t *testing.T) {
-	id := remote.ToPeerID([]byte("12345678901234567890123456789012"))
+	id, err := remote.ToPeerID([]byte("12345678901234567890123456789012"))
+	require.NoError(t, err)
 	require.Equal(t, "12D3KooWD8QYTQVYjB6oog4Ej8PcPpqTrPRnxLQap8yY8KUQRVvq", id.String())
 }