Merge bitcoin/bitcoin#22455: addrman: detect on-disk corrupted nNew and nTried during unserialization

MarcoFalke · MarcoFalke · commit 54e31742d208 · 2021-07-19T14:25:53.000+02:00
816f29e addrman: detect on-disk corrupted nNew and nTried during unserialization (Vasil Dimov) Pull request description: Negative `nNew` or `nTried` are not possible during normal operation. So, if we read such values during unserialize, report addrman corruption. Fixes bitcoin/bitcoin#22450 ACKs for top commit: MarcoFalke: cr ACK 816f29e jonatack: ACK 816f29e lsilva01: Code Review ACK bitcoin/bitcoin@816f29e. This change provides a more accurate description of the error. Tree-SHA512: 01bdd72d2d86a0ef770a319fee995fd1e147b24a8db84ddb8cd121688e7f94fed73fddc0084758e7183c4f8d08e971f0b1b224f5adb10928a5aa4dbbc8709d74
diff --git a/src/addrman.h b/src/addrman.h
@@ -334,12 +334,18 @@ class CAddrMan
             nUBuckets ^= (1 << 30);
         }
 
-        if (nNew > ADDRMAN_NEW_BUCKET_COUNT * ADDRMAN_BUCKET_SIZE) {
-            throw std::ios_base::failure("Corrupt CAddrMan serialization, nNew exceeds limit.");
+        if (nNew > ADDRMAN_NEW_BUCKET_COUNT * ADDRMAN_BUCKET_SIZE || nNew < 0) {
+            throw std::ios_base::failure(
+                strprintf("Corrupt CAddrMan serialization: nNew=%d, should be in [0, %u]",
+                          nNew,
+                          ADDRMAN_NEW_BUCKET_COUNT * ADDRMAN_BUCKET_SIZE));
         }
 
-        if (nTried > ADDRMAN_TRIED_BUCKET_COUNT * ADDRMAN_BUCKET_SIZE) {
-            throw std::ios_base::failure("Corrupt CAddrMan serialization, nTried exceeds limit.");
+        if (nTried > ADDRMAN_TRIED_BUCKET_COUNT * ADDRMAN_BUCKET_SIZE || nTried < 0) {
+            throw std::ios_base::failure(
+                strprintf("Corrupt CAddrMan serialization: nTried=%d, should be in [0, %u]",
+                          nTried,
+                          ADDRMAN_TRIED_BUCKET_COUNT * ADDRMAN_BUCKET_SIZE));
         }
 
         // Deserialize entries from the new table.
