NetDB: Check signature in verify

Remove null checks, _target can't be null
2020-06-28 14:56:08 +00:00
parent aadc9a13aa
commit 365b9053ec
2 changed files with 14 additions and 5 deletions
--- a/core/java/src/net/i2p/data/DatabaseEntry.java
+++ b/core/java/src/net/i2p/data/DatabaseEntry.java
@ -231,8 +231,9 @@ public abstract class DatabaseEntry extends DataStructureImpl {
     * This is the same as isValid() in RouterInfo
     * or verifySignature() in LeaseSet.
     * @return valid
+     * @since public since 0.9.47, was protected
     */
-    protected boolean verifySignature() {
+    public boolean verifySignature() {
        if (_signature == null)
            return false;
        byte data[];
--- a/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillVerifyStoreJob.java
+++ b/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillVerifyStoreJob.java
@ -35,7 +35,7 @@ import net.i2p.util.Log;
 class FloodfillVerifyStoreJob extends JobImpl {
    private final Log _log;
    private final Hash _key, _client;
-    private Hash _target;
+    private volatile Hash _target;
    private final Hash _sentTo;
    private final FloodfillNetworkDatabaseFacade _facade;
    private long _expiration;
@ -329,6 +329,15 @@ class FloodfillVerifyStoreJob extends JobImpl {
                // Verify it's as recent as the one we sent
                DatabaseStoreMessage dsm = (DatabaseStoreMessage)_message;
                DatabaseEntry entry = dsm.getEntry();
+                if (!entry.verifySignature()) {
+                    if (_log.shouldWarn())
+                        _log.warn(getJobId() + ": Sent bad data for verify: " + _target);
+                    pm.dbLookupFailed(_target);
+                    ctx.banlist().banlistRouterForever(_target, "Sent bad netdb data");
+                    ctx.statManager().addRateData("netDb.floodfillVerifyFail", delay);
+                    resend();
+                    return;
+                }
                long newDate;
                boolean success;
                if (_isLS2 &&
@ -376,7 +385,7 @@ class FloodfillVerifyStoreJob extends JobImpl {
            // but we have to use one of them to affect the FloodfillPeerSelector ordering.
            // If we don't do this we get stuck using the same verify peer every time even
            // though it is the real problem.
-            if (_target != null && !_target.equals(_sentTo))
+            if (!_target.equals(_sentTo))
                pm.dbLookupFailed(_target);
            ctx.statManager().addRateData("netDb.floodfillVerifyFail", delay);
            resend();
@ -416,7 +425,6 @@ class FloodfillVerifyStoreJob extends JobImpl {
            Set<Hash> toSkip = new HashSet<Hash>(2);
            if (_sentTo != null)
                toSkip.add(_sentTo);
-            if (_target != null)
            toSkip.add(_target);
            if (_log.shouldWarn())
                _log.warn(getJobId() + ": Verify failed, starting new store for: " + _key);