From c6fc7986f134e5de622439cf9e48372dfc4a23d9 Mon Sep 17 00:00:00 2001 From: Jonathan Bennett Date: Sun, 4 Jan 2026 21:06:36 -0600 Subject: [PATCH] More sanity checks on incoming messages --- src/modules/Native/StoreForwardPlusPlus.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/modules/Native/StoreForwardPlusPlus.cpp b/src/modules/Native/StoreForwardPlusPlus.cpp index 4f624785a..65d4ecbe9 100644 --- a/src/modules/Native/StoreForwardPlusPlus.cpp +++ b/src/modules/Native/StoreForwardPlusPlus.cpp @@ -465,7 +465,7 @@ bool StoreForwardPlusPlusModule::handleReceivedProtobuf(const meshtastic_MeshPac link_object scratch_object = getFromScratch(t->message_hash.bytes, t->message_hash.size); // if this matches, we don't need to request the message // we know exactly what it is - if (t->message_hash.size >= 8 && + if (t->message_hash.size >= 8 && t->commit_hash.size >= 8 && checkCommitHash(scratch_object, t->commit_hash.bytes, t->message_hash.size)) { LOG_INFO("StoreForwardpp Found announced message in scratch, adding to chain"); scratch_object.rx_time = t->encapsulated_rxtime; @@ -1143,6 +1143,8 @@ bool StoreForwardPlusPlusModule::isCommitInDB(uint8_t *commit_hash_bytes, size_t bool StoreForwardPlusPlusModule::isInScratch(uint8_t *message_hash_bytes, size_t message_hash_len) { + if (message_hash_len < SFPP_SHORT_HASH_SIZE) + return false; sqlite3_bind_int(checkScratch, 1, message_hash_len); sqlite3_bind_blob(checkScratch, 2, message_hash_bytes, message_hash_len, NULL); sqlite3_step(checkScratch);