validate incoming handshake timestamps

1 files changed, 3 insertions, 2 deletions

diff --git a/src/interface/peer_server.rs b/src/interface/peer_server.rs
index 5fe6bc3..2ad363a 100644
--- a/src/interface/peer_server.rs
+++ b/src/interface/peer_server.rs
@@ -129,8 +129,9 @@ impl PeerServer {
                     &state.interface_info.private_key.ok_or_else(|| format_err!("no private key!"))?)?;
 
                 let mut timestamp = [0u8; 12];
-                let _ = noise.read_message(&packet[8..116], &mut timestamp)
+                let len = noise.read_message(&packet[8..116], &mut timestamp)
                     .map_err(SyncFailure::new)?;
+                ensure!(len == 12, "incorrect handshake payload length");
 
                 let mut peer_ref = {
                     let their_pubkey = noise.get_remote_static().expect("must have remote static key");
@@ -141,7 +142,7 @@ impl PeerServer {
                 };
                 let mut peer = peer_ref.borrow_mut();
 
-                let (response, next_index, dead_index) = peer.process_incoming_handshake(addr, their_index, &timestamp, noise)?;
+                let (response, next_index, dead_index) = peer.process_incoming_handshake(addr, their_index, timestamp.into(), noise)?;
                 let _ = state.index_map.insert(next_index, peer_ref.clone());
                 if let Some(index) = dead_index {
                     let _ = state.index_map.remove(&index);