From 1f45ef88300332acfa36bfe45c8ed82600ad991f Mon Sep 17 00:00:00 2001
From: Rusty Russell <rusty@rustcorp.com.au>
Date: Thu, 6 Feb 2025 12:13:30 +1030
Subject: [PATCH] gossmap: don't crash if we hit a zero-length record.

We have a report of this happening under ZFS.  We cannot do much if
this really is a problem where we can't read back what we write, but
this avoids the immediate crash.

Fixes: https://github.com/ElementsProject/lightning/issues/7971
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Fixed: gossmap: occasional crash (at least on ZFS) reading gossip_store.
---
 common/gossmap.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/common/gossmap.c b/common/gossmap.c
index 8e35d5bcd1c4..14cebca076dd 100644
--- a/common/gossmap.c
+++ b/common/gossmap.c
@@ -701,6 +701,10 @@ static bool map_catchup(struct gossmap *map, bool *changed)
 		if (map->map_end + reclen > map->map_size)
 			break;
 
+		/* FIXME: In corruption, we can see zeroes here: don't crash. */
+		if (be16_to_cpu(ghdr.len) < sizeof(be16))
+			break;
+
 		off = map->map_end + sizeof(ghdr);
 		type = map_be16(map, off);
 		if (type == WIRE_CHANNEL_ANNOUNCEMENT) {