From af16b9b9f411e13c5aff452ec9f7ecb334f8cf7c Mon Sep 17 00:00:00 2001
From: William Casarin <jb55@jb55.com>
Date: Thu, 10 Feb 2022 09:14:04 -0800
Subject: [PATCH] bolt11: mark when we decode min_final_cltv_expiry

It looks like decode_c doesn't set have_c unlike the other decode_
methods. At the start of the function, decode_c checks have_c to see if
it's set, but it is never set. It seems like this could allow for
duplicate c tags, which is probably not intended.

Signed-off-by: William Casarin <jb55@jb55.com>
---
 common/bolt11.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/common/bolt11.c b/common/bolt11.c
index cad30717f..190e433f3 100644
--- a/common/bolt11.c
+++ b/common/bolt11.c
@@ -245,7 +245,7 @@ static char *decode_x(struct bolt11 *b11,
 static char *decode_c(struct bolt11 *b11,
 		      struct hash_u5 *hu5,
 		      u5 **data, size_t *data_len,
-		      size_t data_length, const bool *have_c)
+		      size_t data_length, bool *have_c)
 {
 	u64 c;
 	if (*have_c)
@@ -261,6 +261,7 @@ static char *decode_c(struct bolt11 *b11,
 	if (b11->min_final_cltv_expiry != c)
 		return tal_fmt(b11, "c: %"PRIu64" is too large", c);
 
+	*have_c = true;
 	return NULL;
 }