funder: sanitize inputs

Error out if we've got the wrong info

plugins/funder.c

@@ -593,8 +593,14 @@ static void json_channel_open_failed(struct command *cmd,
 
 static const char *init(struct plugin *p, const char *b, const jsmntok_t *t)
 {
+	const char *err;
+
 	list_head_init(&pending_opens);
 
+	err = funder_check_policy(&current_policy);
+	if (err)
+		plugin_err(p, "Invalid parameter combination: %s", err);
+
 	return NULL;
 }
 

plugins/funder_policy.c

@@ -89,6 +89,32 @@ default_funder_policy(enum funder_opt policy,
 				 100);
 }
 
+char *funder_check_policy(const struct funder_policy *policy)
+{
+	if (policy->fund_probability > 100)
+		return "fund_probability max is 100";
+
+	if (policy->fuzz_factor > 100)
+		return "fuzz_percent max is 100";
+
+	switch (policy->opt) {
+	case FIXED:
+		/* We don't do anything for fixed */
+		return NULL;
+	case MATCH:
+		if (policy->mod > 200)
+			return "Max allowed policy_mod for 'match'"
+			       " is 200";
+		return NULL;
+	case AVAILABLE:
+		if (policy->mod > 100)
+			return "Max allowed policy_mod for 'available'"
+			       " is 100";
+		return NULL;
+	}
+	abort();
+}
+
 static struct amount_sat
 apply_fuzz(u32 fuzz_factor, struct amount_sat val)
 {

plugins/funder_policy.h

@@ -89,4 +89,7 @@ const char *funder_policy_desc(const tal_t *ctx,
 
 /* Convert a cmdline option to a funding_opt */
 char *funding_option(const char *arg, enum funder_opt *opt);
+
+/* Check policy settings, return error if fails */
+char *funder_check_policy(const struct funder_policy *policy);
 #endif /* LIGHTNING_PLUGINS_FUNDER_POLICY_H */