TOB-FUEL-42: Config values lack overflow checks

[xgreenx]

Description

The Fuel node has configurations for its chain and peer to peer that lack overflow checks on some parameters provided by node operators. Rather than allow a misconfigured node to continue to operate in the event of an overflow, invalid configurations should be validated upfront and rejected by using checked arithmetic.

Figure 42.1: Potential overflow in ChainConfig (audit-fuel/fuel-core/crates/chain-config/src/config/chain.rs#74–78)

impl Default for ChainConfig {
    fn default() -> Self {
        Self {
            chain_name: "local".into(),
            block_gas_limit: ConsensusParameters::DEFAULT.max_gas_per_tx * 10,

Figure 42.2: Potential overflow in P2P configuration (audit-fuel/fuel-core/crates/services/p2p/src/p2p_service.rs#154–171)

pub fn new(config: Config, codec: Codec) -> Self {
    let local_peer_id = PeerId::from(config.keypair.public());
    let gossipsub_data =
        GossipsubData::with_topics(GossipsubTopics::new(&config.network_name));
    let network_metadata = NetworkMetadata { gossipsub_data };
    // configure and build P2P Service
    let (transport, connection_state) = build_transport(&config);
    let behaviour = FuelBehaviour::new(&config, codec.clone());
    let total_connections = {
        // Reserved nodes do not count against the configured peer input/output
limits.
};
    let total_peers =
        config.max_peers_connected + config.reserved_nodes.len() as u32;
    total_peers * config.max_connections_per_peer

Exploit Scenario

A node operator uses invalid configurations that cause an overflow. Rather than receiving an error that these configurations are invalid, the node continues to run with unanticipated behavior.

Recommendations

Short term, use checked arithmetic and validate that configurations are within reasonable bounds.
Long term, consider setting Clippy’s integer arithmetic lint to deny and use checked, saturating, or wrapping arimhetic explicitly (same as #1334).