Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sdk/queries/vp/pos: sanitize the input of validator_by_tm_addr #3340

Merged
merged 2 commits into from
Jun 6, 2024
Merged

sdk/queries/vp/pos: sanitize the input of validator_by_tm_addr #3340

merged 2 commits into from
Jun 6, 2024

Conversation

tzemanovic
Copy link
Member

@tzemanovic tzemanovic commented May 31, 2024
edited
Loading

Describe your changes

Fixes an issue where an invalid input to validator_by_tm_addr may cause a node crash. The problem is that the parameter is used as an unsanitized string in input to namada_proof_of_stake::storage_key::validator_address_raw_hash_key which only expects valid inputs and panics otherwise.

Indicate on which release or other PRs this topic is based on

0.38.1

Checklist before merging to draft

  • I have added a changelog
  • Git history is in acceptable state

@tzemanovic tzemanovic marked this pull request as ready for review May 31, 2024 10:10
@tzemanovic tzemanovic requested a review from brentstone May 31, 2024 10:11
@tzemanovic tzemanovic mentioned this pull request May 31, 2024
Closed
@codecov Codecov
Copy link

codecov bot commented May 31, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 97.36842% with 1 line in your changes missing coverage. Please review.

Project coverage is 54.08%. Comparing base (883bd0f) to head (b377eb1).

Files Patch % Lines
crates/sdk/src/queries/vp/pos.rs 97.36% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3340      +/-   ##
==========================================
+ Coverage   54.05%   54.08%   +0.02%     
==========================================
  Files         315      315              
  Lines      106296   106334      +38     
==========================================
+ Hits        57461    57506      +45     
+ Misses      48835    48828       -7

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Fraccaman added a commit that referenced this pull request Jun 3, 2024
@Fraccaman
Merge branch 'tomas/router-loop' (#3340)
347d176 
* up/tomas/router-loop:
  changelog: add #3340
  sdk/queries/vp/pos: sanitize the input of `validator_by_tm_addr`
brentstone added a commit that referenced this pull request Jun 4, 2024
@brentstone
Merge branch 'tomas/router-loop' (#3340)
7e46d0d 
* tomas/router-loop:
  changelog: add #3340
  sdk/queries/vp/pos: sanitize the input of `validator_by_tm_addr`
brentstone added a commit that referenced this pull request Jun 5, 2024
@brentstone
Merge branch 'tomas/router-loop' (#3340)
bab240d 
* origin/tomas/router-loop:
  changelog: add #3340
  sdk/queries/vp/pos: sanitize the input of `validator_by_tm_addr`
@brentstone brentstone merged commit 2516f4a into main Jun 6, 2024
19 checks passed
@brentstone brentstone deleted the tomas/router-loop branch June 6, 2024 07:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brentstone brentstone brentstone approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tzemanovic @brentstone @Fraccaman