Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Check input sanitization for rounded decimals #2509

Closed
cwgoes opened this issue Oct 16, 2018 · 7 comments
Closed

Check input sanitization for rounded decimals #2509

cwgoes opened this issue Oct 16, 2018 · 7 comments
Assignees
@rigelrozanski
Labels
C:x/staking T:Bug T: Security
Milestone
v0.31.0 (Launch RC)

Comments

@cwgoes
Copy link
Contributor

cwgoes commented Oct 16, 2018

e.g. validator power (.RoundInt64() for TM power), over 2 ** 64 will cause a panic, this is a possible DoS vector.
@cwgoes cwgoes mentioned this issue Oct 16, 2018
Merged
5 tasks
@jackzampolin
Copy link
Member

Is this still an issue @cwgoes? And if not, where does this need to get fixed? There are quite a few calls to .RoundInt64()...

@cwgoes
Copy link
Contributor Author

cwgoes commented Dec 8, 2018

#2958 will help, we should audit all remaining calls.

@cwgoes cwgoes self-assigned this Dec 14, 2018
@jackzampolin
Copy link
Member

@cwgoes @rigelrozanski can we go ahead and close this one?

@rigelrozanski
Copy link
Contributor

@cwgoes how is this related to #2513 - maybe I just don't understand what's remaining in 2513 actually

@cwgoes
Copy link
Contributor Author

cwgoes commented Jan 10, 2019

It's related to #2513 in the sense that at present, validator powers over 2 ** 64 (which are possible) would cause the state machine to panic. We need to ensure that whatever changes we introduce to fix #2513 also prevent the possibility of panic.

@rigelrozanski
Copy link
Contributor

got it - they're tightly related issues

@cwgoes cwgoes removed their assignment Jan 16, 2019
@jackzampolin jackzampolin added this to the v0.30.0 (Launch RC) milestone Jan 29, 2019
@rigelrozanski rigelrozanski self-assigned this Jan 29, 2019
@rigelrozanski
Copy link
Contributor

post- #3400 AFAICT the only non test instances of RoundInt64 are:

x/auth/ante.go:311:			requiredFees[i] = sdk.NewInt64Coin(gp.Denom, fee.Ceil().RoundInt64())
x/auth/client/txbuilder/txbuilder.go:178:			fees[i] = sdk.NewInt64Coin(gp.Denom, fee.Ceil().RoundInt64())
x/slashing/params.go:110:	return sdk.NewDec(signedBlocksWindow).Mul(minSignedPerWindow).RoundInt64()

@rigelrozanski rigelrozanski mentioned this issue Feb 1, 2019
Merged
5 tasks
@jackzampolin jackzampolin reopened this Feb 4, 2019
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@rigelrozanski rigelrozanski

Labels
C:x/staking T:Bug T: Security
Projects
None yet
Milestone
v0.31.0 (Launch RC)
Development

No branches or pull requests
3 participants
@jackzampolin @rigelrozanski @cwgoes