Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Audit fixes] FOR-02: Inconsistent Deserialization of Address ID #1149

Merged
merged 7 commits into from
Jun 14, 2021
Merged

[Audit fixes] FOR-02: Inconsistent Deserialization of Address ID #1149

merged 7 commits into from
Jun 14, 2021

Conversation

cryptoquick
Copy link
Contributor

Summary of changes
Changes introduced in this pull request:

  • Compares serialized leb128 bytes to deserialized bytes.
  • Adds a passing test case, in addition to 2 test cases for encodings meant to fail, as recommended in the audit document.
  • These changes should not alter behavior in release build; it will only make the node behavior more consistent with that of the Lotus node.

Reference issue to close (if applicable)

Closes #1134

Other information and links

  • Explanation of changes: from_leb_128 is too permissive of how leb128 bytes are deserialized, resulting in inconsistent behavior from how Lotus deserializes bytes. Lotus throws an error if there byte encodings are inconsistent.

@cryptoquick cryptoquick marked this pull request as ready for review June 9, 2021 18:48
@cryptoquick cryptoquick requested a review from a user June 9, 2021 18:48
ec2
ec2 reviewed Jun 10, 2021
View reviewed changes
vm/address/src/lib.rs Outdated
if to_leb_bytes(id)? == bz {
Ok(id)
} else {
error!(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably makes sense to have this be part of the InvalidAddressIDPayload variant instead of printing it out

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Like, maybe using a tuple in the enum variant to capture the id?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Take a look at these changes. Is this what you meant?
2e5f084

creativcoder
creativcoder approved these changes Jun 10, 2021
View reviewed changes
Copy link
Contributor

@creativcoder creativcoder left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@cryptoquick cryptoquick requested a review from ec2 June 11, 2021 22:46
@cryptoquick cryptoquick changed the title [Audit fixes] FOR-02 - Inconsistent Deserialization of Address ID [Audit fixes] FOR-02: Inconsistent Deserialization of Address ID Jun 14, 2021
ec2
ec2 approved these changes Jun 14, 2021
View reviewed changes
vm/address/Cargo.toml
@@ -13,6 +13,7 @@ num-derive = "0.3.0"
data-encoding = "2.1.2"
data-encoding-macro = "0.1.7"
leb128 = "0.2.1"
log = "0.4.8"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Think we can remove this now.

@cryptoquick cryptoquick merged commit f698ba8 into main Jun 14, 2021
@cryptoquick cryptoquick deleted the hunter/FOR-02 branch June 14, 2021 16:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ec2 ec2 ec2 approved these changes

@creativcoder creativcoder creativcoder approved these changes

@connormullett connormullett Awaiting requested review from connormullett

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

FOR-02: Inconsistent Deserialisation of Address
3 participants
@cryptoquick @creativcoder @ec2