Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error coding #6

Open
mahmoud422 opened this issue Jul 2, 2020 · 9 comments
Open

Error coding #6

mahmoud422 opened this issue Jul 2, 2020 · 9 comments
Labels
improvement Optimization and improvement to code

Comments

@mahmoud422
Copy link

On line 110, you notice that this value is not present in the service application In this path https://github.com/KuChainNetwork/kratos/blob/master/third_party/proto/tendermint/abci/types/types.proto
@cain42
Copy link
Contributor

cain42 commented Jul 3, 2020

Do you mean this line is not present in the service application?

https://github.com/KuChainNetwork/kratos/blob/master/third_party/proto/tendermint/abci/types/types.proto#L110

@mahmoud422
Copy link
Author

Yes

@Pisces-Anjou
Copy link
Contributor

Hi,

Thanks for your submission.

This is a type definition we reserved for expansion, which will not impact the entire program.

I'm afraid we couldn't get your meaning if you don't describe it in detail. Do you think there will be any bad effects for the program caused by the line you mentioned? Please follow the vulnerability report template and share us more specific information.

Regards

KuChain Team

@mahmoud422
Copy link
Author

No, there are no major effects, but in the future it may cause a major problem, or soon

@Pisces-Anjou
Copy link
Contributor

Hi,

Could you please give some examples to show us in what kind of circumstances will it(the line 110) caused the "major problem" in the future?

Regards
KuChain Team

@mahmoud422
Copy link
Author

Sorry for being late due to family problems. It may slow servers, and with new updates it may cause servers with cyberattacks to Drop network traffic.

@Pisces-Anjou
Copy link
Contributor

Hi,

Thanks for your replying.
Note that there won't be any practical impact delivered by the issue you mentioned, it will not affect the normal operation of the chain, and it is not in the scope from P1 to P4. After evaluation, we consider it is not a valid vulnerability but a good improve suggestion.
Thank you very much for your attention. Please keep trying and hep us improve our chain.

Regards
KuChain Team

@Pisces-Anjou Pisces-Anjou added the improvement Optimization and improvement to code label Aug 3, 2020
@mahmoud422
Copy link
Author

mahmoud422 commented Aug 3, 2020
edited
Loading

Okay thanks,But I think the P4 vulnerability should be evaluated

@Pisces-Anjou
Copy link
Contributor

Hi,

Thanks for your replying.
As what I have said above, there won't be any practical impact delivered by the issue you mentioned, it will not affect the normal operation of the chain, and it is not in the scope from P1 to P4.
What's more, the inferring problems are not in the evaluation scope. What you reported is not a valid bug for KuChain.
Hope you could understand.

Regards
KuChain Team

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
improvement Optimization and improvement to code
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mahmoud422 @cain42 @Pisces-Anjou