Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check input sanitization for rounded decimals #2509

Closed
cwgoes opened this issue Oct 16, 2018 · 7 comments
Closed

Check input sanitization for rounded decimals #2509

cwgoes opened this issue Oct 16, 2018 · 7 comments
Assignees
@rigelrozanski
Labels
C:x/staking T:Bug T: Security
Milestone
v0.31.0 (Launch RC)

Comments

@cwgoes
Copy link
Contributor

cwgoes commented Oct 16, 2018

e.g. validator power (.RoundInt64() for TM power), over 2 ** 64 will cause a panic, this is a possible DoS vector.
@cwgoes cwgoes mentioned this issue Oct 16, 2018
Merged
5 tasks
@jackzampolin
Copy link
Member

Is this still an issue @cwgoes? And if not, where does this need to get fixed? There are quite a few calls to .RoundInt64()...

@cwgoes
Copy link
Contributor Author

cwgoes commented Dec 8, 2018

#2958 will help, we should audit all remaining calls.

@cwgoes cwgoes self-assigned this Dec 14, 2018
@jackzampolin
Copy link
Member

@cwgoes @rigelrozanski can we go ahead and close this one?

@rigelrozanski
Copy link
Contributor

@cwgoes how is this related to #2513 - maybe I just don't understand what's remaining in 2513 actually

@cwgoes
Copy link
Contributor Author

cwgoes commented Jan 10, 2019

It's related to #2513 in the sense that at present, validator powers over 2 ** 64 (which are possible) would cause the state machine to panic. We need to ensure that whatever changes we introduce to fix #2513 also prevent the possibility of panic.

@rigelrozanski
Copy link
Contributor

got it - they're tightly related issues

@cwgoes cwgoes removed their assignment Jan 16, 2019
@jackzampolin jackzampolin added this to the v0.30.0 (Launch RC) milestone Jan 29, 2019
@rigelrozanski rigelrozanski self-assigned this Jan 29, 2019
@rigelrozanski
Copy link
Contributor

post- #3400 AFAICT the only non test instances of RoundInt64 are:

x/auth/ante.go:311:			requiredFees[i] = sdk.NewInt64Coin(gp.Denom, fee.Ceil().RoundInt64())
x/auth/client/txbuilder/txbuilder.go:178:			fees[i] = sdk.NewInt64Coin(gp.Denom, fee.Ceil().RoundInt64())
x/slashing/params.go:110:	return sdk.NewDec(signedBlocksWindow).Mul(minSignedPerWindow).RoundInt64()

@rigelrozanski rigelrozanski mentioned this issue Feb 1, 2019
Merged
5 tasks
@jackzampolin jackzampolin reopened this Feb 4, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rigelrozanski rigelrozanski

Labels
C:x/staking T:Bug T: Security
Projects
None yet
Milestone
v0.31.0 (Launch RC)
Development

No branches or pull requests
3 participants
@jackzampolin @rigelrozanski @cwgoes