From f2658aa2d04a20def69337f1b5959e3c902476fa Mon Sep 17 00:00:00 2001 From: Haiyi Zhong Date: Wed, 18 Dec 2024 13:07:37 -0500 Subject: [PATCH 1/4] chore: improve edge case handling for maxDepth and maxCalls --- codec/types/interface_registry.go | 4 ++-- codec/unknownproto/unknown_fields.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/codec/types/interface_registry.go b/codec/types/interface_registry.go index 34d59bd33a46..68ed8c885d9f 100644 --- a/codec/types/interface_registry.go +++ b/codec/types/interface_registry.go @@ -274,10 +274,10 @@ func (r statefulUnpacker) cloneForRecursion() *statefulUnpacker { // UnpackAny deserializes a protobuf Any message into the provided interface, ensuring the interface is a pointer. // It applies stateful constraints such as max depth and call limits, and unpacks interfaces if required. func (r *statefulUnpacker) UnpackAny(any *Any, iface interface{}) error { - if r.maxDepth == 0 { + if r.maxDepth <= 0 { return errors.New("max depth exceeded") } - if r.maxCalls.count == 0 { + if r.maxCalls.count <= 0 { return errors.New("call limit exceeded") } // here we gracefully handle the case in which `any` itself is `nil`, which may occur in message decoding diff --git a/codec/unknownproto/unknown_fields.go b/codec/unknownproto/unknown_fields.go index 17b8f7e424ee..a60f2f9caac8 100644 --- a/codec/unknownproto/unknown_fields.go +++ b/codec/unknownproto/unknown_fields.go @@ -54,7 +54,7 @@ func doRejectUnknownFields( if len(bz) == 0 { return hasUnknownNonCriticals, nil } - if recursionLimit == 0 { + if recursionLimit <= 0 { return false, errors.New("recursion limit reached") } From 6930d4d1064257b18c4e12992b23ef4fb1464748 Mon Sep 17 00:00:00 2001 From: Haiyi Zhong Date: Wed, 18 Dec 2024 13:27:19 -0500 Subject: [PATCH 2/4] changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9f4b495dc2d2..47e405d6c7e7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -52,6 +52,7 @@ Every module contains its own CHANGELOG.md. Please refer to the module you are i * (testutil/integration) [#22616](https://github.com/cosmos/cosmos-sdk/pull/22616) Remove double context in integration tests v1. * Use integrationApp.Context() instead of creating a context prior. * [#22826](https://github.com/cosmos/cosmos-sdk/pull/22826) Simplify testing frameworks by removing `testutil/cmdtest`. +* [#22988](https://github.com/cosmos/cosmos-sdk/pull/22988) Improve edge case handling for maxDepth and maxCalls. ### Bug Fixes From 8ebd7d5043426a849d365470561f940d20ecb51c Mon Sep 17 00:00:00 2001 From: Haiyi Zhong Date: Thu, 19 Dec 2024 10:04:35 -0500 Subject: [PATCH 3/4] address comment --- x/tx/decode/unknown.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x/tx/decode/unknown.go b/x/tx/decode/unknown.go index 3a30ef898776..2077951f96fa 100644 --- a/x/tx/decode/unknown.go +++ b/x/tx/decode/unknown.go @@ -47,7 +47,7 @@ func doRejectUnknownFields( if len(bz) == 0 { return hasUnknownNonCriticals, nil } - if recursionLimit == 0 { + if recursionLimit <= 0 { return false, errors.New("recursion limit reached") } From d6e7a275cbe462b3bd4b4fb4ad014f242b1f5f0d Mon Sep 17 00:00:00 2001 From: Haiyi Zhong Date: Fri, 3 Jan 2025 16:04:31 -0500 Subject: [PATCH 4/4] typo in change log --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3019d8cfb305..2d7705e056e5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -48,7 +48,7 @@ Every module contains its own CHANGELOG.md. Please refer to the module you are i ### Improvements -* (codec) [#22988](https://github.com/cosmos/cosmos-sdk/pull/22988) Improve edge case handling for recusion limits. +* (codec) [#22988](https://github.com/cosmos/cosmos-sdk/pull/22988) Improve edge case handling for recursion limits. ### Bug Fixes