From 9b37c120b1d4f1afbd5d87269eb6ae6bb4e392d1 Mon Sep 17 00:00:00 2001 From: yacovm Date: Sun, 30 Jul 2017 00:47:05 +0300 Subject: [PATCH] [FAB-5529] Missing check at endorser There is a missing check in the endorser code for a nil chaincodeID. Added a test. Change-Id: I10cb58ddb49cb9768aa2cdb9e9dc0b24808a5fbc Signed-off-by: yacovm --- core/common/validation/msgvalidation.go | 4 ++++ core/endorser/endorser_test.go | 25 +++++++++++++++++++------ 2 files changed, 23 insertions(+), 6 deletions(-) diff --git a/core/common/validation/msgvalidation.go b/core/common/validation/msgvalidation.go index 17e7d3ca2fb..f8c83258204 100644 --- a/core/common/validation/msgvalidation.go +++ b/core/common/validation/msgvalidation.go @@ -44,6 +44,10 @@ func validateChaincodeProposalMessage(prop *pb.Proposal, hdr *common.Header) (*p return nil, errors.New("Invalid header extension for type CHAINCODE") } + if chaincodeHdrExt.ChaincodeId == nil { + return nil, errors.New("ChaincodeHeaderExtension.ChaincodeId is nil") + } + putilsLogger.Debugf("validateChaincodeProposalMessage info: header extension references chaincode %s", chaincodeHdrExt.ChaincodeId) // - ensure that the chaincodeID is correct (?) diff --git a/core/endorser/endorser_test.go b/core/endorser/endorser_test.go index 77fcb74cf20..88f0f3944f1 100644 --- a/core/endorser/endorser_test.go +++ b/core/endorser/endorser_test.go @@ -17,21 +17,21 @@ limitations under the License. package endorser import ( + "encoding/hex" + "errors" "flag" "fmt" "io/ioutil" "net" "os" + "path/filepath" "runtime" "strings" "testing" "time" - "path/filepath" - - "errors" - "github.com/golang/protobuf/proto" + "github.com/hyperledger/fabric/bccsp" "github.com/hyperledger/fabric/bccsp/factory" mockpolicies "github.com/hyperledger/fabric/common/mocks/policies" "github.com/hyperledger/fabric/common/policies" @@ -50,10 +50,9 @@ import ( pb "github.com/hyperledger/fabric/protos/peer" pbutils "github.com/hyperledger/fabric/protos/utils" "github.com/spf13/viper" + "github.com/stretchr/testify/assert" "golang.org/x/net/context" "google.golang.org/grpc" - - "github.com/stretchr/testify/assert" "google.golang.org/grpc/credentials" ) @@ -629,6 +628,20 @@ func TestWritersACLFail(t *testing.T) { chaincode.GetChain().Stop(ctxt, cccid, &pb.ChaincodeDeploymentSpec{ChaincodeSpec: &pb.ChaincodeSpec{ChaincodeId: chaincodeID}}) } +func TestHeaderExtensionNoChaincodeID(t *testing.T) { + creator, _ := signer.Serialize() + nonce := []byte{1, 2, 3} + digest, err := factory.GetDefault().Hash(append(nonce, creator...), &bccsp.SHA256Opts{}) + txID := hex.EncodeToString(digest) + spec := &pb.ChaincodeSpec{Type: 1, ChaincodeId: nil, Input: &pb.ChaincodeInput{Args: util.ToChaincodeArgs()}} + invocation := &pb.ChaincodeInvocationSpec{ChaincodeSpec: spec} + prop, _, _ := pbutils.CreateChaincodeProposalWithTxIDNonceAndTransient(txID, common.HeaderType_ENDORSER_TRANSACTION, util.GetTestChainID(), invocation, []byte{1, 2, 3}, creator, nil) + signedProp, _ := getSignedProposal(prop, signer) + _, err = endorserServer.ProcessProposal(context.Background(), signedProp) + assert.Error(t, err) + assert.Contains(t, err.Error(), "ChaincodeHeaderExtension.ChaincodeId is nil") +} + // TestAdminACLFail deploys tried to deploy a chaincode; // however we inject a special policy for admins to simulate // the scenario in which the creator of this proposal is not among