Skip to content
This repository has been archived by the owner on Nov 15, 2023. It is now read-only.

pallet-utility: Only disallow the None origin #12351

Merged
merged 1 commit into from
Sep 28, 2022
Merged

pallet-utility: Only disallow the None origin #12351

merged 1 commit into from
Sep 28, 2022

Conversation

bkchr
Copy link
Member

@bkchr bkchr commented Sep 26, 2022

No description provided.

@bkchr bkchr added A0-please_review Pull request needs code review. B0-silent Changes should not be mentioned in any release notes C1-low PR touches the given topic and has a low impact on builders. D9-needsaudit 👮 PR contains changes to fund-managing logic that should be properly reviewed and externally audited labels Sep 26, 2022
ggwpez
ggwpez approved these changes Sep 26, 2022
View reviewed changes
Copy link
Member

@ggwpez ggwpez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could add a test - but not a must.
Cumulus check is being fixed here paritytech/cumulus#1613

@bkchr
Copy link
Member Author

bkchr commented Sep 26, 2022

Could add a test - but not a must.

#12321 already contained tests for ensuring that None is not allowed.

@xlc
Copy link
Contributor

xlc commented Sep 28, 2022
edited
Loading

Can we have this merged and back ported. #12321 is a regression that breaks the ability for governance to use batch call.

That also means we need more tests.

Issue created #12374

@jakoblell jakoblell added D1-audited 👍 PR contains changes to fund-managing logic that has been properly reviewed and externally audited and removed D9-needsaudit 👮 PR contains changes to fund-managing logic that should be properly reviewed and externally audited labels Sep 28, 2022
@bkchr bkchr merged commit 01a905e into master Sep 28, 2022
@bkchr bkchr deleted the bkchr-only-forbid-none-origin branch September 28, 2022 12:37
bkchr added a commit that referenced this pull request Sep 28, 2022
@bkchr
pallet-utility: Only disallow the None origin (#12351)
1cca061
@Polkadot-Forum
Copy link

This pull request has been mentioned on Polkadot Forum. There might be relevant details there:

https://forum.polkadot.network/t/security-vulnerability-executing-unauthorized-xcm-messages/553/4

@ntn-x2
Copy link

ntn-x2 commented Oct 4, 2022

@bkchr I see that this PR has not been backported into 0.9.29. Would that be possible?

@ntn-x2 ntn-x2 mentioned this pull request Oct 4, 2022
Merged
6 tasks
bkchr added a commit that referenced this pull request Oct 4, 2022
@bkchr
pallet-utility: Only disallow the None origin (#12351)
cc370aa
@bkchr
Copy link
Member Author

bkchr commented Oct 4, 2022

@ntn-x2 done.

ark0f pushed a commit to gear-tech/substrate that referenced this pull request Feb 27, 2023
@bkchr @ark0f
pallet-utility: Only disallow the None origin (paritytech#12351)
7f91eb4
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ggwpez ggwpez ggwpez approved these changes

@dvdplm dvdplm dvdplm approved these changes

Assignees
No one assigned
Labels
A0-please_review Pull request needs code review. B0-silent Changes should not be mentioned in any release notes C1-low PR touches the given topic and has a low impact on builders. D1-audited 👍 PR contains changes to fund-managing logic that has been properly reviewed and externally audited
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@bkchr @xlc @Polkadot-Forum @ntn-x2 @dvdplm @ggwpez @jakoblell