Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

R4R: Fix token printing bug #3207

Merged
merged 3 commits into from
Jan 2, 2019
Merged

R4R: Fix token printing bug #3207

merged 3 commits into from
Jan 2, 2019

Conversation

cwgoes
Copy link
Contributor

@cwgoes cwgoes commented Jan 2, 2019
edited
Loading

Quoth @ValarDragon:

This stems from a buggy coins.IsValid function. In the IsValid function, https://github.com/cosmos/cosmos-sdk/blob/develop/types/coin.go#L140, it just checks if the coins object is sorted and only has coins with postive value. However when there are multiple tokens, (the default case in the switch statement), the first denom doesn't get its coins value checked for being positive. This means the first denom can be negative or zero. (Recall that its a signed big int >_>, I really wish the uint war would end with everyone being convinced of uints)

This PR adds in desired checks in coins.IsValid() and adds a testcase for a negative first-denom coin.

  • Wrote tests
  • Updated relevant documentation (docs/)
  • Added entries in PENDING.md with issue #
  • rereviewed Files changed in the github PR explorer

For Admin Use:

  • Added appropriate labels to PR (ex. wip, ready-for-review, docs)
  • Reviewers Assigned
  • Squashed all commits, uses message "Merge pull request #XYZ: [title]" (coding standards)

@codecov
Copy link

codecov bot commented Jan 2, 2019
edited
Loading

Codecov Report

Merging #3207 into develop will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff            @@
##           develop    #3207   +/-   ##
========================================
  Coverage    54.83%   54.83%           
========================================
  Files          133      133           
  Lines         9559     9559           
========================================
  Hits          5242     5242           
  Misses        3996     3996           
  Partials       321      321

alexanderbez
alexanderbez approved these changes Jan 2, 2019
View reviewed changes
Copy link
Contributor

@alexanderbez alexanderbez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@ValarDragon
Copy link
Contributor

Another thing we should do to mitigate this is make bank.SendCoins ensure all inputs are positive, and that sum_inputs = sum_outputs. We currently only do this on the msg.ValidateBasic, but in order for the keeper to ensure the supply invariant, it must be checked on Keeper.SendCoins as well. (This is another bug contributing to this problem)

jackzampolin
jackzampolin approved these changes Jan 2, 2019
View reviewed changes
Copy link
Member

@jackzampolin jackzampolin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome @cwgoes

@cwgoes cwgoes merged commit 5ca8c5b into develop Jan 2, 2019
@cwgoes cwgoes deleted the cwgoes/fix-token-printing-attack branch January 2, 2019 18:17
@cwgoes cwgoes mentioned this pull request Jan 2, 2019
Closed
cwgoes added a commit that referenced this pull request Jan 2, 2019
@cwgoes
Merge PR #3207: Fix token printing bug
4a65bda 
* Add IsPositive, case check on coins[0]
* Link to correct PR
* Add testcase
@wukongcheng wukongcheng mentioned this pull request Jan 4, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexanderbez alexanderbez alexanderbez approved these changes

@jackzampolin jackzampolin jackzampolin approved these changes

@ValarDragon ValarDragon Awaiting requested review from ValarDragon

@ebuchman ebuchman Awaiting requested review from ebuchman

@rigelrozanski rigelrozanski Awaiting requested review from rigelrozanski

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@cwgoes @ValarDragon @alexanderbez @jackzampolin