From 15b70373cc1d3d18c16b0a27ade6668bdda7c9b2 Mon Sep 17 00:00:00 2001 From: Erik Grinaker Date: Tue, 24 Nov 2020 14:01:53 +0100 Subject: [PATCH] crypto: fix infinite recursion in Secp256k1 string formatting (#5707) (#5709) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This caused stack overflow panics in E2E tests, e.g.: ``` 2020-11-24T02:37:17.6085640Z validator04 | runtime: goroutine stack exceeds 1000000000-byte limit 2020-11-24T02:37:17.6087818Z validator04 | runtime: sp=0xc0234b23c0 stack=[0xc0234b2000, 0xc0434b2000] 2020-11-24T02:37:17.6088920Z validator04 | fatal error: stack overflow 2020-11-24T02:37:17.6089776Z validator04 | 2020-11-24T02:37:17.6090569Z validator04 | runtime stack: 2020-11-24T02:37:17.6091677Z validator04 | runtime.throw(0x12dc476, 0xe) 2020-11-24T02:37:17.6093123Z validator04 | /usr/local/go/src/runtime/panic.go:1116 +0x72 2020-11-24T02:37:17.6094320Z validator04 | runtime.newstack() 2020-11-24T02:37:17.6095374Z validator04 | /usr/local/go/src/runtime/stack.go:1067 +0x78d 2020-11-24T02:37:17.6096381Z validator04 | runtime.morestack() 2020-11-24T02:37:17.6097657Z validator04 | /usr/local/go/src/runtime/asm_amd64.s:449 +0x8f 2020-11-24T02:37:17.6098505Z validator04 | 2020-11-24T02:37:17.6099328Z validator04 | goroutine 88 [running]: 2020-11-24T02:37:17.6100470Z validator04 | runtime.heapBitsSetType(0xc009565380, 0x20, 0x18, 0x1137e00) 2020-11-24T02:37:17.6101961Z validator04 | /usr/local/go/src/runtime/mbitmap.go:911 +0xaa5 fp=0xc0234b23d0 sp=0xc0234b23c8 pc=0x432625 2020-11-24T02:37:17.6103906Z validator04 | runtime.mallocgc(0x20, 0x1137e00, 0x117b601, 0x11e9240) 2020-11-24T02:37:17.6105179Z validator04 | /usr/local/go/src/runtime/malloc.go:1090 +0x5a5 fp=0xc0234b2470 sp=0xc0234b23d0 pc=0x428b25 2020-11-24T02:37:17.6106540Z validator04 | runtime.convTslice(0xc002743710, 0x21, 0x21, 0xc0234b24e8) 2020-11-24T02:37:17.6107861Z validator04 | /usr/local/go/src/runtime/iface.go:385 +0x59 fp=0xc0234b24a0 sp=0xc0234b2470 pc=0x426379 2020-11-24T02:37:17.6109315Z validator04 | github.com/tendermint/tendermint/crypto/secp256k1.PubKey.String(...) 2020-11-24T02:37:17.6151692Z validator04 | /src/tendermint/crypto/secp256k1/secp256k1.go:161 2020-11-24T02:37:17.6153872Z validator04 | github.com/tendermint/tendermint/crypto/secp256k1.(*PubKey).String(0xc009565360, 0x11e9240, 0xc009565360) 2020-11-24T02:37:17.6157421Z validator04 | :1 +0x65 fp=0xc0234b24f8 sp=0xc0234b24a0 pc=0x656965 2020-11-24T02:37:17.6159134Z validator04 | fmt.(*pp).handleMethods(0xc00956c680, 0x58, 0xc0234b2801) 2020-11-24T02:37:17.6161462Z validator04 | /usr/local/go/src/fmt/print.go:630 +0x30a fp=0xc0234b2768 sp=0xc0234b24f8 pc=0x518b8a [...] 2020-11-24T02:37:17.6649685Z validator04 | /usr/local/go/src/fmt/print.go:630 +0x30a fp=0xc0234b7f48 sp=0xc0234b7cd8 pc=0x518b8a 2020-11-24T02:37:17.6651177Z validator04 | created by github.com/tendermint/tendermint/node.startStateSync 2020-11-24T02:37:17.6652521Z validator04 | /src/tendermint/node/node.go:587 +0x150 ``` --- CHANGELOG_PENDING.md | 1 + crypto/secp256k1/secp256k1.go | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG_PENDING.md b/CHANGELOG_PENDING.md index e814e4b92..1a8112718 100644 --- a/CHANGELOG_PENDING.md +++ b/CHANGELOG_PENDING.md @@ -26,3 +26,4 @@ Friendly reminder, we have a [bug bounty program](https://hackerone.com/tendermi ### BUG FIXES +- [crypto] \#5707 Fix infinite recursion in string formatting of Secp256k1 keys (@erikgrinaker) diff --git a/crypto/secp256k1/secp256k1.go b/crypto/secp256k1/secp256k1.go index fe5296900..26926a966 100644 --- a/crypto/secp256k1/secp256k1.go +++ b/crypto/secp256k1/secp256k1.go @@ -158,7 +158,7 @@ func (pubKey PubKey) Bytes() []byte { } func (pubKey PubKey) String() string { - return fmt.Sprintf("PubKeySecp256k1{%X}", pubKey[:]) + return fmt.Sprintf("PubKeySecp256k1{%X}", []byte(pubKey)) } func (pubKey PubKey) Equals(other crypto.PubKey) bool {