Browse Source

common: NewBitArray never crashes on negatives (#170)

Fixes #169
Fixes https://github.com/tendermint/tendermint/issues/1322

The previous code was very trusting assuming that
rational actors will use this code. However, Byzantine
actors don't care and in the case of the linked issue
negative lengths can be sent to this code unfettered
having been received from a peer.

This code is essentially just a sign change from
`==`
to
`<=`

and we've gutted out that attack by being more defensive.
pull/1780/head
Emmanuel T Odeke 7 years ago
committed by Anton Kaliaev
parent
commit
b1c9b82531
2 changed files with 8 additions and 1 deletions
  1. +1
    -1
      common/bit_array.go
  2. +7
    -0
      common/bit_array_test.go

+ 1
- 1
common/bit_array.go View File

@ -15,7 +15,7 @@ type BitArray struct {
// There is no BitArray whose Size is 0. Use nil instead.
func NewBitArray(bits int) *BitArray {
if bits == 0 {
if bits <= 0 {
return nil
}
return &BitArray{


+ 7
- 0
common/bit_array_test.go View File

@ -208,3 +208,10 @@ func TestUpdateNeverPanics(t *testing.T) {
b.Update(a)
}
}
func TestNewBitArrayNeverCrashesOnNegatives(t *testing.T) {
bitList := []int{-127, -128, -1<<31}
for _, bits := range bitList {
_ = NewBitArray(bits)
}
}

Loading…
Cancel
Save