zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
Browse Source

common: NewBitArray never crashes on negatives (#170) 

Fixes #169
Fixes https://github.com/tendermint/tendermint/issues/1322

The previous code was very trusting assuming that
rational actors will use this code. However, Byzantine
actors don't care and in the case of the linked issue
negative lengths can be sent to this code unfettered
having been received from a peer.

This code is essentially just a sign change from
`==`
to
`<=`

and we've gutted out that attack by being more defensive.
pull/1780/head
Emmanuel T Odeke 6 years ago
committed by Anton Kaliaev
parent
b0e0dc5de3
commit
b1c9b82531
2 changed files with 8 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      common/bit_array.go
  2. +7
    -0
      common/bit_array_test.go

+ 1
- 1
common/bit_array.go View File

@ -15,7 +15,7 @@ type BitArray struct {
// There is no BitArray whose Size is 0. Use nil instead.
func NewBitArray(bits int) *BitArray {
if bits == 0 {
if bits <= 0 {
return nil
}
return &BitArray{


+ 7
- 0
common/bit_array_test.go View File

@ -208,3 +208,10 @@ func TestUpdateNeverPanics(t *testing.T) {
b.Update(a)
}
}
func TestNewBitArrayNeverCrashesOnNegatives(t *testing.T) {
bitList := []int{-127, -128, -1<<31}
for _, bits := range bitList {
_ = NewBitArray(bits)
}
}

Write Preview
Loading…
Cancel
Save