* Fix random distribution in bitArray.PickRandom
Previously it was very biased. 63 "_" followed by a single "x" had
much greater odds of being chosen. Additionally, the last element was
skewed. This fixes that by first preproccessing the set of all true
indices, and then randomly selecting a single element from there.
This commit also makes the code here significantly simpler, and
improves test cases.
* unlock mtx right after we select true indices
Fixes#169
Fixes https://github.com/tendermint/tendermint/issues/1322
The previous code was very trusting assuming that
rational actors will use this code. However, Byzantine
actors don't care and in the case of the linked issue
negative lengths can be sent to this code unfettered
having been received from a peer.
This code is essentially just a sign change from
`==`
to
`<=`
and we've gutted out that attack by being more defensive.
Fixes#169
Fixes https://github.com/tendermint/tendermint/issues/1322
The previous code was very trusting assuming that
rational actors will use this code. However, Byzantine
actors don't care and in the case of the linked issue
negative lengths can be sent to this code unfettered
having been received from a peer.
This code is essentially just a sign change from
`==`
to
`<=`
and we've gutted out that attack by being more defensive.
Fixes https://github.com/tendermint/tmlibs/issues/145
Fixes https://github.com/tendermint/tmlibs/issues/146
The code in here has been fragile when it comes to nil
but these edge cases were never tested, although they've
showed up in the wild and were only noticed because
the reporter actually read the logs otherwise
we'd have never known.
This changes covers some of these cases and adds some tests.
Dev Ojha
ValarDragon
JamesRay
Zach Ramsay
Ethan Buchman
Anton Kaliaev
Emmanuel T Odeke
Emmanuel Odeke
Jae Kwon