diff --git a/CHANGELOG.md b/CHANGELOG.md index 6d9830a7c8..590e0d2ff5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -60,6 +60,10 @@ Ref: https://keepachangelog.com/en/1.0.0/ * (x/collection, x/token) [\#1288](https://github.com/Finschia/finschia-sdk/pull/1288) use accAddress to compare in validatebasic function in collection & token modules * (x/collection) [\#1268](https://github.com/Finschia/finschia-sdk/pull/1268) export x/collection params into genesis * (x/collection) [\#1294](https://github.com/Finschia/finschia-sdk/pull/1294) reject NFT coins on FT APIs +* (sec) [\#1302](https://github.com/Finschia/finschia-sdk/pull/1302) remove map iteration non-determinism with keys + sorting +* (client) [\#1303](https://github.com/Finschia/finschia-sdk/pull/1303) fix possible overflow in BuildUnsignedTx +* (types) [\#1299](https://github.com/Finschia/finschia-sdk/pull/1299) add missing nil checks +* (x/staking) [\#1301](https://github.com/Finschia/finschia-sdk/pull/1301) Use bytes instead of string comparison in delete validator queue (backport cosmos/cosmos-sdk#12303) * (x/gov) [\#1304](https://github.com/Finschia/finschia-sdk/pull/1304) fetch a failed proposal tally from proposal.FinalTallyResult in the gprc query ### Removed diff --git a/baseapp/baseapp.go b/baseapp/baseapp.go index 493eb08fa4..da36d40b24 100644 --- a/baseapp/baseapp.go +++ b/baseapp/baseapp.go @@ -4,6 +4,7 @@ import ( "errors" "fmt" "reflect" + "sort" "strings" "github.com/gogo/protobuf/proto" @@ -12,6 +13,7 @@ import ( "github.com/tendermint/tendermint/libs/log" tmproto "github.com/tendermint/tendermint/proto/tendermint/types" dbm "github.com/tendermint/tm-db" + "golang.org/x/exp/maps" "github.com/Finschia/finschia-sdk/codec/types" "github.com/Finschia/finschia-sdk/snapshots" @@ -273,7 +275,10 @@ func (app *BaseApp) MountTransientStores(keys map[string]*sdk.TransientStoreKey) // MountMemoryStores mounts all in-memory KVStores with the BaseApp's internal // commit multi-store. func (app *BaseApp) MountMemoryStores(keys map[string]*sdk.MemoryStoreKey) { - for _, memKey := range keys { + skeys := maps.Keys(keys) + sort.Strings(skeys) + for _, key := range skeys { + memKey := keys[key] app.MountStore(memKey, sdk.StoreTypeMemory) } } diff --git a/client/tx/factory.go b/client/tx/factory.go index 709782d68a..ae773f4438 100644 --- a/client/tx/factory.go +++ b/client/tx/factory.go @@ -3,6 +3,7 @@ package tx import ( "errors" "fmt" + "math/big" "os" "github.com/spf13/pflag" @@ -212,7 +213,9 @@ func (f Factory) BuildUnsignedTx(msgs ...sdk.Msg) (client.TxBuilder, error) { return nil, errors.New("cannot provide both fees and gas prices") } - glDec := sdk.NewDec(int64(f.gas)) + // f.gas is a uint64 and we should convert to LegacyDec + // without the risk of under/overflow via uint64->int64. + glDec := sdk.NewDecFromBigInt(new(big.Int).SetUint64(f.gas)) // Derive the fees based on the provided gas prices, where // fee = ceil(gasPrice * gasLimit). diff --git a/store/rootmulti/store.go b/store/rootmulti/store.go index 7f8d20fa10..3aef50bcca 100644 --- a/store/rootmulti/store.go +++ b/store/rootmulti/store.go @@ -40,6 +40,19 @@ const ( const iavlDisablefastNodeDefault = true +// keysFromStoreKeyMap returns a slice of keys for the provided map lexically sorted by StoreKey.Name() +func keysFromStoreKeyMap[V any](m map[types.StoreKey]V) []types.StoreKey { + keys := make([]types.StoreKey, 0, len(m)) + for key := range m { + keys = append(keys, key) + } + sort.Slice(keys, func(i, j int) bool { + ki, kj := keys[i], keys[j] + return ki.Name() < kj.Name() + }) + return keys +} + // Store is composed of many CommitStores. Name contrasts with // cacheMultiStore which is used for branching other MultiStores. It implements // the CommitMultiStore interface. @@ -690,8 +703,9 @@ func (rs *Store) Snapshot(height uint64, protoWriter protoio.Writer) error { *iavl.Store name string } - stores := []namedStore{} - for key := range rs.stores { + stores := make([]namedStore, 0) + keys := keysFromStoreKeyMap(rs.stores) + for _, key := range keys { switch store := rs.GetCommitKVStore(key).(type) { case *iavl.Store: stores = append(stores, namedStore{name: key.Name(), Store: store}) @@ -899,9 +913,12 @@ func (rs *Store) loadCommitStoreFromParams(key types.StoreKey, id types.CommitID } func (rs *Store) buildCommitInfo(version int64) *types.CommitInfo { + keys := keysFromStoreKeyMap(rs.stores) storeInfos := []types.StoreInfo{} - for key, store := range rs.stores { - if store.GetStoreType() == types.StoreTypeTransient { + for _, key := range keys { + store := rs.stores[key] + storeType := store.GetStoreType() + if storeType == types.StoreTypeTransient || storeType == types.StoreTypeMemory { continue } storeInfos = append(storeInfos, types.StoreInfo{ diff --git a/types/coin.go b/types/coin.go index 01358f414b..85d4c405da 100644 --- a/types/coin.go +++ b/types/coin.go @@ -2,6 +2,7 @@ package types import ( "encoding/json" + "errors" "fmt" "regexp" "sort" @@ -44,6 +45,10 @@ func (coin Coin) Validate() error { return err } + if coin.Amount.IsNil() { + return errors.New("amount is nil") + } + if coin.Amount.IsNegative() { return fmt.Errorf("negative coin amount: %v", coin.Amount) } diff --git a/types/coin_test.go b/types/coin_test.go index 8f48e89fec..bb5eee2cc6 100644 --- a/types/coin_test.go +++ b/types/coin_test.go @@ -1034,6 +1034,39 @@ func (s *coinTestSuite) TestMarshalJSONCoins() { } } +func (s *coinTestSuite) TestCoinValidate() { + testCases := []struct { + name string + coin sdk.Coin + wantErr string + }{ + {"nil coin: nil Amount", sdk.Coin{}, "invalid denom"}, + {"non-blank coin, nil Amount", sdk.Coin{Denom: "atom"}, "amount is nil"}, + {"valid coin", sdk.Coin{Denom: "atom", Amount: sdk.NewInt(100)}, ""}, + {"negative coin", sdk.Coin{Denom: "atom", Amount: sdk.NewInt(-999)}, "negative coin amount"}, + } + + for _, tc := range testCases { + tc := tc + t := s.T() + t.Run(tc.name, func(t *testing.T) { + err := tc.coin.Validate() + if tc.wantErr == "" { + if err != nil { + t.Errorf("Unexpected error: %v", err) + } + return + } else { + if err == nil { + t.Error("Expected an error") + } else if !strings.Contains(err.Error(), tc.wantErr) { + t.Errorf("Error mismatch\n\tGot: %q\nWant: %q", err, tc.wantErr) + } + } + }) + } +} + func (s *coinTestSuite) TestCoinAminoEncoding() { cdc := codec.NewLegacyAmino() c := sdk.NewInt64Coin(testDenom1, 5) diff --git a/types/dec_coin.go b/types/dec_coin.go index 68fe3b9f95..10856d0fe2 100644 --- a/types/dec_coin.go +++ b/types/dec_coin.go @@ -182,10 +182,14 @@ func sanitizeDecCoins(decCoins []DecCoin) DecCoins { // NewDecCoinsFromCoins constructs a new coin set with decimal values // from regular Coins. func NewDecCoinsFromCoins(coins ...Coin) DecCoins { - decCoins := make(DecCoins, len(coins)) + if len(coins) == 0 { + return DecCoins{} + } + + decCoins := make([]DecCoin, 0, len(coins)) newCoins := NewCoins(coins...) - for i, coin := range newCoins { - decCoins[i] = NewDecCoinFromCoin(coin) + for _, coin := range newCoins { + decCoins = append(decCoins, NewDecCoinFromCoin(coin)) } return decCoins diff --git a/types/dec_coin_test.go b/types/dec_coin_test.go index 9017bda27c..e2c3ba9028 100644 --- a/types/dec_coin_test.go +++ b/types/dec_coin_test.go @@ -546,6 +546,29 @@ func (s *decCoinTestSuite) TestNewDecCoinsWithIsValid() { } } +func (s *decCoinTestSuite) TestNewDecCoinsWithZeroCoins() { + zeroCoins := append(sdk.NewCoins(sdk.NewCoin("mytoken", sdk.NewInt(0))), sdk.Coin{Denom: "wbtc", Amount: sdk.NewInt(10)}) + + tests := []struct { + coins sdk.Coins + expectLength int + }{ + { + sdk.NewCoins(sdk.NewCoin("mytoken", sdk.NewInt(10)), sdk.NewCoin("wbtc", sdk.NewInt(10))), + 2, + }, + { + zeroCoins, + 1, + }, + } + + for _, tc := range tests { + tc := tc + s.Require().Equal(sdk.NewDecCoinsFromCoins(tc.coins...).Len(), tc.expectLength) + } +} + func (s *decCoinTestSuite) TestDecCoins_AddDecCoinWithIsValid() { lengthTestDecCoins := sdk.NewDecCoins().Add(sdk.NewDecCoin("mytoken", sdk.NewInt(10))).Add(sdk.DecCoin{Denom: "BTC", Amount: sdk.NewDec(10)}) s.Require().Equal(2, len(lengthTestDecCoins), "should be 2") diff --git a/types/fuzz_test.go b/types/fuzz_test.go new file mode 100644 index 0000000000..99b80be29a --- /dev/null +++ b/types/fuzz_test.go @@ -0,0 +1,24 @@ +package types + +import ( + "testing" + + "github.com/Finschia/finschia-sdk/codec" +) + +func FuzzCoinUnmarshalJSON(f *testing.F) { + if testing.Short() { + f.Skip() + } + + cdc := codec.NewLegacyAmino() + f.Add(`{"denom":"atom","amount":"1000"}`) + f.Add(`{"denom":"atom","amount":"-1000"}`) + f.Add(`{"denom":"uatom","amount":"1000111111111111111111111"}`) + f.Add(`{"denom":"mu","amount":"0"}`) + + f.Fuzz(func(t *testing.T, jsonBlob string) { + var c Coin + _ = cdc.UnmarshalJSON([]byte(jsonBlob), &c) + }) +} diff --git a/types/module/module.go b/types/module/module.go index 2a3367fbc9..390dfca5e4 100644 --- a/types/module/module.go +++ b/types/module/module.go @@ -36,6 +36,7 @@ import ( "github.com/grpc-ecosystem/grpc-gateway/runtime" "github.com/spf13/cobra" abci "github.com/tendermint/tendermint/abci/types" + "golang.org/x/exp/maps" "github.com/Finschia/finschia-sdk/client" "github.com/Finschia/finschia-sdk/codec" @@ -349,13 +350,16 @@ func (m *Manager) assertNoForgottenModules(setOrderFnName string, moduleNames [] for _, m := range moduleNames { ms[m] = true } + + allKeys := maps.Keys(m.Modules) var missing []string - for m := range m.Modules { + for _, m := range allKeys { if !ms[m] { missing = append(missing, m) } } if len(missing) != 0 { + sort.Strings(missing) panic(fmt.Sprintf( "%s: all modules must be defined when setting %s, missing: %v", setOrderFnName, setOrderFnName, missing)) } diff --git a/x/staking/keeper/validator.go b/x/staking/keeper/validator.go index a10de577d8..9c5e5fd003 100644 --- a/x/staking/keeper/validator.go +++ b/x/staking/keeper/validator.go @@ -375,9 +375,21 @@ func (k Keeper) DeleteValidatorQueue(ctx sdk.Context, val types.Validator) { addrs := k.GetUnbondingValidators(ctx, val.UnbondingTime, val.UnbondingHeight) newAddrs := []string{} + // since address string may change due to Bech32 prefix change, we parse the addresses into bytes + // format for normalization + deletingAddr, err := sdk.ValAddressFromBech32(val.OperatorAddress) + if err != nil { + panic(err) + } + for _, addr := range addrs { - if addr != val.OperatorAddress { - newAddrs = append(newAddrs, addr) + storedAddr, err := sdk.ValAddressFromBech32(addr) + if err != nil { + // even if we don't panic here, it will panic in UnbondAllMatureValidators at unbond time + panic(err) + } + if !storedAddr.Equals(deletingAddr) { + newAddrs = append(newAddrs, storedAddr.String()) } }