Skip to content

Commit

Permalink
chore: backport release-v0.44.2 (cosmos#10349)
Browse files Browse the repository at this point in the history
* chore: Cosmos SDK v0.44.1 release notes (cosmos#10345)

* v0.44.1 Release Notes

* Merge pull request from GHSA-2p6r-37p9-89p2

* test: adding authz grant tests

* fix TestCLITxGrantAuthorization/Invalid_expiration_time test case

* comment out the test

* reenable test
  • Loading branch information
robert-zaremba authored Nov 1, 2021
1 parent e0fff81 commit b5acd7b
Show file tree
Hide file tree
Showing 7 changed files with 62 additions and 28 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,10 @@ Ref: https://keepachangelog.com/en/1.0.0/

* (client) [#10226](https://github.com/cosmos/cosmos-sdk/pull/10226) Fix --home flag parsing.

## [v0.44.2](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.44.2) - 2021-10-12

Security Release. No breaking changes related to 0.44.x.

## [v0.44.1](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.44.1) - 2021-09-29

### Improvements
Expand Down
22 changes: 4 additions & 18 deletions RELEASE_NOTES.md
Original file line number Diff line number Diff line change
@@ -1,21 +1,7 @@
# Cosmos SDK v0.44.1 Release Notes
# Cosmos SDK v0.44.2 Release Notes

This release introduces bug fixes and improvements on the Cosmos SDK v0.44 series.
Recently, the Cosmos-SDK team became aware of a high-severity security vulnerability that impacts Cosmos-SDK v0.43.x and v0.44.x and can result in a consensus halt. User funds are NOT at risk; however, the vulnerability can result in a chain halt. This vulnerability does not impact the current Cosmos Hub, though other Cosmos-SDK based blockchains using v0.43.x or v0.44.x may be affected and are advised to update to v0.44.2 immediately.

The main bug fix concerns all users performing in-place store migrations from v0.42 to v0.44. A source of non-determinism in the upgrade process has been [detected and fixed](https://github.com/cosmos/cosmos-sdk/pull/10189) in this release, causing consensus errors. As such, **v0.44.0 is not safe to use when performing v0.42->v0.44 in-place store upgrades**, please use this release v0.44.1 instead. This does not impact genesis JSON dump upgrades nor fresh chains starting with v0.44.
Nodes can update their software independently of each other (no coordinated chain restart necessary), but should do so as soon as they are able.

Another bug fix concerns calling the ABCI `Query` method using `client.Context`. We modified ABCI queries to use `abci.QueryRequest`'s `Height` field if it is non-zero, otherwise continue using `client.Context`'s height. This is a minor client-breaking change for users of the `client.Context`.

Some CLI fixes are also included, such as:

- using pre-configured data for the CLI `add-genesis-account` command ([\#9969](https://github.com/cosmos/cosmos-sdk/pull/9969)),
- ensuring the `init` command reads the `--home` flag value correctly ([#10104](https://github.com/cosmos/cosmos-sdk/pull/10104)),
- fixing the error message when `period` or `period-limit` flag is not set on a feegrant grant transaction [\#10049](https://github.com/cosmos/cosmos-sdk/issues/10049).

v0.44.1 also includes performance improvements, namely:

- IAVL update to v0.17.1 which includes performance improvements on a batch load [\#10040](https://github.com/cosmos/cosmos-sdk/pull/10040),
- Speedup coins.AmountOf(), by removing many intermittent regex calls [\#10021](https://github.com/cosmos/cosmos-sdk/pull/10021),
- Improve CacheKVStore datastructures / algorithms, to no longer take O(N^2) time when interleaving iterators and insertions [\#10026](https://github.com/cosmos/cosmos-sdk/pull/10026).

See the [Cosmos SDK v0.44.1 milestone](https://github.com/cosmos/cosmos-sdk/milestone/56?closed=1) on our issue tracker for the exhaustive list of all changes.
A full disclosure will be published a week after the release.
10 changes: 5 additions & 5 deletions x/authz/authorization_grant.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,11 @@ import (
)

// NewGrant returns new Grant
func NewGrant(a Authorization, expiration time.Time) (Grant, error) {
func NewGrant( /*blockTime time.Time, */ a Authorization, expiration time.Time) (Grant, error) {
// TODO: add this for 0.45
// if !expiration.After(blockTime) {
// return Grant{}, sdkerrors.ErrInvalidRequest.Wrapf("expiration must be after the current block time (%v), got %v", blockTime.Format(time.RFC3339), expiration.Format(time.RFC3339))
// }
g := Grant{
Expiration: expiration,
}
Expand Down Expand Up @@ -51,10 +55,6 @@ func (g Grant) GetAuthorization() Authorization {
}

func (g Grant) ValidateBasic() error {
if g.Expiration.Unix() < time.Now().Unix() {
return sdkerrors.Wrap(ErrInvalidExpirationTime, "Time can't be in the past")
}

av := g.Authorization.GetCachedValue()
a, ok := av.(Authorization)
if !ok {
Expand Down
44 changes: 44 additions & 0 deletions x/authz/authorization_grant_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
package authz

import (
"testing"
"time"

// banktypes "github.com/cosmos/cosmos-sdk/x/bank/types"
"github.com/stretchr/testify/require"
)

func expecError(r *require.Assertions, expected string, received error) {
if expected == "" {
r.NoError(received)
} else {
r.Error(received)
r.Contains(received.Error(), expected)
}
}

func TestNewGrant(t *testing.T) {
// ba := banktypes.NewSendAuthorization(sdk.NewCoins(sdk.NewInt64Coin("foo", 123)))
a := NewGenericAuthorization("some-type")
var tcs = []struct {
title string
a Authorization
blockTime time.Time
expire time.Time
err string
}{
// {"wrong expire time (1)", a, time.Unix(10, 0), time.Unix(8, 0), "expiration must be after"},
// {"wrong expire time (2)", a, time.Unix(10, 0), time.Unix(10, 0), "expiration must be after"},
{"good expire time (1)", a, time.Unix(10, 0), time.Unix(10, 1), ""},
{"good expire time (2)", a, time.Unix(10, 0), time.Unix(11, 0), ""},
}

for _, tc := range tcs {
t.Run(tc.title, func(t *testing.T) {
// _, err := NewGrant(tc.blockTime, tc.a, tc.expire)
_, err := NewGrant(tc.a, tc.expire)
expecError(require.New(t), tc.err, err)
})
}

}
6 changes: 3 additions & 3 deletions x/authz/client/testutil/tx.go
Original file line number Diff line number Diff line change
Expand Up @@ -127,11 +127,11 @@ func (s *IntegrationTestSuite) TestCLITxGrantAuthorization() {
"send",
fmt.Sprintf("--%s=100steak", cli.FlagSpendLimit),
fmt.Sprintf("--%s=%s", flags.FlagFrom, val.Address.String()),
fmt.Sprintf("--%s=true", flags.FlagGenerateOnly),
fmt.Sprintf("--%s=true", flags.FlagSkipConfirmation),
fmt.Sprintf("--%s=%d", cli.FlagExpiration, pastHour),
},
0,
true,
0xd,
false, // TODO: enable in v0.45
},
{
"fail with error invalid msg-type",
Expand Down
2 changes: 1 addition & 1 deletion x/authz/keeper/msg_server.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import (

var _ authz.MsgServer = Keeper{}

// GrantAuthorization implements the MsgServer.Grant method.
// GrantAuthorization implements the MsgServer.Grant method to create a new grant.
func (k Keeper) Grant(goCtx context.Context, msg *authz.MsgGrant) (*authz.MsgGrantResponse, error) {
ctx := sdk.UnwrapSDKContext(goCtx)
grantee, err := sdk.AccAddressFromBech32(msg.Grantee)
Expand Down
2 changes: 1 addition & 1 deletion x/authz/msgs_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ func TestMsgGrantAuthorization(t *testing.T) {
{"nil granter and grantee address", nil, nil, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now(), false, false},
{"nil authorization", granter, grantee, nil, time.Now(), true, false},
{"valid test case", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 1, 0), false, true},
{"past time", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 0, -1), false, false},
{"past time", granter, grantee, &banktypes.SendAuthorization{SpendLimit: coinsPos}, time.Now().AddDate(0, 0, -1), false, true}, // TODO need 0.45
}
for i, tc := range tests {
msg, err := authz.NewMsgGrant(
Expand Down

0 comments on commit b5acd7b

Please sign in to comment.