From ffdfe9e45b98bb9a9446760ce8f5285c6eb33692 Mon Sep 17 00:00:00 2001 From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com> Date: Wed, 27 Apr 2022 18:23:06 -0400 Subject: [PATCH] fix: Bug reading password from a buffer when reader returns EOF (backport #11796) (#11809) --- CHANGELOG.md | 1 + client/input/input.go | 18 ++++++++++-- client/input/input_test.go | 57 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 74 insertions(+), 2 deletions(-) create mode 100644 client/input/input_test.go diff --git a/CHANGELOG.md b/CHANGELOG.md index f43644352f2..5c8bf28bb69 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -213,6 +213,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ ### Bug Fixes +* [#11796](https://github.com/cosmos/cosmos-sdk/pull/11796) Handle EOF error case in `readLineFromBuf`, which allows successful reading of passphrases from STDIN. * [\#11724](https://github.com/cosmos/cosmos-sdk/pull/11724) Fix data race issues with `api.Server`. * [\#11354](https://github.com/cosmos/cosmos-sdk/pull/11355) Added missing pagination flag for `bank q total` query. * [\#11197](https://github.com/cosmos/cosmos-sdk/pull/11197) Signing with multisig now works with multisig address which is not in the keyring. diff --git a/client/input/input.go b/client/input/input.go index 57b04b40186..5afaabf30fc 100644 --- a/client/input/input.go +++ b/client/input/input.go @@ -2,6 +2,7 @@ package input import ( "bufio" + "errors" "fmt" "io" "os" @@ -83,12 +84,25 @@ func inputIsTty() bool { return isatty.IsTerminal(os.Stdin.Fd()) || isatty.IsCygwinTerminal(os.Stdin.Fd()) } -// readLineFromBuf reads one line from stdin. +// readLineFromBuf reads one line from reader. // Subsequent calls reuse the same buffer, so we don't lose // any input when reading a password twice (to verify) func readLineFromBuf(buf *bufio.Reader) (string, error) { pass, err := buf.ReadString('\n') - if err != nil { + + switch { + case errors.Is(err, io.EOF): + // If by any chance the error is EOF, but we were actually able to read + // something from the reader then don't return the EOF error. + // If we didn't read anything from the reader and got the EOF error, then + // it's safe to return EOF back to the caller. + if len(pass) > 0 { + // exit the switch statement + break + } + return "", err + + case err != nil: return "", err } diff --git a/client/input/input_test.go b/client/input/input_test.go new file mode 100644 index 00000000000..9e85eb256a2 --- /dev/null +++ b/client/input/input_test.go @@ -0,0 +1,57 @@ +package input + +import ( + "bufio" + "errors" + "io" + "testing" + + "github.com/stretchr/testify/require" +) + +type fakeReader struct { + fnc func(p []byte) (int, error) +} + +func (f fakeReader) Read(p []byte) (int, error) { + return f.fnc(p) +} + +var _ io.Reader = fakeReader{} + +func TestReadLineFromBuf(t *testing.T) { + var fr fakeReader + + t.Run("it correctly returns the password when reader returns EOF", func(t *testing.T) { + fr.fnc = func(p []byte) (int, error) { + return copy(p, []byte("hello")), io.EOF + } + buf := bufio.NewReader(fr) + + pass, err := readLineFromBuf(buf) + require.NoError(t, err) + require.Equal(t, "hello", pass) + }) + + t.Run("it returns EOF if reader has been exhausted", func(t *testing.T) { + fr.fnc = func(p []byte) (int, error) { + return 0, io.EOF + } + buf := bufio.NewReader(fr) + + _, err := readLineFromBuf(buf) + require.ErrorIs(t, err, io.EOF) + }) + + t.Run("it returns the error if it's not EOF regardles if it read something or not", func(t *testing.T) { + expectedErr := errors.New("oh no") + fr.fnc = func(p []byte) (int, error) { + return copy(p, []byte("hello")), expectedErr + } + buf := bufio.NewReader(fr) + + _, err := readLineFromBuf(buf) + require.ErrorIs(t, err, expectedErr) + }) + +}