Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(x/authz,x/feegrant): check blocked address (backport #20102) #20114

Merged
merged 2 commits into from
Apr 22, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,10 +37,11 @@ Ref: https://keepachangelog.com/en/1.0.0/

## [Unreleased]

## [v0.47.11](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.47.11) - 2024-04-18
## [v0.47.11](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.47.11) - 2024-04-22

### Bug Fixes

* (x/feegrant,x/authz) [#20114](https://github.com/cosmos/cosmos-sdk/pull/20114) Follow up of [GHSA-4j93-fm92-rp4m](https://github.com/cosmos/cosmos-sdk/security/advisories/GHSA-4j93-fm92-rp4m). The same issue was found in `x/feegrant` and `x/authz` modules.
* (crypto) [#20027](https://github.com/cosmos/cosmos-sdk/pull/20027) secp256r1 keys now implement gogoproto's customtype interface.
* (x/gov) [#19725](https://github.com/cosmos/cosmos-sdk/pull/19725) Fetch a failed proposal tally from `proposal.FinalTallyResult` in the gprc query.
* (crypto) [#19691](https://github.com/cosmos/cosmos-sdk/pull/19746) Throw an error when signing with incorrect Ledger.
Expand Down
3 changes: 2 additions & 1 deletion RELEASE_NOTES.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@ For this month patch release of the v0.47.x line, a few bug were fixed in the SD
Notably:

* `secp256r1` keys now implement gogoproto's customtype interface.
* Throw an error when signing with incorrect Ledger.
* CLI now throws an error when signing with an incorrect Ledger.
* Fixing [GHSA-4j93-fm92-rp4m](https://github.com/cosmos/cosmos-sdk/security/advisories/GHSA-4j93-fm92-rp4m) in `x/feegrant` and `x/authz` modules. The upgrade instuctions were provided in the [v0.47.9 release notes](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.47.9).

Check out the [changelog](https://github.com/cosmos/cosmos-sdk/blob/v0.47.11/CHANGELOG.md) for an exhaustive list of changes or [compare changes](https://github.com/cosmos/cosmos-sdk/compare/v0.47.10...v0.47.11) from last release.

Expand Down
1 change: 1 addition & 0 deletions x/authz/expected_keepers.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,4 +16,5 @@ type AccountKeeper interface {
type BankKeeper interface {
SpendableCoins(ctx sdk.Context, addr sdk.AccAddress) sdk.Coins
IsSendEnabledCoins(ctx sdk.Context, coins ...sdk.Coin) error
BlockedAddr(addr sdk.AccAddress) bool
}
8 changes: 8 additions & 0 deletions x/authz/keeper/keeper.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ type Keeper struct {
cdc codec.BinaryCodec
router *baseapp.MsgServiceRouter
authKeeper authz.AccountKeeper
bankKeeper authz.BankKeeper
}

// NewKeeper constructs a message authorization Keeper
Expand All @@ -40,6 +41,13 @@ func NewKeeper(storeKey storetypes.StoreKey, cdc codec.BinaryCodec, router *base
}
}

// Super ugly hack to not be breaking in v0.50 and v0.47
// DO NOT USE.
func (k Keeper) SetBankKeeper(bk authz.BankKeeper) Keeper {
k.bankKeeper = bk
return k
}

// Logger returns a module-specific logger.
func (k Keeper) Logger(ctx sdk.Context) log.Logger {
return ctx.Logger().With("module", fmt.Sprintf("x/%s", authz.ModuleName))
Expand Down
3 changes: 2 additions & 1 deletion x/authz/keeper/keeper_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -66,8 +66,9 @@ func (s *TestSuite) SetupTest() {
s.bankKeeper = authztestutil.NewMockBankKeeper(ctrl)
banktypes.RegisterInterfaces(s.encCfg.InterfaceRegistry)
banktypes.RegisterMsgServer(s.baseApp.MsgServiceRouter(), s.bankKeeper)
s.bankKeeper.EXPECT().BlockedAddr(gomock.Any()).Return(false).AnyTimes()

s.authzKeeper = authzkeeper.NewKeeper(key, s.encCfg.Codec, s.baseApp.MsgServiceRouter(), s.accountKeeper)
s.authzKeeper = authzkeeper.NewKeeper(key, s.encCfg.Codec, s.baseApp.MsgServiceRouter(), s.accountKeeper).SetBankKeeper(s.bankKeeper)

queryHelper := baseapp.NewQueryServerTestHelper(s.ctx, s.encCfg.InterfaceRegistry)
authz.RegisterQueryServer(queryHelper, s.authzKeeper)
Expand Down
4 changes: 4 additions & 0 deletions x/authz/keeper/msg_server.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,10 @@ func (k Keeper) Grant(goCtx context.Context, msg *authz.MsgGrant) (*authz.MsgGra
// create the account if it is not in account state
granteeAcc := k.authKeeper.GetAccount(ctx, grantee)
if granteeAcc == nil {
if k.bankKeeper.BlockedAddr(grantee) {
return nil, sdkerrors.ErrUnauthorized.Wrapf("%s is not allowed to receive funds", grantee)
}

granteeAcc = k.authKeeper.NewAccountWithAddress(ctx, grantee)
k.authKeeper.SetAccount(ctx, granteeAcc)
}
Expand Down
2 changes: 1 addition & 1 deletion x/authz/module/module.go
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ type AppModule struct {
func NewAppModule(cdc codec.Codec, keeper keeper.Keeper, ak authz.AccountKeeper, bk authz.BankKeeper, registry cdctypes.InterfaceRegistry) AppModule {
return AppModule{
AppModuleBasic: AppModuleBasic{cdc: cdc},
keeper: keeper,
keeper: keeper.SetBankKeeper(bk), // Super ugly hack to not be api breaking in v0.50 and v0.47,
accountKeeper: ak,
bankKeeper: bk,
registry: registry,
Expand Down
14 changes: 14 additions & 0 deletions x/authz/testutil/expected_keepers_mocks.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions x/feegrant/expected_keepers.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,4 +19,5 @@ type AccountKeeper interface {
type BankKeeper interface {
SpendableCoins(ctx sdk.Context, addr sdk.AccAddress) sdk.Coins
SendCoinsFromAccountToModule(ctx sdk.Context, senderAddr sdk.AccAddress, recipientModule string, amt sdk.Coins) error
BlockedAddr(addr sdk.AccAddress) bool
}
12 changes: 12 additions & 0 deletions x/feegrant/keeper/keeper.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ type Keeper struct {
cdc codec.BinaryCodec
storeKey storetypes.StoreKey
authKeeper feegrant.AccountKeeper
bankKeeper feegrant.BankKeeper
}

var _ ante.FeegrantKeeper = &Keeper{}
Expand All @@ -34,6 +35,13 @@ func NewKeeper(cdc codec.BinaryCodec, storeKey storetypes.StoreKey, ak feegrant.
}
}

// Super ugly hack to not be breaking in v0.50 and v0.47
// DO NOT USE.
func (k Keeper) SetBankKeeper(bk feegrant.BankKeeper) Keeper {
k.bankKeeper = bk
return k
}

// Logger returns a module-specific logger.
func (k Keeper) Logger(ctx sdk.Context) log.Logger {
return ctx.Logger().With("module", fmt.Sprintf("x/%s", feegrant.ModuleName))
Expand All @@ -44,6 +52,10 @@ func (k Keeper) GrantAllowance(ctx sdk.Context, granter, grantee sdk.AccAddress,
// create the account if it is not in account state
granteeAcc := k.authKeeper.GetAccount(ctx, grantee)
if granteeAcc == nil {
if k.bankKeeper.BlockedAddr(grantee) {
return sdkerrors.Wrapf(sdkerrors.ErrUnauthorized, "%s is not allowed to receive funds", grantee)
}

granteeAcc = k.authKeeper.NewAccountWithAddress(ctx, grantee)
k.authKeeper.SetAccount(ctx, granteeAcc)
}
Expand Down
12 changes: 7 additions & 5 deletions x/feegrant/keeper/keeper_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ type KeeperTestSuite struct {
atom sdk.Coins
feegrantKeeper keeper.Keeper
accountKeeper *feegranttestutil.MockAccountKeeper
bankKeeper *feegranttestutil.MockBankKeeper
}

func TestKeeperTestSuite(t *testing.T) {
Expand All @@ -41,12 +42,13 @@ func (suite *KeeperTestSuite) SetupTest() {
// setup gomock and initialize some globally expected executions
ctrl := gomock.NewController(suite.T())
suite.accountKeeper = feegranttestutil.NewMockAccountKeeper(ctrl)
suite.accountKeeper.EXPECT().GetAccount(gomock.Any(), suite.addrs[0]).Return(authtypes.NewBaseAccountWithAddress(suite.addrs[0])).AnyTimes()
suite.accountKeeper.EXPECT().GetAccount(gomock.Any(), suite.addrs[1]).Return(authtypes.NewBaseAccountWithAddress(suite.addrs[1])).AnyTimes()
suite.accountKeeper.EXPECT().GetAccount(gomock.Any(), suite.addrs[2]).Return(authtypes.NewBaseAccountWithAddress(suite.addrs[2])).AnyTimes()
suite.accountKeeper.EXPECT().GetAccount(gomock.Any(), suite.addrs[3]).Return(authtypes.NewBaseAccountWithAddress(suite.addrs[3])).AnyTimes()
for i := 0; i < len(suite.addrs); i++ {
suite.accountKeeper.EXPECT().GetAccount(gomock.Any(), suite.addrs[i]).Return(authtypes.NewBaseAccountWithAddress(suite.addrs[i])).AnyTimes()
}
suite.bankKeeper = feegranttestutil.NewMockBankKeeper(ctrl)
suite.bankKeeper.EXPECT().BlockedAddr(gomock.Any()).Return(false).AnyTimes()

suite.feegrantKeeper = keeper.NewKeeper(encCfg.Codec, key, suite.accountKeeper)
suite.feegrantKeeper = keeper.NewKeeper(encCfg.Codec, key, suite.accountKeeper).SetBankKeeper(suite.bankKeeper)
suite.ctx = testCtx.Ctx
suite.msgSrvr = keeper.NewMsgServerImpl(suite.feegrantKeeper)
suite.atom = sdk.NewCoins(sdk.NewCoin("atom", sdk.NewInt(555)))
Expand Down
2 changes: 1 addition & 1 deletion x/feegrant/module/module.go
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ type AppModule struct {
func NewAppModule(cdc codec.Codec, ak feegrant.AccountKeeper, bk feegrant.BankKeeper, keeper keeper.Keeper, registry cdctypes.InterfaceRegistry) AppModule {
return AppModule{
AppModuleBasic: AppModuleBasic{cdc: cdc},
keeper: keeper,
keeper: keeper.SetBankKeeper(bk), // Super ugly hack to not be api breaking in v0.50 and v0.47,
accountKeeper: ak,
bankKeeper: bk,
registry: registry,
Expand Down
14 changes: 14 additions & 0 deletions x/feegrant/testutil/expected_keepers_mocks.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading