Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add overflow checks to change and fee calculations #5834

Merged
merged 2 commits into from
Oct 13, 2023
Merged

feat: add overflow checks to change and fee calculations #5834

merged 2 commits into from
Oct 13, 2023

Conversation

hansieodendaal
Copy link
Contributor

@hansieodendaal hansieodendaal commented Oct 9, 2023
edited
Loading

Description

  • Added 3x overflow checks to the change calculation in the sender transaction protocol.
  • Added an additional unit test (fn test_sender_transaction_protocol_for_overflow) to verify three sender transaction protocol overflow errors are handled.
  • Edit: Added overflow checks to kernel fee calculation in blocks.
  • Edit: Added overflow checks to transaction fee calculation.
  • Edit: Added an additional unit test (fn test_fee_overflow) to verify the two fee overflow errors are handled.
  • Edit: Fixed Minotari and MicroMinotari string conversion issue (Minotari struct uses floating math in display #5839) for big numbers (with unit test) to allow for the proper error message to be printed in the fn test_fee_overflow unit test.

Motivation and Context

It is possible to crash the system in the change calculation before the transaction is validated; this PR prevents it.
It is possible to crash the system with carefully crafted fees added to transactions and blocks; this PR prevents it.

How Has This Been Tested?

Added additional unit tests.

What process can a PR reviewer use to test or verify this change?

See unit tests and code changes.

Breaking Changes

  • None
  • Requires data directory on base node to be deleted
  • Requires hard fork
  • Other - Please specify

@github-actions
Copy link

github-actions bot commented Oct 9, 2023
edited
Loading

Test Results (CI)

1 222 tests   1 222 ✔️  14m 38s ⏱️
     39 suites         0 💤
       1 files           0

Results for commit abdf660.

♻️ This comment has been updated with latest results.

@ghpbot-tari-project ghpbot-tari-project added P-acks_required Process - Requires more ACKs or utACKs P-reviews_required Process - Requires a review from a lead maintainer to be merged labels Oct 9, 2023
@github-actions
Copy link

github-actions bot commented Oct 9, 2023
edited
Loading

Test Results (Integration tests)

  2 files  +  2  11 suites  +11   23m 29s ⏱️ + 23m 29s
33 tests +33  31 ✔️ +31  0 💤 ±0  2 +2 
35 runs  +35  33 ✔️ +33  0 💤 ±0  2 +2 

For more details on these failures, see this check.

Results for commit abdf660. ± Comparison against base commit 1d1332d.

♻️ This comment has been updated with latest results.

@brianp brianp self-requested a review October 10, 2023 09:37
brianp
brianp approved these changes Oct 10, 2023
View reviewed changes
Copy link
Contributor

@brianp brianp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM
utACK

base_layer/core/src/blocks/block.rs Show resolved Hide resolved
base_layer/core/src/transactions/transaction_protocol/transaction_initializer.rs Outdated Show resolved Hide resolved
@ghpbot-tari-project ghpbot-tari-project removed the P-reviews_required Process - Requires a review from a lead maintainer to be merged label Oct 10, 2023
SWvheerden
SWvheerden reviewed Oct 11, 2023
View reviewed changes
Copy link
Collaborator

@SWvheerden SWvheerden left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good, a small nit though

base_layer/core/src/transactions/transaction_protocol/transaction_initializer.rs Outdated Show resolved Hide resolved
@hansieodendaal hansieodendaal changed the title feat: add overflow checks to sender transaction protocol feat: add overflow checks to change and fee calculations Oct 11, 2023
AaronFeickert
AaronFeickert previously approved these changes Oct 11, 2023
View reviewed changes
Copy link
Collaborator

@AaronFeickert AaronFeickert left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Manually tested that reverting any of the changes will correctly fail a corresponding unit test.

@AaronFeickert
Copy link
Collaborator

ACK

@ghpbot-tari-project ghpbot-tari-project removed the P-acks_required Process - Requires more ACKs or utACKs label Oct 11, 2023
SWvheerden
SWvheerden reviewed Oct 12, 2023
View reviewed changes
base_layer/core/tests/tests/mempool.rs Outdated Show resolved Hide resolved
base_layer/core/tests/tests/mempool.rs Outdated Show resolved Hide resolved
@hansieodendaal
Add overflow checks to STP
dd63e81 
- Added overflow checks to sender transaction protocol. It is possible to crash the system in the
change calculation before the transaction is validated; this PR prevents it.
- Added an additinal unit test to verify three overflow errors are handled.
@SWvheerden SWvheerden mentioned this pull request Oct 12, 2023
Closed
@SWvheerden SWvheerden merged commit 9725fbd into tari-project:development Oct 13, 2023
14 of 15 checks passed
@hansieodendaal hansieodendaal deleted the ho_fee_overflow branch October 13, 2023 06:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SWvheerden SWvheerden SWvheerden approved these changes

@brianp brianp Awaiting requested review from brianp

@AaronFeickert AaronFeickert Awaiting requested review from AaronFeickert

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@hansieodendaal @AaronFeickert @brianp @SWvheerden @ghpbot-tari-project