Skip to content

Commit

Permalink
fix: Bug reading password from a buffer when reader returns EOF (back…
Browse files Browse the repository at this point in the history
  • Loading branch information
mergify[bot] authored and randy75828 committed Aug 10, 2022
1 parent a614734 commit ac7faf8
Show file tree
Hide file tree
Showing 3 changed files with 74 additions and 2 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ Ref: https://keepachangelog.com/en/1.0.0/

### Bug Fixes

* [#11796](https://github.com/cosmos/cosmos-sdk/pull/11796) Handle EOF error case in `readLineFromBuf`, which allows successful reading of passphrases from STDIN.
* [\#11772](https://github.com/cosmos/cosmos-sdk/pull/11772) Limit types.Dec length to avoid overflow.

## [v0.45.4](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.45.4) - 2022-04-25
Expand Down
18 changes: 16 additions & 2 deletions client/input/input.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package input

import (
"bufio"
"errors"
"fmt"
"io"
"os"
Expand Down Expand Up @@ -83,12 +84,25 @@ func inputIsTty() bool {
return isatty.IsTerminal(os.Stdin.Fd()) || isatty.IsCygwinTerminal(os.Stdin.Fd())
}

// readLineFromBuf reads one line from stdin.
// readLineFromBuf reads one line from reader.
// Subsequent calls reuse the same buffer, so we don't lose
// any input when reading a password twice (to verify)
func readLineFromBuf(buf *bufio.Reader) (string, error) {
pass, err := buf.ReadString('\n')
if err != nil {

switch {
case errors.Is(err, io.EOF):
// If by any chance the error is EOF, but we were actually able to read
// something from the reader then don't return the EOF error.
// If we didn't read anything from the reader and got the EOF error, then
// it's safe to return EOF back to the caller.
if len(pass) > 0 {
// exit the switch statement
break
}
return "", err

case err != nil:
return "", err
}

Expand Down
57 changes: 57 additions & 0 deletions client/input/input_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
package input

import (
"bufio"
"errors"
"io"
"testing"

"github.com/stretchr/testify/require"
)

type fakeReader struct {
fnc func(p []byte) (int, error)
}

func (f fakeReader) Read(p []byte) (int, error) {
return f.fnc(p)
}

var _ io.Reader = fakeReader{}

func TestReadLineFromBuf(t *testing.T) {
var fr fakeReader

t.Run("it correctly returns the password when reader returns EOF", func(t *testing.T) {
fr.fnc = func(p []byte) (int, error) {
return copy(p, []byte("hello")), io.EOF
}
buf := bufio.NewReader(fr)

pass, err := readLineFromBuf(buf)
require.NoError(t, err)
require.Equal(t, "hello", pass)
})

t.Run("it returns EOF if reader has been exhausted", func(t *testing.T) {
fr.fnc = func(p []byte) (int, error) {
return 0, io.EOF
}
buf := bufio.NewReader(fr)

_, err := readLineFromBuf(buf)
require.ErrorIs(t, err, io.EOF)
})

t.Run("it returns the error if it's not EOF regardles if it read something or not", func(t *testing.T) {
expectedErr := errors.New("oh no")
fr.fnc = func(p []byte) (int, error) {
return copy(p, []byte("hello")), expectedErr
}
buf := bufio.NewReader(fr)

_, err := readLineFromBuf(buf)
require.ErrorIs(t, err, expectedErr)
})

}

0 comments on commit ac7faf8

Please sign in to comment.