-
Notifications
You must be signed in to change notification settings - Fork 648
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Avoid overflow or underflow on fc::safe initialization #2147
Milestone
Comments
abitmore
changed the title
Avoid overflow and underflow on fc::safe initialization
Avoid overflow or underflow on fc::safe initialization
Apr 19, 2020
abitmore
modified the milestones:
4.0.0 - Protocol Upgrade Release,
4.1.0 - Feature Release
Apr 19, 2020
Example: asset_issue_operation::calculate_fee (around line 79). Overflow could happen before implied conversion of return. Also around line 84. |
Is there an attacker controlled path to exploit this? |
abitmore
modified the milestones:
5.0.0 - Protocol Upgrade Release,
5.1.0 - Feature Release
Sep 13, 2020
Fixed by bitshares/bitshares-fc#248, and bumped FC in #2739. |
abitmore
modified the milestones:
7.1.0 - Feature Release,
7.0.0 - Protocol Upgrade Release
Sep 25, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Bug Description
An overflow or underflow can occur when initializing a
fc::safe<T>
variable.E.G.
Impacts
Describe which portion(s) of BitShares Core may be impacted by this bug. Please tick at least one box.
Steps To Reproduce
Steps to reproduce the behavior (example outlined below):
Expected Behavior
A clear and concise description of what you expected to happen.
Screenshots (optional)
If applicable, add screenshots to help explain process flow and behavior.
Host Environment
Please provide details about the host environment. Much of this information can be found running:
witness_node --version
.Additional Context (optional)
Add any other context about the problem here.
CORE TEAM TASK LIST
The text was updated successfully, but these errors were encountered: