-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
store/internal: validate keys before calling ProofsFromMap #9235
Conversation
cc @odeke-em |
Codecov Report
@@ Coverage Diff @@
## master #9235 +/- ##
==========================================
+ Coverage 60.12% 60.14% +0.01%
==========================================
Files 595 595
Lines 37188 37194 +6
==========================================
+ Hits 22361 22369 +8
+ Misses 12847 12846 -1
+ Partials 1980 1979 -1
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
could you add a changelog please? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for this change @cuonglm! LGTM, but there is no reason we need to incur the []byte->string conversion when we can use len(key) == 0
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, but lets accept @odeke-em's requested changes.
Done
Done |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utACK
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thank you @cuonglm!
@alexanderbez - could you release your block on this PR? Everything was addressed. |
Otherwise, an empty key as input or present in data can cause a panic at runtime. Caught by oss-fuzz: https://oss-fuzz.com/testcase-detail/4647668077953024 Fixes #9233
Otherwise, an empty key as input or present in data can cause a panic at runtime. Caught by oss-fuzz: https://oss-fuzz.com/testcase-detail/4647668077953024 Fixes #9233 (cherry picked from commit 711976e) # Conflicts: # CHANGELOG.md
…9235) (#9247) Fixes #9233 (cherry picked from commit 711976e) Co-authored-by: Cuong Manh Le <[email protected]> Co-authored-by: Amaury M <[email protected]>
Description
Otherwise, an empty key as input or present in data can cause a panic at
runtime.
Caught by oss-fuzz: https://oss-fuzz.com/testcase-detail/4647668077953024
Fixes #9233
Before we can merge this PR, please make sure that all the following items have been
checked off. If any of the checklist items are not applicable, please leave them but
write a little note why.
docs/
) or specification (x/<module>/spec/
)godoc
comments.Unreleased
section inCHANGELOG.md
Files changed
in the Github PR explorerCodecov Report
in the comment section below once CI passes