From 5e192b5a4c5d9d11cfd236043ff2ae189644f111 Mon Sep 17 00:00:00 2001 From: yaruwangway <69694322+yaruwangway@users.noreply.github.com> Date: Fri, 11 Aug 2023 15:07:39 +0200 Subject: [PATCH] Fix: sim genesis account validation (#2690) * fix: app: make SimGenesisAccount.Validate error if .BaseAccount is nil This change ensures that an error is returned, instead of panicking, when SimGenesisAccount.BaseAccount is nil, after invoking .Validate. Found by fuzzing and added the tests in here to catch future regressions. Fixes #2586 * merge fix FuzzGenesisAccountValidate test * fix: lint --------- Co-authored-by: Emmanuel T Odeke Co-authored-by: Philip Offtermatt <57488781+p-offtermatt@users.noreply.github.com> --- app/genesis_account.go | 9 ++++++++ app/genesis_account_fuzz_test.go | 35 ++++++++++++++++++++++++++++++++ go.mod | 1 + go.sum | 1 + 4 files changed, 46 insertions(+) create mode 100644 app/genesis_account_fuzz_test.go diff --git a/app/genesis_account.go b/app/genesis_account.go index c4bbbbe2268..0c170ee5894 100644 --- a/app/genesis_account.go +++ b/app/genesis_account.go @@ -28,16 +28,25 @@ type SimGenesisAccount struct { // Validate checks for errors on the vesting and module account parameters func (sga SimGenesisAccount) Validate() error { + if sga.OriginalVesting.IsAnyNil() { + return errors.New("OriginalVesting amount must not be nil") + } + if !sga.OriginalVesting.IsZero() { if sga.StartTime >= sga.EndTime { return errors.New("vesting start-time cannot be before end-time") } } + if sga.BaseAccount == nil { + return errors.New("BaseAccount must not be nil") + } + if sga.ModuleName != "" { ma := authtypes.ModuleAccount{ BaseAccount: sga.BaseAccount, Name: sga.ModuleName, Permissions: sga.ModulePermissions, } + if err := ma.Validate(); err != nil { return err } diff --git a/app/genesis_account_fuzz_test.go b/app/genesis_account_fuzz_test.go new file mode 100644 index 00000000000..79153cec0b1 --- /dev/null +++ b/app/genesis_account_fuzz_test.go @@ -0,0 +1,35 @@ +package gaia + +import ( + "runtime/debug" + "testing" + + "github.com/google/gofuzz" +) + +func TestFuzzGenesisAccountValidate(t *testing.T) { + if testing.Short() { + t.Skip("running in -short mode") + } + + t.Parallel() + + acct := new(SimGenesisAccount) + i := 0 + defer func() { + r := recover() + if r == nil { + return + } + + // Otherwise report on the configuration and iteration. + t.Fatalf("Failed SimGenesisAccount on iteration #%d: %#v\n\n%s\n\n%s", i, acct, r, debug.Stack()) + }() + + f := fuzz.New() + for i = 0; i < 1e5; i++ { + acct = new(SimGenesisAccount) + f.Fuzz(acct) + acct.Validate() //nolint:errcheck + } +} diff --git a/go.mod b/go.mod index 5aee703164c..d864c7f3aec 100644 --- a/go.mod +++ b/go.mod @@ -12,6 +12,7 @@ require ( github.com/cosmos/interchain-security/v2 v2.0.0 github.com/gogo/protobuf v1.3.3 github.com/golang/protobuf v1.5.3 + github.com/google/gofuzz v1.2.0 github.com/gorilla/mux v1.8.0 github.com/gravity-devs/liquidity v1.6.0 github.com/grpc-ecosystem/grpc-gateway v1.16.0 diff --git a/go.sum b/go.sum index 857732be09e..4265f0b735c 100644 --- a/go.sum +++ b/go.sum @@ -494,6 +494,7 @@ github.com/google/gofuzz v0.0.0-20170612174753-24818f796faf/go.mod h1:HP5RmnzzSN github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.1.1-0.20200604201612-c04b05f3adfa/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= +github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=