fix account_objects with invalid marker do not return an error

[yinyiqian1]

fix #4542

High Level Overview of Change

Context of Change

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Refactor (non-breaking change that only restructures code)
• Performance (increase or change in throughput and/or latency)
• Tests (you added tests for code that already exists, or your new feature included in this PR)
• Documentation update
• Chore (no impact to binary, e.g. .gitignore, formatting, dropping support for older tooling)
• Release

API Impact

• Public API: New feature (new methods and/or new fields)
• Public API: Breaking change (in general, breaking changes should only impact the next api_version)
• libxrpl change (any change that may affect libxrpl or dependents of libxrpl)
• Peer protocol change (must be backward compatible or bump the peer protocol version)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 77.5%. Comparing base (ab5d450) to head (8f1da51).
Report is 1 commits behind head on develop.

Additional details and impacted files

@@           Coverage Diff           @@
##           develop   #5046   +/-   ##
=======================================
  Coverage     77.5%   77.5%           
=======================================
  Files          777     777           
  Lines        65828   65831    +3     
  Branches      8207    8185   -22     
=======================================
+ Hits         50995   51025   +30     
+ Misses       14833   14806   -27     

Files with missing lines	Coverage Δ
src/xrpld/rpc/detail/RPCHelpers.cpp	82.8% <100.0%> (+0.3%)	⬆️
src/xrpld/rpc/handlers/AccountObjects.cpp	96.2% <100.0%> (+0.7%)	⬆️

... and 6 files with indirect coverage changes

[gregtatcam]

👍 LGTM

[Bronek]

Thanks for fixing this bug. I have some comments which would hopefully make this fix a little better.

[Bronek]

please also add here check that this is the last page:

BEAST_EXPECT(!resp[jss::result].isMember(jss::marker));

[yinyiqian1]

added

[Bronek]

since RPC::getAccountObjects returning false would have the same result, I would move this check into the body of RPC::getAccountObjects; this will keep the checks (other than the marker format, in the code segment above) in that one function only, which is more robust.

[yinyiqian1]

updated

[Bronek]

as commented elsewhere, I would prefer if this function did not rely on the validation of dirIndex happening in the caller, but rather move that check into the body of getAccountObjects

[yinyiqian1]

updated

[Bronek]

While you are at it, I see that account_objects has pretty good unit test coverage but it could be still improved. See the red line 274 in https://app.codecov.io/gh/XRPLF/rippled/blob/develop/src%2Fxrpld%2Frpc%2Fhandlers%2FAccountObjects.cpp and red line 183 in https://app.codecov.io/gh/XRPLF/rippled/blob/develop/src%2Fxrpld%2Frpc%2Fdetail%2FRPCHelpers.cpp ; perhaps you could add tests for those two lines as well ?

EDIT: If you want to see coverage on your local computer, without waiting for codecov.io to catch up on your branch, see instructions in https://github.com/XRPLF/rippled/blob/develop/BUILD.md#coverage-report .

You will need Linux, gcc compiler and Python package gcovr; here's example (assuming you are in an empty "build" directory)

conan install .. --output-folder . --build missing --settings build_type=Debug
cmake -DCMAKE_BUILD_TYPE=Debug -Dcoverage=ON -Dxrpld=ON -Dtests=ON -Dcoverage_test_parallelism=1 -Dcoverage_format=html-details -Dcoverage_test="AccountObjects" -DCMAKE_TOOLCHAIN_FILE:FILEPATH=build/generators/conan_toolchain.cmake ..
cmake --build .
cmake --build . --target coverage

That will create coverage subdirectory with individual files matched to individual source files, and two root files index.html and index.css. The coverage in question is in files index.RPCHelpers.cpp.* and index.AccountObjects.cpp.* ; since the above supplied -Dcoverage_test="AccountObjects" this means only this one suite of tests was executed, which means the coverage will be generally very low but it still captured the tests we care for in this PR.

[yinyiqian1]

While you are at it, I see that account_objects has pretty good unit test coverage but it could be still improved. See the red line 274 in https://app.codecov.io/gh/XRPLF/rippled/blob/develop/src%2Fxrpld%2Frpc%2Fhandlers%2FAccountObjects.cpp and red line 183 in https://app.codecov.io/gh/XRPLF/rippled/blob/develop/src%2Fxrpld%2Frpc%2Fdetail%2FRPCHelpers.cpp ; perhaps you could add tests for those two lines as well ?

Yes. I just added.

There might be a potential bug here, if we pass in some marker like xxxxxx,yyyyyy,,,,,,,,1234, suppose dirIndex and entryIndex part are valid, it will just ignore all the characters after the second ,. Do you think we should fix this as well?
Also just double check, the marker will always be two parts seperated by ,, right?

std::stringstream ss(marker.asString());
        std::string s;
        if (!std::getline(ss, s, ','))
            return RPC::invalid_field_error(jss::marker);

        if (!dirIndex.parseHex(s))
            return RPC::invalid_field_error(jss::marker);

        if (!std::getline(ss, s, ','))
            return RPC::invalid_field_error(jss::marker);

        if (!entryIndex.parseHex(s))
            return RPC::invalid_field_error(jss::marker);

[Bronek]

While you are at it, I see that account_objects has pretty good unit test coverage but it could be still improved. See the red line 274 in https://app.codecov.io/gh/XRPLF/rippled/blob/develop/src%2Fxrpld%2Frpc%2Fhandlers%2FAccountObjects.cpp and red line 183 in https://app.codecov.io/gh/XRPLF/rippled/blob/develop/src%2Fxrpld%2Frpc%2Fdetail%2FRPCHelpers.cpp ; perhaps you could add tests for those two lines as well ?

Yes. I just added.

There might be a potential bug here, if we pass in some marker like xxxxxx,yyyyyy,,,,,,,,1234, suppose dirIndex and entryIndex part are valid, it will just ignore all the characters after the second ,. Do you think we should fix this as well? Also just double check, the marker will always be two parts seperated by ,, right?

std::stringstream ss(marker.asString());
        std::string s;
        if (!std::getline(ss, s, ','))
            return RPC::invalid_field_error(jss::marker);

        if (!dirIndex.parseHex(s))
            return RPC::invalid_field_error(jss::marker);

        if (!std::getline(ss, s, ','))
            return RPC::invalid_field_error(jss::marker);

        if (!entryIndex.parseHex(s))
            return RPC::invalid_field_error(jss::marker);

It would be great to fix it, yes - @mDuo13 any comments ?

[Bronek]

nice !

[yinyiqian1]

It would be great to fix it, yes - @mDuo13 any comments ?

@Bronek I also fix it in the recent commit. Could you review as well?

[Bronek]

Good change, just some comments to improve unit tests.

[Bronek]

really nice improvement in parsing here ! 👍

[Bronek]

can you pls also test when this gets corrupted not by ,0 but by a , alone ? i.e. valid dirIndex followed by a coma, then end of string. Also reverse, i.e. string starts with a coma, followed by valid entryIndex, then end of string. Reading up the implementation these both should return the same kind of error, but you need to have unit tests so that the code (which I think is good at this moment) does not degrade due to bad changes in the future.

[yinyiqian1]

Yes. In the recent commit, I added a lambda function to test invalid marker situations. And also added more invalid marker cases.

[Bronek]

I suggest replacing this test with a different one, where entryIndex is valid, see my other comment.

[yinyiqian1]

This is used to test adding some extra characters after the entryIndex. The marker format is like xxxx,yyyy,1234.

[Bronek]

Nice, I missed it.

[Bronek]

@yinyiqian1 I allowed myself to merge the current develop to your branch, since it was presenting a confusing diff in API-CHANGELOG.md . Hope you do not mind.

[Bronek]

Good change, just minor remarks on unit tests.

[Bronek]

... then you will be able to use limit here, without explicit capture.

[Bronek]

nice !

[Bronek]

nice ! @yinyiqian1 do you agree this is ready to merge ?

[yinyiqian1]

nice ! @yinyiqian1 do you agree this is ready to merge ?

@Bronek
previously I made a mistake in the lambda function, I queried "account_nfts" instead of "account_objects", I forced push into the previous commit to change it to "account_objects".

And in the most recent commit, when the marker is "0,entryIndex", and entryIndex is valid, it will succeed. Because when dirIndex=0, we will use root.key as dirIndex. Please check my most recent commit. Thank you.
Now I think it's ready to merge after the pipeline complete.

[Bronek]

@mDuo13 I think this PR does not require change in API-CHANGELOG.md because the erroneous behaviour being fixed here is not documented nor makes practical sense to use. Your opinion ?

[mDuo13]

Yes, this sounds like a bug fix that does not require an API version change.