Skip to content

Commit

Permalink
fix: null guard for tx fee amounts (#10327)
Browse files Browse the repository at this point in the history
## Description

It is possible to submit a TX with a fees object containing a Coin with a nil amount. This results in a rather cryptic redacted panic response when the basic validation checks fee Coins for negative amounts.

This PR adds an additional check for nil to provide a friendlier error message.

---

### Author Checklist

*All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.*

I have...

- [x] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title
- [ ] added `!` to the type prefix if API or client breaking change
- [x] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#pr-targeting))
- [x] provided a link to the relevant issue or specification (note: No issue exists)
- [x] followed the guidelines for [building modules](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules)
- [x] included the necessary unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#testing) (note: First PR against the SDK so please comment with what needs to be done)
- [x] added a changelog entry to `CHANGELOG.md`
- [x] included comments for [documenting Go code](https://blog.golang.org/godoc)
- [ ] updated the relevant documentation or specification
- [x] reviewed "Files changed" and left comments if necessary
- [x] confirmed all CI checks have passed

### Reviewers Checklist

*All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.*

I have...

- [ ] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title
- [ ] confirmed `!` in the type prefix if API or client breaking change
- [ ] confirmed all author checklist items have been addressed
- [ ] reviewed state machine logic
- [ ] reviewed API design and naming
- [ ] reviewed documentation is accurate
- [ ] reviewed tests and test coverage
- [ ] manually tested (if applicable)

(cherry picked from commit 96e162b)

# Conflicts:
#	CHANGELOG.md
  • Loading branch information
clockworkgr authored and mergify-bot committed Oct 12, 2021
1 parent 64cc3a7 commit a0c064a
Show file tree
Hide file tree
Showing 4 changed files with 64 additions and 0 deletions.
12 changes: 12 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,19 @@ Ref: https://keepachangelog.com/en/1.0.0/

### Improvements

<<<<<<< HEAD
* (store) [\#10040](https://github.com/cosmos/cosmos-sdk/pull/10040) Bump IAVL to v0.17.1 which includes performance improvements on a batch load.
=======
* [\#10327](https://github.com/cosmos/cosmos-sdk/pull/10327) Add null guard for possible nil `Amount` in tx fee `Coins`
* [\#9780](https://github.com/cosmos/cosmos-sdk/pull/9780) Remove gogoproto `moretags` YAML annotations and add `sigs.k8s.io/yaml` for YAML marshalling.
* (x/bank) [\#10134](https://github.com/cosmos/cosmos-sdk/pull/10134) Add `HasDenomMetadata` function to bank `Keeper` to check if a client coin denom metadata exists in state.
* (store) [\#10026](https://github.com/cosmos/cosmos-sdk/pull/10026) Improve CacheKVStore datastructures / algorithms, to no longer take O(N^2) time when interleaving iterators and insertions.
* (types) [\#10076](https://github.com/cosmos/cosmos-sdk/pull/10076) Significantly speedup and lower allocations for `Coins.String()`.
* (x/bank) [\#10022](https://github.com/cosmos/cosmos-sdk/pull/10022) `BankKeeper.SendCoins` now takes less execution time.
* (deps) [\#9987](https://github.com/cosmos/cosmos-sdk/pull/9987) Bump Go version minimum requirement to `1.17`
* (deps) [\#9956](https://github.com/cosmos/cosmos-sdk/pull/9956) Bump Tendermint to [v0.34.12](https://github.com/tendermint/tendermint/releases/tag/v0.34.12).
* (cli) [\#9856](https://github.com/cosmos/cosmos-sdk/pull/9856) Overwrite `--sequence` and `--account-number` flags with default flag values when used with `offline=false` in `sign-batch` command.
>>>>>>> 96e162b8a (fix: null guard for tx fee amounts (#10327))
* (types) [\#10021](https://github.com/cosmos/cosmos-sdk/pull/10021) Speedup coins.AmountOf(), by removing many intermittent regex calls.
* [\#10077](https://github.com/cosmos/cosmos-sdk/pull/10077) Remove telemetry on `GasKV` and `CacheKV` store Get/Set operations, significantly improving their performance.
* (store) [\#10026](https://github.com/cosmos/cosmos-sdk/pull/10026) Improve CacheKVStore datastructures / algorithms, to no longer take O(N^2) time when interleaving iterators and insertions.
Expand Down
18 changes: 18 additions & 0 deletions types/coin.go
Original file line number Diff line number Diff line change
Expand Up @@ -144,6 +144,11 @@ func (coin Coin) IsNegative() bool {
return coin.Amount.Sign() == -1
}

// IsNil returns true if the coin amount is nil and false otherwise.
func (coin Coin) IsNil() bool {
return coin.Amount.i == nil
}

//-----------------------------------------------------------------------------
// Coins

Expand Down Expand Up @@ -585,6 +590,19 @@ func (coins Coins) IsAnyNegative() bool {
return false
}

// IsAnyNil returns true if there is at least one coin whose amount
// is nil; returns false otherwise. It returns false if the coin set
// is empty too.
func (coins Coins) IsAnyNil() bool {
for _, coin := range coins {
if coin.IsNil() {
return true
}
}

return false
}

// negative returns a set of coins with all amount negative.
//
// TODO: Remove once unsigned integers are used.
Expand Down
27 changes: 27 additions & 0 deletions types/coin_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -282,6 +282,20 @@ func (s *coinTestSuite) TestCoinIsZero() {
s.Require().False(res)
}

func (s *coinTestSuite) TestCoinIsNil() {
coin := sdk.Coin{}
res := coin.IsNil()
s.Require().True(res)

coin = sdk.Coin{Denom: "uatom"}
res = coin.IsNil()
s.Require().True(res)

coin = sdk.NewInt64Coin(testDenom1, 1)
res = coin.IsNil()
s.Require().False(res)
}

func (s *coinTestSuite) TestFilteredZeroCoins() {
cases := []struct {
name string
Expand Down Expand Up @@ -944,6 +958,19 @@ func (s *coinTestSuite) TestCoinsIsAnyGT() {
}
}

func (s *coinTestSuite) TestCoinsIsAnyNil() {
twoAtom := sdk.NewInt64Coin("atom", 2)
fiveAtom := sdk.NewInt64Coin("atom", 5)
threeEth := sdk.NewInt64Coin("eth", 3)
nilAtom := sdk.Coin{Denom: "atom"}

s.Require().True(sdk.Coins{twoAtom, fiveAtom, threeEth, nilAtom}.IsAnyNil())
s.Require().True(sdk.Coins{twoAtom, nilAtom, fiveAtom, threeEth}.IsAnyNil())
s.Require().True(sdk.Coins{nilAtom, twoAtom, fiveAtom, threeEth}.IsAnyNil())
s.Require().False(sdk.Coins{twoAtom, fiveAtom, threeEth}.IsAnyNil())

}

func (s *coinTestSuite) TestMarshalJSONCoins() {
cdc := codec.NewLegacyAmino()
sdk.RegisterLegacyAminoCodec(cdc)
Expand Down
7 changes: 7 additions & 0 deletions types/tx/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,13 @@ func (t *Tx) ValidateBasic() error {
)
}

if fee.Amount.IsAnyNil() {
return sdkerrors.Wrapf(
sdkerrors.ErrInsufficientFee,
"invalid fee provided: null",
)
}

if fee.Amount.IsAnyNegative() {
return sdkerrors.Wrapf(
sdkerrors.ErrInsufficientFee,
Expand Down

0 comments on commit a0c064a

Please sign in to comment.