Skip to content

Commit

Permalink
Validate tx bytes in CheckTx and ProcessProposal
Browse files Browse the repository at this point in the history
  • Loading branch information
sug0 committed Nov 8, 2023
1 parent a079c29 commit 5e6da13
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 0 deletions.
10 changes: 10 additions & 0 deletions apps/src/lib/node/ledger/shell/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ use namada::ledger::storage::{
DBIter, Sha256Hasher, Storage, StorageHasher, TempWlStorage, WlStorage, DB,
EPOCH_SWITCH_BLOCKS_DELAY,
};
use namada::ledger::storage_api::tx::validate_tx_bytes;
use namada::ledger::storage_api::{self, StorageRead};
use namada::ledger::{parameters, pos, protocol};
use namada::proof_of_stake::{self, process_slashes, read_pos_params, slash};
Expand Down Expand Up @@ -1071,6 +1072,15 @@ where
const VALID_MSG: &str = "Mempool validation passed";
const INVALID_MSG: &str = "Mempool validation failed";

// Tx size check
if !validate_tx_bytes(&self.wl_storage, tx_bytes.len())
.expect("Failed to get max tx bytes param from storage")
{
response.code = ErrorCodes::TooLarge.into();
response.log = format!("{INVALID_MSG}: Tx too large");
return response;
}

// Tx format check
let tx = match Tx::try_from(tx_bytes).map_err(Error::TxDecoding) {
Ok(t) => t,
Expand Down
11 changes: 11 additions & 0 deletions apps/src/lib/node/ledger/shell/process_proposal.rs
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ use namada::core::ledger::storage::WlStorage;
use namada::ledger::pos::PosQueries;
use namada::ledger::protocol::get_fee_unshielding_transaction;
use namada::ledger::storage::TempWlStorage;
use namada::ledger::storage_api::tx::validate_tx_bytes;
use namada::proof_of_stake::find_validator_by_raw_hash;
use namada::types::internal::TxInQueue;
use namada::types::transaction::protocol::{
Expand Down Expand Up @@ -457,6 +458,16 @@ where
where
CA: 'static + WasmCacheAccess + Sync,
{
// check tx bytes
if !validate_tx_bytes(&self.wl_storage, tx_bytes.len())
.expect("Failed to get max tx bytes param from storage")
{
return TxResult {
code: ErrorCodes::TooLarge.into(),
info: "Tx too large".into(),
};
}

// try to allocate space for this tx
if let Err(e) = metadata.txs_bin.try_dump(tx_bytes) {
return TxResult {
Expand Down

0 comments on commit 5e6da13

Please sign in to comment.