Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Casting of uint32 to int Will Overflow In 32-bit OS (GSR-18) #2415

Closed
danforbes opened this issue Mar 21, 2022 · 0 comments · Fixed by #2601
Closed

Casting of uint32 to int Will Overflow In 32-bit OS (GSR-18) #2415

danforbes opened this issue Mar 21, 2022 · 0 comments · Fixed by #2601
Assignees
@EclesioMeloJunior

Comments

@danforbes
Copy link
Contributor

The function verifyPreRuntimeDigest() which verifies a digest message received from the network. It ensure the authority ID received in the message is in the current authority list by checking the ID is less than the length.

An issue arises on 32-bit operating systems where int is a 32 bit signed integer. Casting a uint32 which is larger than 2^31 will result in a negative int . A negative number will not trigger the conditional statement in verifyPreRuntimeDigest(). The function will continue to execute and later use authIdx as an index to the b.authorities list which will panic due to an Index Out Of Bounds error.

Consider modifying the conditional statement in verifyPreRuntimeDigest() to include negative numbers.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@EclesioMeloJunior EclesioMeloJunior

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(lib/babe): check if authority index is in the authorities range ChainSafe/gossamer
2 participants
@danforbes @EclesioMeloJunior