Fix panic in ExitToNear #865
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
birchmd
approved these changes
Nov 14, 2023
There was a problem hiding this comment.
Good catch, thanks!
If the input is empty it will fail the validate_input_size check in parse_input immediately after the assignment of flag, so the default value will never be used, which I think is a good thing. Instead of assigning a default value, we could potentially move flag assignment input parse_input after the size is already validated. But maybe that's more complexity than necessary.
|
Yes. But the only problem is that the #[cfg(feature = "error_refund")]
let (flag, refund_address, mut input) = parse_input(input)?;
#[cfg(not(feature = "error_refund"))]
let (flag, mut input) = parse_input(input)?; |
|
@aleksuss Yes, that is what I suggested above. My worry about complexity is because of the conditional compilation you would need to change both versions of the |
|
On the other hand, even if we get the default value for the flag, we will fail later because we don't pass the validation. So, I guess it's absolutely fine and could be merged. |
aleksuss
approved these changes
Nov 14, 2023
aleksuss
pushed a commit
that referenced
this pull request
Nov 28, 2023
## Description If `input` is empty a panic occurs. This PR sets `flag` to the default value in that case. ## Performance / NEAR gas cost considerations ## Testing Fuzzing. ## How should this be reviewed Ensure that `flag` assuming the default value if `input` is empty is the intended behavior. ## Additional information
Merged
aleksuss
added a commit
that referenced
this pull request
Nov 28, 2023
## [3.4.0] 2023-11-28 ### Additions - Added a possibility to pass initialize arguments in json format to the `new` transaction by [@aleksuss]. ([#871]) - The `SubmitResult` was made available for `ft_on_transfer` transactions in the standalone engine by [@birchmd]. ([#869]) - The order of producing the exit precompile and XCC promises has been changed to sequential by [@birchmd]. ([#868]) ### Changes - Removed the code hidden behind the feature that isn't used anymore by [@joshuajbouw]. ([#870]) - The logic of unwrapping wNEAR has been changed to the Bridge's native by [@birchmd]. ([#867]) - Bumped the `near-workspaces` to 0.9 by [@aleksuss]. ([#862]) ### Fixes - Add a method for upgrading XCC router contract by [@birchmd]. ([#866]) - Fixed a potential panic in the `ExitToNear` precompile by [@guidovranken]. ([#865]) - Fixed a behaviour when the `ft_transfer` could occur before the `near_withdraw` by [@birchmd]. ([#864]) - Fixed correctness of reproducing the NEAR runtime random value in the standalone engine by [@birchmd]. ([#863]) [#862]: #862 [#863]: #863 [#864]: #864 [#865]: #865 [#866]: #866 [#867]: #867 [#868]: #868 [#869]: #869 [#870]: #870 [#871]: #871 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Michael Birch <michael.birch@aurora.dev> Co-authored-by: Guido Vranken <guidovranken@users.noreply.github.com> Co-authored-by: Joshua J. Bouw <joshua@aurora.dev>
aleksuss
added a commit
that referenced
this pull request
Nov 28, 2023
## [3.4.0] 2023-11-28 ### Additions - Added a possibility to pass initialize arguments in json format to the `new` transaction by [@aleksuss]. ([#871]) - The `SubmitResult` was made available for `ft_on_transfer` transactions in the standalone engine by [@birchmd]. ([#869]) - The order of producing the exit precompile and XCC promises has been changed to sequential by [@birchmd]. ([#868]) ### Changes - Removed the code hidden behind the feature that isn't used anymore by [@joshuajbouw]. ([#870]) - The logic of unwrapping wNEAR has been changed to the Bridge's native by [@birchmd]. ([#867]) - Bumped the `near-workspaces` to 0.9 by [@aleksuss]. ([#862]) ### Fixes - Add a method for upgrading XCC router contract by [@birchmd]. ([#866]) - Fixed a potential panic in the `ExitToNear` precompile by [@guidovranken]. ([#865]) - Fixed a behaviour when the `ft_transfer` could occur before the `near_withdraw` by [@birchmd]. ([#864]) - Fixed correctness of reproducing the NEAR runtime random value in the standalone engine by [@birchmd]. ([#863]) [#862]: #862 [#863]: #863 [#864]: #864 [#865]: #865 [#866]: #866 [#867]: #867 [#868]: #868 [#869]: #869 [#870]: #870 [#871]: #871 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Michael Birch <michael.birch@aurora.dev> Co-authored-by: Guido Vranken <guidovranken@users.noreply.github.com> Co-authored-by: Joshua J. Bouw <joshua@aurora.dev>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
If
inputis empty a panic occurs. This PR setsflagto the default value in that case.Performance / NEAR gas cost considerations
Testing
Fuzzing.
How should this be reviewed
Ensure that
flagassuming the default value ifinputis empty is the intended behavior.Additional information