Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: only allow valid identifiers to be nonreentrant keys #3605

Merged
merged 4 commits into from Sep 15, 2023
Merged

fix: only allow valid identifiers to be nonreentrant keys #3605

merged 4 commits into from Sep 15, 2023

Conversation

charles-cooper
Copy link
Member

@charles-cooper charles-cooper commented Sep 15, 2023
edited

disallow invalid identifiers like " ", "123abc" from being keys for non-reentrant locks.

this commit also refactors the validate_identifiers helper function to be in the ast/ subdirectory, and slightly improves the VyperException constructor by allowing None (optional) annotations.

What I did

fixes #3382, disallows the conditions for GHSA-3hg2-r75x-g69m

How I did it

How to verify it

Commit message

Commit message for the final, squashed PR. (Optional, but reviewers will appreciate it! Please see our commit message style guide for what we would ideally like to see in a commit message.)

Description for the changelog

Cute Animal Picture

Put a link to a cute animal picture inside the parenthesis-->

@charles-cooper
fix: only allow valid identifiers to be nonreentrant keys
3c70165 
disallow invalid identifiers like `" "`, `"123abc"` from being keys for
non-reentrant locks.

this commit also refactors the `validate_identifiers` helper function to
be in the `ast/` subdirectory, and slightly improves the VyperException
constructor by allowing None (optional) annotations.
@charles-cooper charles-cooper mentioned this pull request Sep 15, 2023
Closed
pcaversaccio
pcaversaccio reviewed Sep 15, 2023
View reviewed changes
vyper/ast/identifiers.py


def validate_identifier(attr, ast_node=None):
if not re.match("^[_a-zA-Z][a-zA-Z0-9_]*$", attr):
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So the rule is "first letter should be alphabet or _ and remaining letter may be alphanumerical". Can we please add this to the docs here what qualifies as a valid <key>.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's the same as for all identifiers though. we could say "keys must be valid identifiers" but i think that might actually be more confusing than not.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But how do people know what valid actually means?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

well i just checked, and the identifier rules are not documented. they are basically a simplified version of the python2 identifier rules tho.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

undocumented behaviour is just not great. We need to increase devex quality for Vyper :)

vyper/ast/identifiers.py Show resolved Hide resolved
tests/parser/exceptions/test_structure_exception.py Show resolved Hide resolved
@codecov-commenter
Copy link

codecov-commenter commented Sep 15, 2023
edited

Codecov Report

Merging #3605 (ec15a36) into master (3b310d5) will increase coverage by 0.03%.
Report is 1 commits behind head on master.
The diff coverage is 100.00%.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

@@            Coverage Diff             @@
##           master    #3605      +/-   ##
==========================================
+ Coverage   89.09%   89.13%   +0.03%     
==========================================
  Files          85       86       +1     
  Lines       11392    11397       +5     
  Branches     2591     2592       +1     
==========================================
+ Hits        10150    10159       +9     
+ Misses        820      816       -4     
  Partials      422      422
Files Changed Coverage Δ
vyper/ast/identifiers.py 100.00% <100.00%> (ø)
vyper/exceptions.py 97.32% <100.00%> (ø)
vyper/semantics/namespace.py 97.10% <100.00%> (-0.31%) ⬇️
vyper/semantics/types/base.py 91.60% <100.00%> (ø)
vyper/semantics/types/function.py 85.16% <100.00%> (+0.14%) ⬆️

... and 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@charles-cooper charles-cooper enabled auto-merge (squash) September 15, 2023 22:00
@charles-cooper charles-cooper merged commit 0b74028 into vyperlang:master Sep 15, 2023
82 of 83 checks passed
@charles-cooper charles-cooper deleted the fix/nonreentrant-identifiers branch September 15, 2023 22:01
@pcaversaccio pcaversaccio mentioned this pull request Jan 17, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pcaversaccio pcaversaccio pcaversaccio left review comments

@fubuloubu fubuloubu fubuloubu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Document/define storage slots for reentrancy locks
4 participants
@charles-cooper @codecov-commenter @fubuloubu @pcaversaccio