Skip to content
This repository has been archived by the owner on Jun 11, 2024. It is now read-only.

Add additional schema validation to poa module #8944

Closed
Tracked by #7245
mitsuaki-u opened this issue Sep 8, 2023 · 0 comments
Closed
Tracked by #7245

Add additional schema validation to poa module #8944

mitsuaki-u opened this issue Sep 8, 2023 · 0 comments
Assignees
@mitsuaki-u
Labels
type: bug
Milestone
Sprint 104

Comments

@mitsuaki-u
Copy link
Contributor

Expected behavior

Schema validation should be used when available

Actual behavior

In two locations in the proof of authority module, checks are done manually when schema
validation could be used instead.

endpoint.ts: the parameter given to getValidator is checked in the following way:

 const  {  address  }  =  context.params; 
 if  (  typeof  address  !==  'string'  )  { 
 throw  new  Error  (  'Parameter address must be a string.'  ); 
 } 
 cryptoAddress.validateLisk32Address(address);

Check in getValidator
( lisk-sdk/framework/src/modules/poa/endpoint.ts#33-37 )

 validator.validate(getValidatorRequestSchema,  address)

In commands/update_authority.ts the length of the command’s newValidators list is
checked in the following way:

 if  (newValidators.length  <  1  ||  newValidators.length  >  MAX_NUM_VALIDATORS)  { 
 throw  new  Error  ( 
 `newValidators length must be between 1 and  ${  MAX_NUM_VALIDATORS  } 
 (inclusive).`  , 
 ); 
 }

Length check in updateAuthority
( lisk-sdk/framework/src/modules/poa/commands/update_authority.ts#33-37 )

Steps to reproduce

Check poa logic

Which version(s) does this affect? (Environment, OS, etc...)

v6.0.0
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@mitsuaki-u mitsuaki-u

Labels
type: bug
Projects
None yet
Milestone
Sprint 104
Development

No branches or pull requests
3 participants
@ishantiw @mitsuaki-u @Madhulearn