diff --git a/CHANGELOG.md b/CHANGELOG.md index 1f11a76901ec..f6a491e17dcb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -62,6 +62,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ * (grpc) [\#10985](https://github.com/cosmos/cosmos-sdk/pull/10992) The `/cosmos/tx/v1beta1/txs/{hash}` endpoint returns a 404 when a tx does not exist. * [\#10990](https://github.com/cosmos/cosmos-sdk/pull/10990) Fixes missing `iavl-cache-size` config parsing in `GetConfig` method. +* [#11222](https://github.com/cosmos/cosmos-sdk/pull/11222) reject query with block height in the future ### Improvements diff --git a/baseapp/abci.go b/baseapp/abci.go index 1347fffae1de..4ea86f960529 100644 --- a/baseapp/abci.go +++ b/baseapp/abci.go @@ -894,18 +894,19 @@ func (app *BaseApp) ExtendVote(_ context.Context, req *abci.ExtendVoteRequest) ( return nil, errors.New("application ExtendVote handler not set") } + lastBlockHeight := app.LastBlockHeight() + if height > lastBlockHeight { + return sdk.Context{}, + sdkerrors.Wrap( + sdkerrors.ErrInvalidHeight, + "cannot query with height in the future; please provide a valid height", + ) + } + // when a client did not provide a query height, manually inject the latest lastHeight := app.LastBlockHeight() if height == 0 { - height = lastHeight - } - if height > lastHeight { - return sdk.Context{}, sdkerrors.Wrapf( - sdkerrors.ErrInvalidRequest, - "cannot query with height %d; last height is %d", - height, - lastHeight, - ) + height = lastBlockHeight } ctx = ctx. @@ -935,8 +936,11 @@ func (app *BaseApp) ExtendVote(_ context.Context, req *abci.ExtendVoteRequest) ( resp, err = app.extendVote(ctx, req) if err != nil { - app.logger.Error("failed to extend vote", "height", req.Height, "hash", fmt.Sprintf("%X", req.Hash), "err", err) - return &abci.ExtendVoteResponse{VoteExtension: []byte{}}, nil + return sdk.Context{}, + sdkerrors.Wrapf( + sdkerrors.ErrInvalidRequest, + "failed to load state at height %d; %s (latest height: %d)", height, err, lastBlockHeight, + ) } // branch the commit-multistore for safety diff --git a/baseapp/abci_test.go b/baseapp/abci_test.go index a8679475acc8..a72377041909 100644 --- a/baseapp/abci_test.go +++ b/baseapp/abci_test.go @@ -1,16 +1,6 @@ package baseapp_test import ( - "bytes" - "context" - "crypto/sha256" - "encoding/binary" - "encoding/hex" - "errors" - "fmt" - "math/rand" - "strconv" - "strings" "testing" "time" @@ -26,6 +16,10 @@ import ( any "github.com/cosmos/gogoproto/types/any" "github.com/golang/mock/gomock" "github.com/stretchr/testify/require" + abci "github.com/tendermint/tendermint/abci/types" + tmproto "github.com/tendermint/tendermint/proto/tendermint/types" + tmprototypes "github.com/tendermint/tendermint/proto/tendermint/types" + dbm "github.com/tendermint/tm-db" coretesting "cosmossdk.io/core/testing" errorsmod "cosmossdk.io/errors" @@ -2780,7 +2774,11 @@ func TestABCI_Proposal_FailReCheckTx(t *testing.T) { require.True(t, res.TxResults[0].IsOK(), fmt.Sprintf("%v", res)) } -func TestBaseAppCreateQueryContextRejectsFutureHeights(t *testing.T) { +// Test and ensure that invalid block heights always cause errors. +// See issues: +// - https://github.com/cosmos/cosmos-sdk/issues/11220 +// - https://github.com/cosmos/cosmos-sdk/issues/7662 +func TestBaseAppCreateQueryContext(t *testing.T) { t.Parallel() logger := defaultLogger() @@ -2788,14 +2786,32 @@ func TestBaseAppCreateQueryContextRejectsFutureHeights(t *testing.T) { name := t.Name() app := NewBaseApp(name, logger, db, nil) - proves := []bool{ - false, true, + app.BeginBlock(abci.RequestBeginBlock{Header: tmproto.Header{Height: 1}}) + app.Commit() + + app.BeginBlock(abci.RequestBeginBlock{Header: tmproto.Header{Height: 2}}) + app.Commit() + + testCases := []struct { + name string + height int64 + prove bool + expErr bool + }{ + {"valid height", 2, true, false}, + {"future height", 10, true, true}, + {"negative height, prove=true", -1, true, true}, + {"negative height, prove=false", -1, false, true}, } - for _, prove := range proves { - t.Run(fmt.Sprintf("prove=%t", prove), func(t *testing.T) { - sctx, err := app.createQueryContext(30, true) - require.Error(t, err) - require.Equal(t, sctx, sdk.Context{}) + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + _, err := app.createQueryContext(tc.height, tc.prove) + if tc.expErr { + require.Error(t, err) + } else { + require.NoError(t, err) + } }) } }