From 6324b5affb1f2f76965928c2ab04744b372be038 Mon Sep 17 00:00:00 2001 From: yihuang Date: Thu, 24 Feb 2022 08:15:30 +0800 Subject: [PATCH] fix: reject query with block height in the future (#11222) ## Description Closes: #11220 Should be good to backport to older versions. --- ### Author Checklist *All items are required. Please add a note to the item if the item is not applicable and please add links to any relevant follow up issues.* I have... - [ ] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] added `!` to the type prefix if API or client breaking change - [ ] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#pr-targeting)) - [ ] provided a link to the relevant issue or specification - [ ] followed the guidelines for [building modules](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules) - [ ] included the necessary unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#testing) - [ ] added a changelog entry to `CHANGELOG.md` - [ ] included comments for [documenting Go code](https://blog.golang.org/godoc) - [ ] updated the relevant documentation or specification - [ ] reviewed "Files changed" and left comments if necessary - [ ] confirmed all CI checks have passed ### Reviewers Checklist *All items are required. Please add a note if the item is not applicable and please add your handle next to the items reviewed if you only reviewed selected items.* I have... - [ ] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] confirmed `!` in the type prefix if API or client breaking change - [ ] confirmed all author checklist items have been addressed - [ ] reviewed state machine logic - [ ] reviewed API design and naming - [ ] reviewed documentation is accurate - [ ] reviewed tests and test coverage - [ ] manually tested (if applicable) --- CHANGELOG.md | 1 + baseapp/abci.go | 13 +++++++++++-- baseapp/abci_test.go | 43 +++++++++++++++++++++++++++++++------------ 3 files changed, 43 insertions(+), 14 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7b41f921fe63..47159c171e2a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -208,6 +208,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ * (crypto) [#11027] Remove dependency on Tendermint core for xsalsa20symmetric. * (x/authz) [\#10447](https://github.com/cosmos/cosmos-sdk/pull/10447) Fix authz `NewGrant` expiration check. * (x/authz) [\#10633](https://github.com/cosmos/cosmos-sdk/pull/10633) Fixed authorization not found error when executing message. +* [#11222](https://github.com/cosmos/cosmos-sdk/pull/11222) reject query with block height in the future ### State Machine Breaking diff --git a/baseapp/abci.go b/baseapp/abci.go index 2742f5cf81ea..c9b1a6fad98a 100644 --- a/baseapp/abci.go +++ b/baseapp/abci.go @@ -624,9 +624,18 @@ func (app *BaseApp) createQueryContext(height int64, prove bool) (sdk.Context, e return sdk.Context{}, err } + lastBlockHeight := app.LastBlockHeight() + if height > lastBlockHeight { + return sdk.Context{}, + sdkerrors.Wrap( + sdkerrors.ErrInvalidHeight, + "cannot query with height in the future; please provide a valid height", + ) + } + // when a client did not provide a query height, manually inject the latest if height == 0 { - height = app.LastBlockHeight() + height = lastBlockHeight } if height <= 1 && prove { @@ -642,7 +651,7 @@ func (app *BaseApp) createQueryContext(height int64, prove bool) (sdk.Context, e return sdk.Context{}, sdkerrors.Wrapf( sdkerrors.ErrInvalidRequest, - "failed to load state at height %d; %s (latest height: %d)", height, err, app.LastBlockHeight(), + "failed to load state at height %d; %s (latest height: %d)", height, err, lastBlockHeight, ) } diff --git a/baseapp/abci_test.go b/baseapp/abci_test.go index 181bb6f7f5a8..eddee8b954b1 100644 --- a/baseapp/abci_test.go +++ b/baseapp/abci_test.go @@ -1,16 +1,15 @@ package baseapp_test import ( - "fmt" "testing" "github.com/stretchr/testify/require" abci "github.com/tendermint/tendermint/abci/types" + tmproto "github.com/tendermint/tendermint/proto/tendermint/types" tmprototypes "github.com/tendermint/tendermint/proto/tendermint/types" dbm "github.com/tendermint/tm-db" "github.com/cosmos/cosmos-sdk/baseapp" - sdk "github.com/cosmos/cosmos-sdk/types" ) func TestGetBlockRentionHeight(t *testing.T) { @@ -115,9 +114,11 @@ func TestGetBlockRentionHeight(t *testing.T) { } } -// Test and ensure that negative heights always cause errors. -// See issue https://github.com/cosmos/cosmos-sdk/issues/7662. -func TestBaseAppCreateQueryContextRejectsNegativeHeights(t *testing.T) { +// Test and ensure that invalid block heights always cause errors. +// See issues: +// - https://github.com/cosmos/cosmos-sdk/issues/11220 +// - https://github.com/cosmos/cosmos-sdk/issues/7662 +func TestBaseAppCreateQueryContext(t *testing.T) { t.Parallel() logger := defaultLogger() @@ -125,14 +126,32 @@ func TestBaseAppCreateQueryContextRejectsNegativeHeights(t *testing.T) { name := t.Name() app := baseapp.NewBaseApp(name, logger, db) - proves := []bool{ - false, true, + app.BeginBlock(abci.RequestBeginBlock{Header: tmproto.Header{Height: 1}}) + app.Commit() + + app.BeginBlock(abci.RequestBeginBlock{Header: tmproto.Header{Height: 2}}) + app.Commit() + + testCases := []struct { + name string + height int64 + prove bool + expErr bool + }{ + {"valid height", 2, true, false}, + {"future height", 10, true, true}, + {"negative height, prove=true", -1, true, true}, + {"negative height, prove=false", -1, false, true}, } - for _, prove := range proves { - t.Run(fmt.Sprintf("prove=%t", prove), func(t *testing.T) { - sctx, err := app.CreateQueryContext(-10, true) - require.Error(t, err) - require.Equal(t, sctx, sdk.Context{}) + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + _, err := app.CreateQueryContext(tc.height, tc.prove) + if tc.expErr { + require.Error(t, err) + } else { + require.NoError(t, err) + } }) } }