Skip to content
This repository has been archived by the owner on Apr 4, 2024. It is now read-only.

Some Web3 RPC Handlers could panic #701

Closed
tomtau opened this issue Oct 25, 2021 · 1 comment · Fixed by #702
Closed

Some Web3 RPC Handlers could panic #701

tomtau opened this issue Oct 25, 2021 · 1 comment · Fixed by #702
Assignees
@yihuang
Labels
C:JSON-RPC JSON-RPC client C:Types common types, interfaces and functions from /types

Comments

@tomtau
Copy link
Contributor

tomtau commented Oct 25, 2021
edited
Loading

System info: 1447bf6

Steps to reproduce:

  1. start up Ethermint
  2. send this payload to sendRawTransaction:
[]byte("\xf8\xe0m\"Z\x94\xa8L\xbd\xbb\xfe\x12\x81\xc5m\x10\x00m\x00m\x00\xffm\x80\x00\xb5\xb5\xb5\xb5\x00\x00\x00dmKKK\x1fKm\x00\xffmmmm{{{mmmmmmm]m\x80mmmmmmmmmmmmmb\x82\x82\x82~~~~]\xb8m\x82\x82mmm\xff\u007f\x10\xff\x89mm\xf0?\xf5mmmdmmm\x1bmmmmemmmm\x00\x04\x06mmmKKKmmmz\x8d\xe4)\xa9Dmmmmmm\xf3mmmmmmmmmmmmm-mmmmmmmmmm\xd0\xff\x00\x00\x01m\x80mm\xe8\xe8S\xe8\xe8mm\x00\x00\x04\x00mmmSe@m\x90\x90\x90\xc8\xc8Ȓ\x90\x90\x8e\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90mmm\xb5hm\x00mmkmm{")

Expected behavior:
graceful rejection of the invalid input

Actual behavior:

{"jsonrpc":"2.0","id":1,"error":{"code":-32000,"message":"method handler crashed"}}

Additional info:

Ethermint calls sdk.NewIntFromBigInt on untrusted user inputs (e.g. tx.Value()) and this method panics if the integer has more than 256 bits:
https://github.com/cosmos/cosmos-sdk/blob/master/types/int.go#L112
@tomtau tomtau added C:JSON-RPC JSON-RPC client C:Types common types, interfaces and functions from /types Type: Bug labels Oct 25, 2021
@yihuang
Copy link
Contributor

yihuang commented Oct 25, 2021

I'll work on this one.

@yihuang yihuang mentioned this issue Oct 25, 2021
Merged
11 tasks
yihuang added a commit to yihuang/ethermint that referenced this issue Oct 26, 2021
@yihuang
Problem: Some Web3 RPC Handlers could panic
e536252 
Closes: evmos#701

Solution:
- return error rather than panic when decoding invalid tx
fedekunze pushed a commit that referenced this issue Oct 26, 2021
@yihuang
fix: Web3 RPC handlers panic (#702)
bc1d81c 
* Problem: Some Web3 RPC Handlers could panic

Closes: #701

Solution:
- return error rather than panic when decoding invalid tx

* add validation rules

* changelog
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@yihuang yihuang

Labels
C:JSON-RPC JSON-RPC client C:Types common types, interfaces and functions from /types
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Problem: Some Web3 RPC Handlers could panic yihuang/ethermint
2 participants
@yihuang @tomtau