Limit open ended vectors

Limited some more open ended vectors to guard against malicious nework messages.
hansieodendaal · Aug 13, 2024 · d06bc59 · d06bc59
1 parent 84e7c0a
commit d06bc59
Show file tree

Hide file tree

Showing 12 changed files with 65 additions and 53 deletions.
diff --git a/applications/minotari_console_wallet/src/ui/state/tasks.rs b/applications/minotari_console_wallet/src/ui/state/tasks.rs
@@ -36,18 +36,18 @@ use tari_common_types::{
     types::{PublicKey, Signature},
 };
 use tari_core::{
-    consensus::{DomainSeparatedConsensusHasher, MaxSizeBytes, MaxSizeString},
+    consensus::{DomainSeparatedConsensusHasher, MaxSizeString},
     transactions::{
         tari_amount::MicroMinotari,
-        transaction_components::{encrypted_data::PaymentId, BuildInfo, OutputFeatures, TemplateType},
+        transaction_components::{BuildInfo, encrypted_data::PaymentId, OutputFeatures, TemplateType},
     },
 };
 use tari_crypto::{keys::PublicKey as PublicKeyTrait, ristretto::RistrettoPublicKey};
 use tari_hashing::TransactionHashDomain;
 use tari_key_manager::key_manager::KeyManager;
-use tari_utilities::{hex::Hex, ByteArray};
+use tari_utilities::{ByteArray, hex::Hex};
 use tokio::sync::{broadcast, watch};
-
+use tari_common_types::MaxSizeBytes;
 use crate::ui::{
     state::{BurntProofBase64, CommitmentSignatureBase64, UiTransactionBurnStatus, UiTransactionSendStatus},
     ui_error::UiError,

diff --git a/...src/consensus/consensus_encoding/bytes.rs → base_layer/common_types/src/bytes.rs b/...src/consensus/consensus_encoding/bytes.rs → base_layer/common_types/src/bytes.rs
@@ -1,38 +1,35 @@
-//  Copyright 2022, The Tari Project
+// Copyright 2022 The Tari Project
 //
-//  Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
-//  following conditions are met:
+// Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
+// following conditions are met:
 //
-//  1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following
-//  disclaimer.
+// 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following
+// disclaimer.
 //
-//  2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
-//  following disclaimer in the documentation and/or other materials provided with the distribution.
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
+// following disclaimer in the documentation and/or other materials provided with the distribution.
 //
-//  3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote
-//  products derived from this software without specific prior written permission.
+// 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote
+// products derived from this software without specific prior written permission.
 //
-//  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
-//  INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-//  DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-//  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-//  SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-//  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
-//  USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-use std::{
-    cmp,
-    convert::TryFrom,
-    ops::{Deref, DerefMut},
-};
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+// INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+// WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+// USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE
+//
+// Portions of this file were originally copyrighted (c) 2018 The Grin Developers, issued under the Apache License,
+// Version 2.0, available at http://www.apache.org/licenses/LICENSE-2.0.
 
-use borsh::{BorshDeserialize, BorshSerialize};
+use std::convert::TryFrom;
 use serde::{Deserialize, Serialize};
-use tari_utilities::{
-    hex::{from_hex, HexError},
-    ByteArray,
-    ByteArrayError,
-};
+use std::ops::{Deref, DerefMut};
+use std::cmp;
+use borsh::{BorshDeserialize, BorshSerialize};
+use tari_utilities::{ByteArray, ByteArrayError};
+use tari_utilities::hex::{from_hex, HexError};
 
 #[derive(
     Debug,
@@ -141,7 +138,7 @@ impl<const MAX: usize> ByteArray for MaxSizeBytes<MAX> {
         })
     }
 
-    /// Return the NodeId as a byte array
+    /// Return the data as a byte array
     fn as_bytes(&self) -> &[u8] {
         self.inner.as_ref()
     }
@@ -159,4 +156,4 @@ impl From<HexError> for MaxSizeBytesError {
     fn from(err: HexError) -> Self {
         MaxSizeBytesError::HexError(err.to_string())
     }
-}
+}
diff --git a/base_layer/common_types/src/lib.rs b/base_layer/common_types/src/lib.rs
@@ -37,3 +37,5 @@ pub mod transaction;
 mod tx_id;
 pub mod types;
 pub mod wallet_types;
+mod bytes;
+pub use bytes::{MaxSizeBytes};
diff --git a/base_layer/contacts/src/contacts_service/types/message_builder.rs b/base_layer/contacts/src/contacts_service/types/message_builder.rs
@@ -96,3 +96,16 @@ impl From<Message> for MessageBuilder {
         }
     }
 }
+
+#[cfg(test)]
+mod test {
+    use super::*;
+
+    #[test]
+    fn test_message_builder() {
+        for _ in 0..10 {
+            let msg = MessageBuilder::new().build();
+            println!("{:?}", msg.message_id.len());
+        }
+    }
+}
diff --git a/base_layer/core/src/consensus/consensus_encoding.rs b/base_layer/core/src/consensus/consensus_encoding.rs
@@ -20,11 +20,9 @@
 //  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
 //  USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-mod bytes;
 mod hashing;
 mod string;
 
 pub use hashing::DomainSeparatedConsensusHasher;
 pub use string::MaxSizeString;
 
-pub use self::bytes::MaxSizeBytes;
diff --git a/base_layer/core/src/consensus/mod.rs b/base_layer/core/src/consensus/mod.rs
@@ -30,7 +30,7 @@ mod consensus_manager;
 pub use consensus_manager::{ConsensusBuilderError, ConsensusManager, ConsensusManagerBuilder, ConsensusManagerError};
 
 mod consensus_encoding;
-pub use consensus_encoding::{DomainSeparatedConsensusHasher, MaxSizeBytes, MaxSizeString};
+pub use consensus_encoding::{DomainSeparatedConsensusHasher, MaxSizeString};
 mod network;
 pub use network::NetworkConsensus;
 

diff --git a/base_layer/core/src/covenants/arguments.rs b/base_layer/core/src/covenants/arguments.rs
@@ -29,11 +29,10 @@ use borsh::{BorshDeserialize, BorshSerialize};
 use integer_encoding::VarIntWriter;
 use tari_common_types::types::{Commitment, FixedHash, PublicKey};
 use tari_script::TariScript;
-use tari_utilities::{hex::Hex, ByteArray};
-
+use tari_utilities::{ByteArray, hex::Hex};
+use tari_common_types::MaxSizeBytes;
 use super::decoder::CovenantDecodeError;
 use crate::{
-    consensus::MaxSizeBytes,
     covenants::{
         byte_codes,
         covenant::Covenant,

diff --git a/base_layer/core/src/transactions/transaction_components/encrypted_data.rs b/base_layer/core/src/transactions/transaction_components/encrypted_data.rs
@@ -41,7 +41,7 @@ use chacha20poly1305::{
     XChaCha20Poly1305,
     XNonce,
 };
-use digest::{consts::U32, generic_array::GenericArray, FixedOutput};
+use digest::{consts::U32, FixedOutput, generic_array::GenericArray};
 use primitive_types::U256;
 use serde::{Deserialize, Serialize};
 use tari_common_types::{
@@ -51,16 +51,16 @@ use tari_common_types::{
 use tari_crypto::{hashing::DomainSeparatedHasher, keys::SecretKey};
 use tari_hashing::TransactionSecureNonceKdfDomain;
 use tari_utilities::{
-    hex::{from_hex, to_hex, Hex, HexError},
-    safe_array::SafeArray,
     ByteArray,
     ByteArrayError,
+    hex::{from_hex, Hex, HexError, to_hex},
+    safe_array::SafeArray,
 };
 use thiserror::Error;
 use zeroize::{Zeroize, Zeroizing};
-
+use tari_common_types::MaxSizeBytes;
 use super::EncryptedDataKey;
-use crate::{consensus::MaxSizeBytes, transactions::tari_amount::MicroMinotari};
+use crate::transactions::tari_amount::MicroMinotari;
 // Useful size constants, each in bytes
 const SIZE_NONCE: usize = size_of::<XNonce>();
 const SIZE_VALUE: usize = size_of::<u64>();

diff --git a/base_layer/core/src/transactions/transaction_components/output_features.rs b/base_layer/core/src/transactions/transaction_components/output_features.rs
@@ -28,18 +28,19 @@ use std::{
 
 use borsh::{BorshDeserialize, BorshSerialize};
 use serde::{Deserialize, Serialize};
+use tari_common_types::MaxSizeBytes;
 use tari_common_types::types::{PublicKey, Signature};
 
 use super::OutputFeaturesVersion;
 use crate::{
-    consensus::{MaxSizeBytes, MaxSizeString},
+    consensus::MaxSizeString,
     transactions::transaction_components::{
-        range_proof_type::RangeProofType,
-        side_chain::SideChainFeature,
         BuildInfo,
         CodeTemplateRegistration,
         ConfidentialOutputData,
         OutputType,
+        range_proof_type::RangeProofType,
+        side_chain::SideChainFeature,
         TemplateType,
         ValidatorNodeRegistration,
         ValidatorNodeSignature,

diff --git a/base_layer/core/src/transactions/transaction_components/side_chain/template_registration.rs b/base_layer/core/src/transactions/transaction_components/side_chain/template_registration.rs
@@ -22,9 +22,10 @@
 
 use borsh::{BorshDeserialize, BorshSerialize};
 use serde::{Deserialize, Serialize};
+use tari_common_types::MaxSizeBytes;
 use tari_common_types::types::{PublicKey, Signature};
 
-use crate::consensus::{MaxSizeBytes, MaxSizeString};
+use crate::consensus::MaxSizeString;
 
 #[derive(Debug, Clone, Hash, PartialEq, Eq, Deserialize, Serialize, BorshSerialize, BorshDeserialize)]
 pub struct CodeTemplateRegistration {

diff --git a/base_layer/wallet/src/transaction_service/handle.rs b/base_layer/wallet/src/transaction_service/handle.rs
@@ -36,15 +36,15 @@ use tari_common_types::{
 };
 use tari_comms::types::CommsPublicKey;
 use tari_core::{
-    consensus::{MaxSizeBytes, MaxSizeString},
+    consensus::MaxSizeString,
     mempool::FeePerGramStat,
     proto,
     transactions::{
         tari_amount::MicroMinotari,
         transaction_components::{
-            encrypted_data::PaymentId,
             BuildInfo,
             CodeTemplateRegistration,
+            encrypted_data::PaymentId,
             OutputFeatures,
             TemplateType,
             Transaction,
@@ -58,8 +58,9 @@ use tari_service_framework::reply_channel::SenderService;
 use tari_utilities::hex::Hex;
 use tokio::sync::broadcast;
 use tower::Service;
-
+use tari_common_types::MaxSizeBytes;
 use crate::{
+    OperationId,
     output_manager_service::UtxoSelectionCriteria,
     transaction_service::{
         error::TransactionServiceError,
@@ -71,7 +72,6 @@ use crate::{
             WalletTransaction,
         },
     },
-    OperationId,
 };
 
 /// API Request enum

diff --git a/common/src/lib.rs b/common/src/lib.rs
@@ -65,6 +65,7 @@ pub use configuration::{
     utils::load_configuration,
 };
 pub mod dir_utils;
+
 pub use logging::initialize_logging;
 
 pub const DEFAULT_CONFIG: &str = "config/config.toml";