You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The deserialization failures are handled inconsistently inside the staking state code. Some
functions are returning errors and some are using panic. This mismatch might lead to false
assumptions about which function might fail when developing the codebase. Examples of
both cases can be witnessed on Figures TOB-OL-110.1 and TOB-OL-110.2.
An Oasis developer calls a function which panics with an assumption that it doesn’t fail and
introduces a possibility for a Denial of Service.
Recommendation
Short term, modify the staking state module to return errors.
Long term, avoid using panic unless necessary. Panics are fatal and should only be used
when the error cannot be solved.
The text was updated successfully, but these errors were encountered:
Issue transferred from an external security audit report.
Figure TOB-OL-109.1 shows https://github.com/oasislabs/oasis-core/blob/f331a877721f44cc2412b4248d66e95f83f4cf9c/go/consensus/tendermint/apps/staking/state/state.go#L297-L308
Figure TOB-OL-109.2 shows https://github.com/oasislabs/oasis-core/blob/f331a877721f44cc2412b4248d66e95f83f4cf9c/go/consensus/tendermint/apps/staking/state/state.go#L108-L117
The text was updated successfully, but these errors were encountered: