Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.Validate #16554

Merged
merged 2 commits into from
Jun 15, 2023
Merged

fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.Validate #16554

merged 2 commits into from
Jun 15, 2023

Conversation

odeke-em
Copy link
Collaborator

This change ensures that ModuleAccount.Validate flags nil .BaseAccount to avoid a nil pointer dereference. This bug was found by fuzzing cosmos/gaia.

Fixes #16552

@odeke-em odeke-em requested a review from a team as a code owner June 14, 2023 20:58
@github-actions

This comment has been minimized.

Sign in to view
@odeke-em odeke-em force-pushed the x-auth-types-check-non-nil-BaseAccount branch from 32b7ccb to 99dd572 Compare June 14, 2023 21:01
@julienrbrt julienrbrt added backport/v0.50.x PR scheduled for inclusion in the v0.50's next stable release backport/0.46.x PR scheduled for inclusion in the v0.46's next stable release backport/v0.47.x PR scheduled for inclusion in the v0.47's next stable release labels Jun 14, 2023
julienrbrt
julienrbrt approved these changes Jun 14, 2023
View reviewed changes
Copy link
Member

@julienrbrt julienrbrt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

CHANGELOG.md Outdated Show resolved Hide resolved
@odeke-em odeke-em force-pushed the x-auth-types-check-non-nil-BaseAccount branch 2 times, most recently from 8d17695 to 68b854d Compare June 14, 2023 22:22
@odeke-em odeke-em enabled auto-merge June 14, 2023 22:28
@odeke-em odeke-em force-pushed the x-auth-types-check-non-nil-BaseAccount branch from 68b854d to 1f90389 Compare June 14, 2023 22:29
@odeke-em
Copy link
Collaborator Author

Thank you for the review @julienrbrt!

@julienrbrt julienrbrt disabled auto-merge June 15, 2023 08:19
@odeke-em
fix: x/auth/types: ensure nil .BaseAccounts are reported in ModuleAcc…
90a36f8 
…ount.Validate

This change ensures that ModuleAccount.Validate flags nil .BaseAccount
to avoid a nil pointer dereference. This bug was found by fuzzing
cosmos/gaia.

Fixes #16552
@odeke-em odeke-em force-pushed the x-auth-types-check-non-nil-BaseAccount branch from 1f90389 to 90a36f8 Compare June 15, 2023 08:22
@julienrbrt julienrbrt added this pull request to the merge queue Jun 15, 2023
@julienrbrt julienrbrt removed this pull request from the merge queue due to a manual request Jun 15, 2023
@julienrbrt julienrbrt changed the title fix: x/auth/types: ensure nil .BaseAccounts are reported in ModuleAccount.Validate fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.Validate Jun 15, 2023
@julienrbrt julienrbrt added this pull request to the merge queue Jun 15, 2023
Merged via the queue into main with commit 629dc63 Jun 15, 2023
@julienrbrt julienrbrt deleted the x-auth-types-check-non-nil-BaseAccount branch June 15, 2023 09:14
mergify bot pushed a commit that referenced this pull request Jun 15, 2023
@odeke-em @mergify
fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.V…
8b4006c 
…alidate (#16554)

(cherry picked from commit 629dc63)

# Conflicts:
#	CHANGELOG.md
@mergify mergify bot mentioned this pull request Jun 15, 2023
Merged
mergify bot pushed a commit that referenced this pull request Jun 15, 2023
@odeke-em @mergify
fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.V…
9a0fa11 
…alidate (#16554)

(cherry picked from commit 629dc63)

# Conflicts:
#	CHANGELOG.md
@mergify mergify bot mentioned this pull request Jun 15, 2023
Merged
mergify bot pushed a commit that referenced this pull request Jun 15, 2023
@odeke-em @mergify
fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.V…
12d3bba 
…alidate (#16554)

(cherry picked from commit 629dc63)

# Conflicts:
#	CHANGELOG.md
#	x/auth/types/account_test.go
@mergify mergify bot mentioned this pull request Jun 15, 2023
Merged
julienrbrt added a commit that referenced this pull request Jun 15, 2023
@mergify @odeke-em @julienrbrt
fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.V…
ae3e30a 
…alidate (backport #16554) (#16568)

Co-authored-by: Emmanuel T Odeke <emmanuel@orijtech.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>
julienrbrt added a commit that referenced this pull request Jun 15, 2023
@mergify @odeke-em @julienrbrt
fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.V…
de4e55d 
…alidate (backport #16554) (#16569)

Co-authored-by: Emmanuel T Odeke <emmanuel@orijtech.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>
julienrbrt added a commit that referenced this pull request Jun 15, 2023
@mergify @odeke-em @julienrbrt
fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.V…
f34e99d 
…alidate (backport #16554) (#16570)

Co-authored-by: Emmanuel T Odeke <emmanuel@orijtech.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>
GAtom22 pushed a commit to evmos/cosmos-sdk that referenced this pull request Jul 12, 2023
@mergify @odeke-em
@julienrbrt @GAtom22
fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.V…
997a971 
…alidate (backport cosmos#16554) (cosmos#16570)

Co-authored-by: Emmanuel T Odeke <emmanuel@orijtech.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>
GAtom22 pushed a commit to evmos/cosmos-sdk that referenced this pull request Jul 12, 2023
@mergify @odeke-em
@julienrbrt @GAtom22
fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.V…
7364088 
…alidate (backport cosmos#16554) (cosmos#16570)

Co-authored-by: Emmanuel T Odeke <emmanuel@orijtech.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>
@jacksoom jacksoom mentioned this pull request Jul 29, 2023
Merged
cmwaters added a commit to celestiaorg/cosmos-sdk that referenced this pull request Aug 15, 2023
@cmwaters @julienrbrt
@mergify @odeke-em @yihuang @mmsqe @tac0turtle @KyleMoser @rootulp @itsdevbear
chore: bump sdk to v0.46.14 and tm to v1.26.2-tm-v0.34.28 (#340)
64adc6e 
* build(deps): bump cometbft to v0.34.29 (cosmos#16553)

* fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.Validate (backport cosmos#16554) (cosmos#16570)

Co-authored-by: Emmanuel T Odeke <emmanuel@orijtech.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix: snapshotter's failure is not propogated (backport cosmos#16588) (cosmos#16604)

Co-authored-by: yihuang <huang@crypto.com>

* feat: add custom max gas for block for sim config (backport cosmos#16656) (cosmos#16731)

Co-authored-by: mmsqe <mavis@crypto.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>

* fix: accaddr cachefix (backport cosmos#15433) (cosmos#16823)

Co-authored-by: KyleMoser <KyleMoser@users.noreply.github.com>
Co-authored-by: HuangYi <huang@crypto.com>

* fix(cli): improve `prune` command ux (backport cosmos#16856) (cosmos#16876)

Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix: query tx events with `>=` and `<=` operators (cosmos#16994)

* docs: change bank multi-send command description (backport cosmos#16950) (cosmos#17019)

* chore: prepare v0.46.14 (cosmos#16879)

* refactor: add MigrateHandler to allow reuse migrate genesis related function  (backport cosmos#17296) (cosmos#17301)

Co-authored-by: mmsqe <mavis@crypto.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* fix: resolve migration map in MigrateHandler (cosmos#17301) (cosmos#17302)

* feat(x/gov): Emit VoterAddr (backport cosmos#17354) (cosmos#17357)

Co-authored-by: Devon Bear <itsdevbear@berachain.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>

* feat(x/gov): add MsgSubmitProposal SetMsgs method (backport cosmos#17387) (cosmos#17388)

Co-authored-by: Julien Robert <julien@rbrt.fr>

---------

Co-authored-by: Julien Robert <julien@rbrt.fr>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Co-authored-by: Emmanuel T Odeke <emmanuel@orijtech.com>
Co-authored-by: yihuang <huang@crypto.com>
Co-authored-by: mmsqe <mavis@crypto.com>
Co-authored-by: marbar3778 <marbar3778@yahoo.com>
Co-authored-by: KyleMoser <KyleMoser@users.noreply.github.com>
Co-authored-by: Rootul P <rootulp@gmail.com>
Co-authored-by: Devon Bear <itsdevbear@berachain.com>
@faddat faddat mentioned this pull request Sep 5, 2023
Closed
19 tasks
@faddat faddat mentioned this pull request Oct 15, 2023
Closed
19 tasks
@tkxkd0159 tkxkd0159 mentioned this pull request Mar 11, 2024
Merged
5 tasks
@mergify mergify bot mentioned this pull request Mar 15, 2024
Merged
5 tasks
@0xstepit 0xstepit mentioned this pull request Jul 1, 2024
Merged
JeancarloBarrios pushed a commit to agoric-labs/cosmos-sdk that referenced this pull request Sep 28, 2024
@mergify @odeke-em
@julienrbrt @JeancarloBarrios
fix(x/auth): ensure nil .BaseAccounts are reported in ModuleAccount.V…
c92388a 
…alidate (backport cosmos#16554) (cosmos#16570)

Co-authored-by: Emmanuel T Odeke <emmanuel@orijtech.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@julienrbrt julienrbrt julienrbrt approved these changes

@facundomedica facundomedica Awaiting requested review from facundomedica facundomedica is a code owner

@atheeshp atheeshp Awaiting requested review from atheeshp

Assignees
No one assigned
Labels
backport/v0.47.x PR scheduled for inclusion in the v0.47's next stable release backport/v0.50.x PR scheduled for inclusion in the v0.50's next stable release backport/0.46.x PR scheduled for inclusion in the v0.46's next stable release C:x/auth
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

x/auth/types: ModuleAccount.Validate() should check that its .BaseAccount is non-nil lest experience a crash
2 participants
@odeke-em @julienrbrt