Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

core/txpool/blobpool: avoid possible zero index panic #30430

Merged
merged 3 commits into from
Sep 14, 2024
Merged

core/txpool/blobpool: avoid possible zero index panic #30430

merged 3 commits into from
Sep 14, 2024

Conversation

mask-pp
Copy link
Contributor

@mask-pp mask-pp commented Sep 13, 2024
edited
Loading

This situation(len(txs) == 0) rarely occurs, but if it does, it will panic.

holiman
holiman requested changes Sep 13, 2024
View reviewed changes
Copy link
Contributor

@holiman holiman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One minor nit, otherwise this looks like a correct fix to me!

core/txpool/blobpool/blobpool.go Outdated Show resolved Hide resolved
@mask-pp @holiman
Update core/txpool/blobpool/blobpool.go
64cc8eb 
Co-authored-by: Martin HS <martin@swende.se>
holiman
holiman approved these changes Sep 14, 2024
View reviewed changes
Copy link
Contributor

@holiman holiman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@holiman holiman added this to the 1.14.9 milestone Sep 14, 2024
@holiman holiman changed the title core/txpool/blobpool: avoid posible zero index panic core/txpool/blobpool: avoid possible zero index panic Sep 14, 2024
@holiman holiman merged commit 0dd7e82 into ethereum:master Sep 14, 2024
3 checks passed
@BrewTestBot BrewTestBot mentioned this pull request Sep 18, 2024
Merged
@minh-bq
Copy link
Contributor

minh-bq commented Sep 20, 2024

In my opinion, it's impossible to cause the panic. The panic only happens when all transactions in txs has nonce lower than next. But if that is the case, it will fall into filled case above this logic and the function returns. Do I miss anything?

@holiman
Copy link
Contributor

holiman commented Sep 20, 2024

In my opinion, it's impossible to cause the panic.

I would suspect you are correct, but I didn't spend a lot of time investigating. The thing is, with the change in this PR, it is trivial to ascertain that code is correct and will not panic. Without it, one has to analyze the preconditions that lead up to a potential crash.

So, code is clearer and more robust with this PR (more robust since any changes in events leading up to the vulnerable line can no longer cause the bug to trigger).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@holiman holiman holiman approved these changes

@karalabe karalabe Awaiting requested review from karalabe karalabe is a code owner

@rjl493456442 rjl493456442 Awaiting requested review from rjl493456442 rjl493456442 is a code owner

@namiloh namiloh Awaiting requested review from namiloh

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.14.9
Development

Successfully merging this pull request may close these issues.
4 participants
@mask-pp @minh-bq @holiman @namiloh