From 382a7bdcaedfaff56338073e7f4b448e0342dcb7 Mon Sep 17 00:00:00 2001 From: Emmanuel T Odeke Date: Wed, 5 Apr 2023 00:36:36 -0700 Subject: [PATCH 1/6] fix: types: ensure .Amount is non-nil in Coin.Validate() (#15691) This change fixes a scenario in which Coin.Validate() would panic when given a nil Amount. While here, added a fuzz test along with unit/regression tests. Fixes #15690 --- types/coin.go | 5 +++++ types/coin_test.go | 34 ++++++++++++++++++++++++++++++++++ types/fuzz_test.go | 24 ++++++++++++++++++++++++ 3 files changed, 63 insertions(+) create mode 100644 types/fuzz_test.go diff --git a/types/coin.go b/types/coin.go index 01358f414b..85d4c405da 100644 --- a/types/coin.go +++ b/types/coin.go @@ -2,6 +2,7 @@ package types import ( "encoding/json" + "errors" "fmt" "regexp" "sort" @@ -44,6 +45,10 @@ func (coin Coin) Validate() error { return err } + if coin.Amount.IsNil() { + return errors.New("amount is nil") + } + if coin.Amount.IsNegative() { return fmt.Errorf("negative coin amount: %v", coin.Amount) } diff --git a/types/coin_test.go b/types/coin_test.go index 8f48e89fec..961d15bd1c 100644 --- a/types/coin_test.go +++ b/types/coin_test.go @@ -1034,6 +1034,40 @@ func (s *coinTestSuite) TestMarshalJSONCoins() { } } +func (s *coinTestSuite) TestCoinValidate() { + testCases := []struct { + name string + coin sdk.Coin + wantErr string + }{ + {"nil coin: nil Amount", sdk.Coin{}, "invalid denom"}, + {"non-blank coin, nil Amount", sdk.Coin{Denom: "atom"}, "amount is nil"}, + {"valid coin", sdk.Coin{Denom: "atom", Amount: math.NewInt(100)}, ""}, + {"negative coin", sdk.Coin{Denom: "atom", Amount: math.NewInt(-999)}, "negative coin amount"}, + } + + for _, tc := range testCases { + tc := tc + t := s.T() + t.Run(tc.name, func(t *testing.T) { + err := tc.coin.Validate() + if tc.wantErr == "" { + if err != nil { + t.Errorf("Unexpected error: %v", err) + } + return + } else { + if err == nil { + t.Error("Expected an error") + } else if !strings.Contains(err.Error(), tc.wantErr) { + t.Errorf("Error mismatch\n\tGot: %q\nWant: %q", err, tc.wantErr) + } + } + }) + } + +} + func (s *coinTestSuite) TestCoinAminoEncoding() { cdc := codec.NewLegacyAmino() c := sdk.NewInt64Coin(testDenom1, 5) diff --git a/types/fuzz_test.go b/types/fuzz_test.go new file mode 100644 index 0000000000..167b648ac0 --- /dev/null +++ b/types/fuzz_test.go @@ -0,0 +1,24 @@ +package types + +import ( + "testing" + + "github.com/cosmos/cosmos-sdk/codec" +) + +func FuzzCoinUnmarshalJSON(f *testing.F) { + if testing.Short() { + f.Skip() + } + + cdc := codec.NewLegacyAmino() + f.Add(`{"denom":"atom","amount":"1000"}`) + f.Add(`{"denom":"atom","amount":"-1000"}`) + f.Add(`{"denom":"uatom","amount":"1000111111111111111111111"}`) + f.Add(`{"denom":"mu","amount":"0"}`) + + f.Fuzz(func(t *testing.T, jsonBlob string) { + var c Coin + _ = cdc.UnmarshalJSON([]byte(jsonBlob), &c) + }) +} From a53a4481ca4fa01114114a8e6855be5d6d5ce3b1 Mon Sep 17 00:00:00 2001 From: 170210 Date: Tue, 26 Mar 2024 14:59:05 +0900 Subject: [PATCH 2/6] fix: change math.NewInt to sdk.NewInt Signed-off-by: 170210 --- types/coin_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/types/coin_test.go b/types/coin_test.go index 961d15bd1c..a4ef4e0cc0 100644 --- a/types/coin_test.go +++ b/types/coin_test.go @@ -1042,8 +1042,8 @@ func (s *coinTestSuite) TestCoinValidate() { }{ {"nil coin: nil Amount", sdk.Coin{}, "invalid denom"}, {"non-blank coin, nil Amount", sdk.Coin{Denom: "atom"}, "amount is nil"}, - {"valid coin", sdk.Coin{Denom: "atom", Amount: math.NewInt(100)}, ""}, - {"negative coin", sdk.Coin{Denom: "atom", Amount: math.NewInt(-999)}, "negative coin amount"}, + {"valid coin", sdk.Coin{Denom: "atom", Amount: sdk.NewInt(100)}, ""}, + {"negative coin", sdk.Coin{Denom: "atom", Amount: sdk.NewInt(-999)}, "negative coin amount"}, } for _, tc := range testCases { From d25801b71f772116c942ea0df26575420f734b26 Mon Sep 17 00:00:00 2001 From: 170210 Date: Tue, 26 Mar 2024 15:00:52 +0900 Subject: [PATCH 3/6] fix: change to finschia-sdk Signed-off-by: 170210 --- types/fuzz_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/types/fuzz_test.go b/types/fuzz_test.go index 167b648ac0..99b80be29a 100644 --- a/types/fuzz_test.go +++ b/types/fuzz_test.go @@ -3,7 +3,7 @@ package types import ( "testing" - "github.com/cosmos/cosmos-sdk/codec" + "github.com/Finschia/finschia-sdk/codec" ) func FuzzCoinUnmarshalJSON(f *testing.F) { From 1da970a0f944638b763e67ed01687f7cc6858996 Mon Sep 17 00:00:00 2001 From: yys Date: Fri, 12 Aug 2022 06:39:46 +0900 Subject: [PATCH 4/6] fix: prevent nil DecCoin creation when converting Coins to DecCoins (#12903) Closes: #12902 --- *All items are required. Please add a note to the item if the item is not applicable and please add links to any relevant follow up issues.* I have... - [ ] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] added `!` to the type prefix if API or client breaking change - [ ] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/main/CONTRIBUTING.md#pr-targeting)) - [ ] provided a link to the relevant issue or specification - [ ] followed the guidelines for [building modules](https://github.com/cosmos/cosmos-sdk/blob/main/docs/building-modules) - [ ] included the necessary unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/main/CONTRIBUTING.md#testing) - [ ] added a changelog entry to `CHANGELOG.md` - [ ] included comments for [documenting Go code](https://blog.golang.org/godoc) - [ ] updated the relevant documentation or specification - [ ] reviewed "Files changed" and left comments if necessary - [ ] confirmed all CI checks have passed *All items are required. Please add a note if the item is not applicable and please add your handle next to the items reviewed if you only reviewed selected items.* I have... - [ ] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [ ] confirmed `!` in the type prefix if API or client breaking change - [ ] confirmed all author checklist items have been addressed - [ ] reviewed state machine logic - [ ] reviewed API design and naming - [ ] reviewed documentation is accurate - [ ] reviewed tests and test coverage - [ ] manually tested (if applicable) --- types/dec_coin.go | 10 +++++++--- types/dec_coin_test.go | 23 +++++++++++++++++++++++ 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/types/dec_coin.go b/types/dec_coin.go index 68fe3b9f95..10856d0fe2 100644 --- a/types/dec_coin.go +++ b/types/dec_coin.go @@ -182,10 +182,14 @@ func sanitizeDecCoins(decCoins []DecCoin) DecCoins { // NewDecCoinsFromCoins constructs a new coin set with decimal values // from regular Coins. func NewDecCoinsFromCoins(coins ...Coin) DecCoins { - decCoins := make(DecCoins, len(coins)) + if len(coins) == 0 { + return DecCoins{} + } + + decCoins := make([]DecCoin, 0, len(coins)) newCoins := NewCoins(coins...) - for i, coin := range newCoins { - decCoins[i] = NewDecCoinFromCoin(coin) + for _, coin := range newCoins { + decCoins = append(decCoins, NewDecCoinFromCoin(coin)) } return decCoins diff --git a/types/dec_coin_test.go b/types/dec_coin_test.go index 9017bda27c..e2c3ba9028 100644 --- a/types/dec_coin_test.go +++ b/types/dec_coin_test.go @@ -546,6 +546,29 @@ func (s *decCoinTestSuite) TestNewDecCoinsWithIsValid() { } } +func (s *decCoinTestSuite) TestNewDecCoinsWithZeroCoins() { + zeroCoins := append(sdk.NewCoins(sdk.NewCoin("mytoken", sdk.NewInt(0))), sdk.Coin{Denom: "wbtc", Amount: sdk.NewInt(10)}) + + tests := []struct { + coins sdk.Coins + expectLength int + }{ + { + sdk.NewCoins(sdk.NewCoin("mytoken", sdk.NewInt(10)), sdk.NewCoin("wbtc", sdk.NewInt(10))), + 2, + }, + { + zeroCoins, + 1, + }, + } + + for _, tc := range tests { + tc := tc + s.Require().Equal(sdk.NewDecCoinsFromCoins(tc.coins...).Len(), tc.expectLength) + } +} + func (s *decCoinTestSuite) TestDecCoins_AddDecCoinWithIsValid() { lengthTestDecCoins := sdk.NewDecCoins().Add(sdk.NewDecCoin("mytoken", sdk.NewInt(10))).Add(sdk.DecCoin{Denom: "BTC", Amount: sdk.NewDec(10)}) s.Require().Equal(2, len(lengthTestDecCoins), "should be 2") From 25768afc1a62e18e92b4a04bf8d1dccc259fa25d Mon Sep 17 00:00:00 2001 From: 170210 Date: Tue, 26 Mar 2024 15:06:57 +0900 Subject: [PATCH 5/6] chore: update CHANGELOG.md Signed-off-by: 170210 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2f53c61cd4..1c5e1f445b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -60,6 +60,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ * (x/collection, x/token) [\#1288](https://github.com/Finschia/finschia-sdk/pull/1288) use accAddress to compare in validatebasic function in collection & token modules * (x/collection) [\#1268](https://github.com/Finschia/finschia-sdk/pull/1268) export x/collection params into genesis * (x/collection) [\#1294](https://github.com/Finschia/finschia-sdk/pull/1294) reject NFT coins on FT APIs +* (types) [\#1299](https://github.com/Finschia/finschia-sdk/pull/1299) add missing nil checks ### Removed From b8efbffa5b20001a008bc4938d6193f11327f911 Mon Sep 17 00:00:00 2001 From: 170210 Date: Tue, 26 Mar 2024 15:13:35 +0900 Subject: [PATCH 6/6] fix: fix lint Signed-off-by: 170210 --- types/coin_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/types/coin_test.go b/types/coin_test.go index a4ef4e0cc0..bb5eee2cc6 100644 --- a/types/coin_test.go +++ b/types/coin_test.go @@ -1065,7 +1065,6 @@ func (s *coinTestSuite) TestCoinValidate() { } }) } - } func (s *coinTestSuite) TestCoinAminoEncoding() {