Skip to content

Commit

Permalink
Merge pull request from GHSA-3qp7-gj37-g9rx
Browse files Browse the repository at this point in the history
Dragonberry 🐉 🍓

Co-authored-by: Facundo Medica <14063057+facundomedica@users.noreply.github.com>
Co-authored-by: Marko <marbar3778@yahoo.com>
Co-authored-by: Ethan Buchman <ethan@coinculture.info>
Co-authored-by: Nicolas Lara <nicolaslara@gmail.com>
Co-authored-by: Roman <34196718+p0mvn@users.noreply.github.com>
Co-authored-by: Roman <roman@osmosis.team>
Co-authored-by: Julien Robert <julien@rbrt.fr>
Co-authored-by: emidev98 <49301655+emidev98@users.noreply.github.com>

Co-authored-by: Dev Ojha <ValarDragon@users.noreply.github.com>
Co-authored-by: Facundo Medica <14063057+facundomedica@users.noreply.github.com>
Co-authored-by: Marko <marbar3778@yahoo.com>
Co-authored-by: Nicolas Lara <nicolaslara@gmail.com>
Co-authored-by: Roman <34196718+p0mvn@users.noreply.github.com>
Co-authored-by: Roman <roman@osmosis.team>
Co-authored-by: Julien Robert <julien@rbrt.fr>
Co-authored-by: emidev98 <49301655+emidev98@users.noreply.github.com>
  • Loading branch information
9 people authored Oct 14, 2022
1 parent d8527c3 commit 2582f0a
Show file tree
Hide file tree
Showing 63 changed files with 9,479 additions and 2,994 deletions.
27 changes: 22 additions & 5 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,9 +37,28 @@ Ref: https://keepachangelog.com/en/1.0.0/

## [Unreleased]

## v0.45.9 - 2022-10-14

ATTENTION:

This is a security release for the
[Dragonberry security advisory](https://forum.cosmos.network/t/ibc-security-advisory-dragonberry/7702).

All users should upgrade immediately.

Users *must* add a replace directive in their go.mod for the
new `ics23` package in the SDK:

```
replace (
github.com/confio/ics23/go => github.com/cosmos/cosmos-sdk/ics23
)
```

### Features

* (grpc) [#13485](https://github.com/cosmos/cosmos-sdk/pull/13485) Implement a new gRPC query, `/cosmos/base/node/v1beta1/config`, which provides operator configuration.
* [#13435](https://github.com/cosmos/cosmos-sdk/pull/13435) Extend error context when a simulation fails.

### Improvements

Expand All @@ -51,11 +70,12 @@ Ref: https://keepachangelog.com/en/1.0.0/

### API Breaking Changes

* (server) [#13485](https://github.com/cosmos/cosmos-sdk/pull/13485) The `Application` service now requires the `RegisterNodeService` method to be implemented.
* (cli) [#13089](https://github.com/cosmos/cosmos-sdk/pull/13089) Fix rollback command don't actually delete multistore versions, added method `RollbackToVersion` to interface `CommitMultiStore` and added method `CommitMultiStore` to `Application` interface.

### Bug Fixes

* [#...](https://github.com/cosmos/cosmos-sdk/pull/) Implement dragonberry security patch.
* For applying the patch please refer to the [RELEASE NOTES](./RELEASE_NOTES.md)
* (store) [#13459](https://github.com/cosmos/cosmos-sdk/pull/13459) Don't let state listener observe the uncommitted writes.

## v0.45.8 - 2022-08-25
Expand Down Expand Up @@ -92,9 +112,6 @@ Ref: https://keepachangelog.com/en/1.0.0/
### Bug Fixes

* (x/mint) [#12384](https://github.com/cosmos/cosmos-sdk/pull/12384) Ensure `GoalBonded` must be positive when performing `x/mint` parameter validation.
* (simapp) [#12437](https://github.com/cosmos/cosmos-sdk/pull/12437) fix the non-determinstic behavior in simulations caused by `GenTx` and check
empty coins slice before it is used to create `banktype.MsgSend`.
* (x/capability) [12818](https://github.com/cosmos/cosmos-sdk/pull/12818) Use fixed length hex for pointer at FwdCapabilityKey.

## [v0.45.6](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.45.6) - 2022-06-28

Expand Down
21 changes: 17 additions & 4 deletions RELEASE_NOTES.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,20 @@
# Cosmos SDK v0.45.8 Release Notes
# Cosmos SDK v0.45.9 Release Notes

This release introduces few improvements, such as the speed-up of the crisis invariant checks (thanks to a Juno bounty), and updated Tendermint and IAVL dependencies.
This is a security release for the
[Dragonberry security advisory](https://forum.cosmos.network/t/ibc-security-advisory-dragonberry/7702).
Please upgrade ASAP.

See the [Cosmos SDK v0.45.8 Changelog](https://github.com/cosmos/cosmos-sdk/blob/v0.45.8/CHANGELOG.md) for the exhaustive list of all changes.
Next to this, we have also included a few minor bugfixes.

**Full Commit History**: https://github.com/cosmos/cosmos-sdk/compare/v0.45.7...v0.45.8
Chains must add the following to their go.mod for the application:

```go
replace github.com/confio/ics23/go => github.com/cosmos/cosmos-sdk/ics23
```

Bumping the SDK version should be smooth, however, feel free to tag core devs to review your upgrading PR:

- **CET**: @tac0turtle, @okwme, @AdityaSripal, @colin-axner, @julienrbrt
- **EST**: @ebuchman, @alexanderbez, @aaronc
- **PST**: @jtremback, @nicolaslara, @czarcas7ic, @p0mvn
- **CDT**: @ValarDragon, @zmanian
64 changes: 17 additions & 47 deletions baseapp/abci.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package baseapp

import (
"crypto/sha256"
"encoding/json"
"errors"
"fmt"
"os"
Expand Down Expand Up @@ -122,24 +123,6 @@ func (app *BaseApp) SetOption(req abci.RequestSetOption) (res abci.ResponseSetOp
return
}

// FilterPeerByAddrPort filters peers by address/port.
func (app *BaseApp) FilterPeerByAddrPort(info string) abci.ResponseQuery {
if app.addrPeerFilter != nil {
return app.addrPeerFilter(info)
}

return abci.ResponseQuery{}
}

// FilterPeerByID filters peers by node ID.
func (app *BaseApp) FilterPeerByID(info string) abci.ResponseQuery {
if app.idPeerFilter != nil {
return app.idPeerFilter(info)
}

return abci.ResponseQuery{}
}

// BeginBlock implements the ABCI application interface.
func (app *BaseApp) BeginBlock(req abci.RequestBeginBlock) (res abci.ResponseBeginBlock) {
defer telemetry.MeasureSince(time.Now(), "abci", "begin_block")
Expand Down Expand Up @@ -805,6 +788,22 @@ func handleQueryApp(app *BaseApp, path []string, req abci.RequestQuery) abci.Res
Value: []byte(app.version),
}

case "snapshots":
var responseValue []byte

response := app.ListSnapshots(abci.RequestListSnapshots{})

responseValue, err := json.Marshal(response)
if err != nil {
sdkerrors.QueryResult(sdkerrors.Wrap(err, fmt.Sprintf("failed to marshal list snapshots response %v", response)))
}

return abci.ResponseQuery{
Codespace: sdkerrors.RootCodespace,
Height: req.Height,
Value: responseValue,
}

default:
return sdkerrors.QueryResultWithDebug(sdkerrors.Wrapf(sdkerrors.ErrUnknownRequest, "unknown query: %s", path), app.trace)
}
Expand Down Expand Up @@ -840,35 +839,6 @@ func handleQueryStore(app *BaseApp, path []string, req abci.RequestQuery) abci.R
return resp
}

func handleQueryP2P(app *BaseApp, path []string) abci.ResponseQuery {
// "/p2p" prefix for p2p queries
if len(path) < 4 {
return sdkerrors.QueryResultWithDebug(
sdkerrors.Wrap(
sdkerrors.ErrUnknownRequest, "path should be p2p filter <addr|id> <parameter>",
), app.trace)
}

var resp abci.ResponseQuery

cmd, typ, arg := path[1], path[2], path[3]
switch cmd {
case "filter":
switch typ {
case "addr":
resp = app.FilterPeerByAddrPort(arg)

case "id":
resp = app.FilterPeerByID(arg)
}

default:
resp = sdkerrors.QueryResultWithDebug(sdkerrors.Wrap(sdkerrors.ErrUnknownRequest, "expected second parameter to be 'filter'"), app.trace)
}

return resp
}

func handleQueryCustom(app *BaseApp, path []string, req abci.RequestQuery) abci.ResponseQuery {
// path[0] should be "custom" because "/custom" prefix is required for keeper
// queries.
Expand Down
38 changes: 38 additions & 0 deletions baseapp/abci_test.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package baseapp

import (
"encoding/json"
"testing"

"github.com/stretchr/testify/require"
Expand Down Expand Up @@ -159,3 +160,40 @@ func TestBaseAppCreateQueryContext(t *testing.T) {
})
}
}

type paramStore struct {
db *dbm.MemDB
}

func (ps *paramStore) Set(_ sdk.Context, key []byte, value interface{}) {
bz, err := json.Marshal(value)
if err != nil {
panic(err)
}

ps.db.Set(key, bz)
}

func (ps *paramStore) Has(_ sdk.Context, key []byte) bool {
ok, err := ps.db.Has(key)
if err != nil {
panic(err)
}

return ok
}

func (ps *paramStore) Get(_ sdk.Context, key []byte, ptr interface{}) {
bz, err := ps.db.Get(key)
if err != nil {
panic(err)
}

if len(bz) == 0 {
return
}

if err := json.Unmarshal(bz, ptr); err != nil {
panic(err)
}
}
111 changes: 68 additions & 43 deletions baseapp/baseapp.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,29 +46,18 @@ type (
type BaseApp struct { //nolint: maligned
// initialized on creation
logger log.Logger
name string // application name from abci.Info
db dbm.DB // common DB backend
cms sdk.CommitMultiStore // Main (uncached) state
storeLoader StoreLoader // function to handle store loading, may be overridden with SetStoreLoader()
router sdk.Router // handle any kind of message
queryRouter sdk.QueryRouter // router for redirecting query calls
grpcQueryRouter *GRPCQueryRouter // router for redirecting gRPC query calls
msgServiceRouter *MsgServiceRouter // router for redirecting Msg service messages
name string // application name from abci.Info
interfaceRegistry types.InterfaceRegistry
txDecoder sdk.TxDecoder // unmarshal []byte into sdk.Tx

anteHandler sdk.AnteHandler // ante handler for fee and auth
initChainer sdk.InitChainer // initialize state with validators and state blob
beginBlocker sdk.BeginBlocker // logic to run before any txs
endBlocker sdk.EndBlocker // logic to run after all txs, and to determine valset changes
addrPeerFilter sdk.PeerFilter // filter peers by address and port
idPeerFilter sdk.PeerFilter // filter peers by node ID
fauxMerkleMode bool // if true, IAVL MountStores uses MountStoresDB for simulation speed.
anteHandler sdk.AnteHandler // ante handler for fee and auth

// manages snapshots, i.e. dumps of app state at certain intervals
snapshotManager *snapshots.Manager
snapshotInterval uint64 // block interval between state sync snapshots
snapshotKeepRecent uint32 // recent state sync snapshots to keep
appStore
baseappVersions
peerFilters
snapshotData
abciData
moduleRouter

// volatile states:
//
Expand All @@ -77,12 +66,6 @@ type BaseApp struct { //nolint: maligned
checkState *state // for CheckTx
deliverState *state // for DeliverTx

// an inter-block write-through cache provided to the context during deliverState
interBlockCache sdk.MultiStorePersistentCache

// absent validators from begin block
voteInfos []abci.VoteInfo

// paramStore is used to query for ABCI consensus parameters from an
// application parameter store.
paramStore ParamStore
Expand Down Expand Up @@ -115,13 +98,6 @@ type BaseApp struct { //nolint: maligned
// ResponseCommit.RetainHeight.
minRetainBlocks uint64

// application's version string
version string

// application's protocol version that increments on every upgrade
// if BaseApp is passed to the upgrade keeper's NewKeeper method.
appVersion uint64

// recovery handler for app.runTx method
runTxRecoveryMiddleware recoveryMiddleware

Expand All @@ -137,6 +113,51 @@ type BaseApp struct { //nolint: maligned
abciListeners []ABCIListener
}

type appStore struct {
db dbm.DB // common DB backend
cms sdk.CommitMultiStore // Main (uncached) state
storeLoader StoreLoader // function to handle store loading, may be overridden with SetStoreLoader()

// an inter-block write-through cache provided to the context during deliverState
interBlockCache sdk.MultiStorePersistentCache

fauxMerkleMode bool // if true, IAVL MountStores uses MountStoresDB for simulation speed.
}

type moduleRouter struct {
router sdk.Router // handle any kind of message
queryRouter sdk.QueryRouter // router for redirecting query calls
grpcQueryRouter *GRPCQueryRouter // router for redirecting gRPC query calls
msgServiceRouter *MsgServiceRouter // router for redirecting Msg service messages
}

type abciData struct {
initChainer sdk.InitChainer // initialize state with validators and state blob
beginBlocker sdk.BeginBlocker // logic to run before any txs
endBlocker sdk.EndBlocker // logic to run after all txs, and to determine valset changes

// absent validators from begin block
voteInfos []abci.VoteInfo
}

type baseappVersions struct {
// application's version string
version string

// application's protocol version that increments on every upgrade
// if BaseApp is passed to the upgrade keeper's NewKeeper method.
appVersion uint64
}

// should really get handled in some db struct
// which then has a sub-item, persistence fields
type snapshotData struct {
// manages snapshots, i.e. dumps of app state at certain intervals
snapshotManager *snapshots.Manager
snapshotInterval uint64 // block interval between state sync snapshots
snapshotKeepRecent uint32 // recent state sync snapshots to keep
}

// NewBaseApp returns a reference to an initialized BaseApp. It accepts a
// variadic number of option functions, which act on the BaseApp to set
// configuration choices.
Expand All @@ -146,17 +167,21 @@ func NewBaseApp(
name string, logger log.Logger, db dbm.DB, txDecoder sdk.TxDecoder, options ...func(*BaseApp),
) *BaseApp {
app := &BaseApp{
logger: logger,
name: name,
db: db,
cms: store.NewCommitMultiStore(db),
storeLoader: DefaultStoreLoader,
router: NewRouter(),
queryRouter: NewQueryRouter(),
grpcQueryRouter: NewGRPCQueryRouter(),
msgServiceRouter: NewMsgServiceRouter(),
txDecoder: txDecoder,
fauxMerkleMode: false,
logger: logger,
name: name,
appStore: appStore{
db: db,
cms: store.NewCommitMultiStore(db),
storeLoader: DefaultStoreLoader,
fauxMerkleMode: false,
},
moduleRouter: moduleRouter{
router: NewRouter(),
queryRouter: NewQueryRouter(),
grpcQueryRouter: NewGRPCQueryRouter(),
msgServiceRouter: NewMsgServiceRouter(),
},
txDecoder: txDecoder,
}

for _, option := range options {
Expand Down
Loading

0 comments on commit 2582f0a

Please sign in to comment.