Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hash types conversions unhandled panics #2275

Closed
Alrighttt opened this issue Nov 19, 2024 · 1 comment
Closed

Hash types conversions unhandled panics #2275

Alrighttt opened this issue Nov 19, 2024 · 1 comment
Assignees
@borngraced
Labels
bug: security priority: urgent Critical tasks requiring immediate action.

Comments

@Alrighttt
Copy link
Member

Types such as H256 and H264 have methods that can cause a runtime panic.

This is due to Indexing into a slice without first checking the size of the slice:

komodo-defi-framework/mm2src/mm2_bitcoin/primitives/src/hash.rs

Line 45 in 4d0f812

inner[..].clone_from_slice(&slc[0..$size]);

ex:

use rpc::v1::types::H264;
let some_vec = vec![0u8];
let this_panics: H264 = some_vec.as_slice().into();

panicked at 'range end index 33 out of range for slice of length 1', mm2src/mm2_bitcoin/primitives/src/hash.rs:157:1

culprit:
https://github.com/KomodoPlatform/komodo-defi-framework/blob/4d0f812ac5089364de51f896e282c419019ac4f9/mm2src/mm2_bitcoin/primitives/src/hash.rs#L42C1-L48C10
https://github.com/KomodoPlatform/komodo-defi-framework/blob/4d0f812ac5089364de51f896e282c419019ac4f9/mm2src/mm2_bitcoin/rpc/src/v1/types/hash.rs#L34C1-L39C10

This From implementation must be replaced with TryFrom or made infallible. Additionally there is an instance of .unwrap() in From<&'static str> for each hash type.

These types originate from parity bitcoin. I believe the macros for implementing these are implementing far more types than we utilize. We should consider minimizing the use of this hash module.
@Alrighttt Alrighttt reopened this Nov 19, 2024
@borngraced borngraced mentioned this issue Nov 20, 2024
Merged
1 task
@shamardy shamardy added priority: urgent Critical tasks requiring immediate action. bug: security labels Dec 12, 2024
shamardy pushed a commit that referenced this issue Feb 3, 2025
@borngraced
fix(hash-types): remove panic, enforce fixed-size arrays (#2279)
ff0eefc 
We now enforce fixed-length byte arrays instead of indexing slices.  
This prevents unhandled panics when incoming slices are too short.

- Replaced slice indexing with safe fixed-size array creation.
- Removed methods that relied on unchecked slice indexing.
- Ensured each code path now handles invalid lengths gracefully.

Closes #2275
@shamardy
Copy link
Collaborator

shamardy commented Feb 3, 2025

should be fixed in #2279

@shamardy shamardy closed this as completed Feb 3, 2025
shamardy pushed a commit that referenced this issue Feb 3, 2025
@borngraced @shamardy
fix(hash-types): remove panic, enforce fixed-size arrays (#2279)
bf63104 
We now enforce fixed-length byte arrays instead of indexing slices.  
This prevents unhandled panics when incoming slices are too short.

- Replaced slice indexing with safe fixed-size array creation.
- Removed methods that relied on unchecked slice indexing.
- Ensured each code path now handles invalid lengths gracefully.

Closes #2275
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@borngraced borngraced

Labels
bug: security priority: urgent Critical tasks requiring immediate action.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Alrighttt @shamardy @borngraced