-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add version check for firstnode in restore network #62
base: dev
Are you sure you want to change the base?
Conversation
PR Reviewer Guide 🔍
|
b613218
to
e1259ab
Compare
e1259ab
to
790aa50
Compare
if (!isSignatureValid) { | ||
Logger.mainLogger.error('Invalid signature', signedFirstNodeInfo) | ||
Logger.mainLogger.error('Invalid signature', requestBody) |
Check warning
Code scanning / CodeQL
Log injection Medium
user-provided value
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI about 2 months ago
To fix the log injection issue, we need to sanitize the user-provided input before logging it. Specifically, we should remove any newline characters from the requestBody
to prevent log injection. This can be done using String.prototype.replace
to ensure no line endings are present in the user input.
-
Copy modified lines R91-R93
@@ -90,3 +90,5 @@ | ||
nestedCountersInstance.countEvent('consensor', 'POST_nodelist', 1) | ||
const requestBody = request.body | ||
let requestBody = request.body | ||
// Sanitize requestBody to remove newline characters | ||
requestBody = JSON.parse(JSON.stringify(requestBody).replace(/\n|\r/g, "")) | ||
// eslint-disable-next-line no-constant-condition |
reply.send({ success: false, error: 'Invalid signature' }) | ||
return | ||
} | ||
} catch (e) { | ||
Logger.mainLogger.error(e) | ||
Logger.mainLogger.error('Signature verification failed', requestBody) |
Check warning
Code scanning / CodeQL
Log injection Medium
user-provided value
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 3 months ago
To fix the log injection issue, we need to sanitize the user-provided input before logging it. Specifically, we should remove any newline characters from the requestBody
to prevent log injection. This can be done using String.prototype.replace
to ensure no line endings are present in the user input.
-
Copy modified lines R91-R92 -
Copy modified line R107
@@ -90,3 +90,4 @@ | ||
nestedCountersInstance.countEvent('consensor', 'POST_nodelist', 1) | ||
const requestBody = request.body | ||
let requestBody = request.body | ||
requestBody = JSON.parse(JSON.stringify(requestBody).replace(/\n|\r/g, "")) | ||
// eslint-disable-next-line no-constant-condition | ||
@@ -105,3 +106,3 @@ | ||
} catch (e) { | ||
Logger.mainLogger.error(e) | ||
Logger.mainLogger.error(e.message.replace(/\n|\r/g, "")) | ||
Logger.mainLogger.error('Signature verification failed', requestBody) |
// eslint-disable-next-line no-constant-condition | ||
if (true) { | ||
Logger.mainLogger.debug('POST /nodelist firstNode:', firstNode) | ||
Logger.mainLogger.debug('POST /nodelist appJoinData:', appJoinData) |
Check warning
Code scanning / CodeQL
Log injection Medium
user-provided value
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI about 2 months ago
To fix the log injection issue, we need to sanitize the appJoinData
before logging it. Specifically, we should remove any newline characters from the user input to prevent log injection. This can be done using the String.prototype.replace
method to replace newline characters with an empty string.
-
Copy modified lines R134-R135
@@ -133,3 +133,4 @@ | ||
Logger.mainLogger.debug('POST /nodelist firstNode:', firstNode) | ||
Logger.mainLogger.debug('POST /nodelist appJoinData:', appJoinData) | ||
const sanitizedAppJoinData = JSON.parse(JSON.stringify(appJoinData).replace(/\\n|\\r/g, "")) | ||
Logger.mainLogger.debug('POST /nodelist appJoinData:', sanitizedAppJoinData) | ||
} |
src/primary-process/index.ts
Outdated
}, based on ${receiptLoadTraker} receipts received.` | ||
) | ||
receiptLoadTraker = 0 // Reset the count | ||
}, config.receiptLoadTrakerInterval) |
Check failure
Code scanning / CodeQL
Resource exhaustion High
user-provided value
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 3 months ago
To fix the problem, we need to validate the receiptLoadTrakerInterval
value before it is used in the setInterval
function. This can be done by adding a check to ensure the interval is within an acceptable range. If the value is outside this range, we should set it to a default safe value.
- Add validation for
receiptLoadTrakerInterval
insrc/API.ts
when updating the configuration. - Ensure that the validated value is used in
src/primary-process/index.ts
.
-
Copy modified lines R1006-R1012
@@ -1005,2 +1005,9 @@ | ||
const { sign, ...newConfig } = _request.body | ||
if (newConfig.receiptLoadTrakerInterval !== undefined) { | ||
const interval = parseInt(newConfig.receiptLoadTrakerInterval, 10); | ||
if (isNaN(interval) || interval < 1000 || interval > 60000) { // Set acceptable range between 1 second and 1 minute | ||
throw new Error('Invalid receiptLoadTrakerInterval value. Must be between 1000 and 60000 milliseconds.'); | ||
} | ||
newConfig.receiptLoadTrakerInterval = interval; | ||
} | ||
const validKeys = new Set(Object.keys(config)) |
src/txDigestAPIserver.ts
Outdated
host: '0.0.0.0', | ||
}, | ||
(err) => { | ||
Logger.mainLogger.debug('TXDigestAPI Listening', config.txDigest.apiServerPort) |
Check warning
Code scanning / CodeQL
Log injection Medium
user-provided value
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 3 months ago
To fix the log injection issue, we need to sanitize the config.txDigest.apiServerPort
value before logging it. This can be done by ensuring that any potentially harmful characters are removed or escaped. Specifically, we should remove any newline characters from the user input before logging it.
- Identify the line where the logging occurs:
Logger.mainLogger.debug('TXDigestAPI Listening', config.txDigest.apiServerPort)
. - Sanitize the
config.txDigest.apiServerPort
value by removing newline characters before logging it. - Ensure that the sanitization does not alter the functionality of the code.
-
Copy modified lines R80-R81
@@ -79,3 +79,4 @@ | ||
(err) => { | ||
Logger.mainLogger.debug('TXDigestAPI Listening', config.txDigest.apiServerPort) | ||
const sanitizedPort = config.txDigest.apiServerPort.toString().replace(/\n|\r/g, ""); | ||
Logger.mainLogger.debug('TXDigestAPI Listening', sanitizedPort) | ||
if (err) { |
src/txDigester.ts
Outdated
cron.schedule(config.txDigest.txCronSchedule, async () => { | ||
console.log('Running cron task....') | ||
console.log('Checking archiver status....') | ||
const archiverStatusResp = await axios.get(ARCHIVER_STATUS_CHECK_URL) |
Check failure
Code scanning / CodeQL
Server-side request forgery Critical
URL
user-provided value
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 3 months ago
To fix the SSRF vulnerability, we need to ensure that the ARCHIVER_IP
and ARCHIVER_PORT
values are validated and restricted to a safe set of values. This can be achieved by implementing an allow-list of acceptable IP addresses and ports. Additionally, we should ensure that the URL is constructed safely.
- Implement an allow-list for
ARCHIVER_IP
andARCHIVER_PORT
. - Validate the user input against the allow-list before updating the configuration.
- Update the
/set-config
endpoint to include this validation.
-
Copy modified lines R1015-R1024
@@ -1014,2 +1014,12 @@ | ||
|
||
// Validate ARCHIVER_IP and ARCHIVER_PORT | ||
const allowedIPs = ['127.0.0.1', '192.168.1.1'] // Example allow-list | ||
const allowedPorts = [8080, 9090] // Example allow-list | ||
if (newConfig.ARCHIVER_IP && !allowedIPs.includes(newConfig.ARCHIVER_IP)) { | ||
throw new Error(`Invalid ARCHIVER_IP provided: ${newConfig.ARCHIVER_IP}`) | ||
} | ||
if (newConfig.ARCHIVER_PORT && !allowedPorts.includes(newConfig.ARCHIVER_PORT)) { | ||
throw new Error(`Invalid ARCHIVER_PORT provided: ${newConfig.ARCHIVER_PORT}`) | ||
} | ||
|
||
if (config.VERBOSE) |
src/worker-process/index.ts
Outdated
console.log(`Worker ${process.pid} is idle for more than 1 minute`) | ||
process.send({ type: 'child_close' }) | ||
} | ||
}, config.lastActivityCheckInterval) |
Check failure
Code scanning / CodeQL
Resource exhaustion High
user-provided value
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 3 months ago
To fix the problem, we need to ensure that the lastActivityCheckInterval
value is validated and restricted to a safe range before it is used in the setInterval
function. This can be done by adding a validation check in the src/API.ts
file where the configuration is updated.
- Add a validation check for
lastActivityCheckInterval
in thesrc/API.ts
file to ensure it is within an acceptable range. - If the value is outside the acceptable range, return an error response and do not update the configuration.
-
Copy modified lines R1015-R1018
@@ -1014,2 +1014,6 @@ | ||
|
||
if (newConfig.lastActivityCheckInterval && (newConfig.lastActivityCheckInterval < 1000 || newConfig.lastActivityCheckInterval > 60000)) { | ||
throw new Error('Invalid value for lastActivityCheckInterval. It must be between 1000 and 60000 milliseconds.') | ||
} | ||
|
||
if (config.VERBOSE) |
790aa50
to
7bccf0e
Compare
7bccf0e
to
a856dfe
Compare
a856dfe
to
87ba1c7
Compare
) | ||
) { | ||
Logger.mainLogger.debug( | ||
`Invalid version of the node: ${appJoinData.shardeumVersion}, required minVersion: ${networkAccount?.data?.current?.minVersion}, required latestVersion: ${networkAccount?.data?.current?.latestVersion}` |
Check warning
Code scanning / CodeQL
Log injection Medium
user-provided value
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 3 months ago
To fix the log injection issue, we need to sanitize the user input before logging it. Specifically, we should remove any newline characters from the appJoinData.shardeumVersion
value to prevent log injection. This can be done using the String.prototype.replace
method to strip out newline characters.
-
Copy modified line R151
@@ -150,3 +150,3 @@ | ||
Logger.mainLogger.debug( | ||
`Invalid version of the node: ${appJoinData.shardeumVersion}, required minVersion: ${networkAccount?.data?.current?.minVersion}, required latestVersion: ${networkAccount?.data?.current?.latestVersion}` | ||
`Invalid version of the node: ${appJoinData.shardeumVersion.replace(/\n|\r/g, '')}, required minVersion: ${networkAccount?.data?.current?.minVersion}, required latestVersion: ${networkAccount?.data?.current?.latestVersion}` | ||
) |
} | ||
|
||
export function isValidVersion(minimumVersion: string, latestVersion: string, nodeVersion: string): boolean { | ||
if(config.VERBOSE) Logger.mainLogger.debug('isValidVersion: ', minimumVersion, latestVersion, nodeVersion) |
Check warning
Code scanning / CodeQL
Log injection Medium
user-provided value
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI about 2 months ago
To fix the log injection issue, we need to sanitize the nodeVersion
before logging it. Specifically, we should remove any newline characters from the nodeVersion
string to prevent log injection attacks. This can be done using String.prototype.replace
to remove newline characters.
-
Copy modified lines R444-R445
@@ -443,3 +443,4 @@ | ||
export function isValidVersion(minimumVersion: string, latestVersion: string, nodeVersion: string): boolean { | ||
if(config.VERBOSE) Logger.mainLogger.debug('isValidVersion: ', minimumVersion, latestVersion, nodeVersion) | ||
const sanitizedNodeVersion = nodeVersion.replace(/\n|\r/g, ""); | ||
if(config.VERBOSE) Logger.mainLogger.debug('isValidVersion: ', minimumVersion, latestVersion, sanitizedNodeVersion) | ||
|
if ( | ||
typeof networkAccount != 'string' && | ||
!NodeList.isValidVersion( | ||
networkAccount?.data?.current?.minVersion, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How will the archiver knows the data type and format of the global/network account from the Shardeum? For instance, if archiver is used other app layers (other than Shardeum) that use different format for network account, this will fail.
Logger.mainLogger.debug('networkAccount', networkAccount) | ||
|
||
if (networkAccount) { | ||
if ( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would be good if this if
check can be simplified for better readability
No description provided.