mirrors/tendermint
1
0
Fork 0
mirror of https://github.com/tendermint/tendermint.git synced 2026-02-08 04:50:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
faea2f20aa1affd4c9d3aeb488de91c02d55f2ca
tendermint/p2p/conn
History
Cuong Manh Le 1f46a4c90e p2p/conn: check for channel id overflow before processing receive msg (#6522) 
Per tendermint spec, each Channel has a globally unique byte id, which
is mapped to uint8 in Go. However, the proto PacketMsg.ChannelID field
is declared as int32, and when receive the packet, we cast it to a byte
without checking for possible overflow. That leads to a malform packet
with invalid channel id is sent successfully.

To fix it, we just add a check for possible overflow, and return invalid
channel id error.

Fixed #6521
2021-06-02 10:53:09 +00:00
..
testdata
p2p: Add test vectors for deriving secrets (#2120)
2018-08-01 15:06:29 -04:00
conn_go110.go
Revert "delete everything" (includes everything non-go-crypto)
2018-06-20 17:35:30 -07:00
conn_notgo110.go
Revert "delete everything" (includes everything non-go-crypto)
2018-06-20 17:35:30 -07:00
connection_test.go
p2p/conn: check for channel id overflow before processing receive msg (#6522)
2021-06-02 10:53:09 +00:00
connection.go
p2p/conn: check for channel id overflow before processing receive msg (#6522)
2021-06-02 10:53:09 +00:00
evil_secret_connection_test.go
libs: internalize some packages (#6366)
2021-05-25 16:25:31 +00:00
secret_connection_test.go
libs: remove most of libs/rand (#6364)
2021-04-23 16:00:35 +02:00
secret_connection.go
libs: internalize some packages (#6366)
2021-05-25 16:25:31 +00:00