Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid overflow or underflow on fc::safe initialization #2147

Closed
1 of 17 tasks
abitmore opened this issue Apr 19, 2020 · 3 comments
Closed
1 of 17 tasks

Avoid overflow or underflow on fc::safe initialization #2147

abitmore opened this issue Apr 19, 2020 · 3 comments
Assignees
@abitmore
Milestone
7.0.0 - Protocol ...

Comments

@abitmore
Copy link
Member

abitmore commented Apr 19, 2020
edited
Loading

Bug Description
An overflow or underflow can occur when initializing a fc::safe<T> variable.

E.G.

uint64_t a = -1;
fc::safe<int64_t> b = a;

Impacts
Describe which portion(s) of BitShares Core may be impacted by this bug. Please tick at least one box.

  • API (the application programming interface)
  • Build (the build process or something prior to compiled code)
  • CLI (the command line wallet)
  • Deployment (the deployment process after building such as Docker, Travis, etc.)
  • DEX (the Decentralized EXchange, market engine, etc.)
  • P2P (the peer-to-peer network for transaction/block propagation)
  • Performance (system or user efficiency, etc.)
  • Protocol (the blockchain logic, consensus, validation, etc.)
  • Security (the security of system or user data, etc.)
  • UX (the User Experience)
  • Other (please add below)

Steps To Reproduce
Steps to reproduce the behavior (example outlined below):

  1. Execute API call '...'
  2. Using JSON payload '...'
  3. Received response '...'
  4. See error in screenshot

Expected Behavior
A clear and concise description of what you expected to happen.

Screenshots (optional)
If applicable, add screenshots to help explain process flow and behavior.

Host Environment
Please provide details about the host environment. Much of this information can be found running: witness_node --version.

  • Host OS: [e.g. Ubuntu 18.04 LTS]
  • Host Physical RAM [e.g. 4GB]
  • BitShares Version: [e.g. 2.0.180425]
  • OpenSSL Version: [e.g. 1.1.0g]
  • Boost Version: [e.g. 1.65.1]

Additional Context (optional)
Add any other context about the problem here.

CORE TEAM TASK LIST

  • Evaluate / Prioritize Bug Report
  • Refine User Stories / Requirements
  • Define Test Cases
  • Design / Develop Solution
  • Perform QA/Testing
  • Update Documentation
@abitmore abitmore changed the title Avoid overflow and underflow on fc::safe initialization Avoid overflow or underflow on fc::safe initialization Apr 19, 2020
@jmjatlanta
Copy link
Contributor

jmjatlanta commented Apr 20, 2020
edited
Loading

Example: asset_issue_operation::calculate_fee (around line 79). Overflow could happen before implied conversion of return.

Also around line 84. core_fee_required is uint64_t. Overflow could happen on line 96.

@attritionorg
Copy link

Is there an attacker controlled path to exploit this?

@abitmore abitmore self-assigned this Mar 24, 2023
@abitmore abitmore mentioned this issue Mar 26, 2023
Merged
@abitmore
Copy link
Member Author

Fixed by bitshares/bitshares-fc#248, and bumped FC in #2739.

@abitmore abitmore mentioned this issue May 19, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@abitmore abitmore

Labels
None yet
Projects
None yet
Milestone
7.0.0 - Protocol Upgrade Release
Development

No branches or pull requests
3 participants
@attritionorg @jmjatlanta @abitmore