We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
1a1286f
darwin
No response
package blob_test import ( "testing" "github.com/celestiaorg/celestia-node/blob" "github.com/celestiaorg/nmt" "github.com/celestiaorg/nmt/pb" ) func TestCommitmentProofVerifySliceBound(t *testing.T) { proof := nmt.ProtoToProof(pb.Proof{End: 1}) cp := &blob.CommitmentProof{ SubtreeRootProofs: []*nmt.Proof{ &proof, }, } _, _ = cp.Verify(nil, 1) }
No panic, but just an error perhaps
--- FAIL: FuzzCommitmentProofVerify (0.02s) --- FAIL: FuzzCommitmentProofVerify/6a2b4b982dc67bf9 (0.00s) panic: runtime error: slice bounds out of range [:1] with capacity 0 [recovered] panic: runtime error: slice bounds out of range [:1] with capacity 0 goroutine 13 [running]: testing.tRunner.func1.2({0x107f22820, 0xc00054d950}) /Users/emmanuelodeke/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.23.0.darwin-amd64/src/testing/testing.go:1632 +0x230 testing.tRunner.func1() /Users/emmanuelodeke/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.23.0.darwin-amd64/src/testing/testing.go:1635 +0x35e panic({0x107f22820?, 0xc00054d950?}) /Users/emmanuelodeke/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.23.0.darwin-amd64/src/runtime/panic.go:785 +0x132 github.com/celestiaorg/celestia-node/blob.(*CommitmentProof).Verify(0xc0015897c0, {0x0, 0x0, 0x0}, 0x1) /Users/emmanuelodeke/go/src/github.com/celestiaorg/celestia-node/blob/commitment_proof.go:121 +0x73d github.com/celestiaorg/celestia-node/blob.FuzzCommitmentProofVerify.func1(0x0?, {0xc00005d900, 0x4a, 0x50}) /Users/emmanuelodeke/go/src/github.com/celestiaorg/celestia-node/blob/blob_fuzz_test.go:85 +0x172 reflect.Value.call({0x107ccd9a0?, 0x108067190?, 0x13?}, {0x107208138, 0x4}, {0xc001551e90, 0x2, 0x2?}) /Users/emmanuelodeke/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.23.0.darwin-amd64/src/reflect/value.go:581 +0xca6 reflect.Value.Call({0x107ccd9a0?, 0x108067190?, 0x105becfad?}, {0xc001551e90?, 0x108062e00?, 0xf?}) /Users/emmanuelodeke/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.23.0.darwin-amd64/src/reflect/value.go:365 +0xb9 testing.(*F).Fuzz.func1.1(0xc000655a00?) /Users/emmanuelodeke/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.23.0.darwin-amd64/src/testing/fuzz.go:335 +0x305 testing.tRunner(0xc000655a00, 0xc00140cfc0) /Users/emmanuelodeke/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.23.0.darwin-amd64/src/testing/testing.go:1690 +0xf4 created by testing.(*F).Fuzz.func1 in goroutine 12 /Users/emmanuelodeke/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.23.0.darwin-amd64/src/testing/fuzz.go:322 +0x577 exit status 2 FAIL github.com/celestiaorg/celestia-node/blob 1.527s
diff --git a/blob/commitment_proof.go b/blob/commitment_proof.go index 8fa74671..3975b528 100644 --- a/blob/commitment_proof.go +++ b/blob/commitment_proof.go @@ -108,6 +108,15 @@ func (commitmentProof *CommitmentProof) Verify(root []byte, subtreeRootThreshold if err != nil { return false, err } + + if len(commitmentProof.SubtreeRoots) < subtreeRootsCursor { + return false, fmt.Errorf("len(commitmentProof.SubtreeRoots)=%d < subtreeRootsCursor=%d", + len(commitmentProof.SubtreeRoots), subtreeRootsCursor) + } + if len(commitmentProof.SubtreeRoots) < subtreeRootsCursor+len(ranges) { + return false, fmt.Errorf("len(commitmentProof.SubtreeRoots)=%d < subtreeRootsCursor+len(ranges)=%d", + len(commitmentProof.SubtreeRoots), subtreeRootsCursor+len(ranges)) + } + valid, err := subtreeRootProof.VerifySubtreeRootInclusion( nmtHasher, commitmentProof.SubtreeRoots[subtreeRootsCursor:subtreeRootsCursor+len(ranges)],
/cc @liamsi @rootulp @musalbas
The text was updated successfully, but these errors were encountered:
fix(blob): add fixes along with the fuzzers that discovered them
af22397
This changes adds fuzzers+corpra that found some bugs, along with tests and reproducers to catch future regressions. Fixes celestiaorg#3727 Fixes celestiaorg#3728 Fixes celestiaorg#3729 Fixes celestiaorg#3730 Fixes celestiaorg#3731
9305568
6f6b900
Successfully merging a pull request may close this issue.
Celestia Node version
1a1286f
OS
darwin
Install tools
No response
Others
No response
Steps to reproduce it
Expected result
No panic, but just an error perhaps
Actual result
Suggested fix
/cc @liamsi @rootulp @musalbas
Relevant log output
No response
Is the node "stuck"? Has it stopped syncing?
No response
Notes
No response
The text was updated successfully, but these errors were encountered: