From 440aa40555382b475a15d9869bd18b9d53f9a939 Mon Sep 17 00:00:00 2001 From: Tsachi Herman <24438559+tsachiherman@users.noreply.github.com> Date: Tue, 12 Sep 2023 15:11:19 -0400 Subject: [PATCH 1/8] update buffer size (#948) --- cmd/soroban-rpc/internal/jsonrpc.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/cmd/soroban-rpc/internal/jsonrpc.go b/cmd/soroban-rpc/internal/jsonrpc.go index b56c255c2..436c1f264 100644 --- a/cmd/soroban-rpc/internal/jsonrpc.go +++ b/cmd/soroban-rpc/internal/jsonrpc.go @@ -25,6 +25,11 @@ import ( "github.com/stellar/soroban-tools/cmd/soroban-rpc/internal/transactions" ) +// maxHTTPRequestSize defines the largest request size that the http handler +// would be willing to accept before dropping the request. The implementation +// uses the default MaxBytesHandler to limit the request size. +const maxHTTPRequestSize = 512 * 1024 // half a megabyte + // Handler is the HTTP handler which serves the Soroban JSON RPC responses type Handler struct { bridge jhttp.Bridge @@ -275,8 +280,7 @@ func NewJSONRPCHandler(cfg *config.Config, params HandlerParams) Handler { globalQueueRequestExecutionDurationLimitCounter, params.Logger) - // Limit request sizes to 10MB - handler = http.MaxBytesHandler(handler, 1024*1024*10) + handler = http.MaxBytesHandler(handler, maxHTTPRequestSize) corsMiddleware := cors.New(cors.Options{ AllowedOrigins: []string{"*"}, From 340d0d9d18120a72392a44101ace6bc633e35bc4 Mon Sep 17 00:00:00 2001 From: Tsachi Herman <24438559+tsachiherman@users.noreply.github.com> Date: Tue, 12 Sep 2023 17:22:58 -0400 Subject: [PATCH 2/8] build: update rust dependencies (#953) * update * update * update * rollback some of the changes --- Cargo.lock | 54 +++++++++---------- Cargo.toml | 24 ++++----- cmd/crates/soroban-spec-json/Cargo.toml | 2 +- cmd/crates/soroban-spec-tools/Cargo.toml | 2 +- cmd/crates/soroban-spec-typescript/Cargo.toml | 2 +- cmd/soroban-cli/src/commands/version.rs | 16 +----- 6 files changed, 44 insertions(+), 56 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 61da814c7..e0703e9af 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2530,8 +2530,8 @@ dependencies = [ [[package]] name = "soroban-env-common" -version = "0.0.17" -source = "git+https://github.com/stellar/rs-soroban-env?rev=3d6c35d1308fc36a05d30d257756e42fc928b537#3d6c35d1308fc36a05d30d257756e42fc928b537" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-env?rev=f19ef13363a1e0cbff7b100c0599a1d63dea88a6#f19ef13363a1e0cbff7b100c0599a1d63dea88a6" dependencies = [ "arbitrary", "crate-git-revision 0.0.6", @@ -2547,8 +2547,8 @@ dependencies = [ [[package]] name = "soroban-env-guest" -version = "0.0.17" -source = "git+https://github.com/stellar/rs-soroban-env?rev=3d6c35d1308fc36a05d30d257756e42fc928b537#3d6c35d1308fc36a05d30d257756e42fc928b537" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-env?rev=f19ef13363a1e0cbff7b100c0599a1d63dea88a6#f19ef13363a1e0cbff7b100c0599a1d63dea88a6" dependencies = [ "soroban-env-common", "static_assertions", @@ -2556,8 +2556,8 @@ dependencies = [ [[package]] name = "soroban-env-host" -version = "0.0.17" -source = "git+https://github.com/stellar/rs-soroban-env?rev=3d6c35d1308fc36a05d30d257756e42fc928b537#3d6c35d1308fc36a05d30d257756e42fc928b537" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-env?rev=f19ef13363a1e0cbff7b100c0599a1d63dea88a6#f19ef13363a1e0cbff7b100c0599a1d63dea88a6" dependencies = [ "backtrace", "ed25519-dalek 2.0.0", @@ -2579,8 +2579,8 @@ dependencies = [ [[package]] name = "soroban-env-macros" -version = "0.0.17" -source = "git+https://github.com/stellar/rs-soroban-env?rev=3d6c35d1308fc36a05d30d257756e42fc928b537#3d6c35d1308fc36a05d30d257756e42fc928b537" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-env?rev=f19ef13363a1e0cbff7b100c0599a1d63dea88a6#f19ef13363a1e0cbff7b100c0599a1d63dea88a6" dependencies = [ "itertools", "proc-macro2", @@ -2597,8 +2597,8 @@ version = "0.9.4" [[package]] name = "soroban-ledger-snapshot" -version = "0.9.2" -source = "git+https://github.com/stellar/rs-soroban-sdk?rev=ee44e420b9badeb16cab870ed25bef397c058f64#ee44e420b9badeb16cab870ed25bef397c058f64" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-sdk?rev=f743d6f9e49caa08924318907cd0588b60d7f187#f743d6f9e49caa08924318907cd0588b60d7f187" dependencies = [ "serde", "serde_json", @@ -2609,8 +2609,8 @@ dependencies = [ [[package]] name = "soroban-native-sdk-macros" -version = "0.0.17" -source = "git+https://github.com/stellar/rs-soroban-env?rev=3d6c35d1308fc36a05d30d257756e42fc928b537#3d6c35d1308fc36a05d30d257756e42fc928b537" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-env?rev=f19ef13363a1e0cbff7b100c0599a1d63dea88a6#f19ef13363a1e0cbff7b100c0599a1d63dea88a6" dependencies = [ "itertools", "proc-macro2", @@ -2620,8 +2620,8 @@ dependencies = [ [[package]] name = "soroban-sdk" -version = "0.9.2" -source = "git+https://github.com/stellar/rs-soroban-sdk?rev=ee44e420b9badeb16cab870ed25bef397c058f64#ee44e420b9badeb16cab870ed25bef397c058f64" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-sdk?rev=f743d6f9e49caa08924318907cd0588b60d7f187#f743d6f9e49caa08924318907cd0588b60d7f187" dependencies = [ "arbitrary", "bytes-lit", @@ -2637,8 +2637,8 @@ dependencies = [ [[package]] name = "soroban-sdk-macros" -version = "0.9.2" -source = "git+https://github.com/stellar/rs-soroban-sdk?rev=ee44e420b9badeb16cab870ed25bef397c058f64#ee44e420b9badeb16cab870ed25bef397c058f64" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-sdk?rev=f743d6f9e49caa08924318907cd0588b60d7f187#f743d6f9e49caa08924318907cd0588b60d7f187" dependencies = [ "crate-git-revision 0.0.6", "darling", @@ -2656,8 +2656,8 @@ dependencies = [ [[package]] name = "soroban-spec" -version = "0.9.2" -source = "git+https://github.com/stellar/rs-soroban-sdk?rev=ee44e420b9badeb16cab870ed25bef397c058f64#ee44e420b9badeb16cab870ed25bef397c058f64" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-sdk?rev=f743d6f9e49caa08924318907cd0588b60d7f187#f743d6f9e49caa08924318907cd0588b60d7f187" dependencies = [ "base64 0.13.1", "stellar-xdr", @@ -2681,8 +2681,8 @@ dependencies = [ [[package]] name = "soroban-spec-rust" -version = "0.9.2" -source = "git+https://github.com/stellar/rs-soroban-sdk?rev=ee44e420b9badeb16cab870ed25bef397c058f64#ee44e420b9badeb16cab870ed25bef397c058f64" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-soroban-sdk?rev=f743d6f9e49caa08924318907cd0588b60d7f187#f743d6f9e49caa08924318907cd0588b60d7f187" dependencies = [ "prettyplease", "proc-macro2", @@ -2758,8 +2758,8 @@ dependencies = [ [[package]] name = "soroban-wasmi" -version = "0.30.0-soroban" -source = "git+https://github.com/stellar/wasmi?rev=284c963ba080703061797e2a3cba0853edee0dd4#284c963ba080703061797e2a3cba0853edee0dd4" +version = "0.31.0-soroban1" +source = "git+https://github.com/stellar/wasmi?rev=7e63b4c9e08c4163f417d118d81f7ea34789d0be#7e63b4c9e08c4163f417d118d81f7ea34789d0be" dependencies = [ "smallvec", "spin 0.9.8", @@ -2817,8 +2817,8 @@ dependencies = [ [[package]] name = "stellar-xdr" -version = "0.0.17" -source = "git+https://github.com/stellar/rs-stellar-xdr?rev=39904e09941046dab61e6e35fc89e31bf2dea1cd#39904e09941046dab61e6e35fc89e31bf2dea1cd" +version = "20.0.0-rc1" +source = "git+https://github.com/stellar/rs-stellar-xdr?rev=d5ce0c9e7aa83461773a6e81662067f35d39e4c1#d5ce0c9e7aa83461773a6e81662067f35d39e4c1" dependencies = [ "arbitrary", "base64 0.13.1", @@ -3435,12 +3435,12 @@ dependencies = [ [[package]] name = "wasmi_arena" version = "0.4.0" -source = "git+https://github.com/stellar/wasmi?rev=284c963ba080703061797e2a3cba0853edee0dd4#284c963ba080703061797e2a3cba0853edee0dd4" +source = "git+https://github.com/stellar/wasmi?rev=7e63b4c9e08c4163f417d118d81f7ea34789d0be#7e63b4c9e08c4163f417d118d81f7ea34789d0be" [[package]] name = "wasmi_core" -version = "0.12.0" -source = "git+https://github.com/stellar/wasmi?rev=284c963ba080703061797e2a3cba0853edee0dd4#284c963ba080703061797e2a3cba0853edee0dd4" +version = "0.13.0" +source = "git+https://github.com/stellar/wasmi?rev=7e63b4c9e08c4163f417d118d81f7ea34789d0be#7e63b4c9e08c4163f417d118d81f7ea34789d0be" dependencies = [ "downcast-rs", "libm", diff --git a/Cargo.toml b/Cargo.toml index 7477a034a..e9f6c9e27 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -14,20 +14,20 @@ exclude = ["cmd/crates/soroban-test/tests/fixtures/hello"] version = "0.9.4" [workspace.dependencies.soroban-env-host] -version = "0.0.17" +version = "20.0.0-rc1" git = "https://github.com/stellar/rs-soroban-env" -rev = "3d6c35d1308fc36a05d30d257756e42fc928b537" +rev = "f19ef13363a1e0cbff7b100c0599a1d63dea88a6" [workspace.dependencies.soroban-spec] -version = "0.9.1" +version = "20.0.0-rc1" git = "https://github.com/stellar/rs-soroban-sdk" -rev = "ee44e420b9badeb16cab870ed25bef397c058f64" +rev = "f743d6f9e49caa08924318907cd0588b60d7f187" # path = "../rs-soroban-sdk/soroban-spec" [workspace.dependencies.soroban-spec-rust] -version = "0.9.1" +version = "20.0.0-rc1" git = "https://github.com/stellar/rs-soroban-sdk" -rev = "ee44e420b9badeb16cab870ed25bef397c058f64" +rev = "f743d6f9e49caa08924318907cd0588b60d7f187" # path = "../rs-soroban-sdk/soroban-spec-rust" [workspace.dependencies.soroban-spec-json] @@ -43,23 +43,23 @@ version = "0.9.4" path = "./cmd/crates/soroban-spec-tools" [workspace.dependencies.soroban-sdk] -version = "0.9.1" +version = "20.0.0-rc1" git = "https://github.com/stellar/rs-soroban-sdk" -rev = "ee44e420b9badeb16cab870ed25bef397c058f64" +rev = "f743d6f9e49caa08924318907cd0588b60d7f187" [workspace.dependencies.soroban-ledger-snapshot] -version = "0.9.1" +version = "20.0.0-rc1" git = "https://github.com/stellar/rs-soroban-sdk" -rev = "ee44e420b9badeb16cab870ed25bef397c058f64" +rev = "f743d6f9e49caa08924318907cd0588b60d7f187" [workspace.dependencies.soroban-cli] version = "0.9.4" path = "cmd/soroban-cli" [workspace.dependencies.stellar-xdr] -version = "0.0.17" +version = "20.0.0-rc1" git = "https://github.com/stellar/rs-stellar-xdr" -rev = "39904e09941046dab61e6e35fc89e31bf2dea1cd" +rev = "d5ce0c9e7aa83461773a6e81662067f35d39e4c1" default-features = false [workspace.dependencies] diff --git a/cmd/crates/soroban-spec-json/Cargo.toml b/cmd/crates/soroban-spec-json/Cargo.toml index 718f09f6c..164f6d779 100644 --- a/cmd/crates/soroban-spec-json/Cargo.toml +++ b/cmd/crates/soroban-spec-json/Cargo.toml @@ -20,7 +20,7 @@ sha2 = "0.9.9" [dependencies.stellar-xdr] workspace = true -features = ["next", "std", "serde"] +features = ["curr", "std", "serde"] [dev_dependencies] pretty_assertions = "1.2.1" diff --git a/cmd/crates/soroban-spec-tools/Cargo.toml b/cmd/crates/soroban-spec-tools/Cargo.toml index 8c5bd91f6..bed9d8e6b 100644 --- a/cmd/crates/soroban-spec-tools/Cargo.toml +++ b/cmd/crates/soroban-spec-tools/Cargo.toml @@ -19,7 +19,7 @@ crate-type = ["rlib"] [dependencies] soroban-spec = { workspace = true } stellar-strkey = { workspace = true } -stellar-xdr = { workspace = true, features = ["next", "std", "serde"] } +stellar-xdr = { workspace = true, features = ["curr", "std", "serde"] } serde_json = { workspace = true } itertools = { workspace = true } ethnum = { workspace = true } diff --git a/cmd/crates/soroban-spec-typescript/Cargo.toml b/cmd/crates/soroban-spec-typescript/Cargo.toml index 1f1ef38a9..87471e665 100644 --- a/cmd/crates/soroban-spec-typescript/Cargo.toml +++ b/cmd/crates/soroban-spec-typescript/Cargo.toml @@ -25,7 +25,7 @@ base64 = { workspace = true } [dependencies.stellar-xdr] workspace = true -features = ["next", "std", "serde", "base64"] +features = ["curr", "std", "serde", "base64"] [dev_dependencies] temp-dir = "0.1.11" diff --git a/cmd/soroban-cli/src/commands/version.rs b/cmd/soroban-cli/src/commands/version.rs index 21be0743a..e1c7204d7 100644 --- a/cmd/soroban-cli/src/commands/version.rs +++ b/cmd/soroban-cli/src/commands/version.rs @@ -28,21 +28,9 @@ pub fn long() -> String { format!("soroban-env interface version {}", meta::INTERFACE_VERSION), format!( "stellar-xdr {} ({}) -xdr next ({})", - xdr.pkg, xdr.rev, xdr.xdr_next, +xdr curr ({})", + xdr.pkg, xdr.rev, xdr.xdr_curr, ), ] .join("\n") } - -// Check that the XDR cannel in use is 'next' to ensure that the version output -// is not forgotten when we eventually update to using curr. This is a bit of a -// hack because of limits of what you can do in a constant context, but by being -// a constant context this is checked at compile time. -const _: () = { - #[allow(clippy::single_match)] - match soroban_env_host::VERSION.xdr.xdr.as_bytes() { - b"next" => (), - _ => panic!("xdr version channel needs updating"), - } -}; From ebf3c0a640ab1f2503fa291d97facf429018b2d8 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 03:29:03 +0000 Subject: [PATCH 3/8] Bump version to 20.0.0-rc1 (#954) Co-authored-by: github-actions[bot] --- Cargo.lock | 20 +++++++++---------- Cargo.toml | 10 +++++----- cmd/crates/soroban-test/Cargo.toml | 2 +- .../tests/fixtures/hello/Cargo.toml | 2 +- .../test-wasms/custom_type/Cargo.toml | 2 +- .../test-wasms/hello_world/Cargo.toml | 2 +- cmd/soroban-cli/Cargo.toml | 2 +- cmd/soroban-rpc/lib/preflight/Cargo.toml | 2 +- 8 files changed, 21 insertions(+), 21 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index e0703e9af..9a6a91a16 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1849,7 +1849,7 @@ dependencies = [ [[package]] name = "preflight" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "anyhow", "base64 0.21.3", @@ -2467,7 +2467,7 @@ dependencies = [ [[package]] name = "soroban-cli" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "assert_cmd", "assert_fs", @@ -2593,7 +2593,7 @@ dependencies = [ [[package]] name = "soroban-hello" -version = "0.9.4" +version = "20.0.0-rc1" [[package]] name = "soroban-ledger-snapshot" @@ -2667,7 +2667,7 @@ dependencies = [ [[package]] name = "soroban-spec-json" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "pretty_assertions", "serde", @@ -2696,7 +2696,7 @@ dependencies = [ [[package]] name = "soroban-spec-tools" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "base64 0.21.3", "ethnum", @@ -2714,7 +2714,7 @@ dependencies = [ [[package]] name = "soroban-spec-typescript" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "base64 0.21.3", "heck", @@ -2735,7 +2735,7 @@ dependencies = [ [[package]] name = "soroban-test" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "assert_cmd", "assert_fs", @@ -2933,21 +2933,21 @@ checksum = "3369f5ac52d5eb6ab48c6b4ffdc8efbcad6b89c765749064ba298f2c68a16a76" [[package]] name = "test_custom_types" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "soroban-sdk", ] [[package]] name = "test_hello_world" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "soroban-sdk", ] [[package]] name = "test_udt" -version = "0.9.4" +version = "20.0.0-rc1" dependencies = [ "soroban-sdk", ] diff --git a/Cargo.toml b/Cargo.toml index e9f6c9e27..5f93048c3 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,7 +11,7 @@ default-members = ["cmd/soroban-cli", "cmd/crates/soroban-test"] exclude = ["cmd/crates/soroban-test/tests/fixtures/hello"] [workspace.package] -version = "0.9.4" +version = "20.0.0-rc1" [workspace.dependencies.soroban-env-host] version = "20.0.0-rc1" @@ -31,15 +31,15 @@ rev = "f743d6f9e49caa08924318907cd0588b60d7f187" # path = "../rs-soroban-sdk/soroban-spec-rust" [workspace.dependencies.soroban-spec-json] -version = "0.9.4" +version = "20.0.0-rc1" path = "./cmd/crates/soroban-spec-json" [workspace.dependencies.soroban-spec-typescript] -version = "0.9.4" +version = "20.0.0-rc1" path = "./cmd/crates/soroban-spec-typescript" [workspace.dependencies.soroban-spec-tools] -version = "0.9.4" +version = "20.0.0-rc1" path = "./cmd/crates/soroban-spec-tools" [workspace.dependencies.soroban-sdk] @@ -53,7 +53,7 @@ git = "https://github.com/stellar/rs-soroban-sdk" rev = "f743d6f9e49caa08924318907cd0588b60d7f187" [workspace.dependencies.soroban-cli] -version = "0.9.4" +version = "20.0.0-rc1" path = "cmd/soroban-cli" [workspace.dependencies.stellar-xdr] diff --git a/cmd/crates/soroban-test/Cargo.toml b/cmd/crates/soroban-test/Cargo.toml index 97f29e110..c52e97397 100644 --- a/cmd/crates/soroban-test/Cargo.toml +++ b/cmd/crates/soroban-test/Cargo.toml @@ -6,7 +6,7 @@ repository = "https://github.com/stellar/soroban-test" authors = ["Stellar Development Foundation "] license = "Apache-2.0" readme = "README.md" -version = "0.9.4" +version = "20.0.0-rc1" edition = "2021" rust-version = "1.70" autobins = false diff --git a/cmd/crates/soroban-test/tests/fixtures/hello/Cargo.toml b/cmd/crates/soroban-test/tests/fixtures/hello/Cargo.toml index 1cec53266..5be71613e 100644 --- a/cmd/crates/soroban-test/tests/fixtures/hello/Cargo.toml +++ b/cmd/crates/soroban-test/tests/fixtures/hello/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "soroban-hello" -version = "0.9.4" +version = "20.0.0-rc1" edition = "2021" publish = false diff --git a/cmd/crates/soroban-test/tests/fixtures/test-wasms/custom_type/Cargo.toml b/cmd/crates/soroban-test/tests/fixtures/test-wasms/custom_type/Cargo.toml index 72702297a..b4a10fb9c 100644 --- a/cmd/crates/soroban-test/tests/fixtures/test-wasms/custom_type/Cargo.toml +++ b/cmd/crates/soroban-test/tests/fixtures/test-wasms/custom_type/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "test_custom_types" -version = "0.9.4" +version = "20.0.0-rc1" authors = ["Stellar Development Foundation "] license = "Apache-2.0" edition = "2021" diff --git a/cmd/crates/soroban-test/tests/fixtures/test-wasms/hello_world/Cargo.toml b/cmd/crates/soroban-test/tests/fixtures/test-wasms/hello_world/Cargo.toml index 82bb4488b..52b18c46a 100644 --- a/cmd/crates/soroban-test/tests/fixtures/test-wasms/hello_world/Cargo.toml +++ b/cmd/crates/soroban-test/tests/fixtures/test-wasms/hello_world/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "test_hello_world" -version = "0.9.4" +version = "20.0.0-rc1" authors = ["Stellar Development Foundation "] license = "Apache-2.0" edition = "2021" diff --git a/cmd/soroban-cli/Cargo.toml b/cmd/soroban-cli/Cargo.toml index d62699f9b..41e5854bc 100644 --- a/cmd/soroban-cli/Cargo.toml +++ b/cmd/soroban-cli/Cargo.toml @@ -6,7 +6,7 @@ repository = "https://github.com/stellar/soroban-cli" authors = ["Stellar Development Foundation "] license = "Apache-2.0" readme = "README.md" -version = "0.9.4" +version = "20.0.0-rc1" edition = "2021" rust-version = "1.72" autobins = false diff --git a/cmd/soroban-rpc/lib/preflight/Cargo.toml b/cmd/soroban-rpc/lib/preflight/Cargo.toml index c1e19cda9..0e70d5881 100644 --- a/cmd/soroban-rpc/lib/preflight/Cargo.toml +++ b/cmd/soroban-rpc/lib/preflight/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "preflight" -version = "0.9.4" +version = "20.0.0-rc1" publish = false [lib] From 47fb0017f144dfe2cc3f488abc13334a1e0c812f Mon Sep 17 00:00:00 2001 From: tamirms Date: Wed, 13 Sep 2023 10:57:57 +0100 Subject: [PATCH 4/8] soroban-rpc: Fix integration tests (#955) --- .../internal/test/get_ledger_entries_test.go | 7 ++-- .../internal/test/get_ledger_entry_test.go | 7 ++-- .../test/simulate_transaction_test.go | 35 ++++++++----------- .../internal/test/transaction_test.go | 11 +++--- 4 files changed, 29 insertions(+), 31 deletions(-) diff --git a/cmd/soroban-rpc/internal/test/get_ledger_entries_test.go b/cmd/soroban-rpc/internal/test/get_ledger_entries_test.go index d8154b3db..74e6dce30 100644 --- a/cmd/soroban-rpc/internal/test/get_ledger_entries_test.go +++ b/cmd/soroban-rpc/internal/test/get_ledger_entries_test.go @@ -83,11 +83,12 @@ func TestGetLedgerEntriesSucceeds(t *testing.T) { kp := keypair.Root(StandaloneNetworkPassphrase) account := txnbuild.NewSimpleAccount(kp.Address(), 0) + contractBinary := getHelloWorldContract(t) params := preflightTransactionParams(t, client, txnbuild.TransactionParams{ SourceAccount: &account, IncrementSequenceNum: true, Operations: []txnbuild.Operation{ - createInstallContractCodeOperation(account.AccountID, testContract), + createInstallContractCodeOperation(account.AccountID, contractBinary), }, BaseFee: txnbuild.MinBaseFee, Preconditions: txnbuild.Preconditions{ @@ -110,7 +111,7 @@ func TestGetLedgerEntriesSucceeds(t *testing.T) { txStatusResponse := getTransaction(t, client, sendTxResponse.Hash) require.Equal(t, methods.TransactionStatusSuccess, txStatusResponse.Status) - contractHash := sha256.Sum256(testContract) + contractHash := sha256.Sum256(contractBinary) contractKeyB64, err := xdr.MarshalBase64(xdr.LedgerKey{ Type: xdr.LedgerEntryTypeContractCode, ContractCode: &xdr.LedgerKeyContractCode{ @@ -153,6 +154,6 @@ func TestGetLedgerEntriesSucceeds(t *testing.T) { var firstEntry xdr.LedgerEntryData require.NoError(t, xdr.SafeUnmarshalBase64(result.Entries[0].XDR, &firstEntry)) - require.Equal(t, testContract, firstEntry.MustContractCode().Code) + require.Equal(t, contractBinary, firstEntry.MustContractCode().Code) require.Equal(t, contractKeyB64, result.Entries[0].Key) } diff --git a/cmd/soroban-rpc/internal/test/get_ledger_entry_test.go b/cmd/soroban-rpc/internal/test/get_ledger_entry_test.go index 4b8e17572..f30af115f 100644 --- a/cmd/soroban-rpc/internal/test/get_ledger_entry_test.go +++ b/cmd/soroban-rpc/internal/test/get_ledger_entry_test.go @@ -75,11 +75,12 @@ func TestGetLedgerEntrySucceeds(t *testing.T) { kp := keypair.Root(StandaloneNetworkPassphrase) account := txnbuild.NewSimpleAccount(kp.Address(), 0) + contractBinary := getHelloWorldContract(t) params := preflightTransactionParams(t, client, txnbuild.TransactionParams{ SourceAccount: &account, IncrementSequenceNum: true, Operations: []txnbuild.Operation{ - createInstallContractCodeOperation(account.AccountID, testContract), + createInstallContractCodeOperation(account.AccountID, contractBinary), }, BaseFee: txnbuild.MinBaseFee, Preconditions: txnbuild.Preconditions{ @@ -91,7 +92,7 @@ func TestGetLedgerEntrySucceeds(t *testing.T) { sendSuccessfulTransaction(t, client, kp, tx) - contractHash := sha256.Sum256(testContract) + contractHash := sha256.Sum256(contractBinary) keyB64, err := xdr.MarshalBase64(xdr.LedgerKey{ Type: xdr.LedgerEntryTypeContractCode, ContractCode: &xdr.LedgerKeyContractCode{ @@ -110,5 +111,5 @@ func TestGetLedgerEntrySucceeds(t *testing.T) { assert.GreaterOrEqual(t, result.LatestLedger, result.LastModifiedLedger) var entry xdr.LedgerEntryData assert.NoError(t, xdr.SafeUnmarshalBase64(result.XDR, &entry)) - assert.Equal(t, testContract, entry.MustContractCode().Code) + assert.Equal(t, contractBinary, entry.MustContractCode().Code) } diff --git a/cmd/soroban-rpc/internal/test/simulate_transaction_test.go b/cmd/soroban-rpc/internal/test/simulate_transaction_test.go index e2df22533..ecf57fad8 100644 --- a/cmd/soroban-rpc/internal/test/simulate_transaction_test.go +++ b/cmd/soroban-rpc/internal/test/simulate_transaction_test.go @@ -23,14 +23,7 @@ import ( ) var ( - testContract = []byte("a contract") - testSalt = sha256.Sum256([]byte("a1")) - testContractId = []byte{ - 16, 98, 83, 23, 8, 235, 211, 5, - 62, 173, 70, 33, 7, 31, 219, 59, - 180, 75, 106, 249, 139, 196, 156, 192, - 113, 17, 184, 51, 142, 142, 94, 40, - } + testSalt = sha256.Sum256([]byte("a1")) ) func getHelloWorldContract(t *testing.T) []byte { @@ -202,6 +195,7 @@ func TestSimulateTransactionSucceeds(t *testing.T) { client := jrpc2.NewClient(ch, nil) sourceAccount := keypair.Root(StandaloneNetworkPassphrase).Address() + contractBinary := getHelloWorldContract(t) params := txnbuild.TransactionParams{ SourceAccount: &txnbuild.SimpleAccount{ AccountID: sourceAccount, @@ -209,7 +203,7 @@ func TestSimulateTransactionSucceeds(t *testing.T) { }, IncrementSequenceNum: false, Operations: []txnbuild.Operation{ - createInstallContractCodeOperation(sourceAccount, testContract), + createInstallContractCodeOperation(sourceAccount, contractBinary), }, BaseFee: txnbuild.MinBaseFee, Memo: nil, @@ -219,11 +213,9 @@ func TestSimulateTransactionSucceeds(t *testing.T) { } result := simulateTransactionFromTxParams(t, client, params) - testContractIdBytes := xdr.ScBytes(testContractId) - expectedXdr := xdr.ScVal{ - Type: xdr.ScValTypeScvBytes, - Bytes: &testContractIdBytes, - } + contractHash := sha256.Sum256(contractBinary) + contractHashBytes := xdr.ScBytes(contractHash[:]) + expectedXdr := xdr.ScVal{Type: xdr.ScValTypeScvBytes, Bytes: &contractHashBytes} assert.Greater(t, result.LatestLedger, int64(0)) assert.Greater(t, result.Cost.CPUInstructions, uint64(0)) assert.Greater(t, result.Cost.MemoryBytes, uint64(0)) @@ -235,14 +227,14 @@ func TestSimulateTransactionSucceeds(t *testing.T) { { Type: xdr.LedgerEntryTypeContractCode, ContractCode: &xdr.LedgerKeyContractCode{ - Hash: xdr.Hash(testContractId), + Hash: xdr.Hash(contractHash), }, }, }, }, - Instructions: 79653, + Instructions: 4961700, ReadBytes: 48, - WriteBytes: 64, + WriteBytes: 5468, }, RefundableFee: 20056, } @@ -261,7 +253,7 @@ func TestSimulateTransactionSucceeds(t *testing.T) { assert.Equal(t, expectedXdr, resultXdr) // test operation which does not have a source account - withoutSourceAccountOp := createInstallContractCodeOperation("", testContract) + withoutSourceAccountOp := createInstallContractCodeOperation("", contractBinary) params = txnbuild.TransactionParams{ SourceAccount: &txnbuild.SimpleAccount{ AccountID: sourceAccount, @@ -290,7 +282,7 @@ func TestSimulateTransactionSucceeds(t *testing.T) { }, IncrementSequenceNum: false, Operations: []txnbuild.Operation{ - createInstallContractCodeOperation(sourceAccount, testContract), + createInstallContractCodeOperation(sourceAccount, contractBinary), }, BaseFee: txnbuild.MinBaseFee, Memo: nil, @@ -597,6 +589,7 @@ func TestSimulateTransactionMultipleOperations(t *testing.T) { client := jrpc2.NewClient(ch, nil) sourceAccount := keypair.Root(StandaloneNetworkPassphrase).Address() + contractBinary := getHelloWorldContract(t) params := txnbuild.TransactionParams{ SourceAccount: &txnbuild.SimpleAccount{ AccountID: keypair.Root(StandaloneNetworkPassphrase).Address(), @@ -604,8 +597,8 @@ func TestSimulateTransactionMultipleOperations(t *testing.T) { }, IncrementSequenceNum: false, Operations: []txnbuild.Operation{ - createInstallContractCodeOperation(sourceAccount, testContract), - createCreateContractOperation(t, sourceAccount, testContract, StandaloneNetworkPassphrase), + createInstallContractCodeOperation(sourceAccount, contractBinary), + createCreateContractOperation(t, sourceAccount, contractBinary, StandaloneNetworkPassphrase), }, BaseFee: txnbuild.MinBaseFee, Memo: nil, diff --git a/cmd/soroban-rpc/internal/test/transaction_test.go b/cmd/soroban-rpc/internal/test/transaction_test.go index 14e7318bb..b53c8f25b 100644 --- a/cmd/soroban-rpc/internal/test/transaction_test.go +++ b/cmd/soroban-rpc/internal/test/transaction_test.go @@ -2,6 +2,7 @@ package test import ( "context" + "crypto/sha256" "fmt" "testing" "time" @@ -54,11 +55,12 @@ func TestSendTransactionSucceedsWithResults(t *testing.T) { address := kp.Address() account := txnbuild.NewSimpleAccount(address, 0) + contractBinary := getHelloWorldContract(t) params := preflightTransactionParams(t, client, txnbuild.TransactionParams{ SourceAccount: &account, IncrementSequenceNum: true, Operations: []txnbuild.Operation{ - createInstallContractCodeOperation(account.AccountID, testContract), + createInstallContractCodeOperation(account.AccountID, contractBinary), }, BaseFee: txnbuild.MinBaseFee, Preconditions: txnbuild.Preconditions{ @@ -77,8 +79,9 @@ func TestSendTransactionSucceedsWithResults(t *testing.T) { invokeHostFunctionResult, ok := opResults[0].MustTr().GetInvokeHostFunctionResult() assert.True(t, ok) assert.Equal(t, invokeHostFunctionResult.Code, xdr.InvokeHostFunctionResultCodeInvokeHostFunctionSuccess) - contractIDBytes := xdr.ScBytes(testContractId) - expectedScVal := xdr.ScVal{Type: xdr.ScValTypeScvBytes, Bytes: &contractIDBytes} + contractHash := sha256.Sum256(contractBinary) + contractHashBytes := xdr.ScBytes(contractHash[:]) + expectedScVal := xdr.ScVal{Type: xdr.ScValTypeScvBytes, Bytes: &contractHashBytes} var transactionMeta xdr.TransactionMeta assert.NoError(t, xdr.SafeUnmarshalBase64(response.ResultMetaXdr, &transactionMeta)) assert.True(t, expectedScVal.Equals(transactionMeta.V3.SorobanMeta.ReturnValue)) @@ -158,7 +161,7 @@ func TestSendTransactionFailedInLedger(t *testing.T) { address := kp.Address() account := txnbuild.NewSimpleAccount(address, 0) - op := createInstallContractCodeOperation(account.AccountID, testContract) + op := createInstallContractCodeOperation(account.AccountID, getHelloWorldContract(t)) // without the presources the tx will fail op.Ext = xdr.TransactionExt{ V: 1, From 7b57d45af7af74c31e97cadef67116232c47e75a Mon Sep 17 00:00:00 2001 From: Alfonso Acosta Date: Wed, 13 Sep 2023 14:05:33 +0200 Subject: [PATCH 5/8] Fix dependency checker GitHub workflow (#956) https://github.com/stellar/soroban-tools/pull/912 broke it two weeks ago and it wasn't noticed :S --- .github/workflows/dependency-check.yml | 1 + scripts/check-dependencies.bash | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml index 90ea3ae66..5f88a429d 100644 --- a/.github/workflows/dependency-check.yml +++ b/.github/workflows/dependency-check.yml @@ -20,6 +20,7 @@ jobs: go-version: 1.20.1 - run: scripts/check-dependencies.bash validate-rust-git-rev-deps: + runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - uses: stellar/actions/rust-check-git-rev-deps@main diff --git a/scripts/check-dependencies.bash b/scripts/check-dependencies.bash index 027a29669..63a863836 100755 --- a/scripts/check-dependencies.bash +++ b/scripts/check-dependencies.bash @@ -33,7 +33,7 @@ STELLAR_XDR_REVISION_FROM_RUST="" if CARGO_OUTPUT=$(cargo tree --depth 0 -p stellar-xdr 2>&1); then RS_STELLAR_XDR_REVISION=$(echo $CARGO_OUTPUT | head -n 1 | $SED "$CARGO_PACKAGE_REVISION_EXTRACT_SED_COMMAND") - STELLAR_XDR_REVISION_FROM_RUST=$($CURL https://raw.githubusercontent.com/stellar/rs-stellar-xdr/${RS_STELLAR_XDR_REVISION}/xdr/next-version) + STELLAR_XDR_REVISION_FROM_RUST=$($CURL https://raw.githubusercontent.com/stellar/rs-stellar-xdr/${RS_STELLAR_XDR_REVISION}/xdr/curr-version) else echo "The project depends on multiple versions of the Rust rs-stellar-xdr library" echo "Make sure a single version of stellar-xdr is used" From 803bb76c2bb291cd4a469f744aa93095eb3b8710 Mon Sep 17 00:00:00 2001 From: Alfonso Acosta Date: Wed, 13 Sep 2023 14:55:18 +0200 Subject: [PATCH 6/8] cli: Remove explicit decoding depths (#950) --- cmd/soroban-cli/src/rpc/mod.rs | 12 ++++------ cmd/soroban-cli/src/utils/contract_spec.rs | 26 ++++++---------------- 2 files changed, 11 insertions(+), 27 deletions(-) diff --git a/cmd/soroban-cli/src/rpc/mod.rs b/cmd/soroban-cli/src/rpc/mod.rs index e817b2a38..85954369f 100644 --- a/cmd/soroban-cli/src/rpc/mod.rs +++ b/cmd/soroban-cli/src/rpc/mod.rs @@ -4,13 +4,13 @@ use jsonrpsee_core::params::ObjectParams; use jsonrpsee_core::{self, client::ClientT, rpc_params}; use jsonrpsee_http_client::{HeaderMap, HttpClient, HttpClientBuilder}; use serde_aux::prelude::{deserialize_default_from_null, deserialize_number_from_string}; +use soroban_env_host::xdr::SorobanAuthorizedFunction; use soroban_env_host::xdr::{ self, AccountEntry, AccountId, ContractDataEntry, DiagnosticEvent, Error as XdrError, LedgerEntryData, LedgerFootprint, LedgerKey, LedgerKeyAccount, PublicKey, ReadXdr, SorobanAuthorizationEntry, SorobanResources, Transaction, TransactionEnvelope, TransactionMeta, TransactionMetaV3, TransactionResult, TransactionV1Envelope, Uint256, VecM, WriteXdr, }; -use soroban_env_host::xdr::{DepthLimitedRead, SorobanAuthorizedFunction}; use soroban_sdk::token; use std::{ fmt::Display, @@ -519,9 +519,8 @@ soroban config identity fund {address} --helper-url "# )); } let ledger_entry = &entries[0]; - let mut depth_limit_read = DepthLimitedRead::new(ledger_entry.xdr.as_bytes(), 100); if let LedgerEntryData::Account(entry) = - LedgerEntryData::read_xdr_base64(&mut depth_limit_read)? + LedgerEntryData::from_xdr_base64(ledger_entry.xdr.as_bytes())? { tracing::trace!(account=?entry); Ok(entry) @@ -550,11 +549,8 @@ soroban config identity fund {address} --helper-url "# let error = error_result_xdr .ok_or(Error::MissingError) .and_then(|x| { - TransactionResult::read_xdr_base64(&mut DepthLimitedRead::new( - x.as_bytes(), - 100, - )) - .map_err(|_| Error::InvalidResponse) + TransactionResult::from_xdr_base64(x.as_bytes()) + .map_err(|_| Error::InvalidResponse) }) .map(|r| r.result); tracing::error!(?error); diff --git a/cmd/soroban-cli/src/utils/contract_spec.rs b/cmd/soroban-cli/src/utils/contract_spec.rs index da67bedc4..de7272995 100644 --- a/cmd/soroban-cli/src/utils/contract_spec.rs +++ b/cmd/soroban-cli/src/utils/contract_spec.rs @@ -1,14 +1,11 @@ use base64::{engine::general_purpose::STANDARD as base64, Engine as _}; -use std::{ - fmt::Display, - io::{self, Cursor}, -}; +use std::{fmt::Display, io}; use soroban_env_host::xdr::{ - self, DepthLimitedRead, ReadXdr, ScEnvMetaEntry, ScMetaEntry, ScMetaV0, ScSpecEntry, - ScSpecFunctionV0, ScSpecUdtEnumV0, ScSpecUdtErrorEnumV0, ScSpecUdtStructV0, ScSpecUdtUnionV0, - StringM, WriteXdr, + self, ReadXdr, ScEnvMetaEntry, ScMetaEntry, ScMetaV0, ScSpecEntry, ScSpecFunctionV0, + ScSpecUdtEnumV0, ScSpecUdtErrorEnumV0, ScSpecUdtStructV0, ScSpecUdtUnionV0, StringM, WriteXdr, }; +use soroban_sdk::xdr::VecM; pub struct ContractSpec { pub env_meta_base64: Option, @@ -59,10 +56,7 @@ impl ContractSpec { let mut env_meta_base64 = None; let env_meta = if let Some(env_meta) = env_meta { env_meta_base64 = Some(base64.encode(env_meta)); - let cursor = Cursor::new(env_meta); - let mut depth_limit_read = DepthLimitedRead::new(cursor, 100); - ScEnvMetaEntry::read_xdr_iter(&mut depth_limit_read) - .collect::, xdr::Error>>()? + VecM::::from_xdr(env_meta)?.into() } else { vec![] }; @@ -70,10 +64,7 @@ impl ContractSpec { let mut meta_base64 = None; let meta = if let Some(meta) = meta { meta_base64 = Some(base64.encode(meta)); - let cursor = Cursor::new(meta); - let mut depth_limit_read = DepthLimitedRead::new(cursor, 100); - ScMetaEntry::read_xdr_iter(&mut depth_limit_read) - .collect::, xdr::Error>>()? + VecM::::from_xdr(meta)?.into() } else { vec![] }; @@ -81,10 +72,7 @@ impl ContractSpec { let mut spec_base64 = None; let spec = if let Some(spec) = spec { spec_base64 = Some(base64.encode(spec)); - let cursor = Cursor::new(spec); - let mut depth_limit_read = DepthLimitedRead::new(cursor, 100); - ScSpecEntry::read_xdr_iter(&mut depth_limit_read) - .collect::, xdr::Error>>()? + VecM::::from_xdr(spec)?.into() } else { vec![] }; From 1ee4113b88fb49e9b3ad2aec8700b4d53473efe7 Mon Sep 17 00:00:00 2001 From: tamirms Date: Wed, 13 Sep 2023 15:29:58 +0100 Subject: [PATCH 7/8] Validate xdr payloads in soroban-rpc requests (#957) --- .../internal/methods/get_ledger_entries.go | 9 +++++++++ .../internal/methods/get_ledger_entry.go | 16 ++++++++++++---- .../internal/methods/send_transaction.go | 16 ++++++++++++---- .../internal/methods/simulate_transaction.go | 8 ++++++++ go.mod | 4 +++- go.sum | 5 +++-- 6 files changed, 47 insertions(+), 11 deletions(-) diff --git a/cmd/soroban-rpc/internal/methods/get_ledger_entries.go b/cmd/soroban-rpc/internal/methods/get_ledger_entries.go index b7474e323..8cb499a70 100644 --- a/cmd/soroban-rpc/internal/methods/get_ledger_entries.go +++ b/cmd/soroban-rpc/internal/methods/get_ledger_entries.go @@ -6,6 +6,7 @@ import ( "github.com/creachadair/jrpc2" "github.com/creachadair/jrpc2/handler" + "github.com/stellar/go/gxdr" "github.com/stellar/go/support/log" "github.com/stellar/go/xdr" @@ -47,6 +48,14 @@ func NewGetLedgerEntriesHandler(logger *log.Entry, ledgerEntryReader db.LedgerEn var ledgerKeys []xdr.LedgerKey for i, requestKey := range request.Keys { var ledgerKey xdr.LedgerKey + if err := gxdr.ValidateLedgerKey(requestKey, gxdr.DefaultMaxDepth); err != nil { + logger.WithError(err).WithField("request", request). + Infof("could not validate ledgerKey at index %d from getLedgerEntries request", i) + return GetLedgerEntriesResponse{}, &jrpc2.Error{ + Code: jrpc2.InvalidParams, + Message: fmt.Sprintf("cannot unmarshal key value %s at index %d", requestKey, i), + } + } if err := xdr.SafeUnmarshalBase64(requestKey, &ledgerKey); err != nil { logger.WithError(err).WithField("request", request). Infof("could not unmarshal requestKey %s at index %d from getLedgerEntries request", requestKey, i) diff --git a/cmd/soroban-rpc/internal/methods/get_ledger_entry.go b/cmd/soroban-rpc/internal/methods/get_ledger_entry.go index 4ab908a68..d7f219fea 100644 --- a/cmd/soroban-rpc/internal/methods/get_ledger_entry.go +++ b/cmd/soroban-rpc/internal/methods/get_ledger_entry.go @@ -6,6 +6,7 @@ import ( "github.com/creachadair/jrpc2" "github.com/creachadair/jrpc2/handler" + "github.com/stellar/go/gxdr" "github.com/stellar/go/support/log" "github.com/stellar/go/xdr" @@ -27,19 +28,26 @@ type GetLedgerEntryResponse struct { LatestLedger int64 `json:"latestLedger,string"` } +var invalidLedgerKeyXdrError = &jrpc2.Error{ + Code: jrpc2.InvalidParams, + Message: "cannot unmarshal key value", +} + // NewGetLedgerEntryHandler returns a json rpc handler to retrieve the specified ledger entry from stellar core // Deprecated. use NewGetLedgerEntriesHandler instead. // TODO(https://github.com/stellar/soroban-tools/issues/374) remove after getLedgerEntries is deployed. func NewGetLedgerEntryHandler(logger *log.Entry, ledgerEntryReader db.LedgerEntryReader) jrpc2.Handler { return handler.New(func(ctx context.Context, request GetLedgerEntryRequest) (GetLedgerEntryResponse, error) { + if err := gxdr.ValidateLedgerKey(request.Key, gxdr.DefaultMaxDepth); err != nil { + logger.WithError(err).WithField("request", request). + Info("could not validate ledgerKey from getLedgerEntry request") + return GetLedgerEntryResponse{}, invalidLedgerKeyXdrError + } var key xdr.LedgerKey if err := xdr.SafeUnmarshalBase64(request.Key, &key); err != nil { logger.WithError(err).WithField("request", request). Info("could not unmarshal ledgerKey from getLedgerEntry request") - return GetLedgerEntryResponse{}, &jrpc2.Error{ - Code: jrpc2.InvalidParams, - Message: "cannot unmarshal key value", - } + return GetLedgerEntryResponse{}, invalidLedgerKeyXdrError } tx, err := ledgerEntryReader.NewTx(ctx) diff --git a/cmd/soroban-rpc/internal/methods/send_transaction.go b/cmd/soroban-rpc/internal/methods/send_transaction.go index 1ec8dd53c..3651d7e68 100644 --- a/cmd/soroban-rpc/internal/methods/send_transaction.go +++ b/cmd/soroban-rpc/internal/methods/send_transaction.go @@ -6,6 +6,7 @@ import ( "github.com/creachadair/jrpc2" "github.com/creachadair/jrpc2/handler" + "github.com/stellar/go/gxdr" "github.com/stellar/go/network" proto "github.com/stellar/go/protocols/stellarcore" "github.com/stellar/go/support/log" @@ -48,17 +49,24 @@ type LatestLedgerStore interface { GetLatestLedger() transactions.LedgerInfo } +var invalidTransactionXdrError = &jrpc2.Error{ + Code: jrpc2.InvalidParams, + Message: "invalid_xdr", +} + // NewSendTransactionHandler returns a submit transaction json rpc handler func NewSendTransactionHandler(daemon interfaces.Daemon, logger *log.Entry, store LatestLedgerStore, passphrase string) jrpc2.Handler { submitter := daemon.CoreClient() return handler.New(func(ctx context.Context, request SendTransactionRequest) (SendTransactionResponse, error) { + if err := gxdr.ValidateTransactionEnvelope(request.Transaction, gxdr.DefaultMaxDepth); err != nil { + logger.WithError(err).WithField("request", request). + Info("could not validate send transaction envelope") + return SendTransactionResponse{}, invalidTransactionXdrError + } var envelope xdr.TransactionEnvelope err := xdr.SafeUnmarshalBase64(request.Transaction, &envelope) if err != nil { - return SendTransactionResponse{}, &jrpc2.Error{ - Code: jrpc2.InvalidParams, - Message: "invalid_xdr", - } + return SendTransactionResponse{}, invalidTransactionXdrError } var hash [32]byte diff --git a/cmd/soroban-rpc/internal/methods/simulate_transaction.go b/cmd/soroban-rpc/internal/methods/simulate_transaction.go index f19b3af95..7d3d0a7c9 100644 --- a/cmd/soroban-rpc/internal/methods/simulate_transaction.go +++ b/cmd/soroban-rpc/internal/methods/simulate_transaction.go @@ -7,6 +7,7 @@ import ( "github.com/creachadair/jrpc2" "github.com/creachadair/jrpc2/handler" + "github.com/stellar/go/gxdr" "github.com/stellar/go/support/log" "github.com/stellar/go/xdr" @@ -53,6 +54,13 @@ type PreflightGetter interface { func NewSimulateTransactionHandler(logger *log.Entry, ledgerEntryReader db.LedgerEntryReader, ledgerReader db.LedgerReader, getter PreflightGetter) jrpc2.Handler { return handler.New(func(ctx context.Context, request SimulateTransactionRequest) SimulateTransactionResponse { + if err := gxdr.ValidateTransactionEnvelope(request.Transaction, gxdr.DefaultMaxDepth); err != nil { + logger.WithError(err).WithField("request", request). + Info("could not validate simulate transaction envelope") + return SimulateTransactionResponse{ + Error: "Could not unmarshal transaction", + } + } var txEnvelope xdr.TransactionEnvelope if err := xdr.SafeUnmarshalBase64(request.Transaction, &txEnvelope); err != nil { logger.WithError(err).WithField("request", request). diff --git a/go.mod b/go.mod index 6cee54593..fe3964128 100644 --- a/go.mod +++ b/go.mod @@ -16,12 +16,14 @@ require ( github.com/sirupsen/logrus v1.9.3 github.com/spf13/cobra v1.7.0 github.com/spf13/pflag v1.0.5 - github.com/stellar/go v0.0.0-20230912144159-176a6f499a49 + github.com/stellar/go v0.0.0-20230913112642-b19a4ceec268 github.com/stretchr/testify v1.8.4 golang.org/x/mod v0.12.0 gotest.tools/v3 v3.5.0 ) +require github.com/xdrpp/goxdr v0.1.1 // indirect + require ( github.com/BurntSushi/toml v0.3.1 // indirect github.com/Microsoft/go-winio v0.4.16 // indirect diff --git a/go.sum b/go.sum index 238b122d8..cd64f6830 100644 --- a/go.sum +++ b/go.sum @@ -189,8 +189,8 @@ github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.3.2 h1:VUFqw5KcqRf7i70GOzW7N+Q7+gxVBkSSqiXB12+JQ4M= github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= -github.com/stellar/go v0.0.0-20230912144159-176a6f499a49 h1:7Tp/Kt+wHsaWHTEOfbMDhbvKhPCjyqG7typ2CUFLHdk= -github.com/stellar/go v0.0.0-20230912144159-176a6f499a49/go.mod h1:5/qoLl0pexA5OPi0BZvDsOc3532CJlHuRg1dnBxbsGg= +github.com/stellar/go v0.0.0-20230913112642-b19a4ceec268 h1:mmweoXJEkZKyoUkvL+nS1ecwlHclHxGGZmhUsCnZpuE= +github.com/stellar/go v0.0.0-20230913112642-b19a4ceec268/go.mod h1:5/qoLl0pexA5OPi0BZvDsOc3532CJlHuRg1dnBxbsGg= github.com/stellar/go-xdr v0.0.0-20211103144802-8017fc4bdfee h1:fbVs0xmXpBvVS4GBeiRmAE3Le70ofAqFMch1GTiq/e8= github.com/stellar/go-xdr v0.0.0-20211103144802-8017fc4bdfee/go.mod h1:yoxyU/M8nl9LKeWIoBrbDPQ7Cy+4jxRcWcOayZ4BMps= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -211,6 +211,7 @@ github.com/valyala/fasthttp v1.34.0 h1:d3AAQJ2DRcxJYHm7OXNXtXt2as1vMDfxeIcFvhmGG github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI= github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= github.com/xdrpp/goxdr v0.1.1 h1:E1B2c6E8eYhOVyd7yEpOyopzTPirUeF6mVOfXfGyJyc= +github.com/xdrpp/goxdr v0.1.1/go.mod h1:dXo1scL/l6s7iME1gxHWo2XCppbHEKZS7m/KyYWkNzA= github.com/xeipuuv/gojsonpointer v0.0.0-20151027082146-e0fe6f683076 h1:KM4T3G70MiR+JtqplcYkNVoNz7pDwYaBxWBXQK804So= github.com/xeipuuv/gojsonreference v0.0.0-20150808065054-e02fc20de94c h1:XZWnr3bsDQWAZg4Ne+cPoXRPILrNlPNQfxBuwLl43is= github.com/xeipuuv/gojsonschema v0.0.0-20161231055540-f06f290571ce h1:cVSRGH8cOveJNwFEEZLXtB+XMnRqKLjUP6V/ZFYQCXI= From 06bf51fada16aa8e3ef19b76c6687a48efaaf87c Mon Sep 17 00:00:00 2001 From: Alfonso Acosta Date: Wed, 13 Sep 2023 17:52:26 +0200 Subject: [PATCH 8/8] Revert "cli: Remove explicit decoding depths (#950)" (#958) This reverts commit 803bb76c2bb291cd4a469f744aa93095eb3b8710. --- cmd/soroban-cli/src/rpc/mod.rs | 12 ++++++---- cmd/soroban-cli/src/utils/contract_spec.rs | 26 ++++++++++++++++------ 2 files changed, 27 insertions(+), 11 deletions(-) diff --git a/cmd/soroban-cli/src/rpc/mod.rs b/cmd/soroban-cli/src/rpc/mod.rs index 85954369f..e817b2a38 100644 --- a/cmd/soroban-cli/src/rpc/mod.rs +++ b/cmd/soroban-cli/src/rpc/mod.rs @@ -4,13 +4,13 @@ use jsonrpsee_core::params::ObjectParams; use jsonrpsee_core::{self, client::ClientT, rpc_params}; use jsonrpsee_http_client::{HeaderMap, HttpClient, HttpClientBuilder}; use serde_aux::prelude::{deserialize_default_from_null, deserialize_number_from_string}; -use soroban_env_host::xdr::SorobanAuthorizedFunction; use soroban_env_host::xdr::{ self, AccountEntry, AccountId, ContractDataEntry, DiagnosticEvent, Error as XdrError, LedgerEntryData, LedgerFootprint, LedgerKey, LedgerKeyAccount, PublicKey, ReadXdr, SorobanAuthorizationEntry, SorobanResources, Transaction, TransactionEnvelope, TransactionMeta, TransactionMetaV3, TransactionResult, TransactionV1Envelope, Uint256, VecM, WriteXdr, }; +use soroban_env_host::xdr::{DepthLimitedRead, SorobanAuthorizedFunction}; use soroban_sdk::token; use std::{ fmt::Display, @@ -519,8 +519,9 @@ soroban config identity fund {address} --helper-url "# )); } let ledger_entry = &entries[0]; + let mut depth_limit_read = DepthLimitedRead::new(ledger_entry.xdr.as_bytes(), 100); if let LedgerEntryData::Account(entry) = - LedgerEntryData::from_xdr_base64(ledger_entry.xdr.as_bytes())? + LedgerEntryData::read_xdr_base64(&mut depth_limit_read)? { tracing::trace!(account=?entry); Ok(entry) @@ -549,8 +550,11 @@ soroban config identity fund {address} --helper-url "# let error = error_result_xdr .ok_or(Error::MissingError) .and_then(|x| { - TransactionResult::from_xdr_base64(x.as_bytes()) - .map_err(|_| Error::InvalidResponse) + TransactionResult::read_xdr_base64(&mut DepthLimitedRead::new( + x.as_bytes(), + 100, + )) + .map_err(|_| Error::InvalidResponse) }) .map(|r| r.result); tracing::error!(?error); diff --git a/cmd/soroban-cli/src/utils/contract_spec.rs b/cmd/soroban-cli/src/utils/contract_spec.rs index de7272995..da67bedc4 100644 --- a/cmd/soroban-cli/src/utils/contract_spec.rs +++ b/cmd/soroban-cli/src/utils/contract_spec.rs @@ -1,11 +1,14 @@ use base64::{engine::general_purpose::STANDARD as base64, Engine as _}; -use std::{fmt::Display, io}; +use std::{ + fmt::Display, + io::{self, Cursor}, +}; use soroban_env_host::xdr::{ - self, ReadXdr, ScEnvMetaEntry, ScMetaEntry, ScMetaV0, ScSpecEntry, ScSpecFunctionV0, - ScSpecUdtEnumV0, ScSpecUdtErrorEnumV0, ScSpecUdtStructV0, ScSpecUdtUnionV0, StringM, WriteXdr, + self, DepthLimitedRead, ReadXdr, ScEnvMetaEntry, ScMetaEntry, ScMetaV0, ScSpecEntry, + ScSpecFunctionV0, ScSpecUdtEnumV0, ScSpecUdtErrorEnumV0, ScSpecUdtStructV0, ScSpecUdtUnionV0, + StringM, WriteXdr, }; -use soroban_sdk::xdr::VecM; pub struct ContractSpec { pub env_meta_base64: Option, @@ -56,7 +59,10 @@ impl ContractSpec { let mut env_meta_base64 = None; let env_meta = if let Some(env_meta) = env_meta { env_meta_base64 = Some(base64.encode(env_meta)); - VecM::::from_xdr(env_meta)?.into() + let cursor = Cursor::new(env_meta); + let mut depth_limit_read = DepthLimitedRead::new(cursor, 100); + ScEnvMetaEntry::read_xdr_iter(&mut depth_limit_read) + .collect::, xdr::Error>>()? } else { vec![] }; @@ -64,7 +70,10 @@ impl ContractSpec { let mut meta_base64 = None; let meta = if let Some(meta) = meta { meta_base64 = Some(base64.encode(meta)); - VecM::::from_xdr(meta)?.into() + let cursor = Cursor::new(meta); + let mut depth_limit_read = DepthLimitedRead::new(cursor, 100); + ScMetaEntry::read_xdr_iter(&mut depth_limit_read) + .collect::, xdr::Error>>()? } else { vec![] }; @@ -72,7 +81,10 @@ impl ContractSpec { let mut spec_base64 = None; let spec = if let Some(spec) = spec { spec_base64 = Some(base64.encode(spec)); - VecM::::from_xdr(spec)?.into() + let cursor = Cursor::new(spec); + let mut depth_limit_read = DepthLimitedRead::new(cursor, 100); + ScSpecEntry::read_xdr_iter(&mut depth_limit_read) + .collect::, xdr::Error>>()? } else { vec![] };