Skip to content

Commit

Permalink
rpc: Sanity-check allocations when decoding
Browse files Browse the repository at this point in the history
This reverts commit 1ee4113
and updates stellar/go to stellar/go#5116
  • Loading branch information
2opremio committed Nov 23, 2023
1 parent 86ecac1 commit e8d68fd
Show file tree
Hide file tree
Showing 4 changed files with 8 additions and 41 deletions.
9 changes: 0 additions & 9 deletions cmd/soroban-rpc/internal/methods/get_ledger_entries.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ import (

"github.com/creachadair/jrpc2"
"github.com/creachadair/jrpc2/handler"
"github.com/stellar/go/gxdr"
"github.com/stellar/go/support/log"
"github.com/stellar/go/xdr"

Expand Down Expand Up @@ -51,14 +50,6 @@ func NewGetLedgerEntriesHandler(logger *log.Entry, ledgerEntryReader db.LedgerEn
var ledgerKeys []xdr.LedgerKey
for i, requestKey := range request.Keys {
var ledgerKey xdr.LedgerKey
if err := gxdr.ValidateLedgerKey(requestKey, gxdr.DefaultMaxDepth); err != nil {
logger.WithError(err).WithField("request", request).
Infof("could not validate ledgerKey at index %d from getLedgerEntries request", i)
return GetLedgerEntriesResponse{}, &jrpc2.Error{
Code: jrpc2.InvalidParams,
Message: fmt.Sprintf("cannot unmarshal key value %s at index %d", requestKey, i),
}
}
if err := xdr.SafeUnmarshalBase64(requestKey, &ledgerKey); err != nil {
logger.WithError(err).WithField("request", request).
Infof("could not unmarshal requestKey %s at index %d from getLedgerEntries request", requestKey, i)
Expand Down
16 changes: 4 additions & 12 deletions cmd/soroban-rpc/internal/methods/get_ledger_entry.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ import (

"github.com/creachadair/jrpc2"
"github.com/creachadair/jrpc2/handler"
"github.com/stellar/go/gxdr"

"github.com/stellar/go/support/log"
"github.com/stellar/go/xdr"
Expand All @@ -30,26 +29,19 @@ type GetLedgerEntryResponse struct {
LiveUntilLedgerSeq *uint32 `json:"LiveUntilLedgerSeq,string,omitempty"`
}

var invalidLedgerKeyXdrError = &jrpc2.Error{
Code: jrpc2.InvalidParams,
Message: "cannot unmarshal key value",
}

// NewGetLedgerEntryHandler returns a json rpc handler to retrieve the specified ledger entry from stellar core
// Deprecated. use NewGetLedgerEntriesHandler instead.
// TODO(https://github.com/stellar/soroban-tools/issues/374) remove after getLedgerEntries is deployed.
func NewGetLedgerEntryHandler(logger *log.Entry, ledgerEntryReader db.LedgerEntryReader) jrpc2.Handler {
return handler.New(func(ctx context.Context, request GetLedgerEntryRequest) (GetLedgerEntryResponse, error) {
if err := gxdr.ValidateLedgerKey(request.Key, gxdr.DefaultMaxDepth); err != nil {
logger.WithError(err).WithField("request", request).
Info("could not validate ledgerKey from getLedgerEntry request")
return GetLedgerEntryResponse{}, invalidLedgerKeyXdrError
}
var key xdr.LedgerKey
if err := xdr.SafeUnmarshalBase64(request.Key, &key); err != nil {
logger.WithError(err).WithField("request", request).
Info("could not unmarshal ledgerKey from getLedgerEntry request")
return GetLedgerEntryResponse{}, invalidLedgerKeyXdrError
return GetLedgerEntryResponse{}, &jrpc2.Error{
Code: jrpc2.InvalidParams,
Message: "cannot unmarshal key value",
}
}

if key.Type == xdr.LedgerEntryTypeTtl {
Expand Down
16 changes: 4 additions & 12 deletions cmd/soroban-rpc/internal/methods/send_transaction.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ import (

"github.com/creachadair/jrpc2"
"github.com/creachadair/jrpc2/handler"
"github.com/stellar/go/gxdr"
"github.com/stellar/go/network"
proto "github.com/stellar/go/protocols/stellarcore"
"github.com/stellar/go/support/log"
Expand Down Expand Up @@ -49,24 +48,17 @@ type LatestLedgerStore interface {
GetLatestLedger() transactions.LedgerInfo
}

var invalidTransactionXdrError = &jrpc2.Error{
Code: jrpc2.InvalidParams,
Message: "invalid_xdr",
}

// NewSendTransactionHandler returns a submit transaction json rpc handler
func NewSendTransactionHandler(daemon interfaces.Daemon, logger *log.Entry, store LatestLedgerStore, passphrase string) jrpc2.Handler {
submitter := daemon.CoreClient()
return handler.New(func(ctx context.Context, request SendTransactionRequest) (SendTransactionResponse, error) {
if err := gxdr.ValidateTransactionEnvelope(request.Transaction, gxdr.DefaultMaxDepth); err != nil {
logger.WithError(err).WithField("request", request).
Info("could not validate send transaction envelope")
return SendTransactionResponse{}, invalidTransactionXdrError
}
var envelope xdr.TransactionEnvelope
err := xdr.SafeUnmarshalBase64(request.Transaction, &envelope)
if err != nil {
return SendTransactionResponse{}, invalidTransactionXdrError
return SendTransactionResponse{}, &jrpc2.Error{
Code: jrpc2.InvalidParams,
Message: "invalid_xdr",
}
}

var hash [32]byte
Expand Down
8 changes: 0 additions & 8 deletions cmd/soroban-rpc/internal/methods/simulate_transaction.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ import (

"github.com/creachadair/jrpc2"
"github.com/creachadair/jrpc2/handler"
"github.com/stellar/go/gxdr"
"github.com/stellar/go/support/log"
"github.com/stellar/go/xdr"

Expand Down Expand Up @@ -54,13 +53,6 @@ type PreflightGetter interface {
func NewSimulateTransactionHandler(logger *log.Entry, ledgerEntryReader db.LedgerEntryReader, ledgerReader db.LedgerReader, getter PreflightGetter) jrpc2.Handler {

return handler.New(func(ctx context.Context, request SimulateTransactionRequest) SimulateTransactionResponse {
if err := gxdr.ValidateTransactionEnvelope(request.Transaction, gxdr.DefaultMaxDepth); err != nil {
logger.WithError(err).WithField("request", request).
Info("could not validate simulate transaction envelope")
return SimulateTransactionResponse{
Error: "Could not unmarshal transaction",
}
}
var txEnvelope xdr.TransactionEnvelope
if err := xdr.SafeUnmarshalBase64(request.Transaction, &txEnvelope); err != nil {
logger.WithError(err).WithField("request", request).
Expand Down

0 comments on commit e8d68fd

Please sign in to comment.