Ecosystem/serai
Ecosystem/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-03-23 23:58:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Ensure Tributary commits are minimal

Browse source
This commit is contained in:
Luke Parker 2023-05-09 23:45:05 -04:00
parent 7b7ddbdd97
commit 88f0e89350
No known key found for this signature in database
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
coordinator/tributary/src/lib.rs
View file

@ -191,10 +191,17 @@ impl<D: Db, T: Transaction, P: P2p> Tributary<D, T, P> {
} }
let block = TendermintBlock(block.serialize()); let block = TendermintBlock(block.serialize());
let Ok(commit) = Commit::<Arc<Validators>>::decode(&mut commit.as_ref()) else { let mut commit_ref = commit.as_ref();
let Ok(commit) = Commit::<Arc<Validators>>::decode(&mut commit_ref) else {
log::error!("sent an invalidly serialized commit"); log::error!("sent an invalidly serialized commit");
return false; return false;
}; };
// Storage DoS vector. We *could* truncate to solely the relevant portion, trying to save this,
// yet then we'd have to test the truncation was performed correctly.
if !commit_ref.is_empty() {
log::error!("sent an commit with additional data after it");
return false;
}
if !self.network.verify_commit(block.id(), &commit) { if !self.network.verify_commit(block.id(), &commit) {
log::error!("sent an invalid commit"); log::error!("sent an invalid commit");
return false; return false;