TrueCloudLab/neo-go
8
0
Fork 0
mirror of https://github.com/nspcc-dev/neo-go.git synced 2024-11-25 13:47:19 +00:00
Code Issues Projects Releases Packages Wiki Activity

rpc, internal: fix CodeQL int conversions warnings

Browse source 
```
Incorrect conversion of an integer with architecture-dependent bit
size from to a lower bit size type int32 without an upper bound
check.
```
This commit is contained in:
Anna Shaleva 2021-04-19 10:48:35 +03:00
parent db868f033e
commit ae36523a61
3 changed files with 33 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
internal/fakechain/fakechain.go
View file

@ -2,6 +2,7 @@ package fakechain
import ( import (
"errors" "errors"
"math"
"math/big" "math/big"
"sync/atomic" "sync/atomic"
@ -233,6 +234,9 @@ func (chain *FakeChain) GetNativeContractScriptHash(name string) (util.Uint160,
// GetHeaderHash implements Blockchainer interface. // GetHeaderHash implements Blockchainer interface.
func (chain *FakeChain) GetHeaderHash(n int) util.Uint256 { func (chain *FakeChain) GetHeaderHash(n int) util.Uint256 {
if n < 0 || n > math.MaxUint32 {
return util.Uint256{}
}
return chain.hdrHashes[uint32(n)] return chain.hdrHashes[uint32(n)]
} }

9
pkg/rpc/server/server.go
View file

@ -841,6 +841,9 @@ func (s *Server) contractIDFromParam(param *request.Param) (int32, *response.Err
if err != nil { if err != nil {
return 0, response.ErrInvalidParams return 0, response.ErrInvalidParams
} }
if err := checkInt32(id); err != nil {
return 0, response.WrapErrorWithData(response.ErrInvalidParams, err)
}
result = int32(id) result = int32(id)
default: default:
return 0, response.ErrInvalidParams return 0, response.ErrInvalidParams
@ -874,6 +877,9 @@ func (s *Server) contractScriptHashFromParam(param *request.Param) (util.Uint160
if err != nil { if err != nil {
return result, response.ErrInvalidParams return result, response.ErrInvalidParams
} }
if err := checkInt32(id); err != nil {
return result, response.WrapErrorWithData(response.ErrInvalidParams, err)
}
result, err = s.chain.GetContractScriptHash(int32(id)) result, err = s.chain.GetContractScriptHash(int32(id))
if err != nil { if err != nil {
return result, response.NewRPCError("Unknown contract", "", err) return result, response.NewRPCError("Unknown contract", "", err)
@ -969,6 +975,9 @@ func (s *Server) getStateRoot(ps request.Params) (interface{}, *response.Error)
var h util.Uint256 var h util.Uint256
height, err := p.GetInt() height, err := p.GetInt()
if err == nil { if err == nil {
if err := checkUint32(height); err != nil {
return nil, response.WrapErrorWithData(response.ErrInvalidParams, err)
}
rt, err = s.chain.GetStateModule().GetStateRoot(uint32(height)) rt, err = s.chain.GetStateModule().GetStateRoot(uint32(height))
} else if h, err = p.GetUint256(); err == nil { } else if h, err = p.GetUint256(); err == nil {
var hdr *block.Header var hdr *block.Header

20
pkg/rpc/server/util.go Normal file
View file

@ -0,0 +1,20 @@
package server
import (
"errors"
"math"
)
func checkUint32(i int) error {
if i < 0 || i > math.MaxUint32 {
return errors.New("value should fit uint32")
}
return nil
}
func checkInt32(i int) error {
if i < math.MinInt32 || i > math.MaxInt32 {
return errors.New("value should fit int32")
}
return nil
}