Roman Khimov
9d5b8d606a
server: quote method in logs, fix CodeQL warnings
...
CWE-117:
Log entries created from user input
If unsanitized user input is written to a log entry, a malicious user may be able to forge new log entries.
2022-03-22 16:05:06 +03:00
Roman Khimov
0a338ea94b
rpc/server: register ws calls in Prometheus
...
They were completely missing.
2022-03-21 23:18:00 +03:00
Roman Khimov
d5a9af5860
Revert "Revert "interop: use All flags for management deploy and update calls""
...
This reverts commit 526c423a61
, heading to 3.2.0.
2022-03-21 17:41:37 +03:00
Roman Khimov
526c423a61
Revert "interop: use All flags for management deploy and update calls"
...
This reverts commit 37ca96c20b
and a part of
7945097543
, we need 0.98.2 release to be
3.1.0-compatible and this one breaks the testnet.
2022-03-21 14:32:11 +03:00
Roman Khimov
ad1dd3ebb7
Merge pull request #2399 from nspcc-dev/fuzz-tests
...
vm: add some Fuzz tests
2022-03-21 12:00:55 +03:00
Evgeniy Stratonikov
3f65473f64
vm: add some Fuzz tests
...
Both `IsScriptCorrect` and `VM.Run` should never panic.
Signed-off-by: Evgeniy Stratonikov <evgeniy@nspcc.ru>
2022-03-18 16:13:39 +03:00
Roman Khimov
906d99571b
Merge pull request #2369 from nspcc-dev/goshechka
...
*: go 1.18 support 🎉 😍 🎊 🍰 🥂
2022-03-18 15:07:20 +03:00
Roman Khimov
4869049965
Merge pull request #2398 from nspcc-dev/trim-micro
...
block/dao: simplify trimming, avoid allocations
2022-03-18 12:39:53 +03:00
Roman Khimov
5616585697
block/dao: simplify trimming, avoid allocations
...
The only user of (*Block).Trim() is in DAO and it already has a nice buffer
usually, so creating another one makes no sense. It also simplifies error
handling a lot.
2022-03-18 10:49:25 +03:00
Roman Khimov
c2845852ae
Merge pull request #2397 from nspcc-dev/is-script-correct-panic
...
vm: avoid panic in `IsScriptCorrect`
2022-03-18 10:08:39 +03:00
Evgeniy Stratonikov
ef28308dbf
vm: avoid panic in IsScriptCorrect
...
Signed-off-by: Evgeniy Stratonikov <evgeniy@nspcc.ru>
2022-03-17 20:12:50 +03:00
AnnaShaleva
a4d402da86
compiler: revert a part of ad65d1fa1f
...
Close #2335 .
2022-03-17 19:39:18 +03:00
Anna Shaleva
753d604784
network: use net.ErrClosed to check network connection was closed
...
Close #1765 .
2022-03-17 19:39:18 +03:00
Anna Shaleva
2096ad6e81
*: remove io/ioutil uses
...
Close #1764 .
2022-03-17 19:39:18 +03:00
Roman Khimov
df3eb76aa2
Merge pull request #2396 from nspcc-dev/fuzz-script-panic
...
Return error on negative instruction pointer in `Context.Next`
2022-03-17 19:13:20 +03:00
Evgeniy Stratonikov
492c91b4c5
vm: disallow negative offset in (*Context).Next()
...
Currently the only known reason this can happen is processing
ENDFINALLY opcode before the corresponding ENDTRY.
Signed-off-by: Evgeniy Stratonikov <evgeniy@nspcc.ru>
2022-03-17 18:52:48 +03:00
Roman Khimov
5cbf28a104
Merge pull request #2372 from nspcc-dev/jsonpath-oom
...
jsonpath: restrict amount of intermediate objects
2022-03-17 12:34:49 +03:00
Roman Khimov
5379ef75bb
Merge pull request #2391 from nspcc-dev/fix-reverse
...
vm: fix integer conversions
2022-03-10 12:27:10 +03:00
Evgeniy Stratonikov
32f4404954
vm: allow HASKEY on byte-arrays
...
Current neo-vm master has them https://github.com/neo-project/neo-vm/blob/master/src/neo-vm/ExecutionEngine.cs#L1157
Were silently added in
029466fa9d
.
Signed-off-by: Evgeniy Stratonikov <evgeniy@nspcc.ru>
2022-03-10 10:34:13 +03:00
Evgeniy Stratonikov
39866b8512
vm: fix integer conversions
...
As can be seen in https://dotnetfiddle.net/s7eg21 (int) conversions
result in an exception in C# code.
Signed-off-by: Evgeniy Stratonikov <evgeniy@nspcc.ru>
2022-03-10 10:21:34 +03:00
Evgeniy Stratonikov
a8d2df874f
stackitem: limit JSON size in ToJSONWithTypes
...
Also do not limit depth. It was introduced in e34fa2e915
as a simple
solution to OOM problem. In this commit we do exactly the refactoring
described there. Maximum size is the same as stack item size and
can be changed if needed withouth significat refactoring.
`1 MiB` seems sufficient, though.
Signed-off-by: Evgeniy Stratonikov <evgeniy@nspcc.ru>
2022-03-09 10:29:23 +03:00
Roman Khimov
6ece74a7c7
Merge pull request #2383 from nspcc-dev/oracle-redirection
...
services: check Oracle response redirections
2022-03-04 22:19:22 +03:00
Anna Shaleva
5ace840cc7
services: improve Oracle redirection check
...
Move IP check to later stage and do not resolve URI manually.
2022-03-04 19:27:52 +03:00
Roman Khimov
96cd415384
Merge pull request #2382 from nspcc-dev/compiler-optimize
...
compiler: optimize tests
2022-03-04 18:55:40 +03:00
Evgeniy Stratonikov
0e86073a77
compiler: group small tests in a single file
...
Signed-off-by: Evgeniy Stratonikov <evgeniy@nspcc.ru>
2022-03-04 17:55:33 +03:00
AnnaShaleva
537de18ac3
services: check Oracle response redirections
...
1. Move redirections check to the tcp level. Manually resolve request address
and create connection for the first suitable resolved address.
2. Remove URIValidator. Redirections checks are set in the custom http client,
so the user should take care of validation by himself when customizing the
client.
2022-03-04 13:10:22 +03:00
AnnaShaleva
3d5b1d8d17
rpc: add Rules signer scope to request parameters
2022-03-03 12:18:19 +03:00
Roman Khimov
ff60571869
Merge pull request #2378 from nspcc-dev/notary-adjustments
...
*: several Notary subsystem adjustments, part 1
2022-03-02 11:58:36 +03:00
AnnaShaleva
3996b3abb7
interop: extend native Notary interop API
2022-03-01 19:08:22 +03:00
AnnaShaleva
49e228ddf8
rpc: fix Client's GetOraclePrice
2022-03-01 19:08:22 +03:00
AnnaShaleva
92282c70cb
*: support customisable NotaryServiceFeePerKey value
...
* Add corresponding methods to Notary contract.
* Extend RPC Client API.
* Adjust tests.
2022-03-01 19:08:16 +03:00
Roman Khimov
473d11d24e
Merge pull request #2370 from nspcc-dev/nonzero-blockchain-start
...
core: add tests for non-zero blockchain start
2022-03-01 16:39:17 +03:00
Anna Shaleva
49c995ec06
core: add tests for blockchain initialisation
...
Close #1577 .
2022-02-28 19:00:43 +03:00
AnnaShaleva
8e3f2417f4
core: add check for native activations history
...
It should be consistent with storage states.
2022-02-28 18:49:18 +03:00
Anna Shaleva
032d9749c2
core: improve blockchain error messages
2022-02-28 18:49:18 +03:00
Anna Shaleva
a57c3f4842
core: fix InitWithIncompleteStateJump test
2022-02-28 18:49:18 +03:00
Anna Shaleva
9adcefc2ef
core: gracefully wrap Seek error if failed to retrieve header hases
2022-02-28 18:49:18 +03:00
Anna Shaleva
8d6aa1782d
core: fix StateRootInHeader error message for (*Blockchain).init()
2022-02-28 18:49:18 +03:00
Anna Shaleva
ad0c53c067
core: unify the format of error messages for (*Blockchain).init()
2022-02-28 18:49:12 +03:00
Evgeniy Stratonikov
a2cef15932
compiler: emit bindings configuration
...
Signed-off-by: Evgeniy Stratonikov <evgeniy@nspcc.ru>
2022-02-28 15:36:14 +03:00
Evgeniy Stratonikov
422a80f483
jsonpath: restrict amount of intermediate objects
...
Signed-off-by: Evgeniy Stratonikov <evgeniy@nspcc.ru>
2022-02-28 13:18:34 +03:00
Anna Shaleva
21515e1835
core: refactor Level store creation for tests
...
We don't need to create the whole DB configuration structure.
2022-02-25 12:14:17 +03:00
Anna Shaleva
339bec1632
core: adjust TestDumpAndRestore test
...
`with state root` test should consider StateRootInHeader set to true.
2022-02-25 11:47:13 +03:00
Roman Khimov
870fd024c9
Merge pull request #2367 from nspcc-dev/rpc/thread-safe
...
rpc: take care of RPC clients
2022-02-24 20:11:15 +03:00
Anna Shaleva
1f255e756f
rpc: add a note to RPC clients about thread-safeness
2022-02-24 19:01:21 +03:00
Anna Shaleva
2896c0a83a
rpc: add test for concurrent WSClient access and request IDs generation
2022-02-24 19:01:21 +03:00
AnnaShaleva
0d8723527c
rpc: refactor WSClient initialisation
...
Fix the following linter warning:
```
pkg/rpc/client/wsclient.go:99:18 govet copylocks: literal copies lock value from *cl: github.com/nspcc-dev/neo-go/pkg/rpc/client.Client contains sync.RWMutex
```
2022-02-24 19:01:21 +03:00
AnnaShaleva
8991ee91cd
rpc: make RPC WSClient thread-safe
...
Add ability to use unique request IDs for RPC requests.
2022-02-24 19:01:12 +03:00
Roman Khimov
b65ab011fe
Merge pull request #2349 from nspcc-dev/codegen-contract
...
cli/smartcontract: generate bindings to an existing contract
2022-02-24 15:51:33 +03:00
Anna Shaleva
0357d9f4f4
smartcontract: add hash check to paramcontext
...
Close #2344 .
2022-02-24 10:21:08 +03:00