fix: auditor finding 6 #1545

cody-littley · 2025-05-08T15:21:40Z

Why are these changes needed?

Auditor Request

if len(resp.bundles) > len(resp.metadata), indexing resp.metadata[i] will panic. This could be happened when the malicious relays return more bundles than the validator requested. [Code]
Recommendation: Later validation stages will catch blob inconsistencies, so before iterating, assert that len(resp.bundles) == len(resp.metadata). If they differ, return an error.

        for i, bundle := range resp.bundles {
            metadata := resp.metadata[i]

Auditor Response

I've fixed the issue by adding a check that fails the operation if there is a size mismatch.

Signed-off-by: Cody Littley <[email protected]>

Fix auditor finding 6. Signed-off-by: Cody Littley <[email protected]>

Fix auditor finding 6.

b65bd0b

Signed-off-by: Cody Littley <[email protected]>

cody-littley requested a review from litt3 May 8, 2025 15:21

cody-littley self-assigned this May 8, 2025

cody-littley changed the title ~~Fix auditor finding 6.~~ fix: auditor finding 6. May 8, 2025

cody-littley changed the title ~~fix: auditor finding 6.~~ fix: auditor finding 6 May 8, 2025

litt3 approved these changes May 9, 2025

View reviewed changes

cody-littley merged commit a59406b into master May 9, 2025
16 of 17 checks passed

cody-littley deleted the litt-audit-f6 branch May 9, 2025 15:06

ethenotethan pushed a commit that referenced this pull request May 14, 2025

fix: auditor finding 6 (#1545)

4db1be3

Fix auditor finding 6. Signed-off-by: Cody Littley <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix: auditor finding 6 #1545

fix: auditor finding 6 #1545

Uh oh!

cody-littley commented May 8, 2025

Uh oh!

Uh oh!

Uh oh!

fix: auditor finding 6 #1545

fix: auditor finding 6 #1545

Uh oh!

Conversation

cody-littley commented May 8, 2025

Why are these changes needed?

Auditor Request

Auditor Response

Uh oh!

Uh oh!

Uh oh!