Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix: update toolchain clippy, fix clippy. Fix vulnarabilities #53

Merged
merged 6 commits into from
Aug 12, 2024
Merged

Fix: update toolchain clippy, fix clippy. Fix vulnarabilities #53

merged 6 commits into from
Aug 12, 2024

Conversation

mrLSD
Copy link
Member

@mrLSD mrLSD commented Aug 8, 2024
edited
Loading

Description

➡️ Updated rust toolchain to 1.80.0
➡️ Added clippy::pedantic
➡️ Fixed new clippy issues
⚠️ Found and fixed vulnerabilities related to signed->unsigned casting. It affects gas_used calculations. In some cases, it was possible cases, when casting i64->u64 could produce an unexpected number, and gas_used calculation may produce wrong result.
➡️ Fixed casting logic for u64->usize as it can produce truncated numbers fro 32-bit systems (like wasm32)
➡️ Improved numbers casting logic
➡️ Added clippy::as_conversions

@mrLSD mrLSD self-assigned this Aug 8, 2024
@mrLSD mrLSD added bug Something isn't working enhancement New feature or request labels Aug 8, 2024
@mrLSD mrLSD added this to the v0.45.1 milestone Aug 8, 2024
@mrLSD mrLSD requested review from aleksuss and birchmd August 8, 2024 20:23
aleksuss
aleksuss approved these changes Aug 9, 2024
View reviewed changes
Copy link
Member

@aleksuss aleksuss left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, but also it would be good to add a description about why an error occurs in the #Errors section in the doc-comments. But it's probably out of the scope of this PR.

birchmd
birchmd approved these changes Aug 9, 2024
View reviewed changes
Copy link
Member

@birchmd birchmd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great job!

runtime/src/lib.rs Outdated
@@ -445,7 +465,8 @@ impl Config {

// See https://eips.ethereum.org/EIPS/eip-3529
let refund_sstore_clears = if decrease_clears_refund {
(gas_sstore_reset + gas_access_list_storage_key) as i64
// Avoid signed casting to unsigned as it'll overflow
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Avoid signed casting to unsigned as it'll overflow
// Avoid unsigned casting to signed as it may overflow

src/executor/stack/executor.rs Outdated Show resolved Hide resolved
@mrLSD mrLSD merged commit 3fa7bb2 into master Aug 12, 2024
6 checks passed
@mrLSD mrLSD deleted the fix/clippy branch August 13, 2024 17:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aleksuss aleksuss aleksuss approved these changes

@birchmd birchmd birchmd approved these changes

Assignees

@mrLSD mrLSD

Labels
bug Something isn't working enhancement New feature or request
Projects
None yet
Milestone
v0.45.1-aurora
Development

Successfully merging this pull request may close these issues.
3 participants
@mrLSD @aleksuss @birchmd