Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Miscellaneous audit fixes #5155

Merged
merged 33 commits into from
Sep 23, 2024
Merged

Miscellaneous audit fixes #5155

merged 33 commits into from
Sep 23, 2024

Conversation

hstove
Copy link
Contributor

@hstove hstove commented Sep 10, 2024

This PR implements a few of the smaller items received from an audit. Most of them are pretty trivial (ie improve this logging). Some of them have potential implications for the code's logic, which are worth investigating as a reviewer.

Instead of making a separate PR for each small item, I've bundled them into this single PR. I've added each individual item to a separate commit with (hopefully) a helpful description about what's changed, so I'd recommend going commit-by-commit to review. If there are changes in here that we think need more thought, we can move them into a separate PR.

@hstove
fix: unused imports
109d3cb 
Added a cfg to warn about unused imports in `net/mod.rs`, which exposed a few unused imports that I've removed.

I've also updated other parts of the code that had imports that were only used for testing. In those cases, I've updated the import to only be used in `cfg(test)`.
@hstove
fix: only update schema_version if lower
2dce84a 
Previously, because `apply_schema_8` is called after things like `apply_schema_9`, this would override the schema version to be 8.

Also removed some trailing whitespace.
@hstove
fix: update log when validating pox treatment
20e0a04 
I've updated the log line to be a `warn`. More investigation needed on whether we should add explicit validation here to the length of the BitVec.
@hstove
fix: use consistent error handling when writing to SignerDB
32cd617 
Previously, there were some cases where we'd `panic`, and some where we'd just handle the error with a log. This updates the logic to always panic.
@hstove
fix: typo in NAKAMOTO_TENURES_SCHEMA_1
84c9ed4
@hstove
Fix: allow block timestamps exactly 15 seconds in the future
48195af 
Previously, we'd only allow timestamps _less than_ 15 seconds away, but our docs state that the timestamp can be _no more than_ 15 seconds away.
@hstove
fix: update processed_time when replacing block
9441849
@hstove
fix: return correct highest schema version
61be12e 
In `get_nakamoto_staging_blocks_db_version`, in the case of an error, the function would default to version 1, which could cause an overwrite of tables. This updates the function to return the correct highest version, which I've also moved to a constant.
@hstove
fix: return error if unable to announce stacks block
a0ad686 
In `net::relay`, there are many cases where we return an error if unable to announce a new Stacks block, but there was one case where the error was ignored. This updates that case to also return an error.
@hstove
fix: log error when failing to push a block
e882ec3 
This adds more verbose and explicit logs when the signer is unable to post a block when handling a `BlockPushed` event.
@hstove
fix: typo in SORTITION_DB_SCHEMA_4
ca22422
@hstove
fix: more description warning log in NakamotoBlockBuilder
cdf4727 
Previously, two different error cases had the same log message. This updates one of them to have a more description message about when the error occurred.
@hstove hstove requested review from a team as code owners September 10, 2024 00:49
@hstove
Copy link
Contributor Author

hstove commented Sep 16, 2024

One of my changes seriously messed something up - pretty much every test that touches sortdb is broken. Needs investigation

jcnelson
jcnelson previously approved these changes Sep 19, 2024
View reviewed changes
Copy link
Member

@jcnelson jcnelson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM; just address Brice's comments

obycode
obycode approved these changes Sep 20, 2024
View reviewed changes
Copy link
Contributor

@obycode obycode left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@wileyj wileyj added this pull request to the merge queue Sep 23, 2024
Merged via the queue into develop with commit 02054f6 Sep 23, 2024
1 check passed
@hstove hstove deleted the feat/audit-fixes branch September 23, 2024 22:33
@blockstack-devops
Copy link
Contributor

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@stacks-network stacks-network locked as resolved and limited conversation to collaborators Oct 26, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jcnelson jcnelson jcnelson approved these changes

@obycode obycode obycode approved these changes

@jferrant jferrant Awaiting requested review from jferrant

Assignees
No one assigned
Labels
3.0-must locked
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@hstove @blockstack-devops @jcnelson @obycode @saralab @wileyj