Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Don't try to read SLE with key 0 from the ledger: #4351

Merged
merged 1 commit into from
Nov 28, 2022

Conversation

ximinez
Copy link
Collaborator

@ximinez ximinez commented Nov 21, 2022

High Level Overview of Change

Debug builds are occasionally hitting an assert at Ledger.cpp line 436 (see #4341). The assert is at least 8 years old and appears to still be relevant. Ledger::read should not be called with an ID of 0.

NFTokenAcceptOffer transactions can be written (presumably incorrectly) in such a way that the NFTokenSellOffer and NFTokenBuyOffer fields can contain a 0 value. The preclaim function for this transaction did not validate the value before calling Ledger::read.

Note that this issue is not harmful in release builds. If an assert fails in a debug build, as it did in this case, it will stop the program. However, asserts are not included in release builds, so they are skipped. In this case, Ledger::read properly handles that case, and returns a nullptr if the ID is 0. NFTokenSellOffer::preclaim checks that nullptr and correctly returns tecOBJECT_NOT_FOUND, as it would if the transaction provided a valid ID which was not in the ledger.

This fix preserves that functionality, but checks for 0 in NFTokenSellOffer::preclaim before calling Ledger::read, and returns the same tecOBJECT_NOT_FOUND result. Thus, an amendment is not required.

Type of Change

  • [X ] Bug fix (non-breaking change which fixes an issue)
  • [X ] Refactor (non-breaking change that only restructures code)

Copy link
Collaborator

@scottschurr scottschurr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change looks good, and I think this is a good approach to avoiding an amendment. Thanks for finding and fixing the problem.

But I do think it would be good to add unit tests. I don't think the tests need to be extensive. The topmost commit here I think would be sufficient: https://github.com/scottschurr/rippled/commits/ed-readidzero

@ximinez
Copy link
Collaborator Author

ximinez commented Nov 22, 2022

Thanks for the tests! Super helpful. I also verified that the assert fires without the fix in place.

Copy link
Collaborator

@scottschurr scottschurr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Looks great! Thanks.

@intelliot intelliot added the Passed Passed code review & PR owner thinks it's ready to merge. Perf sign-off may still be required. label Nov 28, 2022
@intelliot intelliot changed the base branch from develop to releases/1.10.0-rc1 November 28, 2022 21:54
@intelliot intelliot merged commit b7ac73c into XRPLF:releases/1.10.0-rc1 Nov 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Bug Passed Passed code review & PR owner thinks it's ready to merge. Perf sign-off may still be required.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants