substrate icon indicating copy to clipboard operation
substrate copied to clipboard
verified publisher icon paritytech

RFC. expect() considered harmful on host function implementations??

Open feliam opened this issue 2 years ago • 2 comments

A runtime importing certain host functions could cause a panic! in the enclosing client(thread). (wasm) runtime could hide functionality to make a thread in the client panic! under certain constraints :shrug: by calling

sp_io::crypto::ed25519_generate(KeyTypeId::from(0), Some(vec![0xff, 0xff , 0xff]));

https://github.com/paritytech/substrate/blob/8a3b2f2e0d4bcf9614dbf174ad2b24da6f9b0b44/primitives/io/src/lib.rs#L747

see. https://thoughtbot.com/blog/fight-back-utf-8-invalid-byte-sequences

excerpt

Thread 'tokio-runtime-worker' panicked at 'Seed is valid utf8!: Utf8Error { valid_up_to: 0, error_len: Some(1) }', /.../substrate-7e08433d4c370a21/2a0eeff/primitives/io/src/lib.rs:747

feliam avatar Jan 19 '23 22:01 feliam

It's bizarre seeds were ever handled as utf8, instead of simply as bytes, but oh well..

burdges avatar Jan 19 '23 22:01 burdges

A runtime is generally trusted code. However, we should still fix this.

bkchr avatar Jan 19 '23 22:01 bkchr