Page MenuHomePhabricator

Fix out-of-bounds index in Avalanche PeerManager
AbandonedPublic

Authored by jasonbcox on Tue, Jun 30, 03:35.

Details

Reviewers
deadalnix
Group Reviewers
Restricted Project
Summary
Test Plan

build-configurations.py build-asan

Event Timeline

jasonbcox created this revision.Tue, Jun 30, 03:35
Herald added a reviewer: Restricted Project. · View Herald TranscriptTue, Jun 30, 03:35
jasonbcox requested review of this revision.Tue, Jun 30, 03:35
Fabien added a subscriber: Fabien.Tue, Jun 30, 08:07
Fabien added inline comments.
src/avalanche/peermanager.cpp
82

slots.size() could be end here, and you could simply return NO_PEER instead of a break. In the end the result is the same: after the break you will exit the while loop, jump over the for loop (because end - begin is necessarily <= 0) and return NO_PEER anyway.

deadalnix requested changes to this revision.Tue, Jun 30, 13:29
deadalnix added a subscriber: deadalnix.
deadalnix added inline comments.
src/avalanche/peermanager.cpp
72

Adding an assert that i is in the right range is a good idea here.

82

Indeed, this has nothing to do with size and everything to do with the need to early bail.

This revision now requires changes to proceed.Tue, Jun 30, 13:29
jasonbcox abandoned this revision.Wed, Jul 1, 21:21