Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

share/ipld: newProofCollector should use bits.Len instead of math.Log2 just in case #3852

Closed
odeke-em opened this issue Oct 16, 2024 · 0 comments · Fixed by #3867
Closed

share/ipld: newProofCollector should use bits.Len instead of math.Log2 just in case #3852

odeke-em opened this issue Oct 16, 2024 · 0 comments · Fixed by #3867
Labels
bug Something isn't working external Issues created by non node team members good first issue Good for newcomers

Comments

@odeke-em
Copy link
Contributor

Celestia Node version

d7d2db8

OS

darwin

Install tools

No response

Others

No response

Steps to reproduce it

Read through

celestia-node/share/ipld/proof_collector.go

Line 17 in d7d2db8

height := int(math.Log2(float64(maxShares))) + 1

It isn't a problem nor an attack vector as we deemed offline but if a caller passed in a max shard size of 0, that code could cause a runtime panic because of this result:

log(0) = INFINITY and in Go that's represented by -INF or +INF whichever is implementation defined
which when converted to an integer is the smallest negative value which when passed into make([]T, -value)

Expected result

Zero value allocated for negative values or no crash

Actual result

A runtime panic

Relevant log output

No response

Is the node "stuck"? Has it stopped syncing?

No

Notes

Remedy

We can safely instead use math/bits.Len64 which even if had a negative number would have a maximum of 64 values

and here is a clear exhibit

https://go.dev/play/p/IlSf1wlm3nT

package main

import (
	"math"
	"math/bits"
)

var v = 0

func main() {
	println(math.Log2(float64(v)))
	println(bits.Len64(uint64(v)))
}

which prints out

-Inf
0

and is guaranteed never to panic, because bits.Len64(uint64(positive of negative int)) = [0, 63]
but math.Log2(float64(positive or negative int)) = [-9223372036854775808, 63]

Kindly cc-ing @Wondertan
@odeke-em odeke-em added the bug Something isn't working label Oct 16, 2024
@github-actions github-actions bot added the external Issues created by non node team members label Oct 16, 2024
@walldiss walldiss added the good first issue Good for newcomers label Oct 17, 2024
@notlelouch notlelouch mentioned this issue Oct 21, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working external Issues created by non node team members good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(share/ipld): use bits.Len64 instead of math.Log2 in newProofCollector notlelouch/celestia-node
2 participants
@odeke-em @walldiss