Problem: missing validation on nft-transfer message fields

Solution: - add some validation in check-tx first
crypto-org-chain · Dec 5, 2023 · 3465044 · 3465044
1 parent d71c53c
commit 3465044
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,7 @@
 - [#1004](https://github.com/crypto-org-chain/chain-main/pull/1004) Update rocksdb dependency to 8.1.1.
 - [#1009](https://github.com/crypto-org-chain/chain-main/pull/1009) Update memiavl to c575f4797ca4, update cosmos-sdk to v0.46.15.
 - [#1010](https://github.com/crypto-org-chain/chain-main/pull/1010) Bump librocksdb to 8.5.3
+- [#]() Limit the length of NFTTransfer fields.
 
 ### Bug Fixes
 

diff --git a/app/ante.go b/app/ante.go
@@ -7,6 +7,7 @@ import (
 	"github.com/cosmos/cosmos-sdk/x/auth/ante"
 	ibcante "github.com/cosmos/ibc-go/v5/modules/core/ante"
 	"github.com/cosmos/ibc-go/v5/modules/core/keeper"
+	nfttypes "github.com/crypto-org-chain/chain-main/v4/x/nft-transfer/types"
 )
 
 // HandlerOptions extend the SDK's AnteHandler options by requiring the IBC
@@ -39,6 +40,7 @@ func NewAnteHandler(options HandlerOptions) (sdk.AnteHandler, error) {
 		ante.NewValidateBasicDecorator(),
 		ante.NewTxTimeoutHeightDecorator(),
 		ante.NewValidateMemoDecorator(options.AccountKeeper),
+		NewValidateMsgTransferDecorator(),
 		ante.NewConsumeGasForTxSizeDecorator(options.AccountKeeper),
 		ante.NewDeductFeeDecorator(options.AccountKeeper, options.BankKeeper, options.FeegrantKeeper, options.TxFeeChecker),
 		// SetPubKeyDecorator must be called before all signature verification decorators
@@ -52,3 +54,52 @@ func NewAnteHandler(options HandlerOptions) (sdk.AnteHandler, error) {
 
 	return sdk.ChainAnteDecorators(anteDecorators...), nil
 }
+
+const (
+	// values chosen arbitrarily
+	MaxClassIDLength      = 256
+	MaxTokenIds           = 256
+	MaxTokenIDLength      = 256
+	MaximumReceiverLength = 2048
+)
+
+// ValidateMsgTransferDecorator is a temporary decorator that limit the field length of MsgTransfer message.
+type ValidateMsgTransferDecorator struct{}
+
+func NewValidateMsgTransferDecorator() ValidateMsgTransferDecorator {
+	return ValidateMsgTransferDecorator{}
+}
+
+func (vtd ValidateMsgTransferDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simulate bool, next sdk.AnteHandler) (sdk.Context, error) {
+	if !ctx.IsCheckTx() {
+		return next(ctx, tx, simulate)
+	}
+
+	msgs := tx.GetMsgs()
+	for _, msg := range msgs {
+		transfer, ok := msg.(*nfttypes.MsgTransfer)
+		if !ok {
+			continue
+		}
+
+		if len(transfer.ClassId) > MaxClassIDLength {
+			return ctx, sdkerrors.Wrapf(sdkerrors.ErrInvalidRequest, "class id length must be less than %d", MaxClassIDLength)
+		}
+
+		if len(transfer.TokenIds) > MaxClassIDLength {
+			return ctx, sdkerrors.Wrapf(sdkerrors.ErrInvalidRequest, "token id length must be less than %d", MaxClassIDLength)
+		}
+
+		for _, tokenID := range transfer.TokenIds {
+			if len(tokenID) > MaxTokenIDLength {
+				return ctx, sdkerrors.Wrapf(sdkerrors.ErrInvalidRequest, "token id length must be less than %d", MaxTokenIDLength)
+			}
+		}
+
+		if len(transfer.Receiver) > MaximumReceiverLength {
+			return ctx, sdkerrors.Wrapf(sdkerrors.ErrInvalidRequest, "receiver length must be less than %d", MaximumReceiverLength)
+		}
+	}
+
+	return next(ctx, tx, simulate)
+}