fix(valopers): validate auth-list members, sanitize description, reject negative min fee#5874
Open
davd-gzl wants to merge 2 commits into
Open
fix(valopers): validate auth-list members, sanitize description, reject negative min fee#5874davd-gzl wants to merge 2 commits into
davd-gzl wants to merge 2 commits into
Conversation
…ct negative min fee - AddToAuthList/DeleteFromAuthList now reject malformed bech32 member addresses up front (validateBech32) instead of letting garbage reach the auth list. - Render sanitizes the operator-controlled description via markdown/sanitize.Block, neutralizing structural markdown injection (forged headings, HTML blocks) before it reaches the profile page or the govdao proposal that embeds Render. Branch on the sanitized result so a description that sanitizes to empty still terminates the heading line. - ProposeNewMinFeeProposalRequest rejects a negative newMinFee before casting to uint64.
Collaborator
🛠 PR Checks Summary🔴 Pending initial approval by a review team member, or review from tech-staff Manual Checks (for Reviewers):
Read More🤖 This bot helps streamline PR reviews by verifying automated checks and providing guidance for contributors and reviewers. ✅ Automated Checks (for Contributors):🟢 Maintainers must be able to edit this pull request (more info) ☑️ Contributor Actions:
☑️ Reviewer Actions:
📚 Resources:Debug
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Three input-validation hardenings in
r/gnops/valopers, all on operator-controlled inputs that previously reached state or rendering unchecked.Changes
valopers.gnoAddToAuthList/DeleteFromAuthList: reject malformed bech32memberaddresses up front via the existingvalidateBech32helper, instead of letting empty/garbage values reach the auth list.Render: sanitize the operator-controlledDescriptionthroughp/nt/markdown/sanitize/v0.Blockbefore emitting. This neutralizes structural markdown injection (forged headings, HTML blocks) that would otherwise break into the profile page or the govdao proposal that embedsRender. The branch keys on the sanitized result, not the raw description, so a description that sanitizes to empty still terminates the heading line.proposal/proposal.gnoProposeNewMinFeeProposalRequest: reject a negativenewMinFee(newErrNegativeMinFee) before theint64→uint64cast.Tests
valopers_test.gno: invalid auth-list member address rejected (empty + bad-checksum);Rendersanitizes a forged-heading description while preserving prose, and a description that sanitizes to empty keeps the heading line terminated.proposal_test.gno: negative min-fee rejected.filetests/z_2_filetest.gno: expected output updated for thesanitize.Blockblank-line envelope.Verification
gno testpasses for thevalopersandvalopers/proposalpackages.