diff --git a/.changelog/v0.21.1/bug-fixes/199-non-utf8-packet-data.md b/.changelog/v0.21.1/bug-fixes/199-non-utf8-packet-data.md new file mode 100644 index 000000000..e50dbf7ec --- /dev/null +++ b/.changelog/v0.21.1/bug-fixes/199-non-utf8-packet-data.md @@ -0,0 +1,2 @@ +- No longer panic when packet data is not valid UTF-8 + ([#199](https://github.com/cosmos/ibc-rs/issues/199)) \ No newline at end of file diff --git a/.changelog/v0.21.1/summary.md b/.changelog/v0.21.1/summary.md new file mode 100644 index 000000000..150385bd6 --- /dev/null +++ b/.changelog/v0.21.1/summary.md @@ -0,0 +1 @@ +This release fixes a critical vulnerability. It is strongly advised to upgrade. diff --git a/CHANGELOG.md b/CHANGELOG.md index c7578ecff..45beb30c9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,16 @@ # CHANGELOG +## v0.21.1 + +*October 27, 2022* + +This release fixes a critical vulnerability. It is strongly advised to upgrade. + +### BUG FIXES + +- No longer panic when packet data is not valid UTF-8 + ([#199](https://github.com/cosmos/ibc-rs/issues/199)) + ## v0.21.0 *October 24, 2022* diff --git a/crates/ibc/Cargo.toml b/crates/ibc/Cargo.toml index 8273c9191..48f178746 100644 --- a/crates/ibc/Cargo.toml +++ b/crates/ibc/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "ibc" -version = "0.21.0" +version = "0.21.1" edition = "2021" license = "Apache-2.0" readme = "README.md" diff --git a/crates/ibc/src/core/ics04_channel/error.rs b/crates/ibc/src/core/ics04_channel/error.rs index 18dd3dc90..ea84c331c 100644 --- a/crates/ibc/src/core/ics04_channel/error.rs +++ b/crates/ibc/src/core/ics04_channel/error.rs @@ -83,6 +83,9 @@ define_error! { ZeroPacketData | _ | { "packet data bytes cannot be empty" }, + NonUtf8PacketData + | _ | { "packet data bytes must be valid UTF-8 (this restriction will be lifted in the future)" }, + InvalidTimeoutHeight | _ | { "invalid timeout height for the packet" }, diff --git a/crates/ibc/src/core/ics04_channel/events.rs b/crates/ibc/src/core/ics04_channel/events.rs index 1049b9ab3..69fda95da 100644 --- a/crates/ibc/src/core/ics04_channel/events.rs +++ b/crates/ibc/src/core/ics04_channel/events.rs @@ -142,8 +142,11 @@ impl TryFrom for Vec { .unwrap(), }; attributes.push(timeout_timestamp); - let val = - String::from_utf8(p.data).expect("hex-encoded string should always be valid UTF-8"); + + // Note: this attribute forces us to assume that Packet data is valid UTF-8, even + // though the standard doesn't require it. It has been deprecated in ibc-go, + // and we will deprecate it in v0.22.0. It will be removed in the future. + let val = String::from_utf8(p.data).map_err(|_| Error::non_utf8_packet_data())?; let packet_data = Tag { key: PKT_DATA_ATTRIBUTE_KEY.parse().unwrap(), value: val.parse().unwrap(), diff --git a/crates/ibc/src/events.rs b/crates/ibc/src/events.rs index 9a7e4a552..a03e0841b 100644 --- a/crates/ibc/src/events.rs +++ b/crates/ibc/src/events.rs @@ -380,3 +380,25 @@ impl From for Tag { } } } + +#[cfg(test)] +pub mod tests { + use super::*; + use alloc::vec; + + use crate::core::ics04_channel::{ + events::SendPacket, + packet::{test_utils::get_dummy_raw_packet, Packet}, + }; + + #[test] + /// Ensures that we don't panic when packet data is not valid UTF-8. + /// See issue [#199](https://github.com/cosmos/ibc-rs/issues/199) + pub fn test_packet_data_non_utf8() { + let mut packet = Packet::try_from(get_dummy_raw_packet(1, 1)).unwrap(); + packet.data = vec![128]; + + let ibc_event = IbcEvent::SendPacket(SendPacket { packet }); + let _ = AbciEvent::try_from(ibc_event); + } +} diff --git a/crates/ibc/src/lib.rs b/crates/ibc/src/lib.rs index d750a3365..10e0cde6b 100644 --- a/crates/ibc/src/lib.rs +++ b/crates/ibc/src/lib.rs @@ -16,7 +16,7 @@ rust_2018_idioms )] #![forbid(unsafe_code)] -#![doc(html_root_url = "https://docs.rs/ibc/0.21.0")] +#![doc(html_root_url = "https://docs.rs/ibc/0.21.1")] //! This library implements the InterBlockchain Communication (IBC) protocol in Rust. IBC is //! a distributed protocol that enables communication between distinct sovereign blockchains.