From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from [87.239.111.99] (localhost [127.0.0.1]) by dev.tarantool.org (Postfix) with ESMTP id 26B0A6EC40; Thu, 8 Jul 2021 00:25:48 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 26B0A6EC40 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tarantool.org; s=dev; t=1625693148; bh=YePMehx9jiYZAAih5HbIhpPy8cLxWNPSWvzgixc3W5o=; h=To:Cc:References:Date:In-Reply-To:Subject:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: From:Reply-To:From; b=Lg8lTs7h+kO2tfTmT1ZzACeqi70tF6ZTDABTQ7rdW2lbXATtBLOuqWN5ahHS0rwdl qmrCqDYka1P6nqUjuRUPkTeRJCnHChtFiRd3Bfsnosifk7J2dzX2VS6QmVI52D67Dj WlwZdBHskjmOBAdHyWSphF2sgEnvpYK31rSVwJtE= Received: from smtpng2.i.mail.ru (smtpng2.i.mail.ru [94.100.179.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id C303B6EC40 for ; Thu, 8 Jul 2021 00:25:46 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org C303B6EC40 Received: by smtpng2.m.smailru.net with esmtpa (envelope-from ) id 1m1F3C-0007Mu-4O; Thu, 08 Jul 2021 00:25:46 +0300 To: Cyrill Gorcunov Cc: tml References: <20210625100707.87807-1-gorcunov@gmail.com> <9652278e-570e-40e5-b2d1-856fe58179fc@tarantool.org> <4b0f4d8f-4e0c-00d0-38ad-0b6abad3aafe@tarantool.org> Message-ID: Date: Wed, 7 Jul 2021 23:25:45 +0200 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-7564579A: 646B95376F6C166E X-77F55803: 4F1203BC0FB41BD954DFF1DC42D673FBE6C6848F3EB6EB89AE0756428E32ECE9182A05F538085040876A5EABF9B3AD016D98806A3CBD229050CFBE07957BAF629116E05F1A3A21FB X-7FA49CB5: FF5795518A3D127A4AD6D5ED66289B5278DA827A17800CE74ABD1465354149F7EA1F7E6F0F101C67BD4B6F7A4D31EC0BCC500DACC3FED6E28638F802B75D45FF8AA50765F79006379FED03E15F715FAA8638F802B75D45FF36EB9D2243A4F8B5A6FCA7DBDB1FC311F39EFFDF887939037866D6147AF826D8FA7770F3209DB4377A6BED0C8B824F56117882F4460429724CE54428C33FAD305F5C1EE8F4F765FC60CDF180582EB8FBA471835C12D1D9774AD6D5ED66289B52BA9C0B312567BB23117882F44604297287769387670735201E561CDFBCA1751FC26CFBAC0749D213D2E47CDBA5A96583BA9C0B312567BB231DD303D21008E29813377AFFFEAFD269A417C69337E82CC2E827F84554CEF50127C277FBC8AE2E8BA83251EDC214901ED5E8D9A59859A8B6A1DCCEB63E2F10FB089D37D7C0E48F6C5571747095F342E88FB05168BE4CE3AF X-C1DE0DAB: 0D63561A33F958A5D05E188320FF839593E2702010580DC5B474428F383F5335D59269BC5F550898D99A6476B3ADF6B47008B74DF8BB9EF7333BD3B22AA88B938A852937E12ACA753753CEE10E4ED4A7410CA545F18667F91A7EA1CDA0B5A7A0 X-C8649E89: 4E36BF7865823D7055A7F0CF078B5EC49A30900B95165D346EDE9E12965E8CD55D8E08FC3279C7448874FE78A255C555722AE871BC67C1815DABD60A34B9E2AF1D7E09C32AA3244C588276B5BAF6979E847474C662A0DE9564EE5813BBCA3A9D729B2BEF169E0186 X-D57D3AED: 3ZO7eAau8CL7WIMRKs4sN3D3tLDjz0dLbV79QFUyzQ2Ujvy7cMT6pYYqY16iZVKkSc3dCLJ7zSJH7+u4VD18S7Vl4ZUrpaVfd2+vE6kuoey4m4VkSEu530nj6fImhcD4MUrOEAnl0W826KZ9Q+tr5ycPtXkTV4k65bRjmOUUP8cvGozZ33TWg5HZplvhhXbhDGzqmQDTd6OAevLeAnq3Ra9uf7zvY2zzsIhlcp/Y7m53TZgf2aB4JOg4gkr2biojwWhFrYo6Pn07wm+w+B0h+A== X-Mailru-Sender: 689FA8AB762F7393C37E3C1AEC41BA5DC44998CC0EB5065D8C3D03CF03EAC4073841015FED1DE5223CC9A89AB576DD93FB559BB5D741EB963CF37A108A312F5C27E8A8C3839CE0E267EA787935ED9F1B X-Mras: Ok Subject: Re: [Tarantool-patches] [PATCH] raft: more precise verification of incoming request state X-BeenThere: tarantool-patches@dev.tarantool.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Vladislav Shpilevoy via Tarantool-patches Reply-To: Vladislav Shpilevoy Errors-To: tarantool-patches-bounces@dev.tarantool.org Sender: "Tarantool-patches" Hi! Thanks for the fixes! See 4 comments below. 1. The build does not work: /Users/gerold/Work/Repositories/tarantool/src/box/xrow.c:1076:8: error: variable 'val' is uninitialized when used here [-Werror,-Wuninitialized] if (val > UINT_MAX) ^~~ /Users/gerold/Work/Repositories/tarantool/src/box/xrow.c:1058:15: note: initialize the variable 'val' to silence this warning uint64_t val; ^ = 0 > diff --git a/src/box/xrow.c b/src/box/xrow.c > index 16cb2484c..75f5c94af 100644 > --- a/src/box/xrow.c > +++ b/src/box/xrow.c > @@ -1064,12 +1065,17 @@ xrow_decode_raft(const struct xrow_header *row, struct raft_request *r, > case IPROTO_RAFT_VOTE: > if (mp_typeof(*pos) != MP_UINT) > goto bad_msgpack; > - r->vote = mp_decode_uint(&pos); > + val = mp_decode_uint(&pos); > + if (val > UINT_MAX) > + goto bad_vote; > + r->vote = val; > break; > case IPROTO_RAFT_STATE: > if (mp_typeof(*pos) != MP_UINT) > goto bad_msgpack; > - r->state = mp_decode_uint(&pos); 2. You deleted the state decode. I assume not a single replication test passes now, correct? > + if (val > UINT_MAX) 3. State and vote have uint32_t type. Please, use UINT32_MAX. > + goto bad_state; > + r->state = val; > break; > case IPROTO_RAFT_VCLOCK: > r->vclock = vclock; > diff --git a/src/lib/raft/raft.c b/src/lib/raft/raft.c > index eacdddb7e..769b1a6ef 100644 > --- a/src/lib/raft/raft.c > +++ b/src/lib/raft/raft.c > @@ -309,7 +309,8 @@ raft_process_msg(struct raft *raft, const struct raft_msg *req, uint32_t source) > say_info("RAFT: message %s from %u", raft_msg_to_string(req), source); > assert(source > 0); > assert(source != raft->self); > - if (req->term == 0 || req->state == 0 || req->state >= raft_state_MAX) { > + > + if (req->term == 0 || req->state <= 0 || req->state >= raft_state_MAX) { 4. Still, you assume you can safely assign uint32_t value to enum raft_state. I don't think it is a good idea. What if the enum someday will become 1 byte? Lets not rely on its size. What was wrong with turning the enum into uint32/64 like I proposed before?