Skip to content

Sanity assert GetAncestor() != nullptr where appropriate #11342

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Sanity assert GetAncestor() != nullptr where appropriate #11342

wants to merge 1 commit into from

Conversation

danra
Copy link
Contributor

@danra danra commented Sep 15, 2017
edited by DrahtBot
Loading

Add sanity asserts for return value of CBlockIndex::GetAncestor() where appropriate.

In validation.cpp CheckSequenceLocks, check the return value of tip->GetAncestor(maxInputHeight) stored into lp->maxInputBlock. If it ever returns nullptr because the ancestor isn't found, it's going to be a bad bug to keep going, since a LockPoints object with the maxInputBlock member set to nullptr signifies no relative lock time.

In the other places, the added asserts would prevent accidental dereferencing of a null pointer which is UB.

@promag
Copy link
Contributor

promag commented Sep 20, 2017

There are other places where the result of GetAncestor is not asserted or tested. IMO this PR could also handle those.

promag
promag reviewed Sep 20, 2017
View reviewed changes
src/validation.cpp
@@ -316,6 +316,7 @@ bool CheckSequenceLocks(const CTransaction &tx, int flags, LockPoints* lp, bool
}
}
lp->maxInputBlock = tip->GetAncestor(maxInputHeight);
assert(lp->maxInputBlock != nullptr);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just assert(lp->maxInputBlock);?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@promag While legal, I believe for security-critical code implicit conversions such as these should be discouraged. See also http://releases.llvm.org/3.8.0/tools/clang/tools/extra/docs/clang-tidy/checks/readability-implicit-bool-cast.html

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see why implicit conversions should be discouraged for floating point numbers and integers or bools, but I don't see any danger or downsides of assert(some_pointer);

@danra danra changed the title Add sanity assert in CheckSequenceLocks Sanity assert GetAncestor() != nullptr where appropriate Sep 21, 2017
@danra
Sanity assert GetAncestor() != nullptr where appropriate
33ce435 
Add sanity asserts for return value of `CBlockIndex::GetAncestor()` where appropriate.

In validation.cpp `CheckSequenceLocks`, check the return value of `tip->GetAncestor(maxInputHeight)` stored into `lp->maxInputBlock`. If it ever returns `nullptr` because the ancestor isn't found, it's going to be a bad bug to keep going, since a `LockPoints` object with the `maxInputBlock` member set to `nullptr` signifies no relative lock time.

In the other places, the added asserts would prevent accidental dereferencing of a null pointer which is UB.
@danra
Copy link
Contributor Author

danra commented Sep 21, 2017

@promag Done, GetAncestor()'s return value is now verified in all places where I found it is needed.

@laanwj
Copy link
Member

laanwj commented Sep 28, 2017
edited
Loading

Any specific reason for using assert(x != nullptr) instead of just assert(x)? (this works as-is for smart pointers)

@danra
Copy link
Contributor Author

danra commented Sep 28, 2017

@laanwj Yes, see my reply to the similar question by @promag above.

@DrahtBot
Copy link
Contributor

The last travis run for this pull request was 302 days ago and is thus outdated. To trigger a fresh travis build, this pull request should be closed and re-opened.

@DrahtBot DrahtBot closed this Jul 20, 2018
@DrahtBot DrahtBot reopened this Jul 20, 2018
@DrahtBot DrahtBot mentioned this pull request Aug 9, 2018
Merged
@DrahtBot
Copy link
Contributor

Needs rebase

@laanwj
Copy link
Member

laanwj commented Aug 31, 2018

Closing because of inactivity, see that @MarcoFalke already added up for grabs

@laanwj laanwj closed this Aug 31, 2018
@adamjonas adamjonas mentioned this pull request Oct 23, 2019
Closed
@bitcoin bitcoin locked as resolved and limited conversation to collaborators Dec 16, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
2 more reviewers

@promag promag promag left review comments

@maflcko maflcko maflcko left review comments

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
Validation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@danra @promag @laanwj @DrahtBot @maflcko @fanquake