Category: Coding Mistakes
Potential overflow in fee_checker
Low Severity
Low Impact
Low Likelihood
Description
The ValidateBasic
function currently lacks an upper bound for gas, allowing values that could exceed math.MaxInt64
:
// ValidateBasic does a sanity check of the provided data
func (m *MsgUpdateParams) ValidateBasic() error {
if _, err := sdk.AccAddressFromBech32(m.Authority); err != nil {
return errortypes.Wrap(err, "invalid authority address")
}
return m.Params.Validate()
}
Impact
Extremely large gas values may lead to unexpected behaviors or overflows in later calculations.
Recommendations
Add a check to ensure the gas cannot exceed math.MaxInt64
in the validation logic.
Remediation
This issue has been acknowledged by Sigma Assets GmbH, and a fix was implemented in commit e727fd5e↗.