search

celo-org / celo-bls-snark-rs

Implements SNARK-friendly BLS signatures
https://celo.org
Apache License 2.0
83 stars 24 forks source link

Remove a couple panics #206

Closed huitseeker closed 3 years ago

huitseeker commented 3 years ago

Description

A few panics can seamlessly be folded in the Error case of their enclosing Result

kobigurk commented 3 years ago

Thanks @huitseeker, looks great! Any chance you can try updating tracing to handle the vulnerability notice?

huitseeker commented 3 years ago

@kobigurk that would require updating you forks, not this PR:

Crate:         smallvec                                                                                                                                                                                                                                                                               
Version:       1.4.2                                                                                                                                                                                                                                                                                  
Title:         Buffer overflow in SmallVec::insert_many                                                                                                                                                                                                                                               
Date:          2021-01-08                                                                                                                                                                                                                                                                             
ID:            RUSTSEC-2021-0003                                                                                                                                                                                                                                                                      
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0003                                                                                                                                                                                                                                       
Solution:      Upgrade to >=0.6.14, <1.0.0 OR >=1.6.1                                                                                                                                                                                                                                                 
Dependency tree:                                                                                                                                                                                                                                                                                      
smallvec 1.4.2                                                                                                                                                                                                                                                                                        
??? tracing-subscriber 0.2.15                                                                                                                                                                                                                                                                         
?   ??? r1cs-core 0.1.1-alpha.0                                                                                                                                                                                                                                                                       
?   ?   ??? r1cs-std 0.1.1-alpha.0                                                                                                                                                                                                                                                                    
?   ?   ?   ??? epoch-snark 0.2.0                                                                                                                                                                                                                                                                     
?   ?   ?   ?   ??? bls-snark-sys 0.2.0                                                                                                                                                                                                                                                               
?   ?   ?   ??? crypto-primitives 0.1.1-alpha.0                                                                                                                                                                                                                                                       
?   ?   ?   ?   ??? epoch-snark 0.2.0                                                                                                                                                                                                                                                                 
?   ?   ?   ?   ??? bls-gadgets 0.2.0                                                                                                                                                                                                                                                                 
?   ?   ?   ?   ?   ??? epoch-snark 0.2.0                                                                                                                                                                                                                                                             
?   ?   ?   ?   ??? bls-crypto 0.2.0                                                                                                                                                                                                                                                                  
?   ?   ?   ?       ??? epoch-snark 0.2.0                                                                                                                                                                                                                                                             
?   ?   ?   ?       ??? bls-snark-sys 0.2.0                                                                                                                                                                                                                                                           
?   ?   ?   ?       ??? bls-gadgets 0.2.0                                                                                                                                                                                                                                                             
?   ?   ?   ??? bls-snark-sys 0.2.0                                                                                                                                                                                                                                                                   
?   ?   ?   ??? bls-gadgets 0.2.0                                                                                                                                                                                                                                                                     
?   ?   ??? groth16 0.1.1-alpha.0                                                                                                                                                                                                                                                                     
?   ?   ?   ??? epoch-snark 0.2.0                                                                                                                                                                                                                                                                     
?   ?   ?   ??? crypto-primitives 0.1.1-alpha.0                                                                                                                                                                                                                                                       
?   ?   ?   ??? bls-snark-sys 0.2.0                                                                                                                                                                                                                                                                   
?   ?   ?   ??? bls-gadgets 0.2.0                                                                                                                                                                                                                                                                     
?   ?   ??? gm17 0.1.1-alpha.0                                                                                                                                                                                                                                                                        
?   ?   ?   ??? crypto-primitives 0.1.1-alpha.0                                                                                                                                                                                                                                                       
?   ?   ??? epoch-snark 0.2.0                                                                                                                                                                                                                                                                         
?   ?   ??? crypto-primitives 0.1.1-alpha.0                                                                                                                                                                                                                                                           
?   ?   ??? bls-snark-sys 0.2.0                                                                                                                                                                                                                                                                       
?   ?   ??? bls-gadgets 0.2.0
?   ??? epoch-snark 0.2.0
?   ??? bls-gadgets 0.2.0
??? peekmore 0.5.6
    ??? algebra-core 0.1.1-alpha.0
        ??? r1cs-core 0.1.1-alpha.0
        ??? groth16 0.1.1-alpha.0
        ??? gm17 0.1.1-alpha.0
        ??? ff-fft 0.1.1-alpha.0
        ?   ??? groth16 0.1.1-alpha.0
        ?   ??? gm17 0.1.1-alpha.0
        ?   ??? crypto-primitives 0.1.1-alpha.0
        ??? epoch-snark 0.2.0
        ??? crypto-primitives 0.1.1-alpha.0
        ??? bls-gadgets 0.2.0
        ??? algebra 0.1.1-alpha.0
            ??? r1cs-std 0.1.1-alpha.0
            ??? epoch-snark 0.2.0
            ??? bls-snark-sys 0.2.0
            ??? bls-gadgets 0.2.0
            ??? bls-crypto 0.2.0
kobigurk commented 3 years ago

@huitseeker catching up on this - you can update smallvec by running cargo update -p smallvec, which worked for me locally

kobigurk commented 3 years ago

Thanks @huitseeker! cc @mstraka100 to rebase on this for the arkworks migration.