Closed odeke-em closed 9 months ago
Attention: 13 lines
in your changes are missing coverage. Please review.
Comparison is base (
c7c7288
) 65.61% compared to head (1f01815
) 38.66%.:exclamation: Current head 1f01815 differs from pull request most recent head ab5ea00. Consider uploading reports for the commit ab5ea00 to get more accurate results
Files | Patch % | Lines |
---|---|---|
go/proof.go | 76.66% | 6 Missing and 1 partial :warning: |
go/ops.go | 66.66% | 4 Missing and 2 partials :warning: |
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Kindly cc-ing @crodriguezvega
Kindly cc-ing @crodriguezvega
Thank you for opening the issues and this PR, @odeke-em. I will review this week.
/cc @elias-orijtech @julienrbrt
Besides, if that case was reachable, then why not add a similar check to all other functions with a pointer receiver?
I mean the fuzzer flagged it but sure I did undo it. Kindly help me take another look @crodriguezvega and then merge if possible. Thank you!
Just cc-ing the cosmos-sdk team to remind us to pull in the updated release once this code is merged in /cc @tac0turtle @julienrbrt @elias-orijtech
@odeke-em sdk team doesnt maintain this repo. Carlos and the ibc team are best to do merges and approvals here
Oh okay, gotcha and thank you @tac0turtle!
This change fixes a bunch of issues identified by Orijtech Inc's audit of ics23 which is a critical cosmos-sdk dependency and as per reports about the Dragonberry & Elderberry vulnerability reports, this package was put back on our radar to further audit and voila that uncovered some issues, some of which have beenfixed in this change. While here also added more fuzzers. To ensure that the fuzzers can run alright, added -short to any invocations of "go test".
Fixes #241 Fixes #242 Fixes #243