Assertion in `ClarityDatabase::create_non_fungible_token` can fail - Githubissues

diwakergupta / stacks-blockchain-tob-audit

GNU General Public License v3.0

0 stars 0 forks source link

Assertion in `ClarityDatabase::create_non_fungible_token` can fail #14

Open smoelius opened 4 years ago

smoelius commented 4 years ago

If a contract calls define-non-fungible-token with the same asset-name twice, then this assertion can fail: https://github.com/trailofbits/x-audit-blockstack-core/blob/e2d3d5bae539d242851620e28129af6c4a9de642/src/vm/database/clarity_db.rs#L437 Now, strictly speaking, this line fails first as a result of #12: https://github.com/trailofbits/x-audit-blockstack-core/blob/e2d3d5bae539d242851620e28129af6c4a9de642/src/vm/database/clarity_db.rs#L435 But if you fix insert_metadata in the obvious way to simply return an error, the assertion will fail.

Duplicating the following line in ASSET_NAMES and adding a test to execute that program witnesses the issue: https://github.com/trailofbits/x-audit-blockstack-core/blob/e2d3d5bae539d242851620e28129af6c4a9de642/src/vm/analysis/type_checker/tests/assets.rs#L35 Given the interdependence with #12, I am giving this informational severity.

smoelius commented 4 years ago

It also seems to be possible to trigger #12 by deploying two different contracts with the same name. In that case, the panic occurs here: https://github.com/trailofbits/x-audit-blockstack-core/blob/e2d3d5bae539d242851620e28129af6c4a9de642/src/vm/database/clarity_db.rs#L205