fd_shred_parse permits merkle shreds with zero nodes

firedancer-io / firedancer

Firedancer is Jump Crypto's Solana validator software.

https://firedancer.io

Other

944 stars 174 forks source link

fd_shred_parse permits merkle shreds with zero nodes #2539

Open ripatel-fd opened 3 months ago

ripatel-fd commented 3 months ago

This shred (type 0x60) passes fd_shred_parse but has a fd_shred_merkle_cnt()==0.

crash-8bdd1c27b700692796bd4730a519c41028b406c1.zip

Contradicts the documentation of fd_shred_merkle_cnt:

/* fd_shred_merkle_cnt: Returns number of nodes in the merkle inclusion
   proof.  Note that this excludes the root.  Returns zero if the given
   shred is not a merkle variant. */

ripatel-fd commented 3 months ago

When fixed, please update fuzz_shred_parse.c.