Gno: An interpreted, stack-based Go virtual machine to build succinct and composable apps + gno.land: a blockchain for timeless code and fair open-source.
and notice that we create a listener bound to an address and immediately accept a single connection then discard the listener.
Please figure out how to singly create the listener once and then retain it and listen to connections on it each time. If this library is to be put to production and debuggers left on, with the very large surface that it has, it is imperative to avoid such problems that could then cause security issues, especially without automated static analysis and security tools.
While auditing and studying some code I noticed this code https://github.com/gnolang/gno/blob/2838ad1a3c3b9795990257cd46f08fc04b2fb3a3/gnovm/pkg/gnolang/debugger.go#L227-L240
and notice that we create a listener bound to an address and immediately accept a single connection then discard the listener.
Please figure out how to singly create the listener once and then retain it and listen to connections on it each time. If this library is to be put to production and debuggers left on, with the very large surface that it has, it is imperative to avoid such problems that could then cause security issues, especially without automated static analysis and security tools.
Kindly cc-ing @jaekwon