Open rickyyangz opened 4 years ago
This bug doesn't appear to have any security implications so would be out of scope for the hackerone bug bounty.
I'm looking into if we can potentially do a bug release to fix this while we work on the full protobuf compatibility PRs
This test case passes on the latest release v0.15
but does not pass in master
. master
is work in progress towards more complete protobuf compatibility.
The latest PR (https://github.com/tendermint/go-amino/pull/283) introduced a bug that as the title described. So multidimensional byte slices/arrays will be marshalled to empty bytes.
I wrote a testcase
the result is
BTW, I submitted a report to the hackerone bug bounty program, but the response is not very timely, So I create an issue here.