Problem: handle for integer overflow is messy

CHANGELOG.md

@@ -84,6 +84,7 @@ Ref: https://keepachangelog.com/en/1.0.0/
 * (ante) [#497](https://github.com/crypto-org-chain/ethermint/pull/497) Enforce positive value check in eth transaction.
 * (deps) [#505](https://github.com/crypto-org-chain/ethermint/pull/505) Update cometbft to v0.38.10.
 * (ante) [#504](https://github.com/crypto-org-chain/ethermint/pull/504) Optimize AnteHandle method to skip checks if disabledMsgs is empty.
+* [#517](https://github.com/crypto-org-chain/ethermint/pull/517) Add check for integer overflow to ensure safe conversion.
 
 ## v0.21.x-cronos
 

app/ante/fee_checker.go

@@ -118,7 +118,10 @@
 	}
 
 	feeCoins := feeTx.GetFee()
-	gas := feeTx.GetGas()
+	gas, err := ethermint.SafeInt64(feeTx.GetGas())
+	if err != nil {
+		return nil, 0, err
+	}
 	minGasPrices := ctx.MinGasPrices()
 
 	// Ensure that the provided fees meet a minimum threshold for the validator,
@@ -129,7 +132,7 @@
 
 		// Determine the required fees by multiplying each required minimum gas
 		// price by the gas limit, where fee = ceil(minGasPrice * gasLimit).
-		glDec := sdkmath.LegacyNewDec(int64(gas))
+		glDec := sdkmath.LegacyNewDec(gas)
 
 		for i, gp := range minGasPrices {
 			fee := gp.Amount.Mul(glDec)
@@ -141,7 +144,7 @@
 		}
 	}
 
-	priority := getTxPriority(feeCoins, int64(gas))
+	priority := getTxPriority(feeCoins, gas)
 	return feeCoins, priority, nil
 }
 

ethereum/eip712/domain.go

@@ -21,11 +21,11 @@ import (
 )
 
 // createEIP712Domain creates the typed data domain for the given chainID.
-func createEIP712Domain(chainID uint64) apitypes.TypedDataDomain {
+func createEIP712Domain(chainID int64) apitypes.TypedDataDomain {
 	domain := apitypes.TypedDataDomain{
 		Name:              "Cosmos Web3",
 		Version:           "1.0.0",
-		ChainId:           math.NewHexOrDecimal256(int64(chainID)), // #nosec G701
+		ChainId:           math.NewHexOrDecimal256(chainID),
 		VerifyingContract: "cosmos",
 		Salt:              "0",
 	}

ethereum/eip712/eip712.go

@@ -17,6 +17,7 @@
 
 import (
 	"github.com/ethereum/go-ethereum/signer/core/apitypes"
+	ethermint "github.com/evmos/ethermint/types"
 )
 
 // WrapTxToTypedData wraps an Amino-encoded Cosmos Tx JSON SignDoc
@@ -36,7 +37,11 @@
 		return apitypes.TypedData{}, err
 	}
 
-	domain := createEIP712Domain(chainID)
+	value, err := ethermint.SafeInt64(chainID)
+	if err != nil {
+		return apitypes.TypedData{}, err
+	}
+	domain := createEIP712Domain(value)
 
 	typedData := apitypes.TypedData{
 		Types:       types,

ethereum/eip712/eip712_legacy.go

@@ -29,6 +29,7 @@
 	"github.com/cosmos/cosmos-sdk/crypto/keys/ed25519"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 	errortypes "github.com/cosmos/cosmos-sdk/types/errors"
+	ethermint "github.com/evmos/ethermint/types"
 
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/common/math"
@@ -52,6 +53,10 @@
 	data []byte,
 	feeDelegation *FeeDelegationOptions,
 ) (apitypes.TypedData, error) {
+	value, err := ethermint.SafeInt64(chainID)
+	if err != nil {
+		return apitypes.TypedData{}, err
+	}
 	txData := make(map[string]interface{})
 
 	if err := json.Unmarshal(data, &txData); err != nil {
@@ -61,7 +66,7 @@
 	domain := apitypes.TypedDataDomain{
 		Name:              "Cosmos Web3",
 		Version:           "1.0.0",
-		ChainId:           math.NewHexOrDecimal256(int64(chainID)),
+		ChainId:           math.NewHexOrDecimal256(value),
 		VerifyingContract: "cosmos",
 		Salt:              "0",
 	}

indexer/kv_indexer.go

@@ -70,6 +70,10 @@
 	// record index of valid eth tx during the iteration
 	var ethTxIndex int32
 	for txIndex, tx := range block.Txs {
+		txIdx, err := ethermint.SafeUint32(txIndex)
+		if err != nil {
+			return err
+		}
 		result := txResults[txIndex]
 		if !rpctypes.TxSuccessOrExceedsBlockGasLimit(result) {
 			continue
@@ -93,13 +97,17 @@
 
 		var cumulativeGasUsed uint64
 		for msgIndex, msg := range tx.GetMsgs() {
+			msgIdx, err := ethermint.SafeUint32(msgIndex)
+			if err != nil {
+				return err
+			}
 			ethMsg := msg.(*evmtypes.MsgEthereumTx)
 			var txHash common.Hash
 
 			txResult := ethermint.TxResult{
 				Height:     height,
-				TxIndex:    uint32(txIndex),
-				MsgIndex:   uint32(msgIndex),
+				TxIndex:    txIdx,
+				MsgIndex:   msgIdx,
 				EthTxIndex: ethTxIndex,
 			}
 			if result.Code != abci.CodeTypeOK {
@@ -243,5 +251,5 @@
 		return 0, fmt.Errorf("wrong tx index key length, expect: %d, got: %d", TxIndexKeyLength, len(key))
 	}
 
-	return int64(sdk.BigEndianToUint64(key[1:9])), nil
+	return ethermint.SafeInt64(sdk.BigEndianToUint64(key[1:9]))
 }

rpc/backend/account_info.go

@@ -16,8 +16,6 @@
 package backend
 
 import (
-	"fmt"
-	"math"
 	"math/big"
 
 	errorsmod "cosmossdk.io/errors"
@@ -29,6 +27,7 @@
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/common/hexutil"
 	rpctypes "github.com/evmos/ethermint/rpc/types"
+	ethermint "github.com/evmos/ethermint/types"
 	evmtypes "github.com/evmos/ethermint/x/evm/types"
 	"github.com/pkg/errors"
 )
@@ -74,11 +73,10 @@
 			return nil, err
 		}
 
-		if bn > math.MaxInt64 {
-			return nil, fmt.Errorf("not able to query block number greater than MaxInt64")
+		height, err = ethermint.SafeHexToInt64(bn)
+		if err != nil {
+			return nil, err
 		}
-
-		height = int64(bn)
 	}
 
 	clientCtx := b.clientCtx.WithHeight(height)
@@ -195,8 +193,11 @@
 	if err != nil {
 		return &n, err
 	}
+	currentHeight, err := ethermint.SafeHexToInt64(bn)
+	if err != nil {
+		return nil, err
+	}
 	height := blockNum.Int64()
-	currentHeight := int64(bn)
 	if height > currentHeight {
 		return &n, errorsmod.Wrapf(
 			sdkerrors.ErrInvalidHeight,

rpc/backend/blocks.go

@@ -30,6 +30,7 @@
 	ethtypes "github.com/ethereum/go-ethereum/core/types"
 	"github.com/ethereum/go-ethereum/trie"
 	rpctypes "github.com/evmos/ethermint/rpc/types"
+	ethermint "github.com/evmos/ethermint/types"
 	evmtypes "github.com/evmos/ethermint/x/evm/types"
 	"github.com/pkg/errors"
 	"google.golang.org/grpc"
@@ -179,7 +180,10 @@
 		if err != nil {
 			return nil, err
 		}
-		height = int64(n)
+		height, err = ethermint.SafeHexToInt64(n)
+		if err != nil {
+			return nil, err
+		}
 	}
 	resBlock, err := b.clientCtx.Client.Block(b.ctx, &height)
 	if err != nil {

rpc/backend/chain_info.go

@@ -182,18 +182,25 @@
 			return nil, fmt.Errorf("%w: #%d:%f > #%d:%f", errInvalidPercentile, i-1, rewardPercentiles[i-1], i, p)
 		}
 	}
-	blockNumber, err := b.BlockNumber()
+	blkNumber, err := b.BlockNumber()
+	if err != nil {
+		return nil, err
+	}
+	blockNumber, err := ethermint.SafeHexToInt64(blkNumber)
 	if err != nil {
 		return nil, err
 	}
 	blockEnd := int64(lastBlock)
 	if blockEnd < 0 {
-		blockEnd = int64(blockNumber)
-	} else if int64(blockNumber) < blockEnd {
-		return nil, fmt.Errorf("%w: requested %d, head %d", errRequestBeyondHead, blockEnd, int64(blockNumber))
+		blockEnd = blockNumber
+	} else if blockNumber < blockEnd {
+		return nil, fmt.Errorf("%w: requested %d, head %d", errRequestBeyondHead, blockEnd, blockNumber)
 	}
 
-	blocks := int64(userBlockCount)
+	blocks, err := ethermint.SafeInt64(uint64(userBlockCount))
+	if err != nil {
+		return nil, err
+	}
 	maxBlockCount := int64(b.cfg.JSONRPC.FeeHistoryCap)
 	if blocks > maxBlockCount {
 		return nil, fmt.Errorf("FeeHistory user block count %d higher than %d", blocks, maxBlockCount)
@@ -226,6 +233,10 @@
 			if blockID+int64(i) >= blockEnd+1 {
 				break
 			}
+			value := blockID - blockStart + int64(i)
+			if value > math.MaxInt32 || value < math.MinInt32 {
+				return nil, fmt.Errorf("integer overflow: calculated value %d exceeds int32 limits", value)
+			}
 			wg.Add(1)
 			go func(index int32) {
 				defer func() {
@@ -282,7 +293,7 @@
 						}
 					}
 				}
-			}(int32(blockID - blockStart + int64(i)))
+			}(int32(value)) //nolint:gosec // checked
 		}
 		go func() {
 			wg.Wait()

rpc/backend/tracing.go

@@ -24,6 +24,7 @@
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/common/hexutil"
 	rpctypes "github.com/evmos/ethermint/rpc/types"
+	ethermint "github.com/evmos/ethermint/types"
 	evmtypes "github.com/evmos/ethermint/x/evm/types"
 	"github.com/pkg/errors"
 )
@@ -48,9 +49,12 @@
 		b.logger.Debug("block not found", "height", transaction.Height)
 		return nil, err
 	}
-
+	total, err := ethermint.SafeUint32(len(blk.Block.Txs))
+	if err != nil {
+		return nil, err
+	}
 	// check tx index is not out of bound
-	if uint32(len(blk.Block.Txs)) < transaction.TxIndex {
+	if total < transaction.TxIndex {
 		b.logger.Debug("tx index out of bounds", "index", transaction.TxIndex, "hash", hash.String(), "height", blk.Block.Height)
 		return nil, fmt.Errorf("transaction not included in block %v", blk.Block.Height)
 	}

rpc/backend/tx_info.go

@@ -65,8 +65,12 @@
 		// Fallback to find tx index by iterating all valid eth transactions
 		msgs := b.EthMsgsFromTendermintBlock(block, blockRes)
 		for i := range msgs {
+			idx, err := ethermint.SafeIntToInt32(i)
+			if err != nil {
+				return nil, err
+			}
 			if msgs[i].Hash() == txHash {
-				res.EthTxIndex = int32(i)
+				res.EthTxIndex = idx
 				break
 			}
 		}
@@ -209,8 +213,12 @@
 		// Fallback to find tx index by iterating all valid eth transactions
 		msgs := b.EthMsgsFromTendermintBlock(resBlock, blockRes)
 		for i := range msgs {
+			idx, err := ethermint.SafeIntToInt32(i)
+			if err != nil {
+				return nil, err
+			}
 			if msgs[i].Hash() == hash {
-				res.EthTxIndex = int32(i)
+				res.EthTxIndex = idx
 				break
 			}
 		}
@@ -328,9 +336,17 @@
 }
 
 // GetTxByTxIndex uses `/tx_query` to find transaction by tx index of valid ethereum txs
-func (b *Backend) GetTxByTxIndex(height int64, index uint) (*ethermint.TxResult, error) {
+func (b *Backend) GetTxByTxIndex(height int64, i uint) (*ethermint.TxResult, error) {
+	index, err := ethermint.SafeUintToInt32(i)
+	if err != nil {
+		return nil, err
+	}
+	idx, err := ethermint.SafeInt(i)
+	if err != nil {
+		return nil, err
+	}
 	if b.indexer != nil {
-		return b.indexer.GetByBlockAndIndex(height, int32(index))
+		return b.indexer.GetByBlockAndIndex(height, index)
 	}
 
 	// fallback to tendermint tx indexer
@@ -339,7 +355,7 @@
 		evmtypes.AttributeKeyTxIndex, index,
 	)
 	txResult, err := b.queryTendermintTxIndexer(query, func(txs *rpctypes.ParsedTxs) *rpctypes.ParsedTx {
-		return txs.GetTxByTxIndex(int(index))
+		return txs.GetTxByTxIndex(idx)
 	})
 	if err != nil {
 		return nil, errorsmod.Wrapf(err, "GetTxByTxIndex %d %d", height, index)
@@ -398,7 +414,10 @@
 			return nil, nil
 		}
 	} else {
-		i := int(idx)
+		i, err := ethermint.SafeHexToInt(idx)
+		if err != nil {
+			return nil, err
+		}
 		ethMsgs := b.EthMsgsFromTendermintBlock(block, blockRes)
 		if i >= len(ethMsgs) {
 			b.logger.Debug("block txs index out of bound", "index", i)