This repository was archived by the owner on Oct 28, 2021. It is now read-only.
This repository was archived by the owner on Oct 28, 2021. It is now read-only.
BlockHeader fields number & timestamp overflow while converting to RLPย #5903
Description
BugLevel: Tiny
Result: No impact in the near future
Summary: int64_t to unsigned casting while converting to RLP format.
BlockHeader::streamRLP using std::ostream& operator<<(std::ostream& _out, dev::RLP const& _d) to convert block header to RLP. In /libdevcore/RLP.h, it calls RLP::append in function operator <<. And RLP::append has unsigned, u160, u256 and bigint overloading. However, BlockHeader::m_timestamp and BlockHeader::m_number is int64_t which will match RLP::append<unsigned> and maybe cause a casting overflow since unsigned could be 32 bits in some platform.
This overflow could happen after about 150 years ๐.
The testing code could be:
BlockHeader before;
before.setNumber(0x1'0000'0000);
RLPStream ts;
before.streamRLP(ts);
BlockHeader after = BlockHeader(ts.out(), HeaderData);
assert(before == after);Or a RLP test case:
TEST(RLP, Int64Overflow)
{
int64_t data = 0x1'0000'0000;
RLPStream ts;
ts << data;
EXPECT_EQ(RLP(ts.out()).toPositiveInt64(), data);
}Platform: Ubuntu 18.04
Compiler: GCC 7.5.0