From be75ef13d3ee1e61707b5675233fd3c0b19ac2a9 Mon Sep 17 00:00:00 2001 From: Cody Littley <56973212+cody-littley@users.noreply.github.com> Date: Tue, 17 Dec 2024 09:28:05 -0600 Subject: [PATCH] Handle nil operator ID in GetChunks() (#1006) Signed-off-by: Cody Littley --- relay/auth/authenticator.go | 4 ++++ relay/auth/authenticator_test.go | 31 +++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/relay/auth/authenticator.go b/relay/auth/authenticator.go index 8a47a4806..628a8db25 100644 --- a/relay/auth/authenticator.go +++ b/relay/auth/authenticator.go @@ -117,6 +117,10 @@ func (a *requestAuthenticator) AuthenticateGetChunksRequest( return nil } + if request.OperatorId == nil || len(request.OperatorId) != 32 { + return errors.New("invalid operator ID") + } + key, err := a.getOperatorKey(ctx, core.OperatorID(request.OperatorId)) if err != nil { return fmt.Errorf("failed to get operator key: %w", err) diff --git a/relay/auth/authenticator_test.go b/relay/auth/authenticator_test.go index 856937698..1b33f7217 100644 --- a/relay/auth/authenticator_test.go +++ b/relay/auth/authenticator_test.go @@ -241,3 +241,34 @@ func TestBadSignature(t *testing.T) { now) require.Error(t, err) } + +func TestMissingOperatorID(t *testing.T) { + tu.InitializeRandom() + + ctx := context.Background() + + operatorID := mock.MakeOperatorId(0) + stakes := map[core.QuorumID]map[core.OperatorID]int{ + core.QuorumID(0): { + operatorID: 1, + }, + } + ics, err := mock.NewChainDataMock(stakes) + require.NoError(t, err) + ics.Mock.On("GetCurrentBlockNumber").Return(uint(0), nil) + + timeout := 10 * time.Second + + authenticator, err := NewRequestAuthenticator(ctx, ics, 1024, timeout) + require.NoError(t, err) + + request := randomGetChunksRequest() + request.OperatorId = nil + + err = authenticator.AuthenticateGetChunksRequest( + ctx, + "foobar", + request, + time.Now()) + require.Error(t, err) +}