[FAB-4463] Fix nil dereference in cauthdsl

Jason Yellick · Jason Yellick · commit 9c1b6ef8b7b4 · 2017-06-08T10:35:50.000-04:00
When a specially malformed config transaction is submitted, it is
possible to trick cauthdsl into attempting to compile a nil signature
policy.  This could result in a crash.

This CR checks for a nil signature policy, and adds a test case for this
condition.  It also slightly enhances the logging in the package.

Change-Id: I78194e13fc94c2715db169121dbff9ea4387f69b
Signed-off-by: Jason Yellick &lt;jyellick@us.ibm.com&gt;
diff --git a/common/cauthdsl/cauthdsl.go b/common/cauthdsl/cauthdsl.go
@@ -29,6 +29,10 @@ var cauthdslLogger = flogging.MustGetLogger("cauthdsl")
 
 // compile recursively builds a go evaluatable function corresponding to the policy specified
 func compile(policy *cb.SignaturePolicy, identities []*mb.MSPPrincipal, deserializer msp.IdentityDeserializer) (func([]*cb.SignedData, []bool) bool, error) {
+	if policy == nil {
+		return nil, fmt.Errorf("Empty policy element")
+	}
+
 	switch t := policy.Type.(type) {
 	case *cb.SignaturePolicy_NOutOf_:
 		policies := make([]func([]*cb.SignedData, []bool) bool, len(t.NOutOf.Rules))
@@ -81,10 +85,11 @@ func compile(policy *cb.SignaturePolicy, identities []*mb.MSPPrincipal, deserial
 					cauthdslLogger.Debugf("Principal matched by identity: (%v) for %v", t, sd.Identity)
 					err = identity.Verify(sd.Data, sd.Signature)
 					if err == nil {
-						cauthdslLogger.Debugf("Principal evaluation succeeds: (%v) (used %v)", t, used)
 						used[i] = true
+						cauthdslLogger.Debugf("Principal evaluation succeeds: (%v) (used %v)", t, used)
 						return true
 					}
+					cauthdslLogger.Debugf("Invalid signature for identity: (%v)", t)
 				} else {
 					cauthdslLogger.Debugf("Identity (%v) does not satisfy principal: %s", sd.Identity, err)
 				}
diff --git a/common/cauthdsl/cauthdsl_test.go b/common/cauthdsl/cauthdsl_test.go
@@ -22,10 +22,11 @@ import (
 	"testing"
 
 	"github.com/hyperledger/fabric/msp"
-
-	"github.com/golang/protobuf/proto"
 	cb "github.com/hyperledger/fabric/protos/common"
 	mb "github.com/hyperledger/fabric/protos/msp"
+
+	"github.com/golang/protobuf/proto"
+	"github.com/stretchr/testify/assert"
 )
 
 var invalidSignature = []byte("badsigned")
@@ -168,3 +169,8 @@ func TestNegatively(t *testing.T) {
 		t.Fatal("Should have errored compiling because the Type field was nil")
 	}
 }
+
+func TestNilSignaturePolicyEnvelope(t *testing.T) {
+	_, err := compile(nil, nil, &mockDeserializer{})
+	assert.Error(t, err, "Fail to compile")
+}
