Skip to content

fix: clamp gobject list-prepared count#7382

Merged
PastaPastaPasta merged 1 commit into
dashpay:developfrom
thepastaclaw:fix/gobject-list-prepared-count
Jun 29, 2026
Merged

fix: clamp gobject list-prepared count#7382
PastaPastaPasta merged 1 commit into
dashpay:developfrom
thepastaclaw:fix/gobject-list-prepared-count

Conversation

@thepastaclaw

Copy link
Copy Markdown

Issue being fixed or feature implemented

The wallet gobject list-prepared RPC accepted a count parameter but computed
the iterator start with mixed signed and unsigned arithmetic. Oversized counts
could wrap before iterator arithmetic and produce an invalid iterator.

What was done?

Clamp the requested count to the number of prepared governance objects before
computing the start iterator, then iterate from end() - clamped_count.

Added functional test coverage for oversized and very large count values.

How Has This Been Tested?

Ran:

git diff --check upstream/develop...HEAD
code-review dashpay/dash upstream/develop 380cb1304adffb28bc3689df38921727d86b610d "Clamp gobject list-prepared count before computing vector iterators to avoid out-of-range iterator arithmetic"

The pre-PR review gate returned ship.

I did not run the functional test locally because this worktree is not configured
or built with dashd.

Breaking Changes

None.

Checklist:

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have added or updated relevant unit/integration/functional/e2e tests
  • I have made corresponding changes to the documentation
  • I have assigned this pull request to a milestone (for repository code-owners and collaborators only)

The previous arithmetic computed `vecObjects.begin() + std::max<int>(0,
vecObjects.size() - nCount)`, mixing size_t with int64_t. When nCount
exceeded vecObjects.size(), the unsigned subtraction wrapped to a huge
value before being converted to int, producing an invalid iterator
offset. Clamp nCount to the vector size with a typed std::min and use
`end() - clamped` instead so count=0 returns nothing, very large or
out-of-range counts return all entries, and negative counts still raise
the existing RPC error.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@thepastaclaw

Copy link
Copy Markdown
Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jun 27, 2026

Copy link
Copy Markdown
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@github-actions

Copy link
Copy Markdown

✅ No Merge Conflicts Detected

This PR currently has no conflicts with other open PRs.

@coderabbitai

coderabbitai Bot commented Jun 27, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: dbaf5f97-0d2c-43f6-b3ba-bbfa0c692194

📥 Commits

Reviewing files that changed from the base of the PR and between ebfdb8b and 380cb13.

📒 Files selected for processing (2)
  • src/rpc/governance.cpp
  • test/functional/feature_governance_objects.py

Walkthrough

In gobject_list_prepared, the pagination logic is updated to clamp nCount to the number of available prepared governance objects (nClampedCount = min(nCount, vecObjects.size())), then iterate from vecObjects.end() - nClampedCount. A functional test adds assertions that passing a count larger than the available objects—and a value near INT64_MAX—both return all prepared objects without overflow.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Suggested reviewers

  • PastaPastaPasta
  • UdjinM6
🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title is concise and accurately summarizes the main change to clamp the gobject list-prepared count.
Description check ✅ Passed The description matches the patch and explains the bug fix, test coverage, and lack of breaking changes.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@thepastaclaw

thepastaclaw commented Jun 27, 2026

Copy link
Copy Markdown
Author

✅ Review complete (commit 380cb13)

@thepastaclaw thepastaclaw left a comment

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

Small, focused fix for an unsigned arithmetic wraparound in gobject list-prepared. The clamp via std::min<int64_t>(nCount, vecObjects.size()) followed by end() - clamped is correct given the prior nCount < 0 guard, and the functional test now covers oversized and INT64_MAX counts. All four agent reports converge on no findings; verified against the head source.

Note: GitHub does not allow me to submit APPROVE on my own PR, so this is posted as a COMMENT while preserving the verified non-blocking state.

@PastaPastaPasta PastaPastaPasta left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK 380cb13

@PastaPastaPasta PastaPastaPasta marked this pull request as ready for review June 27, 2026 15:21
@PastaPastaPasta PastaPastaPasta merged commit cdcf00a into dashpay:develop Jun 29, 2026
45 checks passed
@UdjinM6 UdjinM6 added this to the 24 milestone Jun 30, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants