Merge pull request #75 from aethelred-foundation/codex/final-share

Tighten final share-readiness guards

Author: ramtamilselvan

.github/workflows/developer-tools-ci.yml

@@ -44,9 +44,18 @@ jobs:
       cli: ${{ steps.filter.outputs.cli }}
       vscode_extension: ${{ steps.filter.outputs.vscode_extension }}
       dashboard: ${{ steps.filter.outputs.dashboard }}
+      dashboard_package: ${{ steps.dashboard_package.outputs.exists }}
       local_testnet: ${{ steps.filter.outputs.local_testnet }}
     steps:
       - uses: actions/checkout@v4
+      - name: Detect dashboard package manifest
+        id: dashboard_package
+        run: |
+          if [ -f frontend/dashboard/package.json ]; then
+            echo "exists=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "exists=false" >> "$GITHUB_OUTPUT"
+          fi
       - uses: dorny/paths-filter@v3
         id: filter
         with:
@@ -140,7 +149,7 @@ jobs:
   dashboard-build:
     runs-on: ubuntu-latest
     needs: changes
-    if: ${{ (github.event_name == 'workflow_dispatch' || needs.changes.outputs.dashboard == 'true') && hashFiles('frontend/dashboard/package.json') != '' }}
+    if: ${{ (github.event_name == 'workflow_dispatch' || needs.changes.outputs.dashboard == 'true') && needs.changes.outputs.dashboard_package == 'true' }}
     steps:
       - uses: actions/checkout@v4
 

crates/vault/src/validator_selection.rs

@@ -17,6 +17,10 @@ use crate::types::*;
 /// Maximum score for any individual dimension (basis points).
 const MAX_SCORE: u32 = 10_000;
 
+/// Bound internal allocations even if an external caller supplies an
+/// unexpectedly large target count.
+const MAX_SELECTION_CAPACITY: usize = 10_000;
+
 /// Select validators from candidates using the TEE scoring algorithm.
 ///
 /// # Algorithm
@@ -224,7 +228,11 @@ fn apply_diversity_constraints(
     let candidate_map: HashMap<String, &ValidatorInput> =
         candidates.iter().map(|v| (v.address.clone(), v)).collect();
 
-    let selection_capacity = target_count.min(scored.len()).min(candidates.len());
+    let selection_capacity = scored
+        .len()
+        .min(candidates.len())
+        .min(target_count)
+        .min(MAX_SELECTION_CAPACITY);
     let mut region_count: HashMap<String, usize> = HashMap::new();
     let mut operator_count: HashMap<String, usize> = HashMap::new();
     let mut selected_addrs: HashSet<String> = HashSet::with_capacity(selection_capacity);

third_party/proto/table_marshal.go

@@ -3001,11 +3001,22 @@ func (p *Buffer) Marshal(pb Message) error {
 // grow grows the buffer's capacity, if necessary, to guarantee space for
 // another n bytes. After grow(n), at least n bytes can be written to the
 // buffer without another allocation.
+func checkedBufferGrowth(current, add int) (int, bool) {
+	if current < 0 || add < 0 {
+		return 0, false
+	}
+	need64 := uint64(current) + uint64(add)
+	if need64 > uint64(math.MaxInt) {
+		return 0, false
+	}
+	return int(need64), true
+}
+
 func (p *Buffer) grow(n int) {
-	if n < 0 || len(p.buf) > math.MaxInt-n {
+	need, ok := checkedBufferGrowth(len(p.buf), n)
+	if !ok {
 		panic(ErrTooLarge)
 	}
-	need := len(p.buf) + n
 	if need <= cap(p.buf) {
 		return
 	}

tools/cli/src/commands/config_cmd.rs

@@ -51,15 +51,23 @@ fn set_value(config: &Config, key: &str, value: &str) -> Result<()> {
         .set(key, value)
         .with_context(|| format!("failed to set '{key}'"))?;
     updated.save(None).context("failed to save config")?;
-    println!("Set {key} = {}", display_value(key, value));
+    if is_sensitive_key(key) {
+        println!("Set {key} = [REDACTED]");
+    } else {
+        println!("Set {key} = {value}");
+    }
     Ok(())
 }
 
 fn get_value(config: &Config, key: &str) -> Result<()> {
     let value = config
         .get(key)
         .ok_or_else(|| anyhow!("key '{key}' not found"))?;
-    println!("{}", display_value(key, &value));
+    if is_sensitive_key(key) {
+        println!("[REDACTED]");
+    } else {
+        println!("{value}");
+    }
     Ok(())
 }