engine_v2: check overflow first, close XFN-20 (#1659)

2026-06-19 21:31:37 +00:00 · 2025-11-03 15:25:57 +08:00 · 2025-11-03 15:25:57 +08:00 · 09b66ea8c4
commit 09b66ea8c4
parent 4acd3b05ee
4 changed files with 23 additions and 19 deletions
--- a/consensus/XDPoS/engines/engine_v2/engine.go
+++ b/consensus/XDPoS/engines/engine_v2/engine.go
@ -228,10 +228,9 @@ func (x *XDPoS_v2) initial(chain consensus.ChainReader, header *types.Header) er
 	}
 	// Initial first v2 snapshot
-	lastGapNum := x.config.V2.SwitchBlock.Uint64() - x.config.Gap
+	lastGapNum := uint64(0)
-	// prevent overflow
+	if x.config.V2.SwitchBlock.Uint64() > x.config.Gap {
-	if x.config.V2.SwitchBlock.Uint64() < x.config.Gap {
+		lastGapNum = x.config.V2.SwitchBlock.Uint64() - x.config.Gap
 		lastGapNum = 0
 	}
 	lastGapHeader := chain.GetHeaderByNumber(lastGapNum)
@ -782,9 +781,10 @@ func (x *XDPoS_v2) verifyQC(blockChainReader consensus.ChainReader, quorumCert *
 		return <-sigErrChan
 	}
 	epochSwitchNumber := epochInfo.EpochSwitchBlockInfo.Number.Uint64()
-	gapNumber := epochSwitchNumber - epochSwitchNumber%x.config.Epoch - x.config.Gap
+	gapNumber := epochSwitchNumber - epochSwitchNumber%x.config.Epoch
-	// prevent overflow
+	if gapNumber > x.config.Gap {
-	if epochSwitchNumber-epochSwitchNumber%x.config.Epoch < x.config.Gap {
+		gapNumber -= x.config.Gap
 	} else {
 		gapNumber = 0
 	}
 	if gapNumber != quorumCert.GapNumber {
--- a/consensus/XDPoS/engines/engine_v2/snapshot.go
+++ b/consensus/XDPoS/engines/engine_v2/snapshot.go
@ -79,9 +79,10 @@ func (x *XDPoS_v2) getSnapshot(chain consensus.ChainReader, number uint64, isGap
 	if isGapNumber {
 		gapBlockNum = number
 	} else {
-		gapBlockNum = number - number%x.config.Epoch - x.config.Gap
+		gapBlockNum = number - number%x.config.Epoch
-		//prevent overflow
+		if gapBlockNum > x.config.Gap {
-		if number-number%x.config.Epoch < x.config.Gap {
+			gapBlockNum -= x.config.Gap
 		} else {
 			gapBlockNum = 0
 		}
 	}
--- a/consensus/XDPoS/engines/engine_v2/timeout.go
+++ b/consensus/XDPoS/engines/engine_v2/timeout.go
@ -255,9 +255,10 @@ func (x *XDPoS_v2) sendTimeout(chain consensus.ChainReader) error {
 	if isEpochSwitch {
 		// Notice this +1 is because we expect a block whos is the child of currentHeader
 		currentNumber := currentBlockHeader.Number.Uint64() + 1
-		gapNumber = currentNumber - currentNumber%x.config.Epoch - x.config.Gap
+		gapNumber = currentNumber - currentNumber%x.config.Epoch
-		// prevent overflow
+		if gapNumber > x.config.Gap {
-		if currentNumber-currentNumber%x.config.Epoch < x.config.Gap {
+			gapNumber -= x.config.Gap
 		} else {
 			gapNumber = 0
 		}
 		log.Debug("[sendTimeout] is epoch switch when sending out timeout message", "currentNumber", currentNumber, "gapNumber", gapNumber)
@ -267,9 +268,10 @@ func (x *XDPoS_v2) sendTimeout(chain consensus.ChainReader) error {
 			log.Error("[sendTimeout] Error when trying to get current epoch switch info for a non-epoch block", "currentRound", x.currentRound, "currentBlockNum", currentBlockHeader.Number, "currentBlockHash", currentBlockHeader.Hash(), "epochNum", epochNum)
 			return err
 		}
-		gapNumber = epochSwitchInfo.EpochSwitchBlockInfo.Number.Uint64() - epochSwitchInfo.EpochSwitchBlockInfo.Number.Uint64()%x.config.Epoch - x.config.Gap
+		gapNumber = epochSwitchInfo.EpochSwitchBlockInfo.Number.Uint64() - epochSwitchInfo.EpochSwitchBlockInfo.Number.Uint64()%x.config.Epoch
-		// prevent overflow
+		if gapNumber > x.config.Gap {
-		if epochSwitchInfo.EpochSwitchBlockInfo.Number.Uint64()-epochSwitchInfo.EpochSwitchBlockInfo.Number.Uint64()%x.config.Epoch < x.config.Gap {
+			gapNumber -= x.config.Gap
 		} else {
 			gapNumber = 0
 		}
 		log.Debug("[sendTimeout] non-epoch-switch block found its epoch block and calculated the gapNumber", "epochSwitchInfo.EpochSwitchBlockInfo.Number", epochSwitchInfo.EpochSwitchBlockInfo.Number.Uint64(), "gapNumber", gapNumber)
--- a/consensus/XDPoS/engines/engine_v2/vote.go
+++ b/consensus/XDPoS/engines/engine_v2/vote.go
@ -63,9 +63,10 @@ func (x *XDPoS_v2) sendVote(chainReader consensus.ChainReader, blockInfo *types.
 		return err
 	}
 	epochSwitchNumber := epochSwitchInfo.EpochSwitchBlockInfo.Number.Uint64()
-	gapNumber := epochSwitchNumber - epochSwitchNumber%x.config.Epoch - x.config.Gap
+	gapNumber := epochSwitchNumber - epochSwitchNumber%x.config.Epoch
-	// prevent overflow
+	if gapNumber > x.config.Gap {
-	if epochSwitchNumber-epochSwitchNumber%x.config.Epoch < x.config.Gap {
+		gapNumber -= x.config.Gap
 	} else {
 		gapNumber = 0
 	}
 	signedHash, err := x.signSignature(types.VoteSigHash(&types.VoteForSign{