feat: change logic of resource name length check

go.mod

@@ -180,7 +180,7 @@ replace (
 	github.com/cometbft/cometbft => github.com/bnb-chain/greenfield-cometbft v1.1.0
 	github.com/cometbft/cometbft-db => github.com/bnb-chain/greenfield-cometbft-db v0.8.1-alpha.1
 	github.com/confio/ics23/go => github.com/cosmos/cosmos-sdk/ics23/go v0.8.0
-	github.com/cosmos/cosmos-sdk => github.com/bnb-chain/greenfield-cosmos-sdk v1.2.2-0.20240102032738-3661d43faf8f
+	github.com/cosmos/cosmos-sdk => github.com/Pythonberg1997/greenfield-cosmos-sdk v0.0.0-20240112053628-9e3d8de9d89e
 	github.com/cosmos/iavl => github.com/bnb-chain/greenfield-iavl v0.20.1
 	github.com/syndtr/goleveldb => github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7
 	github.com/wercker/journalhook => github.com/wercker/journalhook v0.0.0-20230927020745-64542ffa4117

go.sum

@@ -93,6 +93,8 @@ github.com/OneOfOne/xxhash v1.2.2 h1:KMrpdQIwFcEqXDklaen+P1axHaj9BSKzvpUUfnHldSE
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
 github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
+github.com/Pythonberg1997/greenfield-cosmos-sdk v0.0.0-20240112053628-9e3d8de9d89e h1:O3Ox4jTazMw0v5kWbJlq5uJMAR1C/UsnbwkF1SncZ4w=
+github.com/Pythonberg1997/greenfield-cosmos-sdk v0.0.0-20240112053628-9e3d8de9d89e/go.mod h1:Yrvq+J1Lsm7OHFX+M/AZWBTGt1TRHUTC4VYOMlvW3fs=
 github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo=
 github.com/Shopify/sarama v1.26.1/go.mod h1:NbSGBSSndYaIhRcBtY9V0U7AyH+x71bG668AuWys/yU=
 github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
@@ -163,8 +165,6 @@ github.com/bnb-chain/greenfield-cometbft v1.1.0 h1:jqnkDWIZW6f/rUn5/pE26YZMT9xzp
 github.com/bnb-chain/greenfield-cometbft v1.1.0/go.mod h1:NZ2/ZJK2HYe3++0CsPiw4LTG6UrC6pH7fQ3VOz6pqJw=
 github.com/bnb-chain/greenfield-cometbft-db v0.8.1-alpha.1 h1:XcWulGacHVRiSCx90Q8Y//ajOrLNBQWR/KDB89dy3cU=
 github.com/bnb-chain/greenfield-cometbft-db v0.8.1-alpha.1/go.mod h1:ey1CiK4bYo1RBNJLRiVbYr5CMdSxci9S/AZRINLtppI=
-github.com/bnb-chain/greenfield-cosmos-sdk v1.2.2-0.20240102032738-3661d43faf8f h1:cU9Zsbmiy5NKDmaYU8kS8uZR0J1AyQrq5RR1EJgVO+k=
-github.com/bnb-chain/greenfield-cosmos-sdk v1.2.2-0.20240102032738-3661d43faf8f/go.mod h1:Yrvq+J1Lsm7OHFX+M/AZWBTGt1TRHUTC4VYOMlvW3fs=
 github.com/bnb-chain/greenfield-cosmos-sdk/api v0.0.0-20230816082903-b48770f5e210 h1:GHPbV2bC+gmuO6/sG0Tm8oGal3KKSRlyE+zPscDjlA8=
 github.com/bnb-chain/greenfield-cosmos-sdk/api v0.0.0-20230816082903-b48770f5e210/go.mod h1:vhsZxXE9tYJeYB5JR4hPhd6Pc/uPf7j1T8IJ7p9FdeM=
 github.com/bnb-chain/greenfield-cosmos-sdk/math v0.0.0-20230816082903-b48770f5e210 h1:FLVOn4+OVbsKi2+YJX5kmD27/4dRu4FW7xCXFhzDO5s=

types/grn.go

@@ -157,7 +157,7 @@ func (r *GRN) ParseFromString(res string, wildcards bool) error {
 			return gnfderrors.ErrInvalidGRN.Wrapf("Not allowed '/' in bucket resource name")
 		}
 		if !wildcards {
-			err = s3util.CheckValidBucketName(r.name)
+			err = s3util.CheckValidBucketNameByCharacterLength(r.name)
 			if err != nil {
 				return gnfderrors.ErrInvalidGRN.Wrapf("invalid bucketName: %s, err: %s", r.name, err)
 			}
@@ -179,7 +179,7 @@ func (r *GRN) ParseFromString(res string, wildcards bool) error {
 			return gnfderrors.ErrInvalidGRN.Wrapf("invalid group owner account, err : %s", err)
 		}
 		if !wildcards {
-			err = s3util.CheckValidGroupName(name)
+			err = s3util.CheckValidGroupNameByCharacterLength(name)
 			if err != nil {
 				return gnfderrors.ErrInvalidGRN.Wrapf("invalid group name, err : %s", err)
 			}
@@ -200,11 +200,11 @@ func (r *GRN) parseBucketAndObjectName(name string) (string, string, error) {
 	if !found {
 		return "", "", gnfderrors.ErrInvalidGRN.Wrapf("object name not found, grn: %s", name)
 	}
-	err := s3util.CheckValidBucketName(bucketName)
+	err := s3util.CheckValidBucketNameByCharacterLength(bucketName)
 	if err != nil {
 		return "", "", gnfderrors.ErrInvalidGRN.Wrapf("invalid bucketName, err: %s", err)
 	}
-	err = s3util.CheckValidObjectName(objectName)
+	err = s3util.CheckValidObjectNameByCharacterLength(objectName)
 	if err != nil {
 		return "", "", gnfderrors.ErrInvalidGRN.Wrapf("invalid objectName, err: %s", err)
 	}

types/s3util/s3util.go

@@ -42,18 +42,9 @@ func CheckValidBucketName(bucketName string) (err error) {
 	return nil
 }
 
-const (
-	// Bad path components to be rejected by the path validity handler.
-	dotdotComponent = ".."
-	dotComponent    = "."
-
-	// SlashSeparator - slash separator.
-	SlashSeparator = "/"
-)
-
 // CheckValidObjectName checks if we have a valid input object name.
 //
-//	http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html
+// - http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html
 func CheckValidObjectName(objectName string) error {
 	// check the length of objectName
 	if len(objectName) == 0 || strings.TrimSpace(objectName) == "" {
@@ -98,13 +89,95 @@ func CheckValidGroupName(groupName string) error {
 	return nil
 }
 
+// CheckValidBucketNameByCharacterLength - checks if we have a valid input bucket name.
+// This is a stricter version.
+// - http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html
+func CheckValidBucketNameByCharacterLength(bucketName string) (err error) {
+	if len(bucketName) == 0 || strings.TrimSpace(bucketName) == "" {
+		return errors.Wrap(gnfderrors.ErrInvalidBucketName, "Bucket name cannot be empty")
+	}
+	if utf8.RuneCountInString(bucketName) < 3 {
+		return errors.Wrap(gnfderrors.ErrInvalidBucketName, "Bucket name cannot be shorter than 3 characters")
+	}
+	if utf8.RuneCountInString(bucketName) > 63 {
+		return errors.Wrap(gnfderrors.ErrInvalidBucketName, "Bucket name cannot be longer than 63 characters")
+	}
+	if ipAddress.MatchString(bucketName) {
+		return errors.Wrap(gnfderrors.ErrInvalidBucketName, "Bucket name cannot be an ip address")
+	}
+	if strings.Contains(bucketName, "..") || strings.Contains(bucketName, ".-") || strings.Contains(bucketName, "-.") {
+		return errors.Wrap(gnfderrors.ErrInvalidBucketName, "Bucket name contains invalid characters")
+	}
+	if !validBucketName.MatchString(bucketName) {
+		return errors.Wrap(gnfderrors.ErrInvalidBucketName, "Bucket name contains invalid characters")
+	}
+
+	return nil
+}
+
+// CheckValidObjectNameByCharacterLength checks if we have a valid input object name.
+//
+// - http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html
+func CheckValidObjectNameByCharacterLength(objectName string) error {
+	// check the length of objectName
+	if len(objectName) == 0 || strings.TrimSpace(objectName) == "" {
+		return errors.Wrap(gnfderrors.ErrInvalidObjectName, "Object name cannot be empty")
+	}
+	if utf8.RuneCountInString(objectName) > 1024 {
+		return errors.Wrap(gnfderrors.ErrInvalidObjectName, "Object name cannot be longer than 1024 characters")
+	}
+
+	// check bad path component
+	if hasBadPathComponent(objectName) {
+		return errors.Wrap(gnfderrors.ErrInvalidObjectName, "Object name with a bad path component is not supported")
+	}
+	// check UTF-8 strings
+	if !utf8.ValidString(objectName) {
+		return errors.Wrap(gnfderrors.ErrInvalidObjectName, "Object name with non UTF-8 strings is not supported")
+	}
+
+	if strings.Contains(objectName, `//`) {
+		// the error description and the judgement condition are not consistent
+		// `Contains` is not the same as `HasPrefix`
+		return errors.Wrap(gnfderrors.ErrInvalidObjectName, "Object name contains a \"//\" is not supported")
+	}
+
+	return nil
+}
+
+func CheckValidGroupNameByCharacterLength(groupName string) error {
+	if len(groupName) == 0 || strings.TrimSpace(groupName) == "" {
+		return errors.Wrap(gnfderrors.ErrInvalidGroupName, "Group name cannot be empty")
+	}
+	if utf8.RuneCountInString(groupName) < 3 {
+		return errors.Wrap(gnfderrors.ErrInvalidGroupName, "Group name cannot be shorter than 3 characters")
+	}
+	if utf8.RuneCountInString(groupName) > 63 {
+		return errors.Wrap(gnfderrors.ErrInvalidGroupName, "Group name cannot be longer than 63 characters")
+	}
+	if !utf8.ValidString(groupName) {
+		return errors.Wrap(gnfderrors.ErrInvalidGroupName, "Group name with non UTF-8 strings is not supported")
+	}
+
+	return nil
+}
+
+const (
+	// Bad path components to be rejected by the path validity handler.
+	dotDotComponent = ".."
+	dotComponent    = "."
+
+	// SlashSeparator - slash separator.
+	SlashSeparator = "/"
+)
+
 // Check if the incoming path has bad path components,
 // such as ".." and "."
 func hasBadPathComponent(path string) bool {
 	path = strings.TrimSpace(path)
 	for _, p := range strings.Split(path, SlashSeparator) {
 		switch strings.TrimSpace(p) {
-		case dotdotComponent:
+		case dotDotComponent:
 			return true
 		case dotComponent:
 			return true

x/challenge/client/cli/tx_submit.go

@@ -29,12 +29,12 @@ func CmdSubmit() *cobra.Command {
 			}
 
 			argBucketName := strings.TrimSpace(args[1])
-			if err := s3util.CheckValidBucketName(argBucketName); err != nil {
+			if err := s3util.CheckValidBucketNameByCharacterLength(argBucketName); err != nil {
 				return fmt.Errorf("bucket-name %s not a valid bucket name, please input a valid bucket-name", argBucketName)
 			}
 
 			argObjectName := strings.TrimSpace(args[2])
-			if err := s3util.CheckValidObjectName(argObjectName); err != nil {
+			if err := s3util.CheckValidObjectNameByCharacterLength(argObjectName); err != nil {
 				return fmt.Errorf("object-name %s not a valid object name, please input a valid object-name", argObjectName)
 			}
 

x/challenge/types/message_submit.go

@@ -4,6 +4,7 @@ import (
 	"cosmossdk.io/errors"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 	sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
+	upgradetypes "github.com/cosmos/cosmos-sdk/x/upgrade/types"
 
 	"github.com/bnb-chain/greenfield/types/s3util"
 )
@@ -55,12 +56,29 @@ func (msg *MsgSubmit) ValidateBasic() error {
 		return errors.Wrapf(sdkerrors.ErrInvalidAddress, "invalid sp operator address (%s)", err)
 	}
 
-	if err = s3util.CheckValidBucketName(msg.BucketName); err != nil {
+	return nil
+}
+
+func (msg *MsgSubmit) ValidateRuntime(ctx sdk.Context) error {
+	err := msg.ValidateBasic()
+	if err != nil {
 		return err
 	}
 
-	if err = s3util.CheckValidObjectName(msg.ObjectName); err != nil {
-		return err
+	if ctx.IsUpgraded(upgradetypes.Ural) {
+		if err = s3util.CheckValidBucketNameByCharacterLength(msg.BucketName); err != nil {
+			return err
+		}
+		if err = s3util.CheckValidObjectNameByCharacterLength(msg.ObjectName); err != nil {
+			return err
+		}
+	} else {
+		if err = s3util.CheckValidBucketName(msg.BucketName); err != nil {
+			return err
+		}
+		if err = s3util.CheckValidObjectName(msg.ObjectName); err != nil {
+			return err
+		}
 	}
 
 	return nil