Skip to content

serviceability: validate device mgmt_vrf field#3881

Merged
ben-dz merged 1 commit into
mainfrom
bdz/validate-mgmt-vrf-field
Jun 12, 2026
Merged

serviceability: validate device mgmt_vrf field#3881
ben-dz merged 1 commit into
mainfrom
bdz/validate-mgmt-vrf-field

Conversation

@ben-dz

@ben-dz ben-dz commented Jun 12, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Validate the device mgmt_vrf field in Device::validate: restrict it to the account-code charset ([A-Za-z0-9:_-]) and cap it at 32 bytes, matching how the device code is already bounded. Empty is still accepted (the default VRF).
  • The controller skips rendering device config when a string field destined for the device config contains characters that wouldn't survive as a single config token (control characters or whitespace), failing closed instead of emitting a malformed config.
  • Move setup_device_prerequisites from device_onchain_allocation_test.rs into test_helpers.rs so the new test reuses it.

Testing Verification

  • Audited mgmt_vrf across all existing devices on mainnet-beta, testnet, and devnet — every value ("", default, MGMT, mgmt, management) passes the new rule, so the Device::validate check applies cleanly to deployed accounts.
  • New onchain integration test: CreateDevice/UpdateDevice reject out-of-charset (Custom(19)) and over-length (Custom(34)) values, a failed update leaves the stored value unchanged, and empty/valid values round-trip.
  • New controller render test covers all 13 rendered string fields and asserts the error names the offending field.

@ben-dz
serviceability: validate device mgmt_vrf field
d4a8a19 
Constrain mgmt_vrf to the account-code charset and a 32-byte cap in
Device::validate, matching how the device code is bounded. The
controller skips rendering device config when a string field contains
characters that would not survive as a single config token.

Move setup_device_prerequisites into test_helpers for reuse.
@ben-dz ben-dz merged commit 69dc808 into main Jun 12, 2026
38 of 39 checks passed
@ben-dz ben-dz deleted the bdz/validate-mgmt-vrf-field branch June 12, 2026 15:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@martinsander00 martinsander00 martinsander00 approved these changes

@ben-malbeclabs ben-malbeclabs ben-malbeclabs approved these changes

@elitegreg elitegreg Awaiting requested review from elitegreg

@nikw9944 nikw9944 Awaiting requested review from nikw9944

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ben-dz @martinsander00 @ben-malbeclabs