From 7c068afa6fa96ef2d97973fc18cd157385cc318e Mon Sep 17 00:00:00 2001
From: Emmanuel T Odeke <emmanuel@orijtech.com>
Date: Fri, 7 Apr 2023 07:19:38 -0700
Subject: [PATCH] fix: x/tx/signing/textual/IntValueRenderer.Parse: gracefully
 handle "" + fuzz (#15730)

Co-authored-by: Facundo Medica <14063057+facundomedica@users.noreply.github.com>
Co-authored-by: Julien Robert <julien@rbrt.fr>
---
 x/tx/CHANGELOG.md                 |  6 +++++-
 x/tx/signing/textual/fuzz_test.go | 30 ++++++++++++++++++++++++++++++
 x/tx/signing/textual/int.go       |  5 +++++
 3 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 x/tx/signing/textual/fuzz_test.go

diff --git a/x/tx/CHANGELOG.md b/x/tx/CHANGELOG.md
index 3734cb7508..b7498a1f78 100644
--- a/x/tx/CHANGELOG.md
+++ b/x/tx/CHANGELOG.md
@@ -36,6 +36,10 @@ Ref: https://keepachangelog.com/en/1.0.0/
 * [#15581](https://github.com/cosmos/cosmos-sdk/pull/15581) `GetSignersOptions` and `directaux.SignModeHandlerOptions` now
 require a `signing.ProtoFileResolver` interface instead of `protodesc.Resolver`.
 
+### Bug Fixes
+
+* (signing/textual) [#15730](https://github.com/cosmos/cosmos-sdk/pull/15730) make IntValueRenderer.Parse: gracefully handle "" + fuzz
+
 ## v0.4.0
 
 ### API Breaking
@@ -48,4 +52,4 @@ require a `signing.ProtoFileResolver` interface instead of `protodesc.Resolver`.
 
 * [#15302](https://github.com/cosmos/cosmos-sdk/pull/15302) Add support for a custom registry (e.g. gogo's MergedRegistry) to be plugged into SIGN_MODE_TEXTUAL.
 * [#15557](https://github.com/cosmos/cosmos-sdk/pull/15557) Implement unknown field filtering.
-* [#15515](https://github.com/cosmos/cosmos-sdk/pull/15515) Implement SIGN_MODE_LEGACY_AMINO_JSON handler.
\ No newline at end of file
+* [#15515](https://github.com/cosmos/cosmos-sdk/pull/15515) Implement SIGN_MODE_LEGACY_AMINO_JSON handler.
diff --git a/x/tx/signing/textual/fuzz_test.go b/x/tx/signing/textual/fuzz_test.go
new file mode 100644
index 0000000000..fa9e466414
--- /dev/null
+++ b/x/tx/signing/textual/fuzz_test.go
@@ -0,0 +1,30 @@
+package textual_test
+
+import (
+	"context"
+	"testing"
+
+	"cosmossdk.io/x/tx/signing/textual"
+)
+
+func FuzzIntValueRendererParse(f *testing.F) {
+	if testing.Short() {
+		f.Skip()
+	}
+
+	// 1. Firstly add some seeds
+	f.Add("10.11")
+	f.Add("-10.11")
+	f.Add("0.999999")
+	f.Add(".999999")
+	f.Add("1'000.999999")
+	f.Add("1'000'111")
+	f.Add("340'282'366'920'938'463'463'374'607'431'768'211'455")
+
+	// 2. Next setup and run the fuzzer.
+	ivr := textual.NewIntValueRenderer(fieldDescriptorFromName("UINT64"))
+	ctx := context.Background()
+	f.Fuzz(func(t *testing.T, input string) {
+		_, _ = ivr.Parse(ctx, []textual.Screen{{Content: input}})
+	})
+}
diff --git a/x/tx/signing/textual/int.go b/x/tx/signing/textual/int.go
index c4a64c72eb..24357be8e5 100644
--- a/x/tx/signing/textual/int.go
+++ b/x/tx/signing/textual/int.go
@@ -2,6 +2,7 @@ package textual
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strconv"
 	"strings"
@@ -79,6 +80,10 @@ func (vr intValueRenderer) Parse(_ context.Context, screens []Screen) (protorefl
 
 // parseInt parses a value-rendered string into an integer
 func parseInt(v string) (string, error) {
+	if len(v) == 0 {
+		return "", errors.New("expecting a non-empty string")
+	}
+
 	sign := ""
 	if v[0] == '-' {
 		sign = "-"