Skip to content

Commit

Permalink
Fix DATALOADN truncated immediate validation
Browse files Browse the repository at this point in the history
  • Loading branch information
@gumb0
gumb0 committed Jun 6, 2023
1 parent 6e2a589 commit 48044f8
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 3 deletions.
7 changes: 4 additions & 3 deletions lib/evmone/eof.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -212,6 +212,8 @@ EOFValidationError validate_instructions(
if (cost_table[op] == instr::undefined)
return EOFValidationError::undefined_instruction;

if (i + instr::traits[op].immediate_size >= code.size())
return EOFValidationError::truncated_instruction;
if (op == OP_RJUMPV)
{
if (i + 1 >= code.size())
Expand All @@ -221,6 +223,8 @@ EOFValidationError validate_instructions(
if (count < 1)
return EOFValidationError::invalid_rjumpv_count;
i += static_cast<size_t>(1 /* count */ + count * 2 /* tbl */);
if (i >= code.size())
return EOFValidationError::truncated_instruction;
}
else if (op == OP_DATALOADN)
{
Expand All @@ -231,9 +235,6 @@ EOFValidationError validate_instructions(
}
else
i += instr::traits[op].immediate_size;

if (i >= code.size())
return EOFValidationError::truncated_instruction;
}

return EOFValidationError::success;
Expand Down
9 changes: 9 additions & 0 deletions test/unittests/eof_validation_test.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1248,6 +1248,15 @@ TEST(eof_validation, too_many_code_sections)
EXPECT_EQ(validate_eof(code), EOFValidationError::too_many_code_sections);
}

TEST(eof_validation, EOF1_dataloadn_truncated)
{
EXPECT_EQ(validate_eof("EF0001 010004 0200010001 030000 00 00000000 B9"),
EOFValidationError::truncated_instruction);

EXPECT_EQ(validate_eof("EF0001 010004 0200010002 030000 00 00000000 B900"),
EOFValidationError::truncated_instruction);
}

TEST(eof_validation, dataloadn)
{
// DATALOADN{0}
Expand Down

0 comments on commit 48044f8

Please sign in to comment.