[Fix]: integer overflow in JumpTable.SubStr
#3496
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* null operation * fix array --------- Co-authored-by: Shargon <shargon@gmail.com> Co-authored-by: Christopher Schuchardt <cschuchardt88@gmail.com>
Co-authored-by: Jimmy <jinghui@wayne.edu>
* Set `Password` to `SecureString` for Wallet information * Added `UnitTest` for `SecureStringExtensions` * Update tests/Neo.Extensions.Tests/UT_SecureStringExtensions.cs Co-authored-by: Shargon <shargon@gmail.com> * Update src/Neo.Extensions/SecureStringExtensions.cs --------- Co-authored-by: Shargon <shargon@gmail.com>
* rpc parameter parse * update blockchain related apis. * Update src/Plugins/RpcServer/RpcMethodWithParamsAttribute.cs * Delete src/Plugins/RpcServer/JsonPropertyNameAttribute.cs * udpate contract model * Update src/Plugins/RpcServer/Model/BlockHashOrIndex.cs * Apply suggestions from code review Remove comments * Update src/Plugins/RpcServer/RpcServer.cs * fix warnings * ensure it can load both true/false and 1/0 * optimize the pr and add unit tests * add more tests and check the safe max value and safe min value * remove format * remove unused * format * Apply suggestions from code review --------- Co-authored-by: Shargon <shargon@gmail.com> Co-authored-by: NGD Admin <154295625+NGDAdmin@users.noreply.github.com>
* test RpcServer.Utilities
* test invoke function and script
* TestTraverseIterator
* TestGetUnclaimedGas
* RpcServerSettings.Default with { SessionEnabled = true }
* test call with storage changes and events
* use wallet in invokefunction
* use invalid wallet
* invoke without signer
* all cases for TraverseIterator
* traversing same session twice; not expired session
* cover OnTimer
* test deserializing complex signers
* use Assert.ThrowsException
* TestSendFrom and TestSendMany
* apply code review with `nameof`
* test cancel transaction
* TestInvokeContractVerify
* improve error message
---------
Co-authored-by: Shargon <shargon@gmail.com>
Co-authored-by: NGD Admin <154295625+NGDAdmin@users.noreply.github.com>
…o-project#3408) * Part-1 `Neo.IO` - move * Part-2 * Added `BigInteger` to `Neo.Extensions` * Found more `BigInteger` * Added `ByteArray` to `Neo.Extensions` * Added `DateTime` Extensions to `Neo.Extensions` * Added `HashSetExtensions`, `HashSetExtensions2`, `IpAddressExtensions`, `AssemblyExtensions`, `StringExtensdions` Deleted `Helper.cs` file * Added Tests * Added `tests` from `Part-2` * Added `tests` for `PART-4` * Add `using Neo.Extensions` for unit tests * Change `HashSetExtensions2` to `HashSetExtensions` * Update tests/Neo.Extensions.Tests/UT_BigIntegerExtensions.cs * Update and rename StringExtensdions.cs to StringExtensdios.cs * Rename StringExtensdios.cs to StringExtensions.cs * `dotnet format` --------- Co-authored-by: Shargon <shargon@gmail.com> Co-authored-by: Jimmy <jinghui@wayne.edu> Co-authored-by: NGD Admin <154295625+NGDAdmin@users.noreply.github.com>
* UT_KeyedCollectionSlim * Update UT_KeyedCollectionSlim.cs * Update UT_MemoryReader.cs * Update UT_MemoryReader.cs
* improve error message when wrong wallet is opened * update tests
* Update UT_RpcServer.Blockchain.cs * Update UT_RpcServer.Blockchain.cs * update * fixed bug * format * update * Update NativeContractExtensions.cs * update * Remove conflicting files * update * format
* Fixed `UInt160` and expanded class * Cleaned up code for `TryParse` * Fixed `TryParse` * Fixed small bug with `TryParse` * Change `UInt160.Zero` to `static readonly` * benchmark UInt160 * Fix benchmark * Fixed bugs and added features for `UInt160` class * Revert and just keep bug fixes * Made @shargon changes * Set `InvariantCultureIgnoreCase` back for `0x` and `0X` --------- Co-authored-by: Shargon <shargon@gmail.com> Co-authored-by: Jimmy <jinghui@wayne.edu> Co-authored-by: Jimmy <jimmy@r3e.network>
* test GetApplicationLog * filter execution type * Test_Commands; refactor * apply review suggestions --------- Co-authored-by: Shargon <shargon@gmail.com>
* Add UT Neo.Extensions * resolve conflicts * Revert "resolve conflicts" This reverts commit 6d0a61b. * add edge case * update mod test --------- Co-authored-by: NGD Admin <154295625+NGDAdmin@users.noreply.github.com> Co-authored-by: Jimmy <jinghui@wayne.edu> Co-authored-by: Jimmy <jimmy@r3e.network>
* Update UT_Utility.cs * TestGetContractState
- Fix typo Co-authored-by: Shargon <shargon@gmail.com> Co-authored-by: Jimmy <jinghui@wayne.edu> Co-authored-by: NGD Admin <154295625+NGDAdmin@users.noreply.github.com>
* trigger https oracle * make it internal * return Task.CompletedTask --------- Co-authored-by: Jimmy <jimmy@r3e.network> Co-authored-by: Jimmy <jinghui@wayne.edu> Co-authored-by: Shargon <shargon@gmail.com>
…arameter types. (neo-project#3479) * update rpc node methods signatures to use explicit parameter types. * fix attribute place --------- Co-authored-by: Christopher Schuchardt <cschuchardt88@gmail.com> Co-authored-by: Shargon <shargon@gmail.com>
* Update OpCode.cs * Update JumpTable.Compound.cs * Update OpCode.cs
* parse nef file scripts * nef file path support --------- Co-authored-by: Vitor Nazário Coelho <vncoelho@gmail.com>
…es (neo-project#3486) * fix push integer * Update src/Neo.VM/ScriptBuilder.cs * Update tests/Neo.VM.Tests/UT_ScriptBuilder.cs * Update tests/Neo.VM.Tests/UT_ScriptBuilder.cs
nan01ab
changed the title
JumpTable.SubStr Fix]: integer overflow in JumpTable.SubStr
| if (index >= x.Length) | ||
| throw new InvalidOperationException($"The value of index {index} is out of range."); | ||
|
|
||
| if (checked(index + count) > x.Length) |
There was a problem hiding this comment.
Suggested change
| if (checked(index + count) > x.Length) | |
| if (unchecked(index + count) > x.Length) |
This would be better. If it overflows it will be bigger than the length. This way we don't have dotnet generic overflow exception.
There was a problem hiding this comment.
This would be better. If it overflows it will be bigger than the length. This way we don't have dotnet generic
overflowexception.
checked here behaves the same as Memcpy.
There was a problem hiding this comment.
Echidna, yes. But checked is likely needed. The only reason this works in NeoGo is because int is mostly 64-bit (on all officially supported NeoGo platforms it is, but in theory NeoGo can be compiled for 32-bit platforms as well).
| @@ -95,13 +95,22 @@ public virtual void SubStr(ExecutionEngine engine, Instruction instruction) | |||
| { | |||
There was a problem hiding this comment.
@shargon why isn't there a vm limit in this?
There was a problem hiding this comment.
Because a substr can't be longer than the previous item.. theoretically
| @@ -473,6 +473,50 @@ | |||
| } | |||
| } | |||
| ] | |||
| }, | |||
| { | |||
| "name": "Count Exceed Range Test", | |||
There was a problem hiding this comment.
at instruction 18 (SUBSTR): invalid offset in NeoGo.
| ] | ||
| }, | ||
| { | ||
| "name": "Index Exceed Range Test", |
There was a problem hiding this comment.
at instruction 18 (SUBSTR): invalid offset in NeoGo.
| "0x0a", | ||
| "0x00010203040506070809", | ||
| "PUSHINT32", | ||
| "0x7FFFFFFF", |
There was a problem hiding this comment.
I'd also add some tests for INT64, like:
byte(opcode.PUSHINT64), 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F,
byte(opcode.PUSH2),
It'll fail (in NeoGo it's at instruction 22 (SUBSTR): not an int32), but just to make sure.
| if (index >= x.Length) | ||
| throw new InvalidOperationException($"The value of index {index} is out of range."); | ||
|
|
||
| if (checked(index + count) > x.Length) |
There was a problem hiding this comment.
Echidna, yes. But checked is likely needed. The only reason this works in NeoGo is because int is mostly 64-bit (on all officially supported NeoGo platforms it is, but in theory NeoGo can be compiled for 32-bit platforms as well).
* fix: concurrency conflict in HeaderCache.Count * Update tests/Neo.UnitTests/Ledger/UT_HeaderCache.cs * Update tests/Neo.UnitTests/Ledger/UT_HeaderCache.cs --------- Co-authored-by: Shargon <shargon@gmail.com>
* Added Builders with tests * Added SignerBuilder and started WitnessRuleBuilder * Added `WitnessConditionBuilder` with tests * Added more logic * Fixed `SignerBuilder` class * Code touch ups * Added more tests * Update src/Neo/Builders/TransactionBuilder.cs * Fixed `And` `Or` and `Not` conditions * Fixed Memory leak * Added error message for Witness scripts --------- Co-authored-by: Jimmy <jinghui@wayne.edu> Co-authored-by: Shargon <shargon@gmail.com> Co-authored-by: NGD Admin <154295625+NGDAdmin@users.noreply.github.com>
* Fixed Delete packages for github * Automatic * added continue-on-error: true --------- Co-authored-by: Shargon <shargon@gmail.com> Co-authored-by: NGD Admin <154295625+NGDAdmin@users.noreply.github.com>
|
Rebase needed |
shargon
added
hardfork
waiting-hardfork
bug
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Fix integer overflow in
JumpTable.SubStrFixes #3495
Type of change
Checklist: