-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Safer ReadVarBytes #511
Safer ReadVarBytes #511
Conversation
neo/IO/Helper.cs
Outdated
return reader.ReadBytes((int)reader.ReadVarInt((ulong)max)); | ||
max = (int)reader.ReadVarInt((ulong)max); | ||
|
||
if (reader.BaseStream.CanSeek) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If Stream supports seeking, update maximum to maximum seekable data. Nice!
Shargon, I added some tests that help validating this part. Feel free to remove them, if not necessary (but I think they are 😉 ) |
I think that we never use and don't need so much memory in any Neo process. Perhaps, a lower limit such as 16MB (as used in other methods 0x10000) or half int (~1GB) could be enforced in this case. For example, we could add |
neo/IO/Helper.cs
Outdated
|
||
if (reader.BaseStream.CanSeek) | ||
{ | ||
max = Math.Min((int)(reader.BaseStream.Length - reader.BaseStream.Position), max); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This can result in the reading of truncated data.
0x08123456
You should throw an exception instead of returning 0x123456
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Now is returned the data truncated, i do this for prevent the logic change
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
But reading truncated data is not the expected behavior of this function and can cause errors elsewhere.
@igormcoelho you left one |
Truncate or not to truncate? That's the question 🤔 💀 |
What's the difference between this and the old implemention? |
@erikzhang This fix a error mentioned in #Neo-Security channel |
return reader.ReadBytes((int)reader.ReadVarInt((ulong)max)); | ||
max = (int)reader.ReadVarInt((ulong)max); | ||
|
||
if (reader.BaseStream.CanSeek && (reader.BaseStream.Length - reader.BaseStream.Position) < max) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If reader.BaseStream.CanSeek == false
, it is the same as the original implemention. We should limit max
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I checked everywhere, the maximum max
is 16MB, no problem.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So the fix should be in neo-vm.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
neo/neo/SmartContract/ApplicationEngine.cs
Lines 125 to 132 in f454e98
case OpCode.PUSHDATA4: | |
{ | |
if (CurrentContext.InstructionPointer + 4 >= CurrentContext.Script.Length) | |
return false; | |
uint length = CurrentContext.Script.ToUInt32(CurrentContext.InstructionPointer + 1); | |
if (length > MaxItemSize) return false; | |
return true; | |
} |
The stack element has been limited to 1MB here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You are right
Closed because the fix should be on NeoVM |
No description provided.