From 15be763bb36b6b6b4fc2477c00b1a47eec8cdebd Mon Sep 17 00:00:00 2001 From: Roman Khimov Date: Wed, 14 Jul 2021 10:00:25 +0300 Subject: [PATCH] vm: limit POW, fix #2060 Calculating pow(pow(2, 255), 0xffffffff) takes unknown amount of time. See also neo-project/neo-vm#422. --- pkg/vm/vm.go | 2 +- pkg/vm/vm_test.go | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/pkg/vm/vm.go b/pkg/vm/vm.go index 7ae6d5cdf..09c00699d 100644 --- a/pkg/vm/vm.go +++ b/pkg/vm/vm.go @@ -918,7 +918,7 @@ func (v *VM) execute(ctx *Context, op opcode.Opcode, parameter []byte) (err erro case opcode.POW: exp := v.estack.Pop().BigInt() a := v.estack.Pop().BigInt() - if ei := exp.Int64(); !exp.IsInt64() || ei > math.MaxInt32 || ei < 0 { + if ei := exp.Int64(); !exp.IsInt64() || ei > maxSHLArg || ei < 0 { panic("invalid exponent") } v.estack.PushVal(new(big.Int).Exp(a, exp, nil)) diff --git a/pkg/vm/vm_test.go b/pkg/vm/vm_test.go index 484b3cda1..b497ffc9b 100644 --- a/pkg/vm/vm_test.go +++ b/pkg/vm/vm_test.go @@ -6,7 +6,6 @@ import ( "encoding/hex" "errors" "fmt" - "math" "math/big" "math/rand" "testing" @@ -719,7 +718,7 @@ func TestPOW(t *testing.T) { t.Run("good, negative, odd", getTestFuncForVM(prog, -8, -2, 3)) t.Run("zero", getTestFuncForVM(prog, 1, 3, 0)) t.Run("negative exponent", getTestFuncForVM(prog, nil, 3, -1)) - t.Run("too big exponent", getTestFuncForVM(prog, nil, 1, math.MaxInt32+1)) + t.Run("too big exponent", getTestFuncForVM(prog, nil, 1, maxSHLArg+1)) } func TestSQRT(t *testing.T) {