mirror of
https://github.com/nspcc-dev/neo-go.git
synced 2025-01-11 01:20:37 +00:00
vm: restrict max item size in CAT
This commit is contained in:
parent
67219b9439
commit
cae431b844
2 changed files with 18 additions and 2 deletions
11
pkg/vm/vm.go
11
pkg/vm/vm.go
|
@ -28,8 +28,12 @@ var (
|
||||||
const (
|
const (
|
||||||
// MaxArraySize is the maximum array size allowed in the VM.
|
// MaxArraySize is the maximum array size allowed in the VM.
|
||||||
MaxArraySize = 1024
|
MaxArraySize = 1024
|
||||||
maxSHLArg = 256
|
|
||||||
minSHLArg = -256
|
// MaxItemSize is the maximum item size allowed in the VM.
|
||||||
|
MaxItemSize = 1024 * 1024
|
||||||
|
|
||||||
|
maxSHLArg = 256
|
||||||
|
minSHLArg = -256
|
||||||
)
|
)
|
||||||
|
|
||||||
// VM represents the virtual machine.
|
// VM represents the virtual machine.
|
||||||
|
@ -439,6 +443,9 @@ func (v *VM) execute(ctx *Context, op Instruction, parameter []byte) {
|
||||||
case CAT:
|
case CAT:
|
||||||
b := v.estack.Pop().Bytes()
|
b := v.estack.Pop().Bytes()
|
||||||
a := v.estack.Pop().Bytes()
|
a := v.estack.Pop().Bytes()
|
||||||
|
if l := len(a) + len(b); l > MaxItemSize {
|
||||||
|
panic(fmt.Sprintf("too big item: %d", l))
|
||||||
|
}
|
||||||
ab := append(a, b...)
|
ab := append(a, b...)
|
||||||
v.estack.PushVal(ab)
|
v.estack.PushVal(ab)
|
||||||
case SUBSTR:
|
case SUBSTR:
|
||||||
|
|
|
@ -1413,6 +1413,15 @@ func TestCATBadOneArg(t *testing.T) {
|
||||||
assert.Equal(t, true, vm.HasFailed())
|
assert.Equal(t, true, vm.HasFailed())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestCATBadBigItem(t *testing.T) {
|
||||||
|
prog := makeProgram(CAT)
|
||||||
|
vm := load(prog)
|
||||||
|
vm.estack.PushVal(make([]byte, MaxItemSize/2+1))
|
||||||
|
vm.estack.PushVal(make([]byte, MaxItemSize/2+1))
|
||||||
|
vm.Run()
|
||||||
|
assert.Equal(t, true, vm.HasFailed())
|
||||||
|
}
|
||||||
|
|
||||||
func TestCATGood(t *testing.T) {
|
func TestCATGood(t *testing.T) {
|
||||||
prog := makeProgram(CAT)
|
prog := makeProgram(CAT)
|
||||||
vm := load(prog)
|
vm := load(prog)
|
||||||
|
|
Loading…
Reference in a new issue