Merge pull request #976 from nspcc-dev/fix/refcount

vm: update stack size in SETITEM properly
This commit is contained in:
Roman Khimov 2020-05-21 18:07:26 +03:00 committed by GitHub
commit 9b2d045a29
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 2 deletions

View file

@ -1123,8 +1123,8 @@ func (v *VM) execute(ctx *Context, op opcode.Opcode, parameter []byte) (err erro
arr[index] = item arr[index] = item
v.refs.Add(arr[index]) v.refs.Add(arr[index])
case *MapItem: case *MapItem:
if t.Has(key.value) { if i := t.Index(key.value); i >= 0 {
v.refs.Remove(item) v.refs.Remove(t.value[i].Value)
} else if len(t.value) >= MaxArraySize { } else if len(t.value) >= MaxArraySize {
panic("too big map") panic("too big map")
} }

View file

@ -1354,6 +1354,26 @@ func TestSETITEMBigMapBad(t *testing.T) {
runWithArgs(t, prog, nil, m, MaxArraySize, 0) runWithArgs(t, prog, nil, m, MaxArraySize, 0)
} }
// This test checks is SETITEM properly updates reference counter.
// 1. Create 2 arrays of size MaxArraySize - 3. (MaxStackSize = 2 * MaxArraySize)
// 2. SETITEM each of them to a map.
// 3. Replace each of them with a scalar value.
func TestSETITEMMapStackLimit(t *testing.T) {
size := MaxArraySize - 3
m := NewMapItem()
m.Add(NewBigIntegerItem(big.NewInt(1)), NewArrayItem(makeArrayOfType(size, BooleanT)))
m.Add(NewBigIntegerItem(big.NewInt(2)), NewArrayItem(makeArrayOfType(size, BooleanT)))
prog := makeProgram(
opcode.DUP, opcode.PUSH1, opcode.PUSH1, opcode.SETITEM,
opcode.DUP, opcode.PUSH2, opcode.PUSH2, opcode.SETITEM,
opcode.DUP, opcode.PUSH3, opcode.PUSH3, opcode.SETITEM,
opcode.DUP, opcode.PUSH4, opcode.PUSH4, opcode.SETITEM)
v := load(prog)
v.estack.PushVal(m)
runVM(t, v)
}
func TestSETITEMBigMapGood(t *testing.T) { func TestSETITEMBigMapGood(t *testing.T) {
prog := makeProgram(opcode.SETITEM) prog := makeProgram(opcode.SETITEM)
vm := load(prog) vm := load(prog)