Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix a bug in CCP instruction #753

Merged
merged 5 commits into from
Jun 12, 2024
Merged

Fix a bug in CCP instruction #753

merged 5 commits into from
Jun 12, 2024

Conversation

Dentosal
Copy link
Member

@Dentosal Dentosal commented Jun 11, 2024
edited
Loading

CCP instruction was not checking for ownership properly. This PR fixes the bug, and refactors the code a bit so that similar issues cannot occur again as easily.

Checklist

  • Breaking changes are clearly marked as such in the PR description and changelog
  • New behavior is reflected in tests

Before requesting review

  • I have reviewed the code myself
  • I have created follow-up issues caused by this PR and linked them here

@Dentosal Dentosal added bug Something isn't working fuel-vm Related to the `fuel-vm` crate. audit-report Issue from the audit report labels Jun 11, 2024
@Dentosal Dentosal self-assigned this Jun 11, 2024
Dentosal
Dentosal commented Jun 11, 2024
View reviewed changes
fuel-vm/src/tests/blockchain.rs Outdated
Comment on lines 1182 to 1184
/// TODO: remove this test after review, the one above covers it better
#[test]
fn code_copy_ownership_overflow_poc() {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This reproction test case is from the audit report, and kept here for the review. It should be removed before merging.

@Dentosal Dentosal marked this pull request as ready for review June 11, 2024 12:16
@Dentosal Dentosal requested a review from a team June 11, 2024 12:16
xgreenx
xgreenx previously approved these changes Jun 12, 2024
View reviewed changes
fuel-vm/src/interpreter/memory.rs Outdated Show resolved Hide resolved
@Dentosal Dentosal requested a review from xgreenx June 12, 2024 13:14
@Dentosal Dentosal enabled auto-merge June 12, 2024 13:14
xgreenx
xgreenx approved these changes Jun 12, 2024
View reviewed changes
fuel-vm/src/interpreter/memory.rs

let src_end = src_offset.saturating_add(range.len()).min(src.len());
let data = src.get(src_offset..src_end).unwrap_or_default();
let (r_data, r_zero) = range.split_at_offset(data.len());

memory
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, maybe we need to revisit all places where we use write_noownerchecks, maybe we don't need it anymore and we can just pass OwnershipRegisters

@Dentosal Dentosal added this pull request to the merge queue Jun 12, 2024
Merged via the queue into master with commit 5156767 Jun 12, 2024
39 checks passed
@Dentosal Dentosal deleted the dento/vm-code-copy-fix branch June 12, 2024 14:14
@xgreenx xgreenx mentioned this pull request Jun 13, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xgreenx xgreenx xgreenx approved these changes

Assignees

@Dentosal Dentosal

Labels
audit-report Issue from the audit report bug Something isn't working fuel-vm Related to the `fuel-vm` crate.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Dentosal @xgreenx