neo icon indicating copy to clipboard operation
neo copied to clipboard
verified publisher icon neo-project

[`Fix`]: integer overflow in `JumpTable.SubStr `

Open nan01ab opened this issue 1 year ago • 1 comments

Description

Fix integer overflow in JumpTable.SubStr

Fixes #3495

Type of change

  • [ ] Optimization (the change is only an optimization)
  • [ ] Style (the change is only a code style for better maintenance or standard purpose)
  • [x] Bug fix (non-breaking change which fixes an issue)
  • [ ] New feature (non-breaking change which adds functionality)
  • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • [ ] This change requires a documentation update

Checklist:

  • [x] My code follows the style guidelines of this project
  • [x] I have performed a self-review of my code
  • [ ] I have commented my code, particularly in hard-to-understand areas
  • [ ] I have made corresponding changes to the documentation
  • [x] My changes generate no new warnings
  • [x] I have added tests that prove my fix is effective or that my feature works
  • [x] New and existing unit tests pass locally with my changes
  • [ ] Any dependent changes have been merged and published in downstream modules

nan01ab avatar Sep 21 '24 15:09 nan01ab

Rebase needed

shargon avatar Sep 27 '24 07:09 shargon

That's the question of "can we arrange a set of parameters that would fail with the new code, but succeed with the old one". This requires some probing. I'm not exactly sure of Rent details and how this can be related to machine memory available (I can malloc() more memory than I have physically), also how Slice() reacts to negative count.

I'd include it into Echidna for safety reasons, but if we can prove it can't be exploited to change execution result then OK, it can go without a HF.

roman-khimov avatar Nov 07 '24 14:11 roman-khimov

I think we don't need a HF, previously could be a DoS but not difference in the execution. Isn't it? @roman-khimov

I agree. Don't need a HF

nan01ab avatar Nov 14 '24 15:11 nan01ab

If doesn't use HF should go to master

it was merged with hardfork prs,,,,lets discuss it in the meeting.

Jim8y avatar Nov 21 '24 00:11 Jim8y

This is the already the default behavior in dotnet https://learn.microsoft.com/en-us/dotnet/csharp/language-reference/compiler-options/language#checkforoverflowunderflow

cschuchardt88 avatar Nov 21 '24 13:11 cschuchardt88

The default value for this option is false, that is, overflow checking is disabled.

https://dotnetfiddle.net/I7RINu

roman-khimov avatar Nov 21 '24 13:11 roman-khimov

The default value for this option is false, that is, overflow checking is disabled.

https://dotnetfiddle.net/I7RINu

my bad -- integral-type arithmetic operations and conversions are executed in an unchecked context and Constant expressions are evaluated by default in a checked context.

cschuchardt88 avatar Nov 21 '24 17:11 cschuchardt88