Add missing validations in cases where assembly import would silently…

… truncate the value
ethereum · Nov 29, 2024 · 2c3935e · 2c3935e
1 parent 1cce974
commit 2c3935e
Show file tree

Hide file tree

Showing 15 changed files with 294 additions and 0 deletions.
diff --git a/libevmasm/Assembly.cpp b/libevmasm/Assembly.cpp
@@ -180,6 +180,17 @@ AssemblyItem Assembly::createAssemblyItemFromJSON(Json const& _json, std::vector
 		);
 	};
 
+	auto requireValueInRange = [&](std::string const& _name, std::string const& _value, u256 _min, u256 _max)
+	{
+		bigint parsedValue(_value);
+		solRequire(
+			_min <= parsedValue && parsedValue <= _max,
+			AssemblyImportException,
+			"Value provided for instruction '" + _name + "' is out of the allowed range "
+			"[" + formatNumber(_min) + ", " + formatNumber(_max) + "]."
+		);
+	};
+
 	solRequire(srcIndex >= -1 && srcIndex < static_cast<int>(_sourceList.size()), AssemblyImportException, "Source index out of bounds.");
 	if (srcIndex != -1)
 		location.sourceName = sharedSourceName(_sourceList[static_cast<size_t>(srcIndex)]);
@@ -217,6 +228,7 @@ AssemblyItem Assembly::createAssemblyItemFromJSON(Json const& _json, std::vector
 		if (name == "PUSH")
 		{
 			requireValueDefinedForInstruction(name, value);
+			requireValueInRange(name, "0x" + value, 0, std::numeric_limits<u256>::max());
 			result = {AssemblyItemType::Push, u256("0x" + value)};
 		}
 		else if (name == "PUSH [ErrorTag]")
@@ -227,16 +239,19 @@ AssemblyItem Assembly::createAssemblyItemFromJSON(Json const& _json, std::vector
 		else if (name == "PUSH [tag]")
 		{
 			requireValueDefinedForInstruction(name, value);
+			requireValueInRange(name, value, 0, std::numeric_limits<unsigned>::max());
 			result = {AssemblyItemType::PushTag, updateUsedTags(u256(value))};
 		}
 		else if (name == "PUSH [$]")
 		{
 			requireValueDefinedForInstruction(name, value);
+			requireValueInRange(name, "0x" + value, 0, std::numeric_limits<size_t>::max());
 			result = {AssemblyItemType::PushSub, u256("0x" + value)};
 		}
 		else if (name == "PUSH #[$]")
 		{
 			requireValueDefinedForInstruction(name, value);
+			requireValueInRange(name, "0x" + value, 0, std::numeric_limits<size_t>::max());
 			result = {AssemblyItemType::PushSubSize, u256("0x" + value)};
 		}
 		else if (name == "PUSHSIZE")
@@ -267,11 +282,17 @@ AssemblyItem Assembly::createAssemblyItemFromJSON(Json const& _json, std::vector
 		else if (name == "tag")
 		{
 			requireValueDefinedForInstruction(name, value);
+			requireValueInRange(name, value, 0, std::numeric_limits<unsigned>::max());
 			result = {AssemblyItemType::Tag, updateUsedTags(u256(value))};
 		}
 		else if (name == "PUSH data")
 		{
 			requireValueDefinedForInstruction(name, value);
+			solRequire(
+				value.size() == 64 && value.find_first_not_of("0123456789abcdefABCDEF") == std::string::npos,
+				AssemblyImportException,
+				"Value provided for instruction 'PUSH data' is not a valid 256-bit hexadecimal number."
+			);
 			result = {AssemblyItemType::PushData, u256("0x" + value)};
 		}
 		else if (name == "VERBATIM")

diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_push_data_value_bad_hex/input.json b/test/cmdlineTests/standard_import_asm_json_invalid_push_data_value_bad_hex/input.json
@@ -0,0 +1,28 @@
+{
+    "language": "EVMAssembly",
+    "sources": {
+        "A": {
+            "assemblyJson": {
+                ".code": [
+                    {
+                        "begin": 0,
+                        "end": 0,
+                        "name": "PUSH data",
+                        "source": 0,
+                        "value": "112233445566778899aabbccddeeff00112233445566778899aabbccddeeffgg"
+                    }
+                ],
+                "sourceList": [
+                    "<stdin>"
+                ]
+            }
+        }
+    },
+    "settings": {
+        "outputSelection": {
+            "*": {
+                "": ["evm.bytecode"]
+            }
+        }
+    }
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_push_data_value_bad_hex/output.json b/test/cmdlineTests/standard_import_asm_json_invalid_push_data_value_bad_hex/output.json
@@ -0,0 +1,11 @@
+{
+    "errors": [
+        {
+            "component": "general",
+            "formattedMessage": "Assembly import error: Value provided for instruction 'PUSH data' is not a valid 32-bit hash.",
+            "message": "Assembly import error: Value provided for instruction 'PUSH data' is not a valid 32-bit hash.",
+            "severity": "error",
+            "type": "Exception"
+        }
+    ]
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_push_data_value_too_long/input.json b/test/cmdlineTests/standard_import_asm_json_invalid_push_data_value_too_long/input.json
@@ -0,0 +1,28 @@
+{
+    "language": "EVMAssembly",
+    "sources": {
+        "A": {
+            "assemblyJson": {
+                ".code": [
+                    {
+                        "begin": 0,
+                        "end": 0,
+                        "name": "PUSH data",
+                        "source": 0,
+                        "value": "00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"
+                    }
+                ],
+                "sourceList": [
+                    "<stdin>"
+                ]
+            }
+        }
+    },
+    "settings": {
+        "outputSelection": {
+            "*": {
+                "": ["evm.bytecode"]
+            }
+        }
+    }
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_push_data_value_too_long/output.json b/test/cmdlineTests/standard_import_asm_json_invalid_push_data_value_too_long/output.json
@@ -0,0 +1,11 @@
+{
+    "errors": [
+        {
+            "component": "general",
+            "formattedMessage": "Assembly import error: Value provided for instruction 'PUSH data' is not a valid 32-bit hash.",
+            "message": "Assembly import error: Value provided for instruction 'PUSH data' is not a valid 32-bit hash.",
+            "severity": "error",
+            "type": "Exception"
+        }
+    ]
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_push_sub_size_value/input.json b/test/cmdlineTests/standard_import_asm_json_invalid_push_sub_size_value/input.json
@@ -0,0 +1,28 @@
+{
+    "language": "EVMAssembly",
+    "sources": {
+        "A": {
+            "assemblyJson": {
+                ".code": [
+                    {
+                        "begin": 0,
+                        "end": 0,
+                        "name": "PUSH #[$]",
+                        "source": 0,
+                        "value": "10000000000000000"
+                    }
+                ],
+                "sourceList": [
+                    "<stdin>"
+                ]
+            }
+        }
+    },
+    "settings": {
+        "outputSelection": {
+            "*": {
+                "": ["evm.bytecode"]
+            }
+        }
+    }
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_push_sub_size_value/output.json b/test/cmdlineTests/standard_import_asm_json_invalid_push_sub_size_value/output.json
@@ -0,0 +1,11 @@
+{
+    "errors": [
+        {
+            "component": "general",
+            "formattedMessage": "Assembly import error: Value provided for instruction 'PUSH #[$]' is out of the allowed range [0, 0xffffffffffffffff].",
+            "message": "Assembly import error: Value provided for instruction 'PUSH #[$]' is out of the allowed range [0, 0xffffffffffffffff].",
+            "severity": "error",
+            "type": "Exception"
+        }
+    ]
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_push_sub_value/input.json b/test/cmdlineTests/standard_import_asm_json_invalid_push_sub_value/input.json
@@ -0,0 +1,28 @@
+{
+    "language": "EVMAssembly",
+    "sources": {
+        "A": {
+            "assemblyJson": {
+                ".code": [
+                    {
+                        "begin": 0,
+                        "end": 0,
+                        "name": "PUSH [$]",
+                        "source": 0,
+                        "value": "10000000000000000"
+                    }
+                ],
+                "sourceList": [
+                    "<stdin>"
+                ]
+            }
+        }
+    },
+    "settings": {
+        "outputSelection": {
+            "*": {
+                "": ["evm.bytecode"]
+            }
+        }
+    }
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_push_sub_value/output.json b/test/cmdlineTests/standard_import_asm_json_invalid_push_sub_value/output.json
@@ -0,0 +1,11 @@
+{
+    "errors": [
+        {
+            "component": "general",
+            "formattedMessage": "Assembly import error: Value provided for instruction 'PUSH [$]' is out of the allowed range [0, 0xffffffffffffffff].",
+            "message": "Assembly import error: Value provided for instruction 'PUSH [$]' is out of the allowed range [0, 0xffffffffffffffff].",
+            "severity": "error",
+            "type": "Exception"
+        }
+    ]
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_push_tag_value/input.json b/test/cmdlineTests/standard_import_asm_json_invalid_push_tag_value/input.json
@@ -0,0 +1,28 @@
+{
+    "language": "EVMAssembly",
+    "sources": {
+        "A": {
+            "assemblyJson": {
+                ".code": [
+                    {
+                        "begin": 0,
+                        "end": 0,
+                        "name": "PUSH [tag]",
+                        "source": 0,
+                        "value": "0x100000000"
+                    }
+                ],
+                "sourceList": [
+                    "<stdin>"
+                ]
+            }
+        }
+    },
+    "settings": {
+        "outputSelection": {
+            "*": {
+                "": ["evm.bytecode"]
+            }
+        }
+    }
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_push_tag_value/output.json b/test/cmdlineTests/standard_import_asm_json_invalid_push_tag_value/output.json
@@ -0,0 +1,11 @@
+{
+    "errors": [
+        {
+            "component": "general",
+            "formattedMessage": "Assembly import error: Value provided for instruction 'PUSH [tag]' is out of the allowed range [0, 0xffffffff].",
+            "message": "Assembly import error: Value provided for instruction 'PUSH [tag]' is out of the allowed range [0, 0xffffffff].",
+            "severity": "error",
+            "type": "Exception"
+        }
+    ]
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_push_value/input.json b/test/cmdlineTests/standard_import_asm_json_invalid_push_value/input.json
@@ -0,0 +1,28 @@
+{
+    "language": "EVMAssembly",
+    "sources": {
+        "A": {
+            "assemblyJson": {
+                ".code": [
+                    {
+                        "begin": 0,
+                        "end": 10,
+                        "name": "PUSH",
+                        "source": 0,
+                        "value": "00112233445566778899001122334455667788990011223344556677889900112233445566778899"
+                    }
+                ],
+                "sourceList": [
+                    "<stdin>"
+                ]
+            }
+        }
+    },
+    "settings": {
+        "outputSelection": {
+            "*": {
+                "": ["evm.bytecode"]
+            }
+        }
+    }
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_push_value/output.json b/test/cmdlineTests/standard_import_asm_json_invalid_push_value/output.json
@@ -0,0 +1,11 @@
+{
+    "errors": [
+        {
+            "component": "general",
+            "formattedMessage": "Assembly import error: Value provided for instruction 'PUSH' is out of the allowed range [0, 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff].",
+            "message": "Assembly import error: Value provided for instruction 'PUSH' is out of the allowed range [0, 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff].",
+            "severity": "error",
+            "type": "Exception"
+        }
+    ]
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_tag_value/input.json b/test/cmdlineTests/standard_import_asm_json_invalid_tag_value/input.json
@@ -0,0 +1,28 @@
+{
+    "language": "EVMAssembly",
+    "sources": {
+        "A": {
+            "assemblyJson": {
+                ".code": [
+                    {
+                        "begin": 0,
+                        "end": 0,
+                        "name": "tag",
+                        "source": 0,
+                        "value": "0x100000000"
+                    }
+                ],
+                "sourceList": [
+                    "<stdin>"
+                ]
+            }
+        }
+    },
+    "settings": {
+        "outputSelection": {
+            "*": {
+                "": ["evm.bytecode"]
+            }
+        }
+    }
+}
diff --git a/test/cmdlineTests/standard_import_asm_json_invalid_tag_value/output.json b/test/cmdlineTests/standard_import_asm_json_invalid_tag_value/output.json
@@ -0,0 +1,11 @@
+{
+    "errors": [
+        {
+            "component": "general",
+            "formattedMessage": "Assembly import error: Value provided for instruction 'tag' is out of the allowed range [0, 0xffffffff].",
+            "message": "Assembly import error: Value provided for instruction 'tag' is out of the allowed range [0, 0xffffffff].",
+            "severity": "error",
+            "type": "Exception"
+        }
+    ]
+}