From baac2e428eab5acfdcd4c9736aa923fc4f9270cd Mon Sep 17 00:00:00 2001 From: Unique-Divine Date: Wed, 2 Oct 2024 02:09:12 -0500 Subject: [PATCH] fix(evm-precompiles): add assertNumArgs validation --- CHANGELOG.md | 1 + x/evm/precompile/errors.go | 10 ++++++++++ x/evm/precompile/funtoken.go | 7 ++++--- x/evm/precompile/wasm.go | 7 ++++--- x/evm/precompile/wasm_parse.go | 28 ++++++++++++++++------------ 5 files changed, 35 insertions(+), 18 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 194df558a..9c9d259c5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -124,6 +124,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - [#2044](https://github.com/NibiruChain/nibiru/pull/2044) - feat(evm): evm tx indexer service implemented - [#2045](https://github.com/NibiruChain/nibiru/pull/2045) - test(evm): backend tests with test network and real txs - [#2054](https://github.com/NibiruChain/nibiru/pull/2054) - feat(evm-precompile): Precompile for one-way EVM calls to invoke/execute Wasm contracts. +- [#2060](https://github.com/NibiruChain/nibiru/pull/2060) - fix(evm-precompiles): add assertNumArgs validation #### Dapp modules: perp, spot, oracle, etc diff --git a/x/evm/precompile/errors.go b/x/evm/precompile/errors.go index 5f4ee88da..f22ed9f7e 100644 --- a/x/evm/precompile/errors.go +++ b/x/evm/precompile/errors.go @@ -43,3 +43,13 @@ func assertContractQuery(contract *vm.Contract) error { return nil } + +// assertNumArgs checks if the number of provided arguments matches the expected +// count. If lenArgs does not equal wantArgsLen, it returns an error describing +// the mismatch between expected and actual argument counts. +func assertNumArgs(lenArgs, wantArgsLen int) error { + if lenArgs != wantArgsLen { + return fmt.Errorf("expected %d arguments but got %d", wantArgsLen, lenArgs) + } + return nil +} diff --git a/x/evm/precompile/funtoken.go b/x/evm/precompile/funtoken.go index 6eaf1bbff..042544269 100644 --- a/x/evm/precompile/funtoken.go +++ b/x/evm/precompile/funtoken.go @@ -205,9 +205,10 @@ func (p precompileFunToken) decomposeBankSendArgs(args []any) ( to string, err error, ) { - // Note: The number of arguments is valiated before this function is called - // during "DecomposeInput". DecomposeInput calls "method.Inputs.Unpack", - // which validates against the the structure of the precompile's ABI. + if e := assertNumArgs(len(args), 3); e != nil { + err = e + return + } erc20, ok := args[0].(gethcommon.Address) if !ok { diff --git a/x/evm/precompile/wasm.go b/x/evm/precompile/wasm.go index 8e8c446dc..091999ee3 100644 --- a/x/evm/precompile/wasm.go +++ b/x/evm/precompile/wasm.go @@ -355,9 +355,10 @@ func (p precompileWasm) queryRaw( return bz, err } - // Note: The number of arguments is valiated before this function is called - // during "DecomposeInput". DecomposeInput calls "method.Inputs.Unpack", - // which validates against the the structure of the precompile's ABI. + if e := assertNumArgs(len(args), 2); e != nil { + err = e + return + } argIdx := 0 wasmContract, e := parseContractAddrArg(args[argIdx]) diff --git a/x/evm/precompile/wasm_parse.go b/x/evm/precompile/wasm_parse.go index 2f447c340..80d950622 100644 --- a/x/evm/precompile/wasm_parse.go +++ b/x/evm/precompile/wasm_parse.go @@ -84,9 +84,10 @@ func (p precompileWasm) parseInstantiateArgs(args []any, sender string) ( txMsg wasm.MsgInstantiateContract, err error, ) { - // Note: The number of arguments is valiated before this function is called - // during "DecomposeInput". DecomposeInput calls "method.Inputs.Unpack", - // which validates against the the structure of the precompile's ABI. + if e := assertNumArgs(len(args), 5); e != nil { + err = e + return + } argIdx := 0 admin, ok := args[argIdx].(string) @@ -142,9 +143,10 @@ func (p precompileWasm) parseExecuteArgs(args []any) ( funds sdk.Coins, err error, ) { - // Note: The number of arguments is valiated before this function is called - // during "DecomposeInput". DecomposeInput calls "method.Inputs.Unpack", - // which validates against the the structure of the precompile's ABI. + if e := assertNumArgs(len(args), 3); e != nil { + err = e + return + } argIdx := 0 contractAddrStr, ok := args[argIdx].(string) @@ -187,9 +189,10 @@ func (p precompileWasm) parseQueryArgs(args []any) ( req wasm.RawContractMessage, err error, ) { - // Note: The number of arguments is valiated before this function is called - // during "DecomposeInput". DecomposeInput calls "method.Inputs.Unpack", - // which validates against the the structure of the precompile's ABI. + if e := assertNumArgs(len(args), 2); e != nil { + err = e + return + } argsIdx := 0 wasmContract, e := parseContractAddrArg(args[argsIdx]) @@ -220,9 +223,10 @@ func (p precompileWasm) parseExecuteMultiArgs(args []any) ( }, err error, ) { - // Note: The number of arguments is valiated before this function is called - // during "DecomposeInput". DecomposeInput calls "method.Inputs.Unpack", - // which validates against the the structure of the precompile's ABI. + if e := assertNumArgs(len(args), 1); e != nil { + err = e + return + } arg := args[0] execMsgs, ok := arg.([]struct {