forked from cerc-io/laconicd-deprecated
fix: set an upper bound to gasWanted to prevent DoS attack (#991)
Closes: #989 Co-authored-by: Federico Kunze Küllmer <31522760+fedekunze@users.noreply.github.com>
This commit is contained in:
parent
889ff2b8ec
commit
edf456985b
@ -41,6 +41,7 @@ Ref: https://keepachangelog.com/en/1.0.0/
|
|||||||
### Bug Fixes
|
### Bug Fixes
|
||||||
|
|
||||||
* (rpc) [tharsis#990](https://github.com/tharsis/ethermint/pull/990) Calculate reward values from all `MsgEthereumTx` from a block in `eth_feeHistory`.
|
* (rpc) [tharsis#990](https://github.com/tharsis/ethermint/pull/990) Calculate reward values from all `MsgEthereumTx` from a block in `eth_feeHistory`.
|
||||||
|
* (ante) [tharsis#991](https://github.com/tharsis/ethermint/pull/991) Set an upper bound to gasWanted to prevent DoS attack.
|
||||||
|
|
||||||
## [v0.11.0] - 2022-03-06
|
## [v0.11.0] - 2022-03-06
|
||||||
|
|
||||||
|
@ -17,6 +17,8 @@ import (
|
|||||||
ethtypes "github.com/ethereum/go-ethereum/core/types"
|
ethtypes "github.com/ethereum/go-ethereum/core/types"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
const MaxTxGasWanted uint64 = 500000
|
||||||
|
|
||||||
// EthSigVerificationDecorator validates an ethereum signatures
|
// EthSigVerificationDecorator validates an ethereum signatures
|
||||||
type EthSigVerificationDecorator struct {
|
type EthSigVerificationDecorator struct {
|
||||||
evmKeeper EVMKeeper
|
evmKeeper EVMKeeper
|
||||||
@ -171,7 +173,6 @@ func (egcd EthGasConsumeDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simula
|
|||||||
london := ethCfg.IsLondon(blockHeight)
|
london := ethCfg.IsLondon(blockHeight)
|
||||||
evmDenom := params.EvmDenom
|
evmDenom := params.EvmDenom
|
||||||
gasWanted := uint64(0)
|
gasWanted := uint64(0)
|
||||||
|
|
||||||
var events sdk.Events
|
var events sdk.Events
|
||||||
|
|
||||||
for _, msg := range tx.GetMsgs() {
|
for _, msg := range tx.GetMsgs() {
|
||||||
@ -184,7 +185,17 @@ func (egcd EthGasConsumeDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simula
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return ctx, sdkerrors.Wrap(err, "failed to unpack tx data")
|
return ctx, sdkerrors.Wrap(err, "failed to unpack tx data")
|
||||||
}
|
}
|
||||||
gasWanted += txData.GetGas()
|
|
||||||
|
if ctx.IsCheckTx() {
|
||||||
|
// We can't trust the tx gas limit, because we'll refund the unused gas.
|
||||||
|
if txData.GetGas() > MaxTxGasWanted {
|
||||||
|
gasWanted += MaxTxGasWanted
|
||||||
|
} else {
|
||||||
|
gasWanted += txData.GetGas()
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
gasWanted += txData.GetGas()
|
||||||
|
}
|
||||||
|
|
||||||
fees, err := egcd.evmKeeper.DeductTxCostsFromUserBalance(
|
fees, err := egcd.evmKeeper.DeductTxCostsFromUserBalance(
|
||||||
ctx,
|
ctx,
|
||||||
|
@ -268,7 +268,7 @@ func (suite AnteTestSuite) TestEthGasConsumeDecorator() {
|
|||||||
{
|
{
|
||||||
"success",
|
"success",
|
||||||
tx2,
|
tx2,
|
||||||
tx2GasLimit,
|
ante.MaxTxGasWanted, // it's capped
|
||||||
func() {
|
func() {
|
||||||
vmdb.AddBalance(addr, big.NewInt(1000000))
|
vmdb.AddBalance(addr, big.NewInt(1000000))
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user