@@ -7,8 +7,10 @@ use sp_runtime::AccountId32;
77use sp_std:: vec;
88
99pub const SUBNET_PRECOMPILE_INDEX : u64 = 2051 ;
10+ // bytes with max lenght 1K
11+ pub const MAX_SINGLE_PARAMETER_SIZE : usize = 1024 ;
1012// three bytes with max lenght 1K
11- pub const MAX_PARAMETER_SIZE : usize = 3 * 1024 ;
13+ pub const MAX_PARAMETER_SIZE : usize = 3 * MAX_SINGLE_PARAMETER_SIZE ;
1214
1315// ss58 public key i.e., the contract sends funds it received to the destination address from the
1416// method parameter.
@@ -90,18 +92,46 @@ impl SubnetPrecompile {
9092 fn parse_register_network_parameters (
9193 data : & [ u8 ] ,
9294 ) -> Result < ( AccountId32 , vec:: Vec < u8 > , vec:: Vec < u8 > , vec:: Vec < u8 > ) , PrecompileFailure > {
93- let ( pubkey, _) = get_pubkey ( data) ?;
95+ let ( pubkey, dynamic_params) = get_pubkey ( data) ?;
96+ let dynamic_data_len = dynamic_params. len ( ) ;
9497
9598 let mut buf = [ 0_u8 ; 4 ] ;
9699 // get all start point for three data items: name, repo and contact
97100 buf. copy_from_slice ( get_slice ( data, 60 , 64 ) ?) ;
98101 let subnet_name_start: usize = u32:: from_be_bytes ( buf) as usize ;
102+ if subnet_name_start > dynamic_data_len {
103+ log:: error!(
104+ "the start position of subnet name as {} is too big " ,
105+ subnet_name_start
106+ ) ;
107+ return Err ( PrecompileFailure :: Error {
108+ exit_status : ExitError :: InvalidRange ,
109+ } ) ;
110+ }
99111
100112 buf. copy_from_slice ( get_slice ( data, 92 , 96 ) ?) ;
101113 let github_repo_start: usize = u32:: from_be_bytes ( buf) as usize ;
114+ if github_repo_start > dynamic_data_len {
115+ log:: error!(
116+ "the start position of github repo as {} is too big " ,
117+ github_repo_start
118+ ) ;
119+ return Err ( PrecompileFailure :: Error {
120+ exit_status : ExitError :: InvalidRange ,
121+ } ) ;
122+ }
102123
103124 buf. copy_from_slice ( get_slice ( data, 124 , 128 ) ?) ;
104125 let subnet_contact_start: usize = u32:: from_be_bytes ( buf) as usize ;
126+ if subnet_contact_start > dynamic_data_len {
127+ log:: error!(
128+ "the start position of subnet contact as {} is too big " ,
129+ subnet_contact_start
130+ ) ;
131+ return Err ( PrecompileFailure :: Error {
132+ exit_status : ExitError :: InvalidRange ,
133+ } ) ;
134+ }
105135
106136 // get name
107137 buf. copy_from_slice ( get_slice (
@@ -111,6 +141,13 @@ impl SubnetPrecompile {
111141 ) ?) ;
112142 let subnet_name_len: usize = u32:: from_be_bytes ( buf) as usize ;
113143
144+ if subnet_name_len > MAX_SINGLE_PARAMETER_SIZE {
145+ log:: error!( "the length of subnet nae as {} is too big" , subnet_name_len) ;
146+ return Err ( PrecompileFailure :: Error {
147+ exit_status : ExitError :: InvalidRange ,
148+ } ) ;
149+ }
150+
114151 let mut name_vec = vec ! [ 0 ; subnet_name_len] ;
115152 name_vec. copy_from_slice ( get_slice (
116153 data,
@@ -125,6 +162,15 @@ impl SubnetPrecompile {
125162 github_repo_start + 32 ,
126163 ) ?) ;
127164 let github_repo_len: usize = u32:: from_be_bytes ( buf) as usize ;
165+ if github_repo_len > MAX_SINGLE_PARAMETER_SIZE {
166+ log:: error!(
167+ "the length of github repo as {} is too big" ,
168+ github_repo_len
169+ ) ;
170+ return Err ( PrecompileFailure :: Error {
171+ exit_status : ExitError :: InvalidRange ,
172+ } ) ;
173+ }
128174
129175 let mut repo_vec = vec ! [ 0 ; github_repo_len] ;
130176 repo_vec. copy_from_slice ( get_slice (
@@ -140,6 +186,15 @@ impl SubnetPrecompile {
140186 subnet_contact_start + 32 ,
141187 ) ?) ;
142188 let subnet_contact_len: usize = u32:: from_be_bytes ( buf) as usize ;
189+ if subnet_contact_len > MAX_SINGLE_PARAMETER_SIZE {
190+ log:: error!(
191+ "the length of subnet contact as {} is too big" ,
192+ subnet_contact_len
193+ ) ;
194+ return Err ( PrecompileFailure :: Error {
195+ exit_status : ExitError :: InvalidRange ,
196+ } ) ;
197+ }
143198
144199 let mut contact_vec = vec ! [ 0 ; subnet_contact_len] ;
145200 contact_vec. copy_from_slice ( get_slice (
0 commit comments