Skip to content

Commit

Permalink
dev: chg: fix size allocation checks
Browse files Browse the repository at this point in the history
  • Loading branch information
@marcello33
marcello33 committed Oct 10, 2023
1 parent e5d77fe commit a50c10d
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 7 deletions.
5 changes: 2 additions & 3 deletions accounts/usbwallet/trezor.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ import (
"errors"
"fmt"
"io"
"math"
"math/big"

"github.com/ethereum/go-ethereum/accounts"
Expand Down Expand Up @@ -308,9 +309,7 @@ func (w *trezorDriver) trezorExchange(req proto.Message, results ...proto.Messag

var payload []byte

if 8+len(data) > 64*1024*1024 {
payload = make([]byte, 0)
} else {
if 8+len(data) < math.MaxInt {
payload = make([]byte, 8+len(data))

Check failure

Code scanning / CodeQL

Size computation for allocation may overflow High

This operation, which is used in an
allocation
Loading
, involves a
potentially large value
Loading
and might overflow.
}

Expand Down
5 changes: 1 addition & 4 deletions core/vm/contract.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,11 +147,8 @@ func (c *Contract) AsDelegate() *Contract {

// GetOp returns the n'th element in the contract's byte array
func (c *Contract) GetOp(n uint64) OpCode {
if n > 0 && n <= math.MaxUint16 {
if n < uint64(len(c.Code)) {
if len(c.Code) > 0 && len(c.Code) <= math.MaxUint16 && n < uint64(len(c.Code)) {
return OpCode(c.Code[n])

Check failure

Code scanning / CodeQL

Incorrect conversion between integer types High

Incorrect conversion of a 64-bit integer from
strconv.ParseUint
Loading
to a lower bit size type uint8 without an upper bound check.
}

}

return STOP
Expand Down

0 comments on commit a50c10d

Please sign in to comment.