search

Jon-Becker / heimdall-rs

Heimdall is an advanced EVM smart contract toolkit specializing in bytecode analysis and extracting information from unverified contracts.
http://heimdall.rs
MIT License
1.2k stars 125 forks source link

usize overflow on decompilation #501

Closed beeb closed 2 months ago

beeb commented 2 months ago

Component

Heimdall (Core)

Have you ensured that you are up to date?

What version of Heimdall are you on?

main branch (5517ba7)

Operating System

Linux

Describe the bug

When trying to decompile the bytecode below, I get an error:

2024-09-19T10:17:53.400353Z  WARN error executing branch: Uint<256> value is too large for usize

Location:
    crates/vm/src/core/vm.rs:741:35
2024-09-19T10:17:53.403868Z  WARN error executing branch: Uint<256> value is too large for usize

The command is the following:

heimdall decompile "0x608060405234801561001057600080fd5b50600436106100625760003560e01c8063736858e7146100675780638283e6a8146100855780639ff054df1461009a578063b323d721146100ad578063b38e0d90146100c0578063d74c73e6146100c8575b600080fd5b61006f6100f3565b60405161007c919061053d565b60405180910390f35b61009861009336600461058b565b610181565b005b6100986100a83660046105ad565b610202565b6100986100bb3660046105c6565b61027f565b6100986103a0565b6100db6100d63660046105ad565b6104a9565b6040516001600160a01b03909116815260200161007c565b60008054610100906105f2565b80601f016020809104026020016040519081016040528092919081815260200182805461012c906105f2565b80156101795780601f1061014e57610100808354040283529160200191610179565b820191906000526020600020905b81548152906001019060200180831161015c57829003601f168201915b505050505081565b815b818110156101fd576000610196826104a9565b9050806001600160a01b031663b38e0d906040518163ffffffff1660e01b8152600401600060405180830381600087803b1580156101d357600080fd5b505af11580156101e7573d6000803e3d6000fd5b50505050506101f68160010190565b9050610183565b505050565b604051639ff054df60e01b8152600481018290527f00000000000000000000000006450dee7fd2fb8e39061434babcfc05599a6fb86001600160a01b031690639ff054df90602401600060405180830381600087803b15801561026457600080fd5b505af1158015610278573d6000803e3d6000fd5b5050505050565b600080805461028d906105f2565b80601f01602080910402602001604051908101604052809291908181526020018280546102b9906105f2565b80156103065780601f106102db57610100808354040283529160200191610306565b820191906000526020600020905b8154815290600101906020018083116102e957829003601f168201915b505050505090506000808590505b8481101561039857825181908190602086016000f5604051639ff054df60e01b8152600481018790529093506001600160a01b03841690639ff054df90602401600060405180830381600087803b15801561036e57600080fd5b505af1158015610382573d6000803e3d6000fd5b50505050506103918160010190565b9050610314565b505050505050565b604051631c56030560e01b81526001600160a01b037f000000000000000000000000696ef2c6f8c0271629b3f989f44b8eda9cb1093181166004830152606460248301527f00000000000000000000000006450dee7fd2fb8e39061434babcfc05599a6fb81690631c56030590604401600060405180830381600087803b15801561042a57600080fd5b505af115801561043e573d6000803e3d6000fd5b505050507f0000000000000000000000001248ea15e24c7ef2b7c5c7065fe758e3a77a8ca16001600160a01b0316306001600160a01b0316146104a7577f000000000000000000000000696ef2c6f8c0271629b3f989f44b8eda9cb109316001600160a01b0316ff5b565b60405160009082903060601b9082906104c690859060200161062c565b6040516020818303038152906040528051906020012060405160200161051e939291906001600160f81b031981526bffffffffffffffffffffffff199390931660018401526015830191909152603582015260550190565b60408051601f1981840301815291905280516020909101209392505050565b600060208083528351808285015260005b8181101561056a5785810183015185820160400152820161054e565b506000604082860101526040601f19601f8301168501019250505092915050565b6000806040838503121561059e57600080fd5b50508035926020909101359150565b6000602082840312156105bf57600080fd5b5035919050565b6000806000606084860312156105db57600080fd5b505081359360208301359350604090920135919050565b600181811c9082168061060657607f821691505b60208210810361062657634e487b7160e01b600052602260045260246000fd5b50919050565b600080835481600182811c91508083168061064857607f831692505b6020808410820361066757634e487b7160e01b86526022600452602486fd5b81801561067b5760018114610690576106bd565b60ff19861689528415158502890196506106bd565b60008a81526020902060005b868110156106b55781548b82015290850190830161069c565b505084890196505b50949897505050505050505056fea264697066735822122036528df9d301ea8f1050e8f6fd155bc19b2a471b6f25f9d8f3f19659ee80ca5964736f6c63430008110033"

Points to the following line:

https://github.com/Jon-Becker/heimdall-rs/blob/5517ba7032fc155b945465b1419af91fddc58489/crates/vm/src/core/vm.rs#L741

Seems the regression was introduced by https://github.com/Jon-Becker/heimdall-rs/commit/90e6622f0724af40ba82c26c3d2a40d585373beb, before that it was clamping the value to something large instead of erroring.

Jon-Becker commented 2 months ago

iirc this error is expected, it happens when symbolic execution finds a path that leads to insane values.

if conversion errors here, the branch is pruned and not included in the output.

beeb commented 2 months ago

Right I think I understand now. This is a warning that doesn't prevent proper execution of the command? Since I didn't include any other parameters in the command, I only had this message displayed and thought the process failed. My bad!

EDIT: confirmed working with --include-sol --output print