search

darwinia-network / darwinia-common

Darwinia Runtime Pallet Library and Pangolin/Pangoro Testnet
https://rust-docs.darwinia.network/darwinia-common
GNU General Public License v3.0
30 stars 9 forks source link

Security test between smart contracts and dispatch call #640

Closed boundless-forest closed 3 years ago

boundless-forest commented 3 years ago

Comes from https://github.com/darwinia-network/darwinia-common/issues/639#issue-899470271 point 3

boundless-forest commented 3 years ago 
let valid_call = info.pays_fee == Pays::Yes && info.class == DispatchClass::Normal;
if !valid_call {
    return Err(ExitError::Other("invalid call".into()));
}

if let Some(gas) = target_gas {
    let valid_weight = info.weight <= T::GasWeightMapping::gas_to_weight(gas);
    if !valid_weight {
        return Err(ExitError::OutOfGas);
    }
}

The check above prevents infinite loop calls between solidity contracts and dispatch precompile.