pezkuwichain/pezkuwi-subxt
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-subxt.git synced 2026-06-11 03:41:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix transfer overflow exploit. (#824)

Browse Source
This commit is contained in:
Sergey Pepyakin
2018-09-27 19:13:14 +01:00
committed by Gav Wood
parent acc83202bc
commit 0d284c0195
2 changed files with 20 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
substrate/srml/balances/src/lib.rs
+4 -1
View File
@@ -287,7 +287,10 @@ impl<T: Trait> Module<T> {
let to_balance = Self::free_balance(&dest);
let would_create = to_balance.is_zero();
let fee = if would_create { Self::creation_fee() } else { Self::transfer_fee() };
let liability = value + fee;
let liability = match value.checked_add(&fee) {
Some(l) => l,
None => return Err("got overflow after adding a fee to value"),
};
let new_from_balance = match from_balance.checked_sub(&liability) {
Some(b) => b,
substrate/srml/balances/src/tests.rs
+16
View File
@@ -471,3 +471,19 @@ fn account_removal_on_free_too_low() {
},
);
}
#[test]
fn transfer_overflow_isnt_exploitable() {
with_externalities(
&mut ExtBuilder::default().creation_fee(50).build(),
|| {
// Craft a value that will overflow if summed with `creation_fee`.
let evil_value = u64::max_value() - 49;
assert_err!(
Balances::transfer(Some(1).into(), 5.into(), evil_value),
"got overflow after adding a fee to value"
);
}
);
}