🐛 Calldata validation (#17326)

Co-authored-by: Dan J Miller <danjm.com@gmail.com> Co-authored-by: Pedro Figueiredo <pedro.figueiredo@consensys.net> Co-authored-by: brad-decker <bhdecker84@gmail.com>
2024-10-22 19:26:13 +02:00 · 2023-02-01 22:34:55 +00:00 · 2023-02-01 22:34:55 +00:00 · a2a195f2c4
commit a2a195f2c4
parent d95322d84f
3 changed files with 44 additions and 4 deletions
--- a/app/scripts/controllers/transactions/lib/util.js
+++ b/app/scripts/controllers/transactions/lib/util.js
@ -1,4 +1,6 @@
 import { ethErrors } from 'eth-rpc-errors';
+import { Interface } from '@ethersproject/abi';
+import abi from 'human-standard-token-abi';
 import { addHexPrefix } from '../../../lib/util';
 import {
  TransactionEnvelopeType,
@ -218,12 +220,38 @@ export function validateTxParams(txParams, eip1559Compatibility = true) {
          );
        }
        break;
+      case 'data':
+        validateInputData(value);
+        ensureFieldIsString(txParams, 'data');
+        break;
      default:
        ensureFieldIsString(txParams, key);
    }
  });
 }

+/**
+ *
+ * @param {*} value
+ */
+export function validateInputData(value) {
+  if (value !== null) {
+    // Validate the input data
+    const hstInterface = new Interface(abi);
+    try {
+      hstInterface.parseTransaction({ data: value });
+    } catch (e) {
+      // Throw an invalidParams error if BUFFER_OVERRUN
+      /* eslint require-unicode-regexp: off */
+      if (e.message.match(/BUFFER_OVERRUN/)) {
+        throw ethErrors.rpc.invalidParams(
+          `Invalid transaction params: data out-of-bounds, BUFFER_OVERRUN.`,
+        );
+      }
+    }
+  }
+}
+
 /**
 * Validates the {@code from} field in the given tx params
 *
--- a/app/scripts/controllers/transactions/lib/util.test.js
+++ b/app/scripts/controllers/transactions/lib/util.test.js
@ -30,6 +30,18 @@ describe('txUtils', function () {
      });
    });

+    it('throws for data out of bounds buffer overrun', function () {
+      const sample = {
+        from: '0x1678a085c290ebd122dc42cba69373b5953b831d',
+        to: '0xfbb5595c18ca76bab52d66188e4ca50c7d95f77a',
+        data: '0xa9059cbb00000000000000000000000011b6A5fE2906F3354145613DB0d99CEB51f604C90000000000000000000000000000000000000000000000004563918244F400',
+      };
+      assert.throws(() => txUtils.validateTxParams(sample), {
+        message:
+          'Invalid transaction params: data out-of-bounds, BUFFER_OVERRUN.',
+      });
+    });
+
    it('throws for missing "to" and "data"', function () {
      const sample = {
        from: '0x1678a085c290ebd122dc42cba69373b5953b831d',
--- a/coverage-targets.js
+++ b/coverage-targets.js
@ -6,10 +6,10 @@
 // subset of files to check against these targets.
 module.exports = {
  global: {
-    branches: 20,
-    functions: 30,
-    lines: 57,
-    statements: 40,
+    branches: 22,
+    functions: 33.5,
+    lines: 62.25,
+    statements: 41.75,
  },
  transforms: {
    branches: 100,