From 2557189db011d2e497b0675396e364eaef29587e Mon Sep 17 00:00:00 2001 From: dylan Date: Mon, 5 Feb 2024 13:47:25 +0800 Subject: [PATCH 1/2] prevent total value from overflowing --- README.md | 4 ++-- contracts/dex-lock/src/entry.rs | 8 +++++++- contracts/dex-lock/src/error.rs | 1 + tests/src/taker_tests.rs | 23 +++++++++++++++++++---- 4 files changed, 29 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 45836b7..1732b19 100644 --- a/README.md +++ b/README.md @@ -3,11 +3,11 @@ Build contracts: ``` sh -make build-release +make build ``` Run tests: ``` sh -make test-release +make test ``` diff --git a/contracts/dex-lock/src/entry.rs b/contracts/dex-lock/src/entry.rs index 0f60eca..074bdcc 100644 --- a/contracts/dex-lock/src/entry.rs +++ b/contracts/dex-lock/src/entry.rs @@ -26,7 +26,13 @@ pub fn main() -> Result<(), Error> { let dex_input_capacity = load_cell_capacity(dex_index, Source::Input)? as u128; let output_capacity = load_cell_capacity(dex_index, Source::Output)? as u128; - if (args.total_value + dex_input_capacity) > output_capacity { + + // Prevent total_value(u128) from overflowing + let total_capacity = args + .total_value + .checked_add(dex_input_capacity) + .ok_or(Error::TotalValueOverflow)?; + if total_capacity > output_capacity { return Err(Error::DexTotalValueNotMatch); } diff --git a/contracts/dex-lock/src/error.rs b/contracts/dex-lock/src/error.rs index df0ed62..0373494 100644 --- a/contracts/dex-lock/src/error.rs +++ b/contracts/dex-lock/src/error.rs @@ -11,6 +11,7 @@ pub enum Error { DexOwnerLockNotMatch, DexTotalValueNotMatch, DexSetupInvalid, + TotalValueOverflow, } impl From for Error { diff --git a/tests/src/taker_tests.rs b/tests/src/taker_tests.rs index 3c203eb..23823e6 100644 --- a/tests/src/taker_tests.rs +++ b/tests/src/taker_tests.rs @@ -19,6 +19,7 @@ const LOCK_ARGS_INVALID: i8 = 5; const DEX_OWNER_LOCK_NOT_MATCH: i8 = 6; const DEX_TOTAL_VALUE_NOT_MATCH: i8 = 7; const DEX_SETUP_INVALID: i8 = 8; +const TOTAL_VALUE_OVERFLOW: i8 = 9; #[derive(PartialEq, Eq, Clone, Copy)] enum DexError { @@ -27,6 +28,7 @@ enum DexError { DexOwnerLockNotMatch, DexTotalValueNotMatch, DexSetupInvalid, + TotalValueOverflow, } fn create_test_context(error: DexError) -> (Context, TransactionView) { @@ -80,11 +82,16 @@ fn create_test_context(error: DexError) -> (Context, TransactionView) { .build_script(&dex_out_point, dex_args1.to_vec().into()) .expect("script"); + let total_value = if error == DexError::TotalValueOverflow { + u128::MAX - 1 + } else { + 9_8765_0000_1234u128 + }; let dex_args2 = DexArgs { - owner_lock: owner_lock2.clone(), - setup: 0u8, - total_value: 9_8765_0000_1234u128, - receiver_lock: None, + owner_lock: owner_lock2.clone(), + setup: 0u8, + total_value, + receiver_lock: None, unit_type_hash: None, }; let mut dex_args2_vec = dex_args2.to_vec(); @@ -215,3 +222,11 @@ fn test_dex_taker_order_total_setup_invalid_error() { let err = context.verify_tx(&tx, MAX_CYCLES).unwrap_err(); assert_script_error(err, DEX_SETUP_INVALID); } + +#[test] +fn test_dex_taker_order_total_value_overflow_error() { + let (context, tx) = create_test_context(DexError::TotalValueOverflow); + // run + let err = context.verify_tx(&tx, MAX_CYCLES).unwrap_err(); + assert_script_error(err, TOTAL_VALUE_OVERFLOW); +} From e94baa016d83148fa70059feaa9b9e33a88827f7 Mon Sep 17 00:00:00 2001 From: dylan Date: Mon, 5 Feb 2024 13:48:06 +0800 Subject: [PATCH 2/2] bump version to v0.2.0 --- Cargo.lock | 2 +- contracts/dex-lock/Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index ba9b909..eef688a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -603,7 +603,7 @@ dependencies = [ [[package]] name = "dex-lock" -version = "0.1.0" +version = "0.2.0" dependencies = [ "ckb-std", ] diff --git a/contracts/dex-lock/Cargo.toml b/contracts/dex-lock/Cargo.toml index 753753a..089fb73 100644 --- a/contracts/dex-lock/Cargo.toml +++ b/contracts/dex-lock/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "dex-lock" -version = "0.1.0" +version = "0.2.0" edition = "2021" [dependencies]