From 82d3058539f54ebad745e2b02b61df01aa832a54 Mon Sep 17 00:00:00 2001 From: Carl Dong Date: Fri, 1 Jul 2022 19:53:04 -0400 Subject: cuckoocache: Check for uint32 overflow in setup_bytes This fixes an potential overflow which existed prior to this patchset. If CuckooCache::cache::setup_bytes is called with a `size_t bytes` which, when divided by sizeof(Element), does not fit into an uint32_t, the implicit conversion to uint32_t in the call to setup will result in an overflow. At least on x86_64, this overflow is possible: static_assert(std::numeric_limits::max() / 32 <= std::numeric_limits::max()); static_assert(std::numeric_limits::max() / 4 <= std::numeric_limits::max()); This commit detects such cases and signals to callers that the `size_t bytes` input is too large. --- src/cuckoocache.h | 11 +++++++++-- src/script/sigcache.cpp | 6 ++++-- src/validation.cpp | 3 ++- 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/src/cuckoocache.h b/src/cuckoocache.h index 5fc852439f..b5da87136d 100644 --- a/src/cuckoocache.h +++ b/src/cuckoocache.h @@ -12,7 +12,9 @@ #include #include #include +#include #include +#include #include #include @@ -359,10 +361,15 @@ public: * structure * @returns A pair of the maximum number of elements storable (see setup() * documentation for more detail) and the approxmiate total size of these - * elements in bytes. + * elements in bytes or std::nullopt if the size requested is too large. */ - std::pair setup_bytes(size_t bytes) + std::optional> setup_bytes(size_t bytes) { + size_t requested_num_elems = bytes / sizeof(Element); + if (std::numeric_limits::max() < requested_num_elems) { + return std::nullopt; + } + auto num_elems = setup(bytes/sizeof(Element)); size_t approx_size_bytes = num_elems * sizeof(Element); diff --git a/src/script/sigcache.cpp b/src/script/sigcache.cpp index 43b594f3cb..507754ad7d 100644 --- a/src/script/sigcache.cpp +++ b/src/script/sigcache.cpp @@ -14,6 +14,7 @@ #include #include +#include #include #include @@ -75,7 +76,7 @@ public: std::unique_lock lock(cs_sigcache); setValid.insert(entry); } - std::pair setup_bytes(size_t n) + std::optional> setup_bytes(size_t n) { return setValid.setup_bytes(n); } @@ -99,8 +100,9 @@ bool InitSignatureCache() size_t nMaxCacheSize = std::max((int64_t)0, gArgs.GetIntArg("-maxsigcachesize", DEFAULT_MAX_SIG_CACHE_SIZE) / 2) * ((size_t) 1 << 20); auto setup_results = signatureCache.setup_bytes(nMaxCacheSize); + if (!setup_results) return false; - const auto [num_elems, approx_size_bytes] = setup_results; + const auto [num_elems, approx_size_bytes] = *setup_results; LogPrintf("Using %zu MiB out of %zu/2 requested for signature cache, able to store %zu elements\n", approx_size_bytes >> 20, (nMaxCacheSize * 2) >> 20, num_elems); return true; diff --git a/src/validation.cpp b/src/validation.cpp index 4d174a4b16..73a6e46cc4 100644 --- a/src/validation.cpp +++ b/src/validation.cpp @@ -1669,8 +1669,9 @@ bool InitScriptExecutionCache() { size_t nMaxCacheSize = std::max((int64_t)0, gArgs.GetIntArg("-maxsigcachesize", DEFAULT_MAX_SIG_CACHE_SIZE) / 2) * ((size_t) 1 << 20); auto setup_results = g_scriptExecutionCache.setup_bytes(nMaxCacheSize); + if (!setup_results) return false; - const auto [num_elems, approx_size_bytes] = setup_results; + const auto [num_elems, approx_size_bytes] = *setup_results; LogPrintf("Using %zu MiB out of %zu/2 requested for script execution cache, able to store %zu elements\n", approx_size_bytes >> 20, (nMaxCacheSize * 2) >> 20, num_elems); return true; -- cgit v1.2.3