From 62cce64e562bda1ede2bb1064c3b44b35c3c4658 Mon Sep 17 00:00:00 2001 From: Matt Witherspoon <32485495+spoonincode@users.noreply.github.com> Date: Mon, 18 Sep 2023 14:33:06 -0400 Subject: [PATCH 1/2] avoid possible memcpy with nullptr when action data size is 0 --- libraries/chain/webassembly/action.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/libraries/chain/webassembly/action.cpp b/libraries/chain/webassembly/action.cpp index 307ddafe6b..fa8bc58981 100644 --- a/libraries/chain/webassembly/action.cpp +++ b/libraries/chain/webassembly/action.cpp @@ -5,6 +5,7 @@ namespace eosio { namespace chain { namespace webassembly { int32_t interface::read_action_data(legacy_span memory) const { auto s = context.get_action().data.size(); + if( s == 0 ) return s; if( memory.size() == 0 ) return s; auto copy_size = std::min( static_cast(memory.size()), s ); From 0e1d5fac9b4533d0f17cc1697d2f38c9c93e1765 Mon Sep 17 00:00:00 2001 From: Matt Witherspoon <32485495+spoonincode@users.noreply.github.com> Date: Mon, 18 Sep 2023 17:04:38 -0400 Subject: [PATCH 2/2] Update libraries/chain/webassembly/action.cpp Co-authored-by: Gregory Popovitch --- libraries/chain/webassembly/action.cpp | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/libraries/chain/webassembly/action.cpp b/libraries/chain/webassembly/action.cpp index fa8bc58981..4ac120d499 100644 --- a/libraries/chain/webassembly/action.cpp +++ b/libraries/chain/webassembly/action.cpp @@ -5,10 +5,8 @@ namespace eosio { namespace chain { namespace webassembly { int32_t interface::read_action_data(legacy_span memory) const { auto s = context.get_action().data.size(); - if( s == 0 ) return s; - if( memory.size() == 0 ) return s; - auto copy_size = std::min( static_cast(memory.size()), s ); + if( copy_size == 0 ) return s; std::memcpy( memory.data(), context.get_action().data.data(), copy_size ); return copy_size;