From c927fb6ce6d5c3632e09bc5de2d1485736c56fe0 Mon Sep 17 00:00:00 2001
From: Flouse <flouse@gmail.com>
Date: Fri, 6 May 2022 16:10:15 +0800
Subject: [PATCH] Merge pull request from GHSA-qmc9-4hg8-q3p8

---
 c/polyjuice.h                                 | 22 +++++++++++-----
 c/polyjuice_globals.h                         |  2 +-
 devtools/ci/integration-test.sh               |  2 +-
 .../src/test_cases/delegatecall.rs            | 26 ++++++++++++-------
 4 files changed, 35 insertions(+), 17 deletions(-)

diff --git a/c/polyjuice.h b/c/polyjuice.h
index 506bb1c8..34a0ac79 100644
--- a/c/polyjuice.h
+++ b/c/polyjuice.h
@@ -1096,12 +1096,22 @@ int handle_message(gw_context_t* ctx,
     }
   }
 
-  /* Handle transfer logic.
-     NOTE: MUST do this before vm.execute and after to_id finalized */
-  bool to_address_is_eoa = !to_address_exists || (to_address_exists && code_size == 0);
-  ret = handle_transfer(ctx, &msg, (uint8_t *)g_tx_origin.bytes, to_address_is_eoa);
-  if (ret != 0) {
-    return ret;
+  /**
+   * Handle transfer logic
+   * 
+   * NOTE:
+   * 1. MUST do this before vm.execute and after to_id finalized
+   * 2. CALLCODE/DELEGATECALL should skip `handle_transfer`, otherwise
+   *    `value transfer` of CALLCODE/DELEGATECALL will be executed twice
+   */
+  if (!is_special_call(msg.kind)) {
+    bool to_address_is_eoa = !to_address_exists
+                          || (to_address_exists && code_size == 0);
+    ret = handle_transfer(ctx, &msg, (uint8_t *)g_tx_origin.bytes,
+                          to_address_is_eoa);
+    if (ret != 0) {
+      return ret;
+    }
   }
 
   debug_print_int("[handle_message] msg.kind", msg.kind);
diff --git a/c/polyjuice_globals.h b/c/polyjuice_globals.h
index fd345a09..6d9302cf 100644
--- a/c/polyjuice_globals.h
+++ b/c/polyjuice_globals.h
@@ -1,7 +1,7 @@
 #ifndef POLYJUICE_GLOBALS_H
 #define POLYJUICE_GLOBALS_H
 
-#define POLYJUICE_VERSION "v0.8.11"
+#define POLYJUICE_VERSION "v0.8.12"
 #define POLYJUICE_SHORT_ADDR_LEN 20
 /* 32 + 4 + 20 */
 #define SCRIPT_ARGS_LEN 56
diff --git a/devtools/ci/integration-test.sh b/devtools/ci/integration-test.sh
index 34b18bde..5fd9c34f 100644
--- a/devtools/ci/integration-test.sh
+++ b/devtools/ci/integration-test.sh
@@ -28,7 +28,7 @@ make all-via-docker
 # including meta-contract and sudt-contract
 GW_SCRIPTS_DIR=$PROJECT_ROOT/build
 mkdir -p $GW_SCRIPTS_DIR && echo "Create dir"
-IMAGE=nervos/godwoken-prebuilds:v0.10.3
+IMAGE=nervos/godwoken-prebuilds:v0.10.4
 docker pull $IMAGE
 docker run --rm -v $GW_SCRIPTS_DIR:/build-dir $IMAGE \
   cp -r /scripts/godwoken-scripts /build-dir \
diff --git a/polyjuice-tests/src/test_cases/delegatecall.rs b/polyjuice-tests/src/test_cases/delegatecall.rs
index 022083af..c5ce91ca 100644
--- a/polyjuice-tests/src/test_cases/delegatecall.rs
+++ b/polyjuice-tests/src/test_cases/delegatecall.rs
@@ -72,17 +72,18 @@ fn test_delegatecall() {
     //     "result {}",
     //     serde_json::to_string_pretty(&RunResult::from(run_result)).unwrap()
     // );
-    let contract_account_script =
+    let delegate_contract_script =
         new_account_script(&mut state, creator_account_id, from_id, false);
-    let new_account_id = state
-        .get_account_id_by_script_hash(&contract_account_script.hash().into())
+    let delegate_contract_id = state
+        .get_account_id_by_script_hash(&delegate_contract_script.hash().into())
         .unwrap()
         .unwrap();
 
     assert_eq!(state.get_nonce(from_id).unwrap(), 2);
     assert_eq!(state.get_nonce(ss_account_id).unwrap(), 0);
-    assert_eq!(state.get_nonce(new_account_id).unwrap(), 0);
+    assert_eq!(state.get_nonce(delegate_contract_id).unwrap(), 0);
 
+    const MSG_VALUE: u128 = 17;
     for (fn_sighash, expected_return_value) in [
         // DelegateCall.set(address, uint) => used cycles: 1002251
         (
@@ -113,12 +114,12 @@ fn test_delegatecall() {
         let args = PolyjuiceArgsBuilder::default()
             .gas_limit(200000)
             .gas_price(1)
-            .value(0)
+            .value(MSG_VALUE)
             .input(&input)
             .build();
         let raw_tx = RawL2Transaction::new_builder()
             .from_id(from_id.pack())
-            .to_id(new_account_id.pack())
+            .to_id(delegate_contract_id.pack())
             .args(Bytes::from(args).pack())
             .build();
         let db = store.begin_transaction();
@@ -146,7 +147,7 @@ fn test_delegatecall() {
             &generator,
             block_number,
             from_id,
-            new_account_id,
+            delegate_contract_id,
         );
         assert_eq!(
             run_result.return_data,
@@ -154,9 +155,15 @@ fn test_delegatecall() {
         );
     }
 
+    // check the balance of DelegateCall contract
+    let delegate_contract_balance = state
+        .get_sudt_balance(CKB_SUDT_ACCOUNT_ID, &delegate_contract_script.hash()[..20])
+        .unwrap();
+    assert_eq!(delegate_contract_balance, MSG_VALUE * 3);
+
     assert_eq!(state.get_nonce(from_id).unwrap(), 5);
     assert_eq!(state.get_nonce(ss_account_id).unwrap(), 0);
-    assert_eq!(state.get_nonce(new_account_id).unwrap(), 0);
+    assert_eq!(state.get_nonce(delegate_contract_id).unwrap(), 0);
 
     let run_result = simple_storage_get(
         &store,
@@ -168,6 +175,7 @@ fn test_delegatecall() {
     );
     assert_eq!(
         run_result.return_data,
-        hex::decode("000000000000000000000000000000000000000000000000000000000000007b").unwrap()
+        hex::decode("000000000000000000000000000000000000000000000000000000000000007b").unwrap(),
+        "The storedData in SimepleStorage contract won't be changed."
     );
 }