From cd3cea0e29295bb3f05ca7c27bf419e84b3ae411 Mon Sep 17 00:00:00 2001 From: andri lim Date: Wed, 18 Dec 2024 23:04:14 +0700 Subject: [PATCH] Fix bn256ecPairing precompile bug (#2953) Thanks to @holiman of goevmlab for his fuzzer. Similar with Blake2b precompile regression #2919. When error, the precompile should not return any output. --- nimbus/evm/precompiles.nim | 11 ++-- tools/evmstate/testdata/00155493-mixed-6.json | 58 +++++++++++++++++++ 2 files changed, 64 insertions(+), 5 deletions(-) create mode 100644 tools/evmstate/testdata/00155493-mixed-6.json diff --git a/nimbus/evm/precompiles.nim b/nimbus/evm/precompiles.nim index 07201861c..68e49da97 100644 --- a/nimbus/evm/precompiles.nim +++ b/nimbus/evm/precompiles.nim @@ -343,10 +343,10 @@ func bn256ecPairing(c: Computation, fork: EVMFork = FkByzantium): EvmResultVoid else: GasECPairingBaseIstanbul + numPoints * GasECPairingPerPointIstanbul ? c.gasMeter.consumeGas(gasFee, reason="ecPairing Precompile") - - c.output.setLen(32) + if msglen == 0: # we can discard here because we supply buffer of proper size + c.output.setLen(32) discard BNU256.one().toBytesBE(c.output) else: # Calculate number of pairing pairs @@ -357,12 +357,13 @@ func bn256ecPairing(c: Computation, fork: EVMFork = FkByzantium): EvmResultVoid for i in 0..