diff --git a/CHANGELOG.md b/CHANGELOG.md index 7b0428744f..9f6f4f37cd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -41,6 +41,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ ### Bug Fixes * (rpc) [tharsis#990](https://github.com/tharsis/ethermint/pull/990) Calculate reward values from all `MsgEthereumTx` from a block in `eth_feeHistory`. +* (ante) [tharsis#991](https://github.com/tharsis/ethermint/pull/991) Set an upper bound to gasWanted to prevent DoS attack. ## [v0.11.0] - 2022-03-06 diff --git a/app/ante/eth.go b/app/ante/eth.go index 0908377ceb..8ac9a6d640 100644 --- a/app/ante/eth.go +++ b/app/ante/eth.go @@ -17,6 +17,8 @@ import ( ethtypes "github.com/ethereum/go-ethereum/core/types" ) +const MaxTxGasWanted uint64 = 500000 + // EthSigVerificationDecorator validates an ethereum signatures type EthSigVerificationDecorator struct { evmKeeper EVMKeeper @@ -171,7 +173,6 @@ func (egcd EthGasConsumeDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simula london := ethCfg.IsLondon(blockHeight) evmDenom := params.EvmDenom gasWanted := uint64(0) - var events sdk.Events for _, msg := range tx.GetMsgs() { @@ -184,7 +185,17 @@ func (egcd EthGasConsumeDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simula if err != nil { return ctx, sdkerrors.Wrap(err, "failed to unpack tx data") } - gasWanted += txData.GetGas() + + if ctx.IsCheckTx() { + // We can't trust the tx gas limit, because we'll refund the unused gas. + if txData.GetGas() > MaxTxGasWanted { + gasWanted += MaxTxGasWanted + } else { + gasWanted += txData.GetGas() + } + } else { + gasWanted += txData.GetGas() + } fees, err := egcd.evmKeeper.DeductTxCostsFromUserBalance( ctx, diff --git a/app/ante/eth_test.go b/app/ante/eth_test.go index 3490ba698c..01a55734c5 100644 --- a/app/ante/eth_test.go +++ b/app/ante/eth_test.go @@ -268,7 +268,7 @@ func (suite AnteTestSuite) TestEthGasConsumeDecorator() { { "success", tx2, - tx2GasLimit, + ante.MaxTxGasWanted, // it's capped func() { vmdb.AddBalance(addr, big.NewInt(1000000))