diff --git a/system-contracts/contracts/EvmEmulator.yul b/system-contracts/contracts/EvmEmulator.yul index ea8b65d34..feefd03f9 100644 --- a/system-contracts/contracts/EvmEmulator.yul +++ b/system-contracts/contracts/EvmEmulator.yul @@ -1749,7 +1749,6 @@ object "EvmEmulator" { ip := add(ip, 1) } case 0x39 { // OP_CODECOPY - evmGasLeft := chargeGas(evmGasLeft, 3) let dstOffset, sourceOffset, len @@ -1774,14 +1773,14 @@ object "EvmEmulator" { sourceOffset := add(sourceOffset, BYTECODE_OFFSET()) - if gt(sourceOffset, MEM_LEN_OFFSET()) { - sourceOffset := MEM_LEN_OFFSET() + if gt(sourceOffset, bytecodeEndOffset) { + sourceOffset := bytecodeEndOffset } // Check bytecode out-of-bounds access let truncatedLen := len - if gt(add(sourceOffset, len), MEM_LEN_OFFSET()) { - truncatedLen := sub(MEM_LEN_OFFSET(), sourceOffset) // truncate + if gt(add(sourceOffset, len), bytecodeEndOffset) { + truncatedLen := sub(bytecodeEndOffset, sourceOffset) // truncate $llvm_AlwaysInline_llvm$_memsetToZero(add(dstOffset, truncatedLen), sub(len, truncatedLen)) // pad with zeroes any out-of-bounds } @@ -4889,7 +4888,6 @@ object "EvmEmulator" { ip := add(ip, 1) } case 0x39 { // OP_CODECOPY - evmGasLeft := chargeGas(evmGasLeft, 3) let dstOffset, sourceOffset, len @@ -4914,14 +4912,14 @@ object "EvmEmulator" { sourceOffset := add(sourceOffset, BYTECODE_OFFSET()) - if gt(sourceOffset, MEM_LEN_OFFSET()) { - sourceOffset := MEM_LEN_OFFSET() + if gt(sourceOffset, bytecodeEndOffset) { + sourceOffset := bytecodeEndOffset } // Check bytecode out-of-bounds access let truncatedLen := len - if gt(add(sourceOffset, len), MEM_LEN_OFFSET()) { - truncatedLen := sub(MEM_LEN_OFFSET(), sourceOffset) // truncate + if gt(add(sourceOffset, len), bytecodeEndOffset) { + truncatedLen := sub(bytecodeEndOffset, sourceOffset) // truncate $llvm_AlwaysInline_llvm$_memsetToZero(add(dstOffset, truncatedLen), sub(len, truncatedLen)) // pad with zeroes any out-of-bounds } diff --git a/system-contracts/evm-emulator/EvmEmulatorLoop.template.yul b/system-contracts/evm-emulator/EvmEmulatorLoop.template.yul index b5d956b44..023b6a747 100644 --- a/system-contracts/evm-emulator/EvmEmulatorLoop.template.yul +++ b/system-contracts/evm-emulator/EvmEmulatorLoop.template.yul @@ -407,7 +407,6 @@ for { } true { } { ip := add(ip, 1) } case 0x39 { // OP_CODECOPY - evmGasLeft := chargeGas(evmGasLeft, 3) let dstOffset, sourceOffset, len @@ -432,14 +431,14 @@ for { } true { } { sourceOffset := add(sourceOffset, BYTECODE_OFFSET()) - if gt(sourceOffset, MEM_LEN_OFFSET()) { - sourceOffset := MEM_LEN_OFFSET() + if gt(sourceOffset, bytecodeEndOffset) { + sourceOffset := bytecodeEndOffset } // Check bytecode out-of-bounds access let truncatedLen := len - if gt(add(sourceOffset, len), MEM_LEN_OFFSET()) { - truncatedLen := sub(MEM_LEN_OFFSET(), sourceOffset) // truncate + if gt(add(sourceOffset, len), bytecodeEndOffset) { + truncatedLen := sub(bytecodeEndOffset, sourceOffset) // truncate $llvm_AlwaysInline_llvm$_memsetToZero(add(dstOffset, truncatedLen), sub(len, truncatedLen)) // pad with zeroes any out-of-bounds }