漏洞标题
前沿指令 SUICIDE 涉及的大型合同存储值过多
漏洞描述信息
前沿操作码SUICIDE对于大型合约来说触达了太多的存储值
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
漏洞类别
未加控制的资源消耗(资源穷尽)
漏洞标题
Frontier opcode SUICIDE touches too many storage values on large contracts
漏洞描述信息
Frontier is Substrate's Ethereum compatibility layer. Prior to commit aea528198b3b226e0d20cce878551fd4c0e3d5d0, at the end of a contract execution, when opcode SUICIDE marks a contract to be deleted, the software uses `storage::remove_prefix` (now renamed to `storage::clear_prefix`) to remove all storages associated with it. This is a single IO primitive call passing the WebAssembly boundary. For large contracts, the call (without providing a `limit` parameter) can be slow. In addition, for parachains, all storages to be deleted will be part of the PoV, which easily exceed relay chain PoV size limit. On the other hand, Frontier's maintainers only charge a fixed cost for opcode SUICIDE. The maintainers consider the severity of this issue high, because an attacker can craft a contract with a lot of storage values on a parachain, and then call opcode SUICIDE on the contract. If the transaction makes into a parachain block, the parachain will then stall because the PoV size will exceed relay chain's limit. This is especially an issue for XCM transactions, because they can't be skipped. Commit aea528198b3b226e0d20cce878551fd4c0e3d5d0 contains a patch for this issue. For parachains, it's recommended to issue an emergency runtime upgrade as soon as possible. For standalone chains, the impact is less severe because the issue mainly affects PoV sizes. It's recommended to issue a normal runtime upgrade as soon as possible. There are no known workarounds.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
不加限制或调节的资源分配
漏洞标题
Frontier 安全漏洞
漏洞描述信息
Frontier是一个 Substrate 的以太坊兼容层。用于运行未经修改的以太坊 Dapp。 Frontier aea52819之前版本存在安全漏洞,该漏洞源于允许攻击者在平行链上创建具有大量存储值的合约,然后在合约上调用操作码SUICIDE。
CVSS信息
N/A
漏洞类别
其他