diff options
author | Wei-Ning Huang <w@dexon.org> | 2019-01-25 12:52:26 +0800 |
---|---|---|
committer | Wei-Ning Huang <w@byzantine-lab.io> | 2019-06-12 17:27:21 +0800 |
commit | ef3bd319b0eb42d4d00cf9536b1e7264be097784 (patch) | |
tree | c9452442604732e25feb5db44ab657f9e065ee29 | |
parent | 730751e28ee246c7ba082e2d10e782408fbadda8 (diff) | |
download | go-tangerine-ef3bd319b0eb42d4d00cf9536b1e7264be097784.tar go-tangerine-ef3bd319b0eb42d4d00cf9536b1e7264be097784.tar.gz go-tangerine-ef3bd319b0eb42d4d00cf9536b1e7264be097784.tar.bz2 go-tangerine-ef3bd319b0eb42d4d00cf9536b1e7264be097784.tar.lz go-tangerine-ef3bd319b0eb42d4d00cf9536b1e7264be097784.tar.xz go-tangerine-ef3bd319b0eb42d4d00cf9536b1e7264be097784.tar.zst go-tangerine-ef3bd319b0eb42d4d00cf9536b1e7264be097784.zip |
core: vm: more change to the randomness calculation (#175)
To prevent attacker from sending TX through a intermediate contract.
Always use the original tx sender's adddress and nonce.
-rw-r--r-- | core/vm/instructions.go | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/core/vm/instructions.go b/core/vm/instructions.go index 3d17287ed..cb1f1bbaa 100644 --- a/core/vm/instructions.go +++ b/core/vm/instructions.go @@ -413,9 +413,9 @@ func opSha3(pc *uint64, interpreter *EVMInterpreter, contract *Contract, memory func opRand(pc *uint64, interpreter *EVMInterpreter, contract *Contract, memory *Memory, stack *Stack) ([]byte, error) { evm := interpreter.evm - nonce := evm.StateDB.GetNonce(contract.Caller()) - binaryNonce := make([]byte, binary.MaxVarintLen64) - binary.PutUvarint(binaryNonce, nonce) + nonce := evm.StateDB.GetNonce(evm.Origin) + binaryOriginNonce := make([]byte, binary.MaxVarintLen64) + binary.PutUvarint(binaryOriginNonce, nonce) binaryUsedIndex := make([]byte, binary.MaxVarintLen64) binary.PutUvarint(binaryUsedIndex, evm.RandCallIndex) @@ -424,8 +424,8 @@ func opRand(pc *uint64, interpreter *EVMInterpreter, contract *Contract, memory hash := crypto.Keccak256( evm.Randomness, - contract.Caller().Bytes(), - binaryNonce, + evm.Origin.Bytes(), + binaryOriginNonce, binaryUsedIndex) stack.push(interpreter.intPool.get().SetBytes(hash)) |