From e7d3380b09a888008fd37efaa6692377a4f4e902 Mon Sep 17 00:00:00 2001
From: Wei-Ning Huang <w@dexon.org>
Date: Mon, 22 Apr 2019 15:25:54 +0800
Subject: core: vm: add sanity check for updateConfiguration (#383)

---
 core/vm/oracle_contracts.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/core/vm/oracle_contracts.go b/core/vm/oracle_contracts.go
index 90cef5def..4434dcf5c 100644
--- a/core/vm/oracle_contracts.go
+++ b/core/vm/oracle_contracts.go
@@ -1706,6 +1706,18 @@ func (g *GovernanceContract) updateConfiguration(cfg *rawConfigStruct) ([]byte,
 		return nil, errExecutionReverted
 	}
 
+	// Sanity checks.
+	if cfg.MinStake.Cmp(big.NewInt(0)) <= 0 ||
+		cfg.LockupPeriod.Cmp(big.NewInt(0)) <= 0 ||
+		cfg.BlockGasLimit.Cmp(big.NewInt(0)) <= 0 ||
+		cfg.MinGasPrice.Cmp(big.NewInt(0)) <= 0 ||
+		cfg.LambdaBA.Cmp(big.NewInt(0)) <= 0 ||
+		cfg.LambdaDKG.Cmp(big.NewInt(0)) <= 0 ||
+		cfg.RoundLength.Cmp(big.NewInt(0)) <= 0 ||
+		cfg.MinBlockInterval.Cmp(big.NewInt(0)) <= 0 {
+		return nil, errExecutionReverted
+	}
+
 	g.state.UpdateConfigurationRaw(cfg)
 	g.state.emitConfigurationChangedEvent()
 
-- 
cgit v1.2.3