Add function number checks

chipshort · chipshort · commit 0003ca4f5537 · 2024-01-08T17:14:55.000+01:00
diff --git a/packages/vm/src/compatibility.rs b/packages/vm/src/compatibility.rs
@@ -77,6 +77,12 @@ const TABLE_SIZE_LIMIT: u32 = 2500; // entries
 /// when a user accidentally includes wasm-bindgen, they get a bunch of unsupported imports.
 const MAX_IMPORTS: usize = 100;
 
+const MAX_FUNCTIONS: usize = 10000;
+
+const MAX_FUNCTION_PARAMS: usize = 50;
+
+const MAX_FUNCTION_RESULTS: usize = 1;
+
 /// Checks if the data is valid wasm and compatibility with the CosmWasm API (imports and exports)
 pub fn check_wasm(wasm_code: &[u8], available_capabilities: &HashSet<String>) -> VmResult<()> {
     let module = ParsedWasm::parse(wasm_code)?;
@@ -87,6 +93,7 @@ pub fn check_wasm(wasm_code: &[u8], available_capabilities: &HashSet<String>) ->
     check_wasm_exports(&module)?;
     check_wasm_imports(&module, SUPPORTED_IMPORTS)?;
     check_wasm_capabilities(&module, available_capabilities)?;
+    check_wasm_functions(&module)?;
 
     Ok(())
 }
@@ -234,6 +241,25 @@ fn check_wasm_capabilities(
     Ok(())
 }
 
+fn check_wasm_functions(module: &ParsedWasm) -> VmResult<()> {
+    if module.function_count > MAX_FUNCTIONS {
+        return Err(VmError::static_validation_err(format!(
+            "Wasm contract contains more than {MAX_FUNCTIONS} functions"
+        )));
+    }
+    if module.max_func_params > MAX_FUNCTION_PARAMS {
+        return Err(VmError::static_validation_err(format!(
+            "Wasm contract contains function with more than {MAX_FUNCTION_PARAMS} parameters"
+        )));
+    }
+    if module.max_func_results > MAX_FUNCTION_RESULTS {
+        return Err(VmError::static_validation_err(format!(
+            "Wasm contract contains function with more than {MAX_FUNCTION_RESULTS} results"
+        )));
+    }
+    Ok(())
+}
+
 #[cfg(test)]
 mod tests {
     use super::*;
