fix: get_create_init_code can be wrong (privacy-scaling-explorations#1671)

lispc · web-flow · commit 1d1066d57ed7 · 2023-10-26T02:40:36.000Z
### Description [_PR description_] ### Issue Link fix privacy-scaling-explorations#1670 ### Type of change - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] This change requires a documentation update ### Contents - [_item_] ### Rationale [_design decisions and extended information_] ### How Has This Been Tested? [_explanation_] <hr> ## How to fill a PR description Please give a concise description of your PR. The target readers could be future developers, reviewers, and auditors. By reading your description, they should easily understand the changes proposed in this pull request. MUST: Reference the issue to resolve ### Single responsability Is RECOMMENDED to create single responsibility commits, but not mandatory. Anyway, you MUST enumerate the changes in a unitary way, e.g. ``` This PR contains: - Cleanup of xxxx, yyyy - Changed xxxx to yyyy in order to bla bla - Added xxxx function to ... - Refactored .... ``` ### Design choices RECOMMENDED to: - What types of design choices did you face? - What decisions you have made? - Any valuable information that could help reviewers to think critically
diff --git a/bus-mapping/src/circuit_input_builder.rs b/bus-mapping/src/circuit_input_builder.rs
@@ -501,21 +501,21 @@ pub fn keccak_inputs_tx_circuit(
 }
 
 /// Retrieve the init_code from memory for {CREATE, CREATE2}
-pub fn get_create_init_code<'a>(
-    call_ctx: &'a CallContext,
-    step: &GethExecStep,
-) -> Result<&'a [u8], Error> {
+pub fn get_create_init_code(call_ctx: &CallContext, step: &GethExecStep) -> Result<Vec<u8>, Error> {
     let offset = step.stack.nth_last(1)?.low_u64() as usize;
     let length = step.stack.nth_last(2)?.as_usize();
 
     let mem_len = call_ctx.memory.0.len();
-    if offset >= mem_len {
-        return Ok(&[]);
+    let mut result = vec![0u8; length];
+    if length > 0 && offset < mem_len {
+        let offset_end = offset
+            .checked_add(length)
+            .expect("overflow should be handled using OOG error")
+            .min(mem_len);
+        let copy_len = offset_end - offset;
+        result[..copy_len].copy_from_slice(&call_ctx.memory.0[offset..offset_end]);
     }
-
-    let offset_end = offset.checked_add(length).unwrap_or(mem_len);
-
-    Ok(&call_ctx.memory.0[offset..offset_end])
+    Ok(result)
 }
 
 /// Retrieve the memory offset and length of call.
