From 10c34850e1f8a72f948e8389a3c6ffabe57ac7be Mon Sep 17 00:00:00 2001
From: NikVolf <nikvolf@gmail.com>
Date: Thu, 8 Feb 2018 17:22:50 +0300
Subject: [PATCH] disable internal memory

---
 ethcore/wasm/src/parser.rs | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/ethcore/wasm/src/parser.rs b/ethcore/wasm/src/parser.rs
index f705bf13127..13e0555298f 100644
--- a/ethcore/wasm/src/parser.rs
+++ b/ethcore/wasm/src/parser.rs
@@ -56,12 +56,20 @@ pub fn payload<'a>(params: &'a vm::ActionParams, schedule: &vm::Schedule)
 		},
 	};
 
-	let contract_module = wasm_utils::inject_gas_counter(
-		elements::Module::deserialize(
+	let deserialized_module = elements::Module::deserialize(
 			&mut cursor
 		).map_err(|err| {
 			vm::Error::Wasm(format!("Error deserializing contract code ({:?})", err))
-		})?,
+		})?;
+
+	if deserialized_module.memory_section().map_or(false, |ms| ms.entries().len() > 0) {
+		// According to WebAssembly spec, internal memory is hidden from embedder and should not
+		// be interacted with. So we disable this kind of modules at decoding level.
+		return Err(vm::Error::Wasm(format!("Malformed wasm module: internal memory")));
+	}
+
+	let contract_module = wasm_utils::inject_gas_counter(
+		deserialized_module,
 		&gas_rules(schedule),
 	);