From 1156ca42f21d8bc4b439572003a5a87f90410938 Mon Sep 17 00:00:00 2001
From: Danno Ferrin <danno@numisight.com>
Date: Fri, 25 Oct 2024 12:27:23 -0600
Subject: [PATCH] Limit EXTCODECOPY to eof bytes

When copying EOF contracts, make sure EXTCODECOPY only has access to the EOF magic, not just two bytes total.
---
 core/vm/instructions.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/core/vm/instructions.go b/core/vm/instructions.go
index c03322920a1b..6b31270ad72a 100644
--- a/core/vm/instructions.go
+++ b/core/vm/instructions.go
@@ -395,6 +395,7 @@ func opExtCodeCopy(pc *uint64, interpreter *EVMInterpreter, scope *ScopeContext)
 		codeOffset = stack.pop()
 		length     = stack.pop()
 		lengthU64  = length.Uint64()
+		codeCopy   []byte
 	)
 	uint64CodeOffset, overflow := codeOffset.Uint64WithOverflow()
 	if overflow {
@@ -406,9 +407,10 @@ func opExtCodeCopy(pc *uint64, interpreter *EVMInterpreter, scope *ScopeContext)
 		witness.AddCode(code)
 	}
 	if isEOFVersion1(code) {
-		lengthU64 = 2
+		codeCopy = getData(eofMagic, uint64CodeOffset, lengthU64)
+	} else {
+		codeCopy = getData(code, uint64CodeOffset, lengthU64)
 	}
-	codeCopy := getData(code, uint64CodeOffset, lengthU64)
 	scope.Memory.Set(memOffset.Uint64(), lengthU64, codeCopy)
 
 	return nil, nil