From 93aeb962b6cf2326752011dff7c43561de26b37c Mon Sep 17 00:00:00 2001
From: Emanuele Cesena <ecesena@jumptrading.com>
Date: Thu, 9 Jan 2025 00:09:02 +0000
Subject: [PATCH] bn254: fix check input sz for mul

---
 src/ballet/bn254/fd_bn254.c                    | 9 ++++++---
 src/ballet/bn254/fd_bn254.h                    | 3 ++-
 src/ballet/bn254/test_bn254.c                  | 5 +++--
 src/flamenco/features/fd_features_generated.c  | 8 ++++++++
 src/flamenco/features/fd_features_generated.h  | 3 ++-
 src/flamenco/features/feature_map.json         | 3 ++-
 src/flamenco/vm/syscall/fd_vm_syscall_crypto.c | 3 ++-
 7 files changed, 25 insertions(+), 9 deletions(-)

diff --git a/src/ballet/bn254/fd_bn254.c b/src/ballet/bn254/fd_bn254.c
index b23d9aaf03..76bae49bfa 100644
--- a/src/ballet/bn254/fd_bn254.c
+++ b/src/ballet/bn254/fd_bn254.c
@@ -188,11 +188,14 @@ fd_bn254_g1_add_syscall( uchar       out[64],
 int
 fd_bn254_g1_scalar_mul_syscall( uchar       out[64],
                                 uchar const in[],
-                                ulong       in_sz ) {
+                                ulong       in_sz,
+                                int         check_correct_sz ) {
   /* Expected 96-byte input (1 point + 1 scalar). Pad input with 0s.
      Note: Agave checks for 128 bytes instead of 96. We have to do the same check.
-     https://github.com/anza-xyz/agave/blob/v1.18.6/sdk/program/src/alt_bn128/mod.rs#L17 */
-  if( FD_UNLIKELY( in_sz > 128UL ) ) {
+     https://github.com/anza-xyz/agave/blob/v1.18.6/sdk/program/src/alt_bn128/mod.rs#L17
+     Update: https://github.com/anza-xyz/agave/blob/d2df66d3/programs/bpf_loader/src/syscalls/mod.rs#L1654-L1658 */
+  ulong check_sz = check_correct_sz ? 96UL : 128UL;
+  if( FD_UNLIKELY( in_sz > check_sz ) ) {
     return -1;
   }
   uchar FD_ALIGNED buf[96] = { 0 };
diff --git a/src/ballet/bn254/fd_bn254.h b/src/ballet/bn254/fd_bn254.h
index ac3985cf28..18fc7c38c8 100644
--- a/src/ballet/bn254/fd_bn254.h
+++ b/src/ballet/bn254/fd_bn254.h
@@ -19,7 +19,8 @@ fd_bn254_g1_add_syscall( uchar       out[64],
 int
 fd_bn254_g1_scalar_mul_syscall( uchar       out[64],
                                 uchar const in[],
-                                ulong       in_sz );
+                                ulong       in_sz,
+                                int         check_correct_sz );
 
 int
 fd_bn254_pairing_is_one_syscall( uchar       out[32],
diff --git a/src/ballet/bn254/test_bn254.c b/src/ballet/bn254/test_bn254.c
index 378cfa9a68..bf49a48a47 100644
--- a/src/ballet/bn254/test_bn254.c
+++ b/src/ballet/bn254/test_bn254.c
@@ -165,7 +165,8 @@ int main( int     argc,
 
       fd_hex_decode( in, tests[2*i], in_sz );
 
-      FD_TEST( fd_bn254_g1_scalar_mul_syscall( res, in, in_sz )==0 );
+      FD_TEST( fd_bn254_g1_scalar_mul_syscall( res, in, in_sz, 0 )==0 );
+      FD_TEST( fd_bn254_g1_scalar_mul_syscall( res, in, in_sz, 1 )==0 );
 
       fd_hex_decode( exp, tests[2*i+1], 64 );
       if( !fd_memeq( res, exp, 64 ) ) {
@@ -179,7 +180,7 @@ int main( int     argc,
       ulong iter = 1000UL;
       long dt = fd_log_wallclock();
       for( ulong rem=iter; rem; rem-- ) {
-        fd_bn254_g1_scalar_mul_syscall( res, in, in_sz );
+        fd_bn254_g1_scalar_mul_syscall( res, in, in_sz, 1 );
       }
       dt = fd_log_wallclock() - dt;
       log_bench( "fd_bn254_g1_scalar_mul_syscall", iter, dt );
diff --git a/src/flamenco/features/fd_features_generated.c b/src/flamenco/features/fd_features_generated.c
index c5a7609765..ebc80e4f9d 100644
--- a/src/flamenco/features/fd_features_generated.c
+++ b/src/flamenco/features/fd_features_generated.c
@@ -1319,6 +1319,12 @@ fd_feature_id_t const ids[] = {
     .name       = "remove_accounts_executable_flag_checks",
     .cleaned_up = {UINT_MAX, UINT_MAX, UINT_MAX} },
 
+  { .index      = offsetof(fd_features_t, fix_alt_bn128_multiplication_input_length)>>3,
+    .id         = {"\x08\xe8\xaa\x2e\x13\xc5\xc5\x54\xe2\xc3\xb4\x0e\x26\xb4\x64\x3b\xc7\xcb\x89\x6c\xc0\x06\x05\xaa\x65\x7f\x3a\x3d\x30\xee\xf9\x05"},
+                  /* bn2puAyxUx6JUabAxYdKdJ5QHbNNmKw8dCGuGCyRrFN */
+    .name       = "fix_alt_bn128_multiplication_input_length",
+    .cleaned_up = {UINT_MAX, UINT_MAX, UINT_MAX} },
+
   { .index = ULONG_MAX }
 };
 
@@ -1546,6 +1552,7 @@ fd_feature_id_query( ulong prefix ) {
   case 0xaebbcc5ad0a28864: return &ids[ 215 ];
   case 0x7f29632535392bc7: return &ids[ 216 ];
   case 0x8c012a2071caecd9: return &ids[ 217 ];
+  case 0x54c5c5132eaae808: return &ids[ 218 ];
   default: break;
   }
 
@@ -1772,5 +1779,6 @@ FD_STATIC_ASSERT( offsetof( fd_features_t, migrate_stake_program_to_core_bpf
 FD_STATIC_ASSERT( offsetof( fd_features_t, enable_get_epoch_stake_syscall                          )>>3==215UL, layout );
 FD_STATIC_ASSERT( offsetof( fd_features_t, disable_account_loader_special_case                     )>>3==216UL, layout );
 FD_STATIC_ASSERT( offsetof( fd_features_t, remove_accounts_executable_flag_checks                  )>>3==217UL, layout );
+FD_STATIC_ASSERT( offsetof( fd_features_t, fix_alt_bn128_multiplication_input_length               )>>3==218UL, layout );
 
 FD_STATIC_ASSERT( sizeof( fd_features_t )>>3==FD_FEATURE_ID_CNT, layout );
diff --git a/src/flamenco/features/fd_features_generated.h b/src/flamenco/features/fd_features_generated.h
index 0b80733f0e..5a3ae51c55 100644
--- a/src/flamenco/features/fd_features_generated.h
+++ b/src/flamenco/features/fd_features_generated.h
@@ -6,7 +6,7 @@
 
 /* FEATURE_ID_CNT is the number of features in ids */
 
-#define FD_FEATURE_ID_CNT (218UL)
+#define FD_FEATURE_ID_CNT (219UL)
 
 union fd_features {
 
@@ -231,6 +231,7 @@ union fd_features {
     /* 0xaebbcc5ad0a28864 */ ulong enable_get_epoch_stake_syscall;
     /* 0x7f29632535392bc7 */ ulong disable_account_loader_special_case;
     /* 0x8c012a2071caecd9 */ ulong remove_accounts_executable_flag_checks;
+    /* 0x54c5c5132eaae808 */ ulong fix_alt_bn128_multiplication_input_length;
   };
 
 };
diff --git a/src/flamenco/features/feature_map.json b/src/flamenco/features/feature_map.json
index c1b8d46c3b..5343a1c491 100644
--- a/src/flamenco/features/feature_map.json
+++ b/src/flamenco/features/feature_map.json
@@ -216,5 +216,6 @@
   {"name":"migrate_stake_program_to_core_bpf","pubkey":"6M4oQ6eXneVhtLoiAr4yRYQY43eVLjrKbiDZDJc892yk"},
   {"name":"enable_get_epoch_stake_syscall","pubkey":"7mScTYkJXsbdrcwTQRs7oeCSXoJm4WjzBsRyf8bCU3Np"},
   {"name":"disable_account_loader_special_case","pubkey":"EQUMpNFr7Nacb1sva56xn1aLfBxppEoSBH8RRVdkcD1x"},
-  {"name":"remove_accounts_executable_flag_checks","pubkey":"FfgtauHUWKeXTzjXkua9Px4tNGBFHKZ9WaigM5VbbzFx"}
+  {"name":"remove_accounts_executable_flag_checks","pubkey":"FfgtauHUWKeXTzjXkua9Px4tNGBFHKZ9WaigM5VbbzFx"},
+  {"name":"fix_alt_bn128_multiplication_input_length","pubkey":"bn2puAyxUx6JUabAxYdKdJ5QHbNNmKw8dCGuGCyRrFN"}
 ]
diff --git a/src/flamenco/vm/syscall/fd_vm_syscall_crypto.c b/src/flamenco/vm/syscall/fd_vm_syscall_crypto.c
index 83fd468ef1..0c43b5f8e9 100644
--- a/src/flamenco/vm/syscall/fd_vm_syscall_crypto.c
+++ b/src/flamenco/vm/syscall/fd_vm_syscall_crypto.c
@@ -70,7 +70,8 @@ fd_vm_syscall_sol_alt_bn128_group_op( void *  _vm,
 
   case FD_VM_SYSCALL_SOL_ALT_BN128_MUL:
     /* Compute scalar mul */
-    if( FD_LIKELY( fd_bn254_g1_scalar_mul_syscall( call_result, input, input_sz )==0 ) ) {
+    if( FD_LIKELY( fd_bn254_g1_scalar_mul_syscall( call_result, input, input_sz,
+                                                   FD_FEATURE_ACTIVE( (vm->instr_ctx->slot_ctx), fix_alt_bn128_multiplication_input_length ) )==0 ) ) {
       ret = 0UL; /* success */
     }
     break;