additional checks for c5

Author: rise1507

build/wallet_v5.compiled.json

@@ -1 +1 @@
-{"hex":"b5ee9c7241021301000267000114ff00f4a413f4bcf2c80b0102012004020102f203012020d70b1f82107369676ebaf2e08a7f700f0201480e0502012007060019be5f0f6a2684080a0eb90fa02c0201200b080201480a090011b262fb513435c280200017b325fb51341c75c875c2c7e002016e0d0c0019af1df6a2684010eb90eb858fc00019adce76a2684020eb90eb85ffc002f2d020d749c120915b8f6e20d70b1f2082106578746ebd21821073696e74bdb0925f03e002d0d60301c713c200925f03e00282106578746eba8eb08020d72101fa4030fa44f828fa443058bd915be0ed44d0810141d721f4058307f40e6fa1319130e18040d721707fdb3ce03120d749810281b99130e07070e2100f01e48eefeda2edfb228308d722038308d723208020d721d31fd31fd31fed44d0d200d31f20d31fd3ffd70a000af90140ddf9109a29945f0bdb31e1f2c087df02b35007b0f2d0845125baf2e0855037baf2e086f823bbf2d0882392f800de01a47fc8ca00cb1f01cf16c9ed542192f80fdedb3cd81002c2eda2edfb02f404216e926c218e2a0221d739309420c700b38e1ad72820761e436c20d71d06c712c2005220b0f2d089d74cd73930e85bed55e2d20001c000915be0ebd72c08142091709601d72c081c12e25210b1e30f20d74a935bdb31e1d74cd01211007230d72c08248e2d21f2e092d200ed44d0d2005113baf2d08f54503091319c01810140d721d70a00f2e08ee2c8ca0058cf16c9ed5493f2c08de2009601fa4001fa44f828fa443058baf2e091ed44d0810141d718f405049d7fc8ca0040048307f453f2e08b8e14038307f45bf2e08c22d70a00216e01b3b0f2d090e2c85003cf1612f400c9ed54ad2777ad"}
+{"hex":"b5ee9c724102140100028d000114ff00f4a413f4bcf2c80b0102012004020102f203012020d70b1f82107369676ebaf2e08a7f700f0201480e0502012007060019be5f0f6a2684080a0eb90fa02c0201200b080201480a090011b262fb513435c280200017b325fb51341c75c875c2c7e002016e0d0c0019af1df6a2684010eb90eb858fc00019adce76a2684020eb90eb85ffc002f2d020d749c120915b8f6e20d70b1f2082106578746ebd21821073696e74bdb0925f03e002d0d60301c713c200925f03e00282106578746eba8eb08020d72101fa4030fa44f828fa443058bd915be0ed44d0810141d721f4058307f40e6fa1319130e18040d721707fdb3ce03120d749810281b99130e07070e2100f01e48eefeda2edfb228308d722038308d723208020d721d31fd31fd31fed44d0d200d31f20d31fd3ffd70a000af90140ddf9109a29945f0bdb31e1f2c087df02b35007b0f2d0845125baf2e0855037baf2e086f823bbf2d0882392f800de01a47fc8ca00cb1f01cf16c9ed542192f80fdedb3cd81003f4eda2edfb02f404216e926c218e4d0221d73930709421c700b38e2d01d72820761e436c20d749c008f2e09320d74ac002f2e09320d71d06c712c2005230b0f2d089d74cd7393001a4e86c128100febbf2e093d74ac000f2e093ed55e2d20001c000915be0ebd72c08142091709601d72c081c12e25210b1e30f201312110014d74a935bdb31e1d74cd0007230d72c08248e2d21f2e092d200ed44d0d2005113baf2d08f54503091319c01810140d721d70a00f2e08ee2c8ca0058cf16c9ed5493f2c08de2009601fa4001fa44f828fa443058baf2e091ed44d0810141d718f405049d7fc8ca0040048307f453f2e08b8e14038307f45bf2e08c22d70a00216e01b3b0f2d090e2c85003cf1612f400c9ed542304d79e"}

contracts/wallet_v5.fc

@@ -17,6 +17,7 @@ const int error::this_signature_mode_already_set = 143;
 const int error::remove_last_extension_when_signature_disabled = 144;
 const int error::extension_wrong_workchain = 145;
 const int error::only_extension_can_change_signature_mode = 146;
+const int error::invalid_c5 = 147;
 
 const int size::bool = 1;
 const int size::seqno = 32;
@@ -65,10 +66,15 @@ cell verify_c5_actions(cell c5, int is_external) inline {
   ;; exotic cell starts with 0x02, 0x03 or 0x04 so it will not pass action_send_msg prefix check
   (slice cs, _) = c5.begin_parse_raw();
 
+  int count = 0;
+
   while (~ cs.slice_empty?()) {
     ;; only `action_send_msg` is allowed; `action_set_code`, `action_reserve_currency` or `action_change_library` are not.
     cs = cs.enforce_and_remove_action_send_msg_prefix();
 
+    throw_unless(error::invalid_c5, cs.slice_bits() == 8); ;; send_mode
+    throw_unless(error::invalid_c5, cs.slice_refs() == 2); ;; next-action-ref and MessageRelaxed ref
+
     ;; enforce that send_mode has +2 bit (ignore errors) set for external message.
     ;; if such send_mode is not set and sending fails at the action phase (for example due to insufficient balance) then the seqno will not be increased and the external message will be processed again and again.
 
@@ -78,7 +84,10 @@ cell verify_c5_actions(cell c5, int is_external) inline {
     throw_if(error::external_send_message_must_have_ignore_errors_send_mode, is_external & (count_trailing_zeroes(cs.preload_bits(7)) > 0));
 
     (cs, _) = cs.preload_ref().begin_parse_raw();
+    count += 1;
   }
+  throw_unless(error::invalid_c5, count <= 254);
+  throw_unless(error::invalid_c5, cs.slice_refs() == 0);
 
   return c5;
 }