An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS1tY21yLTQ5eDMtNGpxbc4AAvq_

ckb type_id script resume may randomly fail

Affected Packages Affected Versions Fixed Versions
cargo:ckb >= 0.100.0, < 0.102.0 0.102.0
0 Dependent packages
0 Dependent repositories
113,543 Downloads total

Affected Version Ranges

All affected versions

0.100.0, 0.101.0, 0.101.1, 0.101.2, 0.101.3, 0.101.4, 0.101.5, 0.101.6, 0.101.7, 0.101.8

All unaffected versions

0.1.0, 0.37.0, 0.38.0, 0.39.0, 0.39.1, 0.40.0, 0.42.0, 0.43.0, 0.43.2, 0.102.0, 0.103.0, 0.104.0, 0.104.1, 0.105.0, 0.105.1, 0.106.0, 0.107.0, 0.108.0, 0.108.1, 0.109.0, 0.110.0, 0.110.1, 0.110.2, 0.111.0, 0.112.0, 0.112.1, 0.113.0, 0.113.1, 0.114.0, 0.115.0, 0.116.0, 0.116.1, 0.117.0, 0.118.0, 0.119.0, 0.120.0, 0.121.0, 0.200.0, 0.201.0, 0.202.0

Impact

https://github.com/nervosnetwork/ckb/blob/v0.101.2/script/src/verify.rs#L871-L879
TypeIdSystemScript resume handle is not correct when max_cycles is not enough, ScriptError::ExceededMaximumCycles will be raised directly ranther than suspend as expect, and also because script_group execution order is random, so this will happen randomly.

References: