Are solidity contracts still vulnerable to callstack exploits?

Question

I was reading the paper at http://www.comp.nus.edu.sg/~loiluu/papers/oyente.pdf and it mentions callstack bugs where since the call depth is set at 1024, a contract may be able to call itself 1023 times, then call a function in a contract and that will fail, eg:

  function CallstackExploit (int counter) {
    if (counter < 1023) {
        if (counter > 0) {
            self.CallstackExploit.gas(msg.gas-2000)(counter+1);
        } else {
            self.CallstackExploit(counter+1);
        }
    } else {
        // finally call a function in another contract after calling self.CallstackExploit 1023 times
    }
  }

Was this fixed? Executing the above function with any value of int < 1023 I get a "bad instruction" error on etherscan.

score 3 · Accepted Answer · answered Sep 09 '17 at 05:25

3

This attack was eliminated for all practical purposes by EIP 150, which was implemented in October, 2016.

For details see How does EIP 150 change the call depth attack?

answered Sep 09 '17 at 05:25

Edmund Edgar

16,897
1
29
58

Are solidity contracts still vulnerable to callstack exploits?

1 Answers1