From a51ffe20d26bcf56717f2e8f724b71b143b2c712 Mon Sep 17 00:00:00 2001
From: Danno Ferrin <danno.ferrin@swirldslabs.com>
Date: Thu, 28 Sep 2023 19:02:21 -0500
Subject: [PATCH] broken per infinite gas CVE

Signed-off-by: Danno Ferrin <danno.ferrin@swirldslabs.com>
---
 .../evm/gascalculator/TangerineWhistleGasCalculator.java  | 3 +--
 .../besu/evm/operation/AbstractCallOperation.java         | 8 +++++---
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/evm/src/main/java/org/hyperledger/besu/evm/gascalculator/TangerineWhistleGasCalculator.java b/evm/src/main/java/org/hyperledger/besu/evm/gascalculator/TangerineWhistleGasCalculator.java
index a5df3a0f623..a7c01b442f6 100644
--- a/evm/src/main/java/org/hyperledger/besu/evm/gascalculator/TangerineWhistleGasCalculator.java
+++ b/evm/src/main/java/org/hyperledger/besu/evm/gascalculator/TangerineWhistleGasCalculator.java
@@ -20,7 +20,6 @@
 import org.hyperledger.besu.datatypes.Wei;
 import org.hyperledger.besu.evm.account.Account;
 import org.hyperledger.besu.evm.frame.MessageFrame;
-import org.hyperledger.besu.evm.internal.Words;
 
 /** The Tangerine whistle gas calculator. */
 public class TangerineWhistleGasCalculator extends HomesteadGasCalculator {
@@ -84,7 +83,7 @@ public long callOperationGasCost(
   }
 
   private static long gasCap(final long remaining, final long stipend) {
-    return Words.unsignedMin(allButOneSixtyFourth(remaining), stipend);
+    return Math.min(allButOneSixtyFourth(remaining), stipend);
   }
 
   @Override
diff --git a/evm/src/main/java/org/hyperledger/besu/evm/operation/AbstractCallOperation.java b/evm/src/main/java/org/hyperledger/besu/evm/operation/AbstractCallOperation.java
index 64cb42757ea..d2954641a95 100644
--- a/evm/src/main/java/org/hyperledger/besu/evm/operation/AbstractCallOperation.java
+++ b/evm/src/main/java/org/hyperledger/besu/evm/operation/AbstractCallOperation.java
@@ -14,8 +14,6 @@
  */
 package org.hyperledger.besu.evm.operation;
 
-import static org.hyperledger.besu.evm.internal.Words.clampedToLong;
-
 import org.hyperledger.besu.datatypes.Address;
 import org.hyperledger.besu.datatypes.Wei;
 import org.hyperledger.besu.evm.Code;
@@ -65,7 +63,11 @@ public abstract class AbstractCallOperation extends AbstractOperation {
    * @return the additional gas to provide the call operation
    */
   protected long gas(final MessageFrame frame) {
-    return clampedToLong(frame.getStackItem(0));
+    try {
+      return frame.getStackItem(0).trimLeadingZeros().toLong();
+    } catch (final ArithmeticException | IllegalArgumentException ae) {
+      return Long.MAX_VALUE;
+    }
   }
 
   /**