From 0214dabf02a9aab8017bf6a28b3f5104e8280379 Mon Sep 17 00:00:00 2001
From: Scott Fairclough <70711990+hexoscott@users.noreply.github.com>
Date: Tue, 15 Oct 2024 21:15:52 +0100
Subject: [PATCH] create 2 allocation (#1325)

---
 core/vm/instructions_zkevm.go | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/core/vm/instructions_zkevm.go b/core/vm/instructions_zkevm.go
index 3711ce135a9..c33668d37c9 100644
--- a/core/vm/instructions_zkevm.go
+++ b/core/vm/instructions_zkevm.go
@@ -450,9 +450,19 @@ func opCreate2_zkevm_lastOpCode(pc *uint64, interpreter *EVMInterpreter, scope *
 		endowment    = scope.Stack.Pop()
 		offset, size = scope.Stack.Pop(), scope.Stack.Pop()
 		salt         = scope.Stack.Pop()
-		input        = scope.Memory.GetCopy(int64(offset.Uint64()), int64(size.Uint64()))
 	)
 
+	if size.Uint64() > params.MaxInitCodeSize {
+		// if we are over the maximum size this instruction is invalid and we could be open
+		// to trying to allocate too much memory causing a panic.  Because the address never
+		// actually gets created in this insance because of out of gas we can just spam
+		// a random address by cutting the size down to maximum
+		newSize := uint256.NewInt(params.MaxInitCodeSize)
+		size = *newSize
+	}
+
+	input := scope.Memory.GetCopy(int64(offset.Uint64()), int64(size.Uint64()))
+
 	caller := scope.Contract
 	codeAndHash := &codeAndHash{code: input}
 	address := crypto.CreateAddress2(caller.Address(), salt.Bytes32(), codeAndHash.Hash().Bytes())