bluealloy · rakita · Oct 17, 2025 · Oct 16, 2025
diff --git a/crates/interpreter/src/instructions/macros.rs b/crates/interpreter/src/instructions/macros.rs
@@ -132,6 +132,11 @@ macro_rules! resize_memory {
         $crate::resize_memory!($interpreter, $offset, $len, ())
     };
     ($interpreter:expr, $offset:expr, $len:expr, $ret:expr) => {
+        #[cfg(feature = "memory_limit")]
+        if $interpreter.memory.limit_reached($offset, $len) {
+            $interpreter.halt_memory_limit_oog();
+            return $ret;
+        }
         if !$crate::interpreter::resize_memory(
             &mut $interpreter.gas,
             &mut $interpreter.memory,

diff --git a/crates/interpreter/src/interpreter.rs b/crates/interpreter/src/interpreter.rs
@@ -233,6 +233,13 @@ impl<IW: InterpreterTypes> Interpreter<IW> {
     #[cold]
     #[inline(never)]
     pub fn halt_memory_oog(&mut self) {
+        self.halt(InstructionResult::MemoryOOG);
+    }
+
+    /// Halt the interpreter with an out-of-gas error.
+    #[cold]
+    #[inline(never)]
+    pub fn halt_memory_limit_oog(&mut self) {
         self.halt(InstructionResult::MemoryLimitOOG);
     }
 
@@ -431,3 +438,78 @@ mod tests {
         );
     }
 }
+
+#[test]
+fn test_mstore_big_offset_memory_oog() {
+    use super::*;
+    use crate::{host::DummyHost, instructions::instruction_table};
+    use bytecode::Bytecode;
+    use primitives::Bytes;
+
+    let code = Bytes::from(
+        &[
+            0x60, 0x00, // PUSH1 0x00
+            0x61, 0x27, 0x10, // PUSH2 0x2710  (10,000)
+            0x52, // MSTORE
+            0x00, // STOP
+        ][..],
+    );
+    let bytecode = Bytecode::new_raw(code);
+
+    let mut interpreter = Interpreter::<EthInterpreter>::new(
+        SharedMemory::new(),
+        ExtBytecode::new(bytecode),
+        InputsImpl::default(),
+        false,
+        SpecId::default(),
+        1000,
+    );
+
+    let table = instruction_table::<EthInterpreter, DummyHost>();
+    let mut host = DummyHost;
+    let action = interpreter.run_plain(&table, &mut host);
+
+    assert!(action.is_return());
+    assert_eq!(
+        action.instruction_result(),
+        Some(InstructionResult::MemoryOOG)
+    );
+}
+
+#[test]
+#[cfg(feature = "memory_limit")]
+fn test_mstore_big_offset_memory_limit_oog() {
+    use super::*;
+    use crate::{host::DummyHost, instructions::instruction_table};
+    use bytecode::Bytecode;
+    use primitives::Bytes;
+
+    let code = Bytes::from(
+        &[
+            0x60, 0x00, // PUSH1 0x00
+            0x61, 0x27, 0x10, // PUSH2 0x2710  (10,000)
+            0x52, // MSTORE
+            0x00, // STOP
+        ][..],
+    );
+    let bytecode = Bytecode::new_raw(code);
+
+    let mut interpreter = Interpreter::<EthInterpreter>::new(
+        SharedMemory::new_with_memory_limit(1000),
+        ExtBytecode::new(bytecode),
+        InputsImpl::default(),
+        false,
+        SpecId::default(),
+        100000,
+    );
+
+    let table = instruction_table::<EthInterpreter, DummyHost>();
+    let mut host = DummyHost;
+    let action = interpreter.run_plain(&table, &mut host);
+
+    assert!(action.is_return());
+    assert_eq!(
+        action.instruction_result(),
+        Some(InstructionResult::MemoryLimitOOG)
+    );
+}
diff --git a/crates/interpreter/src/interpreter/shared_memory.rs b/crates/interpreter/src/interpreter/shared_memory.rs
@@ -125,6 +125,17 @@ impl MemoryTr for SharedMemory {
         self.resize(new_size);
         true
     }
+
+    /// Returns `true` if the `new_size` for the current context memory will
+    /// make the shared buffer length exceed the `memory_limit`.
+    #[cfg(feature = "memory_limit")]
+    #[inline]
+    fn limit_reached(&self, offset: usize, len: usize) -> bool {
+        self.my_checkpoint
+            .saturating_add(offset)
+            .saturating_add(len) as u64
+            > self.memory_limit
+    }
 }
 
 impl SharedMemory {
@@ -200,14 +211,6 @@ impl SharedMemory {
         self.buffer().dbg_borrow_mut()
     }
 
-    /// Returns `true` if the `new_size` for the current context memory will
-    /// make the shared buffer length exceed the `memory_limit`.
-    #[cfg(feature = "memory_limit")]
-    #[inline]
-    pub fn limit_reached(&self, new_size: usize) -> bool {
-        self.my_checkpoint.saturating_add(new_size) as u64 > self.memory_limit
-    }
-
     /// Prepares the shared memory for a new child context.
     ///
     /// # Panics

diff --git a/crates/interpreter/src/interpreter_types.rs b/crates/interpreter/src/interpreter_types.rs
@@ -144,8 +144,13 @@ pub trait MemoryTr {
     ///
     /// # Note
     ///
-    /// It checks memory limits.
+    /// It checks if the memory allocation fits under gas cap.
     fn resize(&mut self, new_size: usize) -> bool;
+
+    /// Returns `true` if the `new_size` for the current context memory will
+    /// make the shared buffer length exceed the `memory_limit`.
+    #[cfg(feature = "memory_limit")]
+    fn limit_reached(&self, offset: usize, len: usize) -> bool;
 }
 
 /// Functions needed for Interpreter Stack operations.