solidity icon indicating copy to clipboard operation
solidity copied to clipboard

Published 20 hours ago verified publisher icon ethereum

Security: blog post, minified example

Open fulldecent opened this issue 3 years ago • 0 comments

Page

https://blog.soliditylang.org/2022/08/08/calldata-tuple-reencoding-head-overflow-bug/

Abstract

The example in that page is not a minimal test case. We have found a minimal test case. Please consider updating to article to use this broader, minimal test case.

Pull request

Test case:

pragma solidity 0.8.15;

contract E {
    function f(bytes32[1] calldata c) external returns (bytes memory, bytes32[1] calldata) {
        return ("dan", c);
    }
}

And here is the test runner:

contract Test {
    function test() external {
        bytes memory testB = "dan";
        bytes32[1] memory testC = bytes32[1]([bytes32(uint256(16))]);

        E e = new E();
        (bytes memory resultB, bytes32[1] memory resultC) = e.f(testC);

        require(keccak256(resultB) == keccak256(testB), "test B fail");
        require(resultC[0] == testC[0], "test C[0] fail");
    }
}

Discussed with @dtedesco1 during NFT/Web3 Community Service Hour https://phor.net/#hour

fulldecent avatar Aug 09 '22 23:08 fulldecent