Check assembly blocks for unsafe operations

Open frangio opened this issue 5 years ago • 1 comments

Our check for unsafe operations (selfdestruct, delegatecall) doesn't check assembly blocks. Note that the type for InlineAssembly in solidity-ast is incomplete.

Sep 14 '20 18:09 frangio

Hi, is there any update on this? The current validation still does not catch these unsafe operations in assembly.

ZkSync has this delegateAdditional function which would not be caught by the unsafe check and the code snippet might grow popular considering ZkSync is a well known project:

    function delegateAdditional() internal {
        address _target = address(additionalZkSync);
        assembly {
            // The pointer to the free memory slot
            let ptr := mload(0x40)
            // Copy function signature and arguments from calldata at zero position into memory at pointer position
            calldatacopy(ptr, 0x0, calldatasize())
            // Delegatecall method of the implementation contract, returns 0 on error
            let result := delegatecall(gas(), _target, ptr, calldatasize(), 0x0, 0)
            // Get the size of the last return data
            let size := returndatasize()
            // Copy the size length of bytes from return data at zero position to pointer position
            returndatacopy(ptr, 0x0, size)

            // Depending on result value
            switch result
            case 0 {
                // End execution and revert state changes
                revert(ptr, size)
            }
            default {
                // Return data with length of size at pointers position
                return(ptr, size)
            }
        }
    }

Feb 22 '23 14:02 NIC619