Solidity Storage Array Bug Announcement
This weblog publish is about two bugs related to storage arrays that are in any other case unrelated. Each have been current within the compiler for a very long time and have solely been found now regardless that a contract containing them ought to very seemingly present malfunctions in assessments.
Daenam Kim with assist from Nguyen Pham, each from Curvegrid found a difficulty the place invalid knowledge is saved in reference to arrays of signed integers.
This bug has been current since Solidity 0.4.7 and we think about it the extra critical of the 2. If these arrays use damaging integers in a sure scenario, it’s going to trigger knowledge corruption and thus the bug needs to be straightforward to detect.
By the Ethereum bug bounty program, we acquired a report a couple of flaw inside the new experimental ABI encoder (known as ABIEncoderV2). The brand new ABI encoder continues to be marked as experimental, however we nonetheless suppose that this deserves a distinguished announcement since it’s already used on mainnet.
Credit to Ming Chuan Lin (of https://www.secondstate.io) for each discovering and fixing the bug!
The 0.5.10 release incorporates the fixes to the bugs.
For the time being, we don’t plan to publish a repair to the legacy 0.4.x sequence of Solidity, however we’d if there’s well-liked demand.
Each bugs needs to be simply seen in assessments that contact the related code paths.
Particulars in regards to the two bugs could be discovered beneath.
Signed Integer Array Bug
Who needs to be involved
When you have deployed contracts which use signed integer arrays in storage and both straight assign
- a literal array with at the very least one damaging worth in it (x = [-1, -2, -3];) or
- an present array of a totally different signed integer kind
to it, it will result in knowledge corruption within the storage array.
Contracts that solely assign particular person array parts (i.e. with x[2] = -1;) aren’t affected.
How one can verify if contract is susceptible
When you use signed integer arrays in storage, attempt to run assessments the place you utilize damaging values. The impact needs to be that the precise worth saved is optimistic as an alternative of damaging.
When you have a contract that meets these situations, and wish to confirm whether or not the contract is certainly susceptible, you possibly can attain out to us by way of security@ethereum.org.
Technical particulars
Storage arrays could be assigned from arrays of various kind. Throughout this copy and project operation, a sort conversion is carried out on every of the weather. Along with the conversion, particularly if the signed integer kind is shorter than 256 bits, sure bits of the worth should be zeroed out in preparation for storing a number of values in the identical storage slot.
Which bits to zero out was incorrectly decided from the supply and never the goal kind. This results in too many bits being zeroed out. Specifically, the signal bit will likely be zero which makes the worth optimistic.
ABIEncoderV2 Array Bug
Who needs to be involved
When you have deployed contracts which use the experimental ABI encoder V2, then these is likely to be affected. Which means solely contracts which use the next directive inside the supply code could be affected:
pragma experimental ABIEncoderV2;
Moreover, there are a selection of necessities for the bug to set off. See technical particulars additional beneath for extra data.
How one can verify if contract is susceptible
The bug solely manifests itself when all the following situations are met:
- Storage knowledge involving arrays or structs is distributed on to an exterior perform name, to abi.encode or to occasion knowledge with out prior project to an area (reminiscence) variable AND
- this knowledge both incorporates an array of structs or an array of statically-sized arrays (i.e. at the very least two-dimensional).
Along with that, within the following scenario, your code is NOT affected:
- in case you solely return such knowledge and don’t use it in abi.encode, exterior calls or occasion knowledge.
Attainable penalties
Naturally, any bug can have wildly various penalties relying on this system management circulation, however we anticipate that that is extra prone to result in malfunction than exploitability.
The bug, when triggered, will beneath sure circumstances ship corrupt parameters on methodology invocations to different contracts.
Technical particulars
Throughout the encoding course of, the experimental ABI encoder doesn’t correctly advance to the subsequent aspect in an array in case the weather occupy greater than a single slot in storage.
That is solely the case for parts which are structs or statically-sized arrays. Arrays of dynamically-sized arrays or of elementary datatypes aren’t affected.
The precise impact you will note is that knowledge is “shifted” within the encoded array: When you have an array of kind uint[2][] and it incorporates the information
[[1, 2], [3, 4], [5, 6]], then it is going to be encoded as [[1, 2], [2, 3], [3, 4]] as a result of the encoder solely advances by a single slot between parts as an alternative of two.
This publish was collectively composed by @axic, @chriseth, @holiman
