aboutsummaryrefslogtreecommitdiffstats
path: root/docs/bugs.json
diff options
context:
space:
mode:
authorchriseth <chris@ethereum.org>2018-09-12 22:24:13 +0800
committerGitHub <noreply@github.com>2018-09-12 22:24:13 +0800
commit7cda8456d86a0f17e09efd067e6e941f0266f18f (patch)
treedfa1495d4a2b80040e17d7a437847f9dda2c66b8 /docs/bugs.json
parente913b753b9a4bda78f8c47df6b48429391a0fd69 (diff)
parent75e38be05035ecbcb7c77bde53dbc6cbc22e88d4 (diff)
downloaddexon-solidity-7cda8456d86a0f17e09efd067e6e941f0266f18f.tar
dexon-solidity-7cda8456d86a0f17e09efd067e6e941f0266f18f.tar.gz
dexon-solidity-7cda8456d86a0f17e09efd067e6e941f0266f18f.tar.bz2
dexon-solidity-7cda8456d86a0f17e09efd067e6e941f0266f18f.tar.lz
dexon-solidity-7cda8456d86a0f17e09efd067e6e941f0266f18f.tar.xz
dexon-solidity-7cda8456d86a0f17e09efd067e6e941f0266f18f.tar.zst
dexon-solidity-7cda8456d86a0f17e09efd067e6e941f0266f18f.zip
Merge pull request #4939 from ethereum/nested_array_library_changelogv0425
[backport] Buglist entry for returning nested arrays.
Diffstat (limited to 'docs/bugs.json')
-rw-r--r--docs/bugs.json20
1 files changed, 14 insertions, 6 deletions
diff --git a/docs/bugs.json b/docs/bugs.json
index 28c0fe62..c1e377a4 100644
--- a/docs/bugs.json
+++ b/docs/bugs.json
@@ -17,13 +17,12 @@
"check": {"ast-compact-json-path": "$..[?(@.nodeType === 'EventDefinition')]..[?(@.nodeType === 'UserDefinedTypeName' && @.typeDescriptions.typeString.startsWith('struct'))]"}
},
{
- "name": "NestedArrayFunctionCallDecoder",
- "summary": "Calling functions that return multi-dimensional fixed-size arrays can result in memory corruption.",
- "description": "If Solidity code calls a function that returns a multi-dimensional fixed-size array, array elements are incorrectly interpreted as memory pointers and thus can cause memory corruption if the return values are accessed. Calling functions with multi-dimensional fixed-size arrays is unaffected as is returning fixed-size arrays from function calls. The regular expression only checks if such functions are present, not if they are called, which is required for the contract to be affected.",
- "introduced": "0.1.4",
+ "name": "PublicLibFunctionsDoNotReturnNestedArrays",
+ "summary": "Calls to public library functions (internal functions are safe) that return nested arrays return only zeroes.",
+ "description": "The compiler does not complain about public library functions (internal functions are safe) returning nested arrays, but it also does not return it correctly. Thus, the function caller receives only zeroes.",
+ "introduced": "0.4.11",
"fixed": "0.4.22",
- "severity": "medium",
- "check": {"regex-source": "returns[^;{]*\\[\\s*[^\\] \\t\\r\\n\\v\\f][^\\]]*\\]\\s*\\[\\s*[^\\] \\t\\r\\n\\v\\f][^\\]]*\\][^{;]*[;{]"}
+ "severity": "low"
},
{
"name": "OneOfTwoConstructorsSkipped",
@@ -33,6 +32,15 @@
"fixed": "0.4.23",
"severity": "very low"
},
+ {
+ "name": "NestedArrayFunctionCallDecoder",
+ "summary": "Calling functions that return multi-dimensional fixed-size arrays can result in memory corruption.",
+ "description": "If Solidity code calls a function that returns a multi-dimensional fixed-size array, array elements are incorrectly interpreted as memory pointers and thus can cause memory corruption if the return values are accessed. Calling functions with multi-dimensional fixed-size arrays is unaffected as is returning fixed-size arrays from function calls. The regular expression only checks if such functions are present, not if they are called, which is required for the contract to be affected.",
+ "introduced": "0.1.4",
+ "fixed": "0.4.22",
+ "severity": "medium",
+ "check": {"regex-source": "returns[^;{]*\\[\\s*[^\\] \\t\\r\\n\\v\\f][^\\]]*\\]\\s*\\[\\s*[^\\] \\t\\r\\n\\v\\f][^\\]]*\\][^{;]*[;{]"}
+ },
{
"name": "ZeroFunctionSelector",
"summary": "It is possible to craft the name of a function such that it is executed instead of the fallback function in very specific circumstances.",