aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/security-considerations.rst6
1 files changed, 5 insertions, 1 deletions
diff --git a/docs/security-considerations.rst b/docs/security-considerations.rst
index f1a5dc03..87ee567d 100644
--- a/docs/security-considerations.rst
+++ b/docs/security-considerations.rst
@@ -146,7 +146,11 @@ Minor Details
Furthermore, it is not enforced by the EVM, so a contract function that "claims"
to be constant might still cause changes to the state.
- Types that do not occupy the full 32 bytes might contain "dirty higher order bits".
- This is especially important if you access ``msg.data`` - it poses a malleability risk.
+ This is especially important if you access ``msg.data`` - it poses a malleability risk:
+ You can craft transactions that call a function ``f(uint8 x)`` with a raw byte argument
+ of ``0xff000001`` and with ``0x00000001``. Both are fed to the contract and both will
+ look like the number ``1`` as far as ``x`` is concerned, but ``msg.data`` will
+ be different, so if you use ``sha3(msg.data)`` for anything, you will get different results.
***************
Recommendations