diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/abi-spec.rst | 3 | ||||
| -rw-r--r-- | docs/assembly.rst | 41 | ||||
| -rw-r--r-- | docs/bugs.json | 19 | ||||
| -rw-r--r-- | docs/bugs_by_version.json | 69 | ||||
| -rw-r--r-- | docs/contracts.rst | 4 | ||||
| -rw-r--r-- | docs/control-structures.rst | 3 | ||||
| -rw-r--r-- | docs/frequently-asked-questions.rst | 2 | ||||
| -rw-r--r-- | docs/installing-solidity.rst | 14 | ||||
| -rw-r--r-- | docs/introduction-to-smart-contracts.rst | 4 | ||||
| -rw-r--r-- | docs/miscellaneous.rst | 2 | ||||
| -rw-r--r-- | docs/solidity-by-example.rst | 6 | ||||
| -rw-r--r-- | docs/types.rst | 5 |
12 files changed, 152 insertions, 20 deletions
diff --git a/docs/abi-spec.rst b/docs/abi-spec.rst index 2cf57427..7a1a9af0 100644 --- a/docs/abi-spec.rst +++ b/docs/abi-spec.rst @@ -294,7 +294,8 @@ The JSON format for a contract's interface is given by an array of function and/ * `type`: the canonical type of the parameter. - `outputs`: an array of objects similar to `inputs`, can be omitted if function doesn't return anything; - `constant`: `true` if function is :ref:`specified to not modify blockchain state <constant-functions>`); -- `payable`: `true` if function accepts ether, defaults to `false`. +- `payable`: `true` if function accepts ether, defaults to `false`; +- `statemutability`: a string with one of the following values: `view` (same as `constant` above), `nonpayable` and `payable` (same as `payable` above). `type` can be omitted, defaulting to `"function"`. diff --git a/docs/assembly.rst b/docs/assembly.rst index 4e665b7e..6495699f 100644 --- a/docs/assembly.rst +++ b/docs/assembly.rst @@ -96,6 +96,31 @@ you really know what you are doing. } } } + + // Same as above, but accomplish the entire code within inline assembly. + function sumPureAsm(uint[] _data) returns (uint o_sum) { + assembly { + // Load the length (first 32 bytes) + let len := mload(_data) + + // Skip over the length field. + // + // Keep temporary variable so it can be incremented in place. + // + // NOTE: incrementing _data would result in an unusable + // _data variable after this assembly block + let data := add(_data, 0x20) + + // Iterate until the bound is not met. + for + { let end := add(data, len) } + lt(data, end) + { data := add(data, 0x20) } + { + o_sum := add(o_sum, mload(data)) + } + } + } } @@ -125,7 +150,7 @@ following list can be used as a reference of its opcodes. If an opcode takes arguments (always from the top of the stack), they are given in parentheses. Note that the order of arguments can be seen to be reversed in non-functional style (explained below). Opcodes marked with ``-`` do not push an item onto the stack, those marked with ``*`` are -special and all others push exactly one item onte the stack. +special and all others push exactly one item onto the stack. In the following, ``mem[a...b)`` signifies the bytes of memory starting at position ``a`` up to (excluding) position ``b`` and ``storage[p]`` signifies the storage contents at position ``p``. @@ -545,6 +570,20 @@ The following example computes the sum of an area in memory. } } +For loops can also be written so that they behave like while loops: +Simply leave the initialization and post-iteration parts empty. + +.. code:: + + { + let x := 0 + let i := 0 + for { } lt(i, 0x100) { } { // while(i < 0x100) + x := add(x, mload(i)) + i := add(i, 0x20) + } + } + Functions --------- diff --git a/docs/bugs.json b/docs/bugs.json index a0c0e7c4..ac322a48 100644 --- a/docs/bugs.json +++ b/docs/bugs.json @@ -1,7 +1,22 @@ [ { + "name": "DelegateCallReturnValue", + "summary": "The low-level .delegatecall() does not return the execution outcome, but converts the value returned by the functioned called to a boolean instead.", + "description": "The return value of the low-level .delegatecall() function is taken from a position in memory, where the call data or the return data resides. This value is interpreted as a boolean and put onto the stack. This means if the called function returns at least 32 zero bytes, .delegatecall() returns false even if the call was successuful.", + "introduced": "0.3.0", + "fixed": "0.4.15", + "severity": "low" + }, + { + "name": "ECRecoverMalformedInput", + "summary": "The ecrecover() builtin can return garbage for malformed input.", + "description": "The ecrecover precompile does not properly signal failure for malformed input (especially in the 'v' argument) and thus the Solidity function can return data that was previously present in the return area in memory.", + "fixed": "0.4.14", + "severity": "medium" + }, + { "name": "SkipEmptyStringLiteral", - "summary": "If \"\" is used in a function call, the following function arguments will not be correctly passed to the function.", + "summary": "If \"\" is used in a function call, the following function arguments will not be correctly passed to the function.", "description": "If the empty string literal \"\" is used as an argument in a function call, it is skipped by the encoder. This has the effect that the encoding of all arguments following this is shifted left by 32 bytes and thus the function call data is corrupted.", "fixed": "0.4.12", "severity": "low" @@ -107,4 +122,4 @@ "severity": "high", "fixed": "0.3.0" } -]
\ No newline at end of file +] diff --git a/docs/bugs_by_version.json b/docs/bugs_by_version.json index d6802eec..33f7bae9 100644 --- a/docs/bugs_by_version.json +++ b/docs/bugs_by_version.json @@ -1,6 +1,7 @@ { "0.1.0": { "bugs": [ + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -16,6 +17,7 @@ }, "0.1.1": { "bugs": [ + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -31,6 +33,7 @@ }, "0.1.2": { "bugs": [ + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -46,6 +49,7 @@ }, "0.1.3": { "bugs": [ + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -61,6 +65,7 @@ }, "0.1.4": { "bugs": [ + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -76,6 +81,7 @@ }, "0.1.5": { "bugs": [ + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -91,6 +97,7 @@ }, "0.1.6": { "bugs": [ + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -107,6 +114,7 @@ }, "0.1.7": { "bugs": [ + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -123,6 +131,7 @@ }, "0.2.0": { "bugs": [ + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -139,6 +148,7 @@ }, "0.2.1": { "bugs": [ + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -155,6 +165,7 @@ }, "0.2.2": { "bugs": [ + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -171,6 +182,8 @@ }, "0.3.0": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -186,6 +199,8 @@ }, "0.3.1": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -200,6 +215,8 @@ }, "0.3.2": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -214,6 +231,8 @@ }, "0.3.3": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -227,6 +246,8 @@ }, "0.3.4": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -240,6 +261,8 @@ }, "0.3.5": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -253,6 +276,8 @@ }, "0.3.6": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -264,6 +289,8 @@ }, "0.4.0": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -275,6 +302,8 @@ }, "0.4.1": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -286,6 +315,8 @@ }, "0.4.10": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction" ], @@ -293,20 +324,40 @@ }, "0.4.11": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral" ], "released": "2017-05-03" }, "0.4.12": { - "bugs": [], + "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput" + ], "released": "2017-07-03" }, "0.4.13": { - "bugs": [], + "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput" + ], "released": "2017-07-06" }, + "0.4.14": { + "bugs": [ + "DelegateCallReturnValue" + ], + "released": "2017-07-31" + }, + "0.4.15": { + "bugs": [], + "released": "2017-08-08" + }, "0.4.2": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -317,6 +368,8 @@ }, "0.4.3": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -326,6 +379,8 @@ }, "0.4.4": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored" @@ -334,6 +389,8 @@ }, "0.4.5": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", @@ -343,6 +400,8 @@ }, "0.4.6": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored" @@ -351,6 +410,8 @@ }, "0.4.7": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction" ], @@ -358,6 +419,8 @@ }, "0.4.8": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction" ], @@ -365,6 +428,8 @@ }, "0.4.9": { "bugs": [ + "DelegateCallReturnValue", + "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction" ], diff --git a/docs/contracts.rst b/docs/contracts.rst index 4c3d4059..93671691 100644 --- a/docs/contracts.rst +++ b/docs/contracts.rst @@ -10,7 +10,7 @@ variables. Calling a function on a different contract (instance) will perform an EVM function call and thus switch the context such that state variables are inaccessible. -.. index:: ! contract;creation +.. index:: ! contract;creation, constructor ****************** Creating Contracts @@ -246,7 +246,7 @@ In the following example, ``D``, can call ``c.getData()`` to retrieve the value } .. index:: ! getter;function, ! function;getter -.. _getter_functions: +.. _getter-functions: Getter Functions ================ diff --git a/docs/control-structures.rst b/docs/control-structures.rst index a7af69f5..796e9238 100644 --- a/docs/control-structures.rst +++ b/docs/control-structures.rst @@ -393,6 +393,9 @@ When exceptions happen in a sub-call, they "bubble up" (i.e. exceptions are reth and the low-level functions ``call``, ``delegatecall`` and ``callcode`` -- those return ``false`` in case of an exception instead of "bubbling up". +.. warning:: + The low-level ``call``, ``delegatecall`` and ``callcode`` will return success if the calling account is non-existent, as part of the design of EVM. Existence must be checked prior to calling if desired. + Catching exceptions is not yet possible. In the following example, you can see how ``require`` can be used to easily check conditions on inputs diff --git a/docs/frequently-asked-questions.rst b/docs/frequently-asked-questions.rst index 73210991..5f1a981e 100644 --- a/docs/frequently-asked-questions.rst +++ b/docs/frequently-asked-questions.rst @@ -658,7 +658,7 @@ Not yet, as this requires two levels of dynamic arrays (``string`` is a dynamic If you issue a call for an array, it is possible to retrieve the whole array? Or must you write a helper function for that? =========================================================================================================================== -The automatic getter function for a public state variable of array type only returns +The automatic :ref:`getter function<getter-functions>` for a public state variable of array type only returns individual elements. If you want to return the complete array, you have to manually write a function to do that. diff --git a/docs/installing-solidity.rst b/docs/installing-solidity.rst index e07561c5..ddc5c850 100644 --- a/docs/installing-solidity.rst +++ b/docs/installing-solidity.rst @@ -56,7 +56,7 @@ repository contains potentially unstable changes in the develop branch. docker run ethereum/solc:stable solc --version -Currenty, the docker image only contains the compiler executable, +Currently, the docker image only contains the compiler executable, so you have to do some additional work to link in the source and output directories. @@ -83,7 +83,15 @@ If you want to use the cutting edge developer version: sudo apt-get update sudo apt-get install solc -We are also releasing a `snap package <https://snapcraft.io/>`_, which is installable in all the `supported Linux distros <https://snapcraft.io/docs/core/install>`_. To help testing the unstable solc with the most recent changes from the development branch: +We are also releasing a `snap package <https://snapcraft.io/>`_, which is installable in all the `supported Linux distros <https://snapcraft.io/docs/core/install>`_. To install the latest stable version of solc: + +.. code:: bash + + sudo snap install solc + +Or if you want to help testing the unstable solc with the most recent changes from the development branch: + +.. code:: bash sudo snap install solc --edge @@ -127,7 +135,7 @@ Gentoo Linux also provides a solidity package that can be installed using ``emer .. code:: bash - demerge ev-lang/solidity + emerge dev-lang/solidity .. _building-from-source: diff --git a/docs/introduction-to-smart-contracts.rst b/docs/introduction-to-smart-contracts.rst index dc7c6cc9..1a3cf638 100644 --- a/docs/introduction-to-smart-contracts.rst +++ b/docs/introduction-to-smart-contracts.rst @@ -35,7 +35,7 @@ Solidity version 0.4.0 or anything newer that does not break functionality (up to, but not including, version 0.5.0). This is to ensure that the contract does not suddenly behave differently with a new compiler version. The keyword ``pragma`` is called that way because, in general, pragmas are instructions for the compiler about how to treat the -source code (e.g. `pragma once <https://en.wikipedia.org/wiki/Pragma_once>`_). . +source code (e.g. `pragma once <https://en.wikipedia.org/wiki/Pragma_once>`_). A contract in the sense of Solidity is a collection of code (its *functions*) and data (its *state*) that resides at a specific address on the Ethereum @@ -133,7 +133,7 @@ too far, though, as it is neither possible to obtain a list of all keys of a mapping, nor a list of all values. So either keep in mind (or better, keep a list or use a more advanced data type) what you added to the mapping or use it in a context where this is not needed, -like this one. The getter function created by the ``public`` keyword +like this one. The :ref:`getter function<getter-functions>` created by the ``public`` keyword is a bit more complex in this case. It roughly looks like the following:: diff --git a/docs/miscellaneous.rst b/docs/miscellaneous.rst index e364bee7..199182d3 100644 --- a/docs/miscellaneous.rst +++ b/docs/miscellaneous.rst @@ -494,7 +494,7 @@ Function Visibility Specifiers return true; } -- ``public``: visible externally and internally (creates getter function for storage/state variables) +- ``public``: visible externally and internally (creates a :ref:`getter function<getter-functions>` for storage/state variables) - ``private``: only visible in the current contract - ``external``: only visible externally (only for functions) - i.e. can only be message-called (via ``this.func``) - ``internal``: only visible internally diff --git a/docs/solidity-by-example.rst b/docs/solidity-by-example.rst index 71d27192..dde4495b 100644 --- a/docs/solidity-by-example.rst +++ b/docs/solidity-by-example.rst @@ -277,9 +277,9 @@ activate themselves. if (highestBidder != 0) { // Sending back the money by simply using // highestBidder.send(highestBid) is a security risk - // because it can be prevented by the caller by e.g. - // raising the call stack to 1023. It is always safer - // to let the recipients withdraw their money themselves. + // because it could execute an untrusted contract. + // It is always safer to let the recipients + // withdraw their money themselves. pendingReturns[highestBidder] += highestBid; } highestBidder = msg.sender; diff --git a/docs/types.rst b/docs/types.rst index ebe46b65..287d7c0b 100644 --- a/docs/types.rst +++ b/docs/types.rst @@ -323,7 +323,7 @@ can be assigned from functions and function parameters of function type can be used to pass functions to and return functions from function calls. Function types come in two flavours - *internal* and *external* functions: -Internal functions can only be used inside the current contract (more specifically, +Internal functions can only be called inside the current contract (more specifically, inside the current code unit, which also includes internal library functions and inherited functions) because they cannot be executed outside of the context of the current contract. Calling an internal function is realized @@ -342,7 +342,8 @@ function type should not return anything, the whole ``returns (<return types>)`` part has to be omitted. By default, function types are internal, so the ``internal`` keyword can be -omitted. +omitted. In contrast, contract functions themselves are public by default, +only when used as the name of a type, the default is internal. There are two ways to access a function in the current contract: Either directly by its name, ``f``, or using ``this.f``. The former will result in an internal |