From d87eb978956d0859c32af2127dac0050d8e302d6 Mon Sep 17 00:00:00 2001 From: chriseth Date: Thu, 27 Apr 2017 12:23:46 +0200 Subject: Add entry to bug list. --- docs/bugs.json | 12 ++++++++++++ docs/bugs_by_version.json | 41 +++++++++++++++++++++++++++++++++++++---- 2 files changed, 49 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/bugs.json b/docs/bugs.json index 2a8d167a..ba994932 100644 --- a/docs/bugs.json +++ b/docs/bugs.json @@ -1,4 +1,16 @@ [ + { + "name": "ConstantOptimizerSubtraction", + "short": "In some situations, the optimizer replaces certain numbers in the code with routines that compute different numbers.", + "long": "The optimizer tries to represent any number in the bytecode by routines that compute them with less gas. For some special numbers, an incorrect routine is generated. This could allow an attacker to e.g. trick victims about a specific amount of ether, or function calls to call different functions (or none at all).", + "link": "", + "introduced": "0.0.0", + "fixed": "0.4.11", + "severity": "low", + "check": { + "optimizer": true + } + }, { "name": "IdentityPrecompileReturnIgnored", "summary": "Failure of the identity precompile was ignored.", diff --git a/docs/bugs_by_version.json b/docs/bugs_by_version.json index 64015d4a..7fbca437 100644 --- a/docs/bugs_by_version.json +++ b/docs/bugs_by_version.json @@ -1,6 +1,7 @@ { "0.1.0": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", @@ -14,6 +15,7 @@ }, "0.1.1": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", @@ -27,6 +29,7 @@ }, "0.1.2": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", @@ -40,6 +43,7 @@ }, "0.1.3": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", @@ -53,6 +57,7 @@ }, "0.1.4": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", @@ -66,6 +71,7 @@ }, "0.1.5": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", @@ -79,6 +85,7 @@ }, "0.1.6": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -93,6 +100,7 @@ }, "0.1.7": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -107,6 +115,7 @@ }, "0.2.0": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -121,6 +130,7 @@ }, "0.2.1": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -135,6 +145,7 @@ }, "0.2.2": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -149,6 +160,7 @@ }, "0.3.0": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -162,6 +174,7 @@ }, "0.3.1": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -174,6 +187,7 @@ }, "0.3.2": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -186,6 +200,7 @@ }, "0.3.3": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -197,6 +212,7 @@ }, "0.3.4": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -208,6 +224,7 @@ }, "0.3.5": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -219,6 +236,7 @@ }, "0.3.6": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -228,6 +246,7 @@ }, "0.4.0": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -237,6 +256,7 @@ }, "0.4.1": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -245,11 +265,14 @@ "released": "2016-09-09" }, "0.4.10": { - "bugs": [], + "bugs": [ + "ConstantOptimizerSubtraction" + ], "released": "2017-03-15" }, "0.4.2": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3" @@ -258,6 +281,7 @@ }, "0.4.3": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage" ], @@ -265,12 +289,14 @@ }, "0.4.4": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored" ], "released": "2016-10-31" }, "0.4.5": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStateKnowledgeNotResetForJumpdest" ], @@ -278,20 +304,27 @@ }, "0.4.6": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored" ], "released": "2016-11-22" }, "0.4.7": { - "bugs": [], + "bugs": [ + "ConstantOptimizerSubtraction" + ], "released": "2016-12-15" }, "0.4.8": { - "bugs": [], + "bugs": [ + "ConstantOptimizerSubtraction" + ], "released": "2017-01-13" }, "0.4.9": { - "bugs": [], + "bugs": [ + "ConstantOptimizerSubtraction" + ], "released": "2017-01-31" } } \ No newline at end of file -- cgit v1.2.3 From 794a390c34d44e9f93d9735a82aa11f8cc2fde48 Mon Sep 17 00:00:00 2001 From: chriseth Date: Wed, 3 May 2017 11:09:21 +0200 Subject: Fix keys for bugs.json. --- docs/bugs.json | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/bugs.json b/docs/bugs.json index ba994932..78fcf06b 100644 --- a/docs/bugs.json +++ b/docs/bugs.json @@ -1,13 +1,12 @@ [ { "name": "ConstantOptimizerSubtraction", - "short": "In some situations, the optimizer replaces certain numbers in the code with routines that compute different numbers.", - "long": "The optimizer tries to represent any number in the bytecode by routines that compute them with less gas. For some special numbers, an incorrect routine is generated. This could allow an attacker to e.g. trick victims about a specific amount of ether, or function calls to call different functions (or none at all).", - "link": "", - "introduced": "0.0.0", + "summary": "In some situations, the optimizer replaces certain numbers in the code with routines that compute different numbers.", + "description": "The optimizer tries to represent any number in the bytecode by routines that compute them with less gas. For some special numbers, an incorrect routine is generated. This could allow an attacker to e.g. trick victims about a specific amount of ether, or function calls to call different functions (or none at all).", + "link": "https://blog.ethereum.org/2017/04/24/solidity-optimizer-bug/", "fixed": "0.4.11", "severity": "low", - "check": { + "conditions": { "optimizer": true } }, -- cgit v1.2.3