Solidity Storage Array Bugs | Ethereum Foundation Blog

Solidity Storage Array Bug Announcement

This weblog submit is about two bugs related to storage arrays that are in any other case unrelated. Each have been current within the compiler for a very long time and have solely been found now although a contract containing them ought to very seemingly present malfunctions in exams.

Daenam Kim with assist from Nguyen Pham, each from Curvegrid found a difficulty the place invalid knowledge is saved in reference to arrays of signed integers.

This bug has been current since Solidity 0.4.7 and we think about it the extra critical of the 2. If these arrays use destructive integers in a sure state of affairs, it would trigger knowledge corruption and thus the bug must be simple to detect.

By way of the Ethereum bug bounty program, we obtained a report a couple of flaw inside the new experimental ABI encoder (known as ABIEncoderV2). The brand new ABI encoder remains to be marked as experimental, however we however assume that this deserves a outstanding announcement since it’s already used on mainnet.
Credit to Ming Chuan Lin (of https://www.secondstate.io) for each discovering and fixing the bug!

The 0.5.10 release incorporates the fixes to the bugs.
In the mean time, we don’t plan to publish a repair to the legacy 0.4.x collection of Solidity, however we would if there may be in style demand.

Each bugs must be simply seen in exams that contact the related code paths.

Particulars concerning the two bugs will be discovered beneath.

Signed Integer Array Bug

Who must be involved

You probably have deployed contracts which use signed integer arrays in storage and both straight assign

• a literal array with at the very least one destructive worth in it (x = [-1, -2, -3];) or
• an current array of a totally different signed integer sort

to it, this can result in knowledge corruption within the storage array.

Contracts that solely assign particular person array components (i.e. with x[2] = -1;) aren’t affected.

The way to verify if contract is weak

Should you use signed integer arrays in storage, attempt to run exams the place you employ destructive values. The impact must be that the precise worth saved is optimistic as a substitute of destructive.

You probably have a contract that meets these circumstances, and need to confirm whether or not the contract is certainly weak, you’ll be able to attain out to us by way of security@ethereum.org.

Technical particulars

Storage arrays will be assigned from arrays of various sort. Throughout this copy and project operation, a sort conversion is carried out on every of the weather. Along with the conversion, particularly if the signed integer sort is shorter than 256 bits, sure bits of the worth need to be zeroed out in preparation for storing a number of values in the identical storage slot.

Which bits to zero out was incorrectly decided from the supply and never the goal sort. This results in too many bits being zeroed out. Particularly, the signal bit shall be zero which makes the worth optimistic.

ABIEncoderV2 Array Bug

Who must be involved

You probably have deployed contracts which use the experimental ABI encoder V2, then these is likely to be affected. Which means that solely contracts which use the next directive inside the supply code will be affected:

pragma experimental ABIEncoderV2;

Moreover, there are a selection of necessities for the bug to set off. See technical particulars additional beneath for extra info.

The way to verify if contract is weak

The bug solely manifests itself when all the following circumstances are met:

• Storage knowledge involving arrays or structs is shipped on to an exterior operate name, to abi.encode or to occasion knowledge with out prior project to an area (reminiscence) variable AND
• this knowledge both incorporates an array of structs or an array of statically-sized arrays (i.e. at the very least two-dimensional).

Along with that, within the following state of affairs, your code is NOT affected:

• for those who solely return such knowledge and don’t use it in abi.encode, exterior calls or occasion knowledge.

Attainable penalties

Naturally, any bug can have wildly various penalties relying on this system management circulate, however we count on that that is extra prone to result in malfunction than exploitability.

The bug, when triggered, will below sure circumstances ship corrupt parameters on technique invocations to different contracts.

Technical particulars

Throughout the encoding course of, the experimental ABI encoder doesn’t correctly advance to the following aspect in an array in case the weather occupy greater than a single slot in storage.

That is solely the case for components which can be structs or statically-sized arrays. Arrays of dynamically-sized arrays or of elementary datatypes aren’t affected.

The particular impact you will notice is that knowledge is “shifted” within the encoded array: You probably have an array of sort uint[2][] and it incorporates the info
[[1, 2], [3, 4], [5, 6]], then will probably be encoded as [[1, 2], [2, 3], [3, 4]] as a result of the encoder solely advances by a single slot between components as a substitute of two.

This submit was collectively composed by @axic, @chriseth, @holiman