diff options
author | Amir Bandeali <abandeali1@gmail.com> | 2018-12-20 03:27:10 +0800 |
---|---|---|
committer | Amir Bandeali <abandeali1@gmail.com> | 2018-12-21 01:11:30 +0800 |
commit | 04729c44b451bcf4818048621c890960bb7f8afb (patch) | |
tree | b6326fc3b1eb58e380aa656a4e3716bb16f5f69b | |
parent | 2a2260de45925bc309b6d6baf990d5ea6a171a90 (diff) | |
download | dexon-sol-tools-04729c44b451bcf4818048621c890960bb7f8afb.tar.gz dexon-sol-tools-04729c44b451bcf4818048621c890960bb7f8afb.tar.zst dexon-sol-tools-04729c44b451bcf4818048621c890960bb7f8afb.zip |
Add note about input validation
-rw-r--r-- | contracts/protocol/contracts/protocol/AssetProxy/MultiAssetProxy.sol | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/contracts/protocol/contracts/protocol/AssetProxy/MultiAssetProxy.sol b/contracts/protocol/contracts/protocol/AssetProxy/MultiAssetProxy.sol index 4285725d0..5bc32c214 100644 --- a/contracts/protocol/contracts/protocol/AssetProxy/MultiAssetProxy.sol +++ b/contracts/protocol/contracts/protocol/AssetProxy/MultiAssetProxy.sol @@ -33,6 +33,9 @@ contract MultiAssetProxy is function () external { + // NOTE: The below assembly assumes that clients do some input validation and that the input is properly encoded according to the AbiV2 specification. + // It is technically possible for inputs with very large lengths and offsets to cause overflows. However, this would make the calldata prohibitively expensive + // and we therefore do not check for overflows in these scenarios. assembly { // The first 4 bytes of calldata holds the function selector let selector := and(calldataload(0), 0xffffffff00000000000000000000000000000000000000000000000000000000) |