aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAmir Bandeali <abandeali1@gmail.com>2018-12-20 03:27:10 +0800
committerAmir Bandeali <abandeali1@gmail.com>2018-12-21 01:11:30 +0800
commit04729c44b451bcf4818048621c890960bb7f8afb (patch)
treeb6326fc3b1eb58e380aa656a4e3716bb16f5f69b
parent2a2260de45925bc309b6d6baf990d5ea6a171a90 (diff)
downloaddexon-sol-tools-04729c44b451bcf4818048621c890960bb7f8afb.tar.gz
dexon-sol-tools-04729c44b451bcf4818048621c890960bb7f8afb.tar.zst
dexon-sol-tools-04729c44b451bcf4818048621c890960bb7f8afb.zip
Add note about input validation
-rw-r--r--contracts/protocol/contracts/protocol/AssetProxy/MultiAssetProxy.sol3
1 files changed, 3 insertions, 0 deletions
diff --git a/contracts/protocol/contracts/protocol/AssetProxy/MultiAssetProxy.sol b/contracts/protocol/contracts/protocol/AssetProxy/MultiAssetProxy.sol
index 4285725d0..5bc32c214 100644
--- a/contracts/protocol/contracts/protocol/AssetProxy/MultiAssetProxy.sol
+++ b/contracts/protocol/contracts/protocol/AssetProxy/MultiAssetProxy.sol
@@ -33,6 +33,9 @@ contract MultiAssetProxy is
function ()
external
{
+ // NOTE: The below assembly assumes that clients do some input validation and that the input is properly encoded according to the AbiV2 specification.
+ // It is technically possible for inputs with very large lengths and offsets to cause overflows. However, this would make the calldata prohibitively expensive
+ // and we therefore do not check for overflows in these scenarios.
assembly {
// The first 4 bytes of calldata holds the function selector
let selector := and(calldataload(0), 0xffffffff00000000000000000000000000000000000000000000000000000000)