diff options
author | Yoichi Hirai <i@yoichihirai.com> | 2017-10-18 17:22:21 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-10-18 17:22:21 +0800 |
commit | 4a9a986d8cf2e457ab1b36e20bcbefb714292a37 (patch) | |
tree | 82b6eb1132ecbf8c243ac2d796e891c7de8c53e3 /docs | |
parent | a17996cdadc9e6e941ee7c85681ad3e30f9cf998 (diff) | |
parent | 7849b920cf3ba6502f8a45e0c35be6393392cc00 (diff) | |
download | dexon-solidity-4a9a986d8cf2e457ab1b36e20bcbefb714292a37.tar.gz dexon-solidity-4a9a986d8cf2e457ab1b36e20bcbefb714292a37.tar.zst dexon-solidity-4a9a986d8cf2e457ab1b36e20bcbefb714292a37.zip |
Merge pull request #3065 from ethereum/reject_truncated_selectors
Do not accept truncated function selectors.
Diffstat (limited to 'docs')
-rw-r--r-- | docs/bugs.json | 7 | ||||
-rw-r--r-- | docs/bugs.rst | 2 | ||||
-rw-r--r-- | docs/bugs_by_version.json | 45 |
3 files changed, 50 insertions, 4 deletions
diff --git a/docs/bugs.json b/docs/bugs.json index ac322a48..c642793a 100644 --- a/docs/bugs.json +++ b/docs/bugs.json @@ -1,5 +1,12 @@ [ { + "name": "ZeroFunctionSelector", + "summary": "It is possible to craft the name of a function such that it is executed instead of the fallback function in very specific circumstances.", + "description": "If a function has a selector consisting only of zeros, is payable and part of a contract that does not have a fallback function and at most five external functions in total, this function is called instead of the fallback function if Ether is sent to the contract without data.", + "fixed": "0.4.18", + "severity": "very low" + }, + { "name": "DelegateCallReturnValue", "summary": "The low-level .delegatecall() does not return the execution outcome, but converts the value returned by the functioned called to a boolean instead.", "description": "The return value of the low-level .delegatecall() function is taken from a position in memory, where the call data or the return data resides. This value is interpreted as a boolean and put onto the stack. This means if the called function returns at least 32 zero bytes, .delegatecall() returns false even if the call was successuful.", diff --git a/docs/bugs.rst b/docs/bugs.rst index 55771a35..7629830d 100644 --- a/docs/bugs.rst +++ b/docs/bugs.rst @@ -48,7 +48,7 @@ fixed publish The date at which the bug became known publicly, optional severity - Severity of the bug: low, medium, high. Takes into account + Severity of the bug: very low, low, medium, high. Takes into account discoverability in contract tests, likelihood of occurrence and potential damage by exploits. conditions diff --git a/docs/bugs_by_version.json b/docs/bugs_by_version.json index c3686ebf..48881d0c 100644 --- a/docs/bugs_by_version.json +++ b/docs/bugs_by_version.json @@ -1,6 +1,7 @@ { "0.1.0": { "bugs": [ + "ZeroFunctionSelector", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", @@ -17,6 +18,7 @@ }, "0.1.1": { "bugs": [ + "ZeroFunctionSelector", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", @@ -33,6 +35,7 @@ }, "0.1.2": { "bugs": [ + "ZeroFunctionSelector", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", @@ -49,6 +52,7 @@ }, "0.1.3": { "bugs": [ + "ZeroFunctionSelector", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", @@ -65,6 +69,7 @@ }, "0.1.4": { "bugs": [ + "ZeroFunctionSelector", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", @@ -81,6 +86,7 @@ }, "0.1.5": { "bugs": [ + "ZeroFunctionSelector", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", @@ -97,6 +103,7 @@ }, "0.1.6": { "bugs": [ + "ZeroFunctionSelector", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", @@ -114,6 +121,7 @@ }, "0.1.7": { "bugs": [ + "ZeroFunctionSelector", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", @@ -131,6 +139,7 @@ }, "0.2.0": { "bugs": [ + "ZeroFunctionSelector", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", @@ -148,6 +157,7 @@ }, "0.2.1": { "bugs": [ + "ZeroFunctionSelector", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", @@ -165,6 +175,7 @@ }, "0.2.2": { "bugs": [ + "ZeroFunctionSelector", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", "ConstantOptimizerSubtraction", @@ -182,6 +193,7 @@ }, "0.3.0": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -199,6 +211,7 @@ }, "0.3.1": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -215,6 +228,7 @@ }, "0.3.2": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -231,6 +245,7 @@ }, "0.3.3": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -246,6 +261,7 @@ }, "0.3.4": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -261,6 +277,7 @@ }, "0.3.5": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -276,6 +293,7 @@ }, "0.3.6": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -289,6 +307,7 @@ }, "0.4.0": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -302,6 +321,7 @@ }, "0.4.1": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -315,6 +335,7 @@ }, "0.4.10": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -324,6 +345,7 @@ }, "0.4.11": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral" @@ -332,6 +354,7 @@ }, "0.4.12": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput" ], @@ -339,6 +362,7 @@ }, "0.4.13": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput" ], @@ -346,24 +370,32 @@ }, "0.4.14": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue" ], "released": "2017-07-31" }, "0.4.15": { - "bugs": [], + "bugs": [ + "ZeroFunctionSelector" + ], "released": "2017-08-08" }, "0.4.16": { - "bugs": [], + "bugs": [ + "ZeroFunctionSelector" + ], "released": "2017-08-24" }, "0.4.17": { - "bugs": [], + "bugs": [ + "ZeroFunctionSelector" + ], "released": "2017-09-21" }, "0.4.2": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -376,6 +408,7 @@ }, "0.4.3": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -387,6 +420,7 @@ }, "0.4.4": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -397,6 +431,7 @@ }, "0.4.5": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -408,6 +443,7 @@ }, "0.4.6": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -418,6 +454,7 @@ }, "0.4.7": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -427,6 +464,7 @@ }, "0.4.8": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", @@ -436,6 +474,7 @@ }, "0.4.9": { "bugs": [ + "ZeroFunctionSelector", "DelegateCallReturnValue", "ECRecoverMalformedInput", "SkipEmptyStringLiteral", |