From 187f0f070d51700006dddb7dc833d8f384f10eda Mon Sep 17 00:00:00 2001
From: Daniel Kirchner <daniel@ekpyron.org>
Date: Tue, 14 Jun 2022 17:30:14 +0200
Subject: [PATCH] Some review suggestions.

---
 docs/bugs.json                                |  2 +-
 .../byte_array_to_storage_cleanup.sol         | 48 +++++++++----------
 2 files changed, 25 insertions(+), 25 deletions(-)

diff --git a/docs/bugs.json b/docs/bugs.json
index 979f4264f..b7108fac1 100644
--- a/docs/bugs.json
+++ b/docs/bugs.json
@@ -3,7 +3,7 @@
         "uid": "SOL-2022-5",
         "name": "DirtyBytesArrayToStorage",
         "summary": "Copying ``bytes`` arrays from memory or calldata to storage may result in dirty storage values.",
-        "description": "Copying ``bytes`` arrays from memory or calldata to storage is done in chunks of 32 bytes. Thereby, dirty values in calldata or memory can be written to storage, which may then become observable after a ``.push()`` on the bytes array in storage.",
+        "description": "Copying ``bytes`` arrays from memory or calldata to storage is done in chunks of 32 bytes even if the length is not a multiple of 32. Thereby, extra bytes past the end of the array may be copied from calldata or memory to storage. These dirty bytes may then become observable after a ``.push()`` without arguments to the bytes array in storage, i.e. such a push will not result in a zero value at the end of the array as expected. This bug only affects the legacy code generation pipeline, the new code generation pipeline via IR is not affected.",
         "link": "https://blog.soliditylang.org/2022/06/15/dirty-bytes-array-to-storage-bug/",
         "introduced": "0.0.1",
         "fixed": "0.8.15",
diff --git a/test/libsolidity/semanticTests/byte_array_to_storage_cleanup.sol b/test/libsolidity/semanticTests/byte_array_to_storage_cleanup.sol
index f43166e78..f275590e4 100644
--- a/test/libsolidity/semanticTests/byte_array_to_storage_cleanup.sol
+++ b/test/libsolidity/semanticTests/byte_array_to_storage_cleanup.sol
@@ -1,28 +1,28 @@
 contract C {
-  event ev0(uint[] i0, uint);
-  bytes public s2;
-  function h() external returns (bytes memory) {
-    uint[] memory x = new uint[](2);
-    emit ev0(x, 0x21);
-    bytes memory m = new bytes(63);
-    s2 = m;
-    s2.push();
-    return s2;
-  }
-  function g() external returns (bytes memory) {
-    bytes memory m = new bytes(63);
-    assembly {
-      mstore8(add(m, add(32, 63)), 0x42)
+    event ev(uint[], uint);
+    bytes public s;
+    function h() external returns (bytes memory) {
+        uint[] memory x = new uint[](2);
+        emit ev(x, 0x21);
+        bytes memory m = new bytes(63);
+        s = m;
+        s.push();
+        return s;
+    }
+    function g() external returns (bytes memory) {
+        bytes memory m = new bytes(63);
+        assembly {
+            mstore8(add(m, add(32, 63)), 0x42)
+        }
+        s = m;
+        s.push();
+        return s;
+    }
+    function f(bytes calldata c) external returns (bytes memory) {
+        s = c;
+        s.push();
+        return s;
     }
-    s2 = m;
-    s2.push();
-    return s2;
-  }
-  function f(bytes calldata c) external returns (bytes memory) {
-    s2 = c;
-    s2.push();
-    return s2;
-  }
 }
 // ====
 // compileViaYul: also
@@ -32,6 +32,6 @@ contract C {
 // gas legacy: 731840
 // gas legacyOptimized: 494859
 // h() -> 0x20, 0x40, 0x00, 0
-// ~ emit ev0(uint256[],uint256): 0x40, 0x21, 0x02, 0x00, 0x00
+// ~ emit ev(uint256[],uint256): 0x40, 0x21, 0x02, 0x00, 0x00
 // g() -> 0x20, 0x40, 0, 0x00
 // f(bytes): 0x20, 33, 0, -1 -> 0x20, 0x22, 0, 0xff00000000000000000000000000000000000000000000000000000000000000