cerc-io/solidity
10
0
Fork 0
mirror of https://github.com/ethereum/solidity synced 2023-10-03 13:03:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #2662 from ethereum/fixEcrecover2

Browse Source 
Fix ecrecover memory clear
This commit is contained in:
Alex Beregszaszi 2017-07-28 16:19:05 +01:00 committed by GitHub
commit 6675148506
5 changed files with 93 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Changelog.md
View File

@ -13,6 +13,7 @@ Features:
* Type checker: Warn when existing symbols, including builtins, are overwritten. * Type checker: Warn when existing symbols, including builtins, are overwritten.
Bugfixes: Bugfixes:
* Code Generator: Properly clear return memory area for ecrecover.
* Type Checker: Fix crash for some assignment to non-lvalue. * Type Checker: Fix crash for some assignment to non-lvalue.
* Type Checker: Fix invalid "specify storage keyword" warning for reference members of structs. * Type Checker: Fix invalid "specify storage keyword" warning for reference members of structs.
* Type Checker: Mark modifiers as internal. * Type Checker: Mark modifiers as internal.

7
docs/bugs.json
View File

@ -1,4 +1,11 @@
[ [
{
"name": "ECRecoverMalformedInput",
"summary": "The ecrecover() builtin can return garbage for malformed input.",
"description": "The ecrecover precompile does not properly signal failure for malformed input (especially in the 'v' argument) and thus the Solidity function can return data that was previously present in the return area in memory.",
"fixed": "0.4.14",
"severity": "medium"
},
{ {
"name": "SkipEmptyStringLiteral", "name": "SkipEmptyStringLiteral",
"summary": "If \"\" is used in a function call, the following function arguments will not be correctly passed to the function.", "summary": "If \"\" is used in a function call, the following function arguments will not be correctly passed to the function.",

38
docs/bugs_by_version.json
View File

@ -1,6 +1,7 @@
{ {
"0.1.0": { "0.1.0": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -16,6 +17,7 @@
}, },
"0.1.1": { "0.1.1": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -31,6 +33,7 @@
}, },
"0.1.2": { "0.1.2": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -46,6 +49,7 @@
}, },
"0.1.3": { "0.1.3": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -61,6 +65,7 @@
}, },
"0.1.4": { "0.1.4": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -76,6 +81,7 @@
}, },
"0.1.5": { "0.1.5": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -91,6 +97,7 @@
}, },
"0.1.6": { "0.1.6": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -107,6 +114,7 @@
}, },
"0.1.7": { "0.1.7": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -123,6 +131,7 @@
}, },
"0.2.0": { "0.2.0": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -139,6 +148,7 @@
}, },
"0.2.1": { "0.2.1": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -155,6 +165,7 @@
}, },
"0.2.2": { "0.2.2": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -171,6 +182,7 @@
}, },
"0.3.0": { "0.3.0": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -186,6 +198,7 @@
}, },
"0.3.1": { "0.3.1": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -200,6 +213,7 @@
}, },
"0.3.2": { "0.3.2": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -214,6 +228,7 @@
}, },
"0.3.3": { "0.3.3": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -227,6 +242,7 @@
}, },
"0.3.4": { "0.3.4": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -240,6 +256,7 @@
}, },
"0.3.5": { "0.3.5": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -253,6 +270,7 @@
}, },
"0.3.6": { "0.3.6": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -264,6 +282,7 @@
}, },
"0.4.0": { "0.4.0": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -275,6 +294,7 @@
}, },
"0.4.1": { "0.4.1": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -286,6 +306,7 @@
}, },
"0.4.10": { "0.4.10": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction" "ConstantOptimizerSubtraction"
], ],
@ -293,20 +314,26 @@
}, },
"0.4.11": { "0.4.11": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral" "SkipEmptyStringLiteral"
], ],
"released": "2017-05-03" "released": "2017-05-03"
}, },
"0.4.12": { "0.4.12": {
"bugs": [], "bugs": [
"ECRecoverMalformedInput"
],
"released": "2017-07-03" "released": "2017-07-03"
}, },
"0.4.13": { "0.4.13": {
"bugs": [], "bugs": [
"ECRecoverMalformedInput"
],
"released": "2017-07-06" "released": "2017-07-06"
}, },
"0.4.2": { "0.4.2": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -317,6 +344,7 @@
}, },
"0.4.3": { "0.4.3": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -326,6 +354,7 @@
}, },
"0.4.4": { "0.4.4": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored" "IdentityPrecompileReturnIgnored"
@ -334,6 +363,7 @@
}, },
"0.4.5": { "0.4.5": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored", "IdentityPrecompileReturnIgnored",
@ -343,6 +373,7 @@
}, },
"0.4.6": { "0.4.6": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction", "ConstantOptimizerSubtraction",
"IdentityPrecompileReturnIgnored" "IdentityPrecompileReturnIgnored"
@ -351,6 +382,7 @@
}, },
"0.4.7": { "0.4.7": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction" "ConstantOptimizerSubtraction"
], ],
@ -358,6 +390,7 @@
}, },
"0.4.8": { "0.4.8": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction" "ConstantOptimizerSubtraction"
], ],
@ -365,6 +398,7 @@
}, },
"0.4.9": { "0.4.9": {
"bugs": [ "bugs": [
"ECRecoverMalformedInput",
"SkipEmptyStringLiteral", "SkipEmptyStringLiteral",
"ConstantOptimizerSubtraction" "ConstantOptimizerSubtraction"
], ],

2
libsolidity/codegen/ExpressionCompiler.cpp
View File

@ -1622,7 +1622,7 @@ void ExpressionCompiler::appendExternalFunctionCall(
// zero bytes (which we cannot detect). // zero bytes (which we cannot detect).
solAssert(0 < retSize && retSize <= 32, ""); solAssert(0 < retSize && retSize <= 32, "");
utils().fetchFreeMemoryPointer(); utils().fetchFreeMemoryPointer();
m_context << Instruction::DUP1 << u256(0) << Instruction::MSTORE; m_context << u256(0) << Instruction::DUP2 << Instruction::MSTORE;
m_context << u256(32) << Instruction::ADD; m_context << u256(32) << Instruction::ADD;
utils().storeFreeMemoryPointer(); utils().storeFreeMemoryPointer();
} }

47
test/libsolidity/SolidityEndToEndTest.cpp
View File

@ -8251,6 +8251,53 @@ BOOST_AUTO_TEST_CASE(failing_ecrecover_invalid_input)
BOOST_CHECK(callContractFunction("f()") == encodeArgs(u256(0))); BOOST_CHECK(callContractFunction("f()") == encodeArgs(u256(0)));
} }
BOOST_AUTO_TEST_CASE(failing_ecrecover_invalid_input_proper)
{
char const* sourceCode = R"(
contract C {
function f() returns (address) {
return recover(
0x77e5189111eb6557e8a637b27ef8fbb15bc61d61c2f00cc48878f3a296e5e0ca,
0, // invalid v value
0x6944c77849b18048f6abe0db8084b0d0d0689cdddb53d2671c36967b58691ad4,
0xef4f06ba4f78319baafd0424365777241af4dfd3da840471b4b4b087b7750d0d,
0xca35b7d915458ef540ade6068dfe2f44e8fa733c,
0xca35b7d915458ef540ade6068dfe2f44e8fa733c
);
}
function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s, uint blockExpired, bytes32 salt)
returns (address)
{
require(hash == keccak256(blockExpired, salt));
return ecrecover(hash, v, r, s);
}
}
)";
compileAndRun(sourceCode, 0, "C");
BOOST_CHECK(callContractFunction("f()") == encodeArgs(u256(0)));
}
BOOST_AUTO_TEST_CASE(failing_ecrecover_invalid_input_asm)
{
char const* sourceCode = R"(
contract C {
function f() returns (address) {
assembly {
mstore(mload(0x40), 0xca35b7d915458ef540ade6068dfe2f44e8fa733c)
}
return ecrecover(
0x77e5189111eb6557e8a637b27ef8fbb15bc61d61c2f00cc48878f3a296e5e0ca,
0, // invalid v value
0x6944c77849b18048f6abe0db8084b0d0d0689cdddb53d2671c36967b58691ad4,
0xef4f06ba4f78319baafd0424365777241af4dfd3da840471b4b4b087b7750d0d
);
}
}
)";
compileAndRun(sourceCode, 0, "C");
BOOST_CHECK(callContractFunction("f()") == encodeArgs(u256(0)));
}
BOOST_AUTO_TEST_CASE(calling_nonexisting_contract_throws) BOOST_AUTO_TEST_CASE(calling_nonexisting_contract_throws)
{ {
char const* sourceCode = R"( char const* sourceCode = R"(