From 6763234410a25f81f2cb693b478cd72ec29d0e21 Mon Sep 17 00:00:00 2001 From: Daniel Kirchner Date: Thu, 11 Jun 2020 12:57:53 +0200 Subject: [PATCH] More details in bug list. --- docs/bugs.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/bugs.json b/docs/bugs.json index 3a29ad352..34325f45b 100644 --- a/docs/bugs.json +++ b/docs/bugs.json @@ -2,7 +2,7 @@ { "name": "UsingForCalldata", "summary": "Function calls to internal library functions with calldata parameters called via ``using for`` can result in invalid data being read.", - "description": "Function calls to internal library functions using the ``using for`` mechanism copied all calldata parameters to memory first and passed them on like that, regardless of whether it was an internal or an external call. Due to that, the called function would receive a memory pointer that is interpreted as a calldata pointer.", + "description": "Function calls to internal library functions using the ``using for`` mechanism copied all calldata parameters to memory first and passed them on like that, regardless of whether it was an internal or an external call. Due to that, the called function would receive a memory pointer that is interpreted as a calldata pointer. Since dynamically sized arrays are passed using two stack slots for calldata, but only one for memory, this can lead to stack corruption. An affected library call will consider the JUMPDEST to which it is supposed to return as part of its arguments and will instead jump out to whatever was on the stack before the call.", "introduced": "0.6.9", "fixed": "0.6.10", "severity": "very low"