cerc-io/solidity
10
0
Fork 0
mirror of https://github.com/ethereum/solidity synced 2023-10-03 13:03:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added a note about 63/64 rule

Browse Source 
Co-authored-by: Alex Beregszaszi <alex@rtfs.hu>
This commit is contained in:
Harikrishnan Mulackal 2021-02-08 14:19:13 +01:00 committed by GitHub
parent f6b403581e
commit 9a5a4dfc6c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/security-considerations.rst
View File

@ -181,14 +181,13 @@ Sending and Receiving Ether
contract. Again, the best practice here is to use a :ref:`"withdraw"
pattern instead of a "send" pattern <withdrawal_pattern>`.
Call stack Depth
Call Stack Depth
================
External function calls can fail any time because they exceed the maximum
call stack of 1024. In such situations, Solidity throws an exception.
Malicious actors might be able to force the call stack to a high value
before they interact with your contract, by controlling the number of calls
and local function variables on the stack.
before they interact with your contract. Note that, since [Tangerine Whistle](https://eips.ethereum.org/EIPS/eip-608) hardfork, the [63/64 rule](https://eips.ethereum.org/EIPS/eip-150) makes call stack depth attack impractical. Also note that the call stack and the expression stack are unrelated, even though both have a size limit of 1024 stack slots.
Note that ``.send()`` does **not** throw an exception if the call stack is
depleted but rather returns ``false`` in that case. The low-level functions