Update bug description, add regex and tests.

docs/bugs.json

@@ -1,10 +1,11 @@
 [
     {
-        "name": "ExpCleanupZero",
+        "name": "ExpExponentCleanup",
-        "summary": "Using exponentiating with types shorter than 256 bits and zero as base can result in unexpected values.",
+        "summary": "Using the ** operator with an exponent of type shorter than 256 bits can result in unexpected values.",
-        "description": "As defined by the EVM, 0 ** 0 is one. Solidity does not always remove dirty higher order bits of types that are smaller than 256 bits before applying an operation because it does not matter if the cleanup is performed before or after the operation. This is true for EXP except for the case where the base is zero, which was overlooked.",
+        "description": "Higher order bits in the exponent are not properly cleaned before the EXP opcode is applied if the type of the exponent expression is smaller than 256 bits and not smaller than the type of the base. In that case, the result might be larger than expected if the exponent is assumed to lie within the value range of the type. Literal numbers as exponents are unaffected as are exponents or bases of type uint256.",
-        "fixed": "0.5.0",
+        "fixed": "0.4.25",
-        "severity": "high"
+        "severity": "medium/high",
+        "check": {"regex-source": "[^/]\\*\\* *[^/0-9 ]"}
     },
     {
         "name": "EventStructWrongData",

docs/bugs_by_version.json

@@ -1,7 +1,7 @@
 {
     "0.1.0": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "ZeroFunctionSelector",
             "ECRecoverMalformedInput",
             "SkipEmptyStringLiteral",
@@ -19,7 +19,7 @@
     },
     "0.1.1": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "ZeroFunctionSelector",
             "ECRecoverMalformedInput",
             "SkipEmptyStringLiteral",
@@ -37,7 +37,7 @@
     },
     "0.1.2": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "ZeroFunctionSelector",
             "ECRecoverMalformedInput",
             "SkipEmptyStringLiteral",
@@ -55,7 +55,7 @@
     },
     "0.1.3": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "ZeroFunctionSelector",
             "ECRecoverMalformedInput",
             "SkipEmptyStringLiteral",
@@ -73,7 +73,7 @@
     },
     "0.1.4": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "ECRecoverMalformedInput",
@@ -92,7 +92,7 @@
     },
     "0.1.5": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "ECRecoverMalformedInput",
@@ -111,7 +111,7 @@
     },
     "0.1.6": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "ECRecoverMalformedInput",
@@ -131,7 +131,7 @@
     },
     "0.1.7": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "ECRecoverMalformedInput",
@@ -151,7 +151,7 @@
     },
     "0.2.0": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "ECRecoverMalformedInput",
@@ -171,7 +171,7 @@
     },
     "0.2.1": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "ECRecoverMalformedInput",
@@ -191,7 +191,7 @@
     },
     "0.2.2": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "ECRecoverMalformedInput",
@@ -211,7 +211,7 @@
     },
     "0.3.0": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -231,7 +231,7 @@
     },
     "0.3.1": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -250,7 +250,7 @@
     },
     "0.3.2": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -269,7 +269,7 @@
     },
     "0.3.3": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -287,7 +287,7 @@
     },
     "0.3.4": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -305,7 +305,7 @@
     },
     "0.3.5": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -323,7 +323,7 @@
     },
     "0.3.6": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -339,7 +339,7 @@
     },
     "0.4.0": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -355,7 +355,7 @@
     },
     "0.4.1": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -371,7 +371,7 @@
     },
     "0.4.10": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -383,7 +383,7 @@
     },
     "0.4.11": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -394,7 +394,7 @@
     },
     "0.4.12": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -404,7 +404,7 @@
     },
     "0.4.13": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -414,7 +414,7 @@
     },
     "0.4.14": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue"
@@ -423,7 +423,7 @@
     },
     "0.4.15": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector"
         ],
@@ -431,7 +431,7 @@
     },
     "0.4.16": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector"
         ],
@@ -439,7 +439,7 @@
     },
     "0.4.17": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "EventStructWrongData",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector"
@@ -448,7 +448,7 @@
     },
     "0.4.18": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "EventStructWrongData",
             "NestedArrayFunctionCallDecoder"
         ],
@@ -456,7 +456,7 @@
     },
     "0.4.19": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "EventStructWrongData",
             "NestedArrayFunctionCallDecoder"
         ],
@@ -464,7 +464,7 @@
     },
     "0.4.2": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -479,7 +479,7 @@
     },
     "0.4.20": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "EventStructWrongData",
             "NestedArrayFunctionCallDecoder"
         ],
@@ -487,7 +487,7 @@
     },
     "0.4.21": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "EventStructWrongData",
             "NestedArrayFunctionCallDecoder"
         ],
@@ -495,7 +495,7 @@
     },
     "0.4.22": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "EventStructWrongData",
             "OneOfTwoConstructorsSkipped"
         ],
@@ -503,21 +503,21 @@
     },
     "0.4.23": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "EventStructWrongData"
         ],
         "released": "2018-04-19"
     },
     "0.4.24": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "EventStructWrongData"
         ],
         "released": "2018-05-16"
     },
     "0.4.3": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -531,7 +531,7 @@
     },
     "0.4.4": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -544,7 +544,7 @@
     },
     "0.4.5": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -558,7 +558,7 @@
     },
     "0.4.6": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -571,7 +571,7 @@
     },
     "0.4.7": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -583,7 +583,7 @@
     },
     "0.4.8": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",
@@ -595,7 +595,7 @@
     },
     "0.4.9": {
         "bugs": [
-            "ExpCleanupZero",
+            "ExpExponentCleanup",
             "NestedArrayFunctionCallDecoder",
             "ZeroFunctionSelector",
             "DelegateCallReturnValue",

test/buglist_test_vectors.md

@@ -68,6 +68,40 @@ function f() m(uint[2][2]) { }
 
 function f() returns (uint, uint) { uint[2][2] memory x; }
 
+# ExpExponentCleanup
+
+## buggy
+
+x ** y
+
+--
+
+x ** uint8(y)
+
+--
+
+x**y
+
+## fine
+
+x ** 2
+
+--
+
+x**2
+
+--
+
+x**200
+
+--
+
+/** bla **/
+
+--
+
+/**/
+
 # EventStructWrongData
 
 ## buggy