cerc-io/solidity
16
0
Fork 0
mirror of https://github.com/ethereum/solidity synced 2023-10-03 13:03:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Small clean up on call stack section

Browse Source 
Spelling, clarified what items go to the call stack and how any attack is executed
This commit is contained in:
Mikko Ohtamaa 2021-02-08 12:17:53 +01:00 committed by GitHub
parent a39aae8604
commit f6b403581e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
docs/security-considerations.rst
View File

@ -181,13 +181,14 @@ Sending and Receiving Ether
contract. Again, the best practice here is to use a :ref:`"withdraw" contract. Again, the best practice here is to use a :ref:`"withdraw"
pattern instead of a "send" pattern <withdrawal_pattern>`. pattern instead of a "send" pattern <withdrawal_pattern>`.
Callstack Depth Call stack Depth
=============== ================
External function calls can fail any time because they exceed the maximum External function calls can fail any time because they exceed the maximum
call stack of 1024. In such situations, Solidity throws an exception. call stack of 1024. In such situations, Solidity throws an exception.
Malicious actors might be able to force the call stack to a high value Malicious actors might be able to force the call stack to a high value
before they interact with your contract. before they interact with your contract, by controlling the number of calls
and local function variables on the stack.
Note that ``.send()`` does **not** throw an exception if the call stack is Note that ``.send()`` does **not** throw an exception if the call stack is
depleted but rather returns ``false`` in that case. The low-level functions depleted but rather returns ``false`` in that case. The low-level functions