Safety Alert – Solidity – Variables will be overwritten in storage – CoinNewsTrend

Safety Alert – Solidity – Variables will be overwritten in storage

Posted by By Admin

[ad_1]

Abstract: In some conditions, variables can overwrite different variables in storage.

Affected Solidity compiler variations: 0.1.6 to 0.4.3 (together with 0.4.4 pre-release variations)

Detailed description:

Storage variables which are smaller than 256 bits are packed collectively into the identical 256 bit slot if they’ll match. If a price bigger than what’s allowed by the sort is assigned to the primary variable, that worth will overwrite the second variable.

This implies if an attacker could cause an overflow within the worth of the primary variable, then the second variable will be modified. Creating an overflow within the first variable is feasible utilizing arithmetics or by straight passing in a price from the decision information (values in name information are aligned to 32 bytes, and padding is neither verified nor enforced).

Contracts that solely use the categories listed beneath for state variables are not affected. Arrays, mappings and structs (primarily based on these following varieties) are additionally not affected:

  • signed integers, together with sizes smaller than 256 bits
  • bytesNN varieties, together with sizes smaller than 256 bits
  • unsigned integers (uint) of 256 bits

Contracts with varieties smaller than 256 bits which are by no means subsequent to one another (observe that state variables of base contracts are “pulled in”) are not affected.

The Ethereum multisignature pockets contract is not affected.
Observe that addresses take up 160 bits, so contracts that solely use addresses and 256-bit varieties are secure. Moreover, addresses and booleans are nearly by no means manipulated through arithmetic operations in apply, so contracts utilizing solely addresses, booleans and 256 bit varieties must also be secure.

The next contracts could also be affected:
Contracts containing two or extra contiguous state variables the place the sum of their sizes is lower than 256 bits and the primary state variable will not be a signed integer and never of bytesNN kind.

Varieties smaller than 256 bits embrace:
bool, enums, uint8, …, uint248, int8, …, int248, handle, any contract kind

Advisable motion:

  • Recompile contracts that haven’t but been deployed utilizing at the least Solidity launch 0.4.4 (not the pre-release or nightly model).
  • Deactivate, take away funds from, or improve already deployed contracts.

This vulnerability was discovered by [github.com/catageek](https://github.com/catageek): [https://github.com/ethereum/solidity/issues/1306](https://github.com/ethereum/solidity/points/1306)

[ad_2]

Supply hyperlink