Calldata tuple reencoding head overflow bug detector#
Reports a possibility of triggering a compiler bug when ABI-encoding a tuple with at least one dynamic component and the last component as a statically-sized
The bug would cause malformed output of the ABI encoder caused by overwriting some of the encoded values. The detector reports concerned ABI-encoding expressions if a fault compiler version may be used. Functions that when externally called may trigger the bug are also reported. In such cases, the compiler version is not checked since the bug is triggered by the caller.
See the bug announcement for more details. The bug was fixed in Solidity 0.8.16.
- An encoded tuple must have at least one dynamic component. In this example, the dynamic component is
- ABI encoding may be explicit (i.e.
abi.encode(...)) or implicit when doing an external call. In this example, the function
fis called externally. To call the function, its parameters must be ABI-encoded.
cis the last component of the tuple, complying with the condition of statically-sized array.
Tstruct is the dynamic component also needed to trigger the bug.
- Call to the bug-affected function
fperforms an implicit ABI encoding and triggers the bug.
datamust be stored in
calldatato trigger the bug.
The detector does not accept any additional parameters.