Updates
160,000 USDC
View results
Submission Details
Severity: low
Valid

Useless memory allocation bug in RawCall

Summary

RawCall has a bug that allocates useless memory.

Vulnerability Details

prototype of raw_call:
raw_call(to: address, data: Bytes, max_outsize: uint256 = 0, gas: uint256 = gasLeft, value: uint256 = 0, is_delegate_call: bool = False, is_static_call: bool = False, revert_on_failure: bool = True)→ Bytes[max_outsize]

vyper/vyper/builtins/functions.py

def build_IR(self, expr, args, kwargs, context):
    to, data = args
    # TODO: must compile in source code order, left-to-right
    gas, value, outsize, delegate_call, static_call, revert_on_failure = (
        kwargs["gas"],
        kwargs["value"],
        kwargs["max_outsize"],
        kwargs["is_delegate_call"],
        kwargs["is_static_call"],
        kwargs["revert_on_failure"],
    )


    ........


    output_node = IRnode.from_list(
        context.new_internal_variable(BytesT(outsize)), typ=BytesT(outsize), location=MEMORY
    )

At line 1143, when out_size is 0, a memory of type BytesT(0) will be allocated here with a size of 32 bytes and will never be used. So this should be corrected.

Impact

Low Risk

Tools Used

Recommendations

Updates

Lead Judging Commences

patrickalphac Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Useless memory allocation bug in RawCall

This could be informational

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.