Submission Details
Severity:
Useless memory allocation bug in RawCall
Summary
RawCall has a bug that allocates useless memory.
Vulnerability Details
prototype of raw_call:
raw_call(to: address, data: Bytes, max_outsize: uint256 = 0, gas: uint256 = gasLeft, value: uint256 = 0, is_delegate_call: bool = False, is_static_call: bool = False, revert_on_failure: bool = True)→ Bytes[max_outsize]
vyper/vyper/builtins/functions.py
def build_IR(self, expr, args, kwargs, context):
to, data = args
# TODO: must compile in source code order, left-to-right
gas, value, outsize, delegate_call, static_call, revert_on_failure = (
kwargs["gas"],
kwargs["value"],
kwargs["max_outsize"],
kwargs["is_delegate_call"],
kwargs["is_static_call"],
kwargs["revert_on_failure"],
)
........
output_node = IRnode.from_list(
context.new_internal_variable(BytesT(outsize)), typ=BytesT(outsize), location=MEMORY
)
At line 1143, when out_size is 0, a memory of type BytesT(0) will be allocated here with a size of 32 bytes and will never be used. So this should be corrected.
Impact
Low Risk
Tools Used
Recommendations
Updates
Lead Judging Commences
patrickalphac over 1 year ago
Submission Judgement Published Assigned finding tags:
Useless memory allocation bug in RawCall
This could be informational
Prize pool breakdown
Total prize
160,000 USDC
nSLOC
14,64411 USDC / LOC
150,000 USDC
10,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.