ArkProject: NFT Bridge
ArkProject
NFTBridge
60,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Unsafe Casting

emma77

Summary

Downcasting in Solidity can be unsafe due to the potential for data loss and unintended behavior.

Vulnerability Details

unsafe casting:

byteString[i] = bytes1(uint8(asciiValue));

function uint256AsciiNbcharsToString(
uint256 value,
uint8 length
)
internal
pure
returns (string memory)
{
string memory s = new string(length);
bytes memory byteString = bytes(s);
// cairo string is 31 bytes with first character as higher bit
for (uint256 i = 0; i < length; ++i) {
uint256 asciiValue = (value >> (8 * (length - 1 - i))) & 0xFF;
@> byteString[i] = bytes1(uint8(asciiValue)); // @audit --> Unsafe Casting
}
return s;
}

Impact

data loss and unintended behavior.

Tools Used

manual review

Recommendations

Use OpenZeppelin's SafeCast library

Updates

Lead Judging Commences

n0kto Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.