search

AstrolabDAO / strats

Home of Astrolab strategies
Other
15 stars 11 forks source link

[AAS-02M] Incorrect Usage of Memory #14

Open pde-rent opened 8 months ago

pde-rent commented 8 months ago

Recommendation:

We advise the code to utilize the self.slot directly or to properly reserve memory using the free memory pointer at 0x80.

Very good finding - Using 0x80 directly, or a free-memory pointer as shown below, should fix it. Despite the critical nature, since AsArray arithmetics are not used in the codebase, I would argue that the severity could be reviewed down.

let ptr := mload(0x40) // free memory pointer
mstore(ptr, self.slot)
omniscia-core commented 8 months ago

Hey @pde-rent, thanks for your feedback. We will not be able to reduce the severity of this exhibit as this particular flaw is present under all potential invocation scenarios of the function and as such whether it is used or not is irrelevant to its severity. As a counterexample, a function that would misbehave with input A but is not used with input A in the codebase would be reduced in severity as it would behave properly with all non-A inputs.

pde-rent commented 8 months ago

Fair enough, thank you for the digging. We really appreciate the effort