search

code-423n4 / 2022-07-fractional-findings

0 stars 0 forks source link

Optimizer bug with memory operations with Solidity `0.8.13` #641

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Lines of code

https://github.com/code-423n4/2022-07-fractional/blob/8f2697ae727c60c93ea47276f8fa128369abfe51/src/targets/Transfer.sol#L18-L22 https://github.com/code-423n4/2022-07-fractional/blob/8f2697ae727c60c93ea47276f8fa128369abfe51/src/targets/Transfer.sol#L222-L227 https://github.com/code-423n4/2022-07-fractional/blob/8f2697ae727c60c93ea47276f8fa128369abfe51/src/targets/Transfer.sol#L341-L347 https://github.com/code-423n4/2022-07-fractional/blob/8f2697ae727c60c93ea47276f8fa128369abfe51/src/targets/Transfer.sol#L474-L480

Vulnerability details

Optimizer bug with memory operations with Solidity 0.8.13

Several contracts have functions performing low level assembly memory operations: MerkleBase.sol, Transfer.sol. Due to a bug in the optimizer for Solidity 0.8.13, these operations can be omitted by the compiler. This would result in several functions breaking, including key transfer functions such as Transfer.ERC20Transfer or Transfer.ERC721TransferFrom

Impact

High

Proof Of Concept

see this article

use of `mstore` or `returndatacopy` can be omitted by compiler 0.8.13

Mitigation

Update the compiler's versions to 0.8.15

ecmendenhall commented 2 years ago

https://github.com/code-423n4/2022-07-fractional-findings/issues/604

0x0aa0 commented 2 years ago

Duplicate of #604

HardlyDifficult commented 2 years ago

No POC demonstrating that these contracts are impacted - lowering risk and merging with the warden's QA report #628