Closed code423n4 closed 1 year ago
contested; we use the IR pipeline on the core contracts and purposefully turn it off on the reference contracts for a point of comparison / more robust tests — the reference contracts do not contain any inline assembly!
Looking at the HH and Foundry configs,
0.8.17
0.8.13
(reference profiles) with IR offHence, the mentioned Conduit.sol
contract does not have the specified compiler bug.
HickupHH3 marked the issue as unsatisfactory: Insufficient proof
Lines of code
https://github.com/ProjectOpenSea/seaport/blob/5de7302bc773d9821ba4759e47fc981680911ea0/contracts/conduit/Conduit.sol#L59
Vulnerability details
Impact
This bug only occurs under very specific conditions: the legacy optimizer must be enabled rather than the IR pipeline (true for the current project configuration), and the affected assembly blocks must not refer to any local Solidity variables
Proof of Concept
The solidity version 0.8.13 has some issues one of them is related to ‘Optimizer Bug Regarding Memory Side Effects of Inline Assembly’
Read more here Optimizer Bug Regarding Memory Side Effects of Inline Assembly
Exemple of writing in memory storage without reading after :
The conditions are met , inline assembly are used and optimization is enabled while compiling.
Tools Used
Reading code
Recommended Mitigation Steps
Use recent Solidity version 0.8.15 (or 0.8.17 the same version used in Seaport.sol contract) which has the fix for these issues.