This PR changes the _sha256 implementation to check the result from the static call. There is a very subtle bug with not checking, where, for very large inputs, you would be able to get the precompile to revert but have the function finish executing successfully (and use whatever is in the scratch space as the digest).
Note that we do not check the length of the returndata. This is intentional and the same thing that the Solidity compiler does for the builtin sha256 function.
Fixes https://github.com/hats-finance/Safe-0x2909fdefd24a1ced675cb1444918fa766d76bdac/issues/14, also see https://github.com/hats-finance/Safe-0x2909fdefd24a1ced675cb1444918fa766d76bdac/pull/22 for some additional context.
This PR changes the
_sha256implementation to check the result from the static call. There is a very subtle bug with not checking, where, for very large inputs, you would be able to get the precompile to revert but have the function finish executing successfully (and use whatever is in the scratch space as the digest).Note that we do not check the length of the
returndata. This is intentional and the same thing that the Solidity compiler does for the builtinsha256function.