Using calldata for function return values is not allowed in Solidity. The calldata keyword is specifically intended for input parameters in external functions to optimize gas usage when dealing with read-only data passed from outside the contract. However, return values must reside in memory or storage because they often need to be modified, and calldata is immutable.
Return values must typically reside in memory or storage, as they need to be stored temporarily (in memory) or persistently (in storage).
Impact
Attempting to use calldata for return types will result in a compilation error.
Albort
Medium
The incorrect use of calldata
Summary
Vulnerability Detail
Using
calldatafor function return values is not allowed in Solidity. The calldata keyword is specifically intended for input parameters in external functions to optimize gas usage when dealing with read-only data passed from outside the contract. However, return values must reside in memory or storage because they often need to be modified, and calldata is immutable.Return values must typically reside in
memoryorstorage, as they need to be stored temporarily (in memory) or persistently (in storage).Impact
Attempting to use
calldatafor return types will result in a compilation error.Code Snippet
https://github.com/sherlock-audit/2024-08-saffron-finance/blob/main/lido-fiv/contracts/interfaces/ILidoWithdrawalQueueERC721.sol#L21
https://github.com/sherlock-audit/2024-08-saffron-finance/blob/main/lido-fiv/contracts/interfaces/ILidoWithdrawalQueueERC721.sol#L29
Tool used
Manual Review
Recommendation