search

vyperlang / vyper

Pythonic Smart Contract Language for the EVM
https://vyperlang.org
Other
4.85k stars 791 forks source link

fix[codegen]: `make_setter` overlap in the presence of `staticcall` #4128

Closed charles-cooper closed 3 months ago

charles-cooper commented 3 months ago

What I did

How I did it

How to verify it

Commit message

this commit fixes another overlap bug in `make_setter`. this is a
variant of the fixes in ad9c10b0b98e2d and 1c8349e867b2b3, specifically
fixing an oversight in ad9c10b0b98e2d - when there is a `staticcall`
contained inside of `make_setter`, there can still be src/dst overlap,
due to read-only re-entrancy(!). this commit adds `staticcall` to the
list of "risky call" opcodes, and adds a poc test case (contributed by
@trocher).

---------

Co-authored-by: trocher <trooocher@proton.me>

Description for the changelog

Cute Animal Picture

![Put a link to a cute animal picture inside the parenthesis-->]()