-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix/finding #18 Prevent Memory Overwrite in withdrawDepositTo Function #125
Fix/finding #18 Prevent Memory Overwrite in withdrawDepositTo Function #125
Conversation
Fix/finding #18 Prevent Memory Overwrite in withdrawDepositTo Function
🚨 Report Summary
For more details view the full report in OpenZeppelin Code Inspector |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## remediations/cantina-spearbit #125 +/- ##
=================================================================
+ Coverage 72.19% 75.60% +3.41%
=================================================================
Files 13 13
Lines 694 664 -30
Branches 150 153 +3
=================================================================
+ Hits 501 502 +1
+ Misses 193 162 -31
Continue to review full report in Codecov by Sentry.
|
…tests to TestAccountExecution_TryExecuteSingle.t.sol
the linked issue is wrong ser. #18 goes to github issue number 18 |
shouldn't you/we open an issue on solady repo and validate and discuss this there as well? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
review i
…ttps://github.com/bcnmy/nexus into fix/finding-21-emit-events
Fix/finding #21 - Emit Events for Failed Try Execution in `execute`
…hdraw-deposit-memory
…draw-deposit-memory
🤖 Slither Analysis Report 🔎Slither report
# Slither report
_This comment was automatically generated by the GitHub Actions workflow._
THIS CHECKLIST IS NOT COMPLETE. Use
locked-ether🟡 Impact: Medium
utils/RegistryBootstrap.sol#L33-L165 constable-statesImpact: Optimization
|
45feee0
into
remediations/cantina-spearbit
This PR addresses the memory overwrite issue identified in finding #18. The problem arises in the
withdrawDepositTo
function where theamount
argument overwrites part of the free memory pointer, leading to potential out-of-gas reverts due to quadratic memory expansion costs. Additionally, this could prevent the actual revert return data from bubbling up.Changes Made:
withdrawDepositTo
function to store the free memory pointer at the beginning of the assembly block.