Security Alerts

On September 5, 2022, a bug in Solidity’s Yul optimizer was found by differential fuzzing. The bug was introduced in version 0.8.13 and Solidity version 0.8.17, released on September 08, 2022, provides a fix. The bug is significantly easier to trigger with optimized via-IR code generation, but can theoretically also occur in optimized legacy code generation. We assigned the bug a severity of “medium/high”. [Read More]

On July 5, 2022, Chance Hudson (@vimwitch) from the Ethereum Foundation discovered a bug in the Solidity code generator. The earliest affected version of the compiler is 0.5.8, which introduced ABI-reencoding of calldata arrays and structs. Solidity version 0.8.16, released on August 08, 2022, provides a fix. We assigned the bug a severity of “medium”. [Read More]

On June 5, 2022, John Toman of the Certora development team reported an optimizer bug that can cause memory writes in inline assembly blocks to be incorrectly removed under certain conditions. The bug was introduced in Solidity 0.8.13 with a new Yul optimizer step meant to remove unused writes to memory and storage. We assigned the bug a severity of “medium”. [Read More]

On July 1, 2021, a bug in the Solidity code generator was found by differential fuzzing. The bug causes the legacy code generation pipeline to generate code that may write dirty values to storage when copying bytes arrays from calldata or memory. Initially, it was assumed that the dirty values in storage are only observable using inline assembly. However, resizing a bytes array using an empty .push() without actually writing values to it, can expose the dirty bytes without any... [Read More]

On February 5th 2021, Nicolas Venturo reported a bug that allows overriding functions to change the data location of parameters from memory to calldata. The bug was introduced in Solidity 0.6.9 together with the ability to use calldata data location for all variables (and not just parameters of external functions). We assigned the bug a severity of “very low”. [Read More]

On April 7, 2022, a bug in the Solidity code generator was reported by John Toman of the Certora development team. Certora’s bug disclosure post can be found here. The bug is fixed with Solidity version 0.8.14 released on May 17, 2022. The bug was first introduced in Solidity version 0.5.8. We assigned the bug a severity of “very low”. [Read More]

On March 10th, 2022, the Solidity team discovered a bug in the implementation of abi.encodeCall when used together with fixed-length bytes literals. It was introduced together with abi.encodeCall in Solidity 0.8.11 and is fixed in 0.8.13. We assigned the bug a severity of “very low”. [Read More]

On September 28th, 2021, Harry Altman (@haltman-at) of Truffle discovered a bug in user defined value types. The bug has no influence on the correctness of Solidity contracts, but contracts compiled with Solidity 0.8.8 that use the new feature are unnecessarily wasteful and might have problems with tooling or contract upgrades. The bug exists only in Solidity 0.8.8 and is fixed in 0.8.9. We assigned the bug a severity of “very low”. [Read More]

On September 28th, 2021, the Solidity team discovered that for immutable variables of a signed integer type shorter than 256 bits, sign extension (cleanup) of its value is not always properly performed. To our knowledge, the value can only be accessed in its unclean state when using inline assembly. The bug is present since the introduction of the immutable feature in Solidity 0.6.5 and is fixed in 0.8.9. We assigned the bug a severity of “very low”. [Read More]

On April 5th, 2021, a bug in the Solidity ABI decoder v2 was reported by John Toman of the Certora development team. Certora’s bug disclosure post can be found here: Memory Isolation Violation in Deserialization Code. The bug is fixed with Solidity version 0.8.4 released on April 21st, 2021. The bug is present in all prior versions of ABI coder v2. We assigned the bug a severity level of “very low”, mainly due to the fact that it is very... [Read More]

On March 20, 2021, a bug in Solidity’s bytecode optimizer was found by differential fuzzing. The bug is fixed with version 0.8.3 released on March 23, 2021. The bug is present in all prior versions of Solidity. We assigned the bug a severity level of “medium”. [Read More]

On October 14, 2020, a bug in the Solidity code generator was reported by John Toman of the Certora development team. Certora’s bug disclosure post can be found here. The bug is fixed with Solidity version 0.7.4 released on October 19, 2020. The bug is present in all prior versions of Solidity. We assigned the bug a severity level of “medium”. [Read More]

On September 17, 2020, a bug in the Solidity code generator was found. The bug is fixed with version 0.7.3 released on October 7, 2020. The bug is present in all prior versions of Solidity. We assigned the bug a severity level of “medium”. [Read More]

On the 28th of March, a bug in the Solidity code generator was reported through the Ethereum Foundation Bounty program, by John Toman of Certora. The bug is fixed with version 0.6.5, released on 2020-04-06. The bug is present in all prior versions of Solidity. We assigned a severity level of “low” because we found the bug to be uncommon and at the same time hard to exploit. [Read More]

This post was originally published on the Ethereum blog. This blog post is about two bugs connected to storage arrays which are otherwise unrelated. Both have been present in the compiler for a long time and have only been discovered now even though a contract containing them should very likely show malfunctions in tests. Daenam Kim with help from Nguyen Pham, both from Curvegrid discovered an issue where invalid data is stored in connection with arrays of signed integers. This... [Read More]

This post was originally published on the Ethereum blog. Through the Ethereum bug bounty program, we received a report about a flaw within the new experimental ABI encoder (referred to as ABIEncoderV2). Upon investigation, it was found that the component suffers from a few different variations of the same type. The first part of this announcement explains this bug in detail. The new ABI encoder is still marked as experimental, but we nevertheless think that this deserves a prominent announcement... [Read More]

This post was originally published on the Ethereum blog. The latest version 0.4.25 release of Solidity fixes two important bugs. Another important bug has already been fixed in version 0.4.22 but it was only discovered recently that the bug existed. Note that the Ethereum Foundation runs a bounty program for the code generator part of Solidity. [Read More]

This post was originally published on the Ethereum blog. A bug in the Solidity optimizer was reported through the Ethereum Foundation Bounty program, by Christoph Jentzsch. This bug is patched as of 2017-05-03, with the release of Solidity 0.4.11. [Read More]

This post was originally published on the Ethereum blog. This blog post provides an update on our findings following the discovery of the storage corruption bug last week. In summary, the bug was much less severe than we initially thought. The small number of affected contracts we found is either only exploitable by the owner, or the exploit can only cause a disruption in the user interface and not in the actual contract logic. All exploitable contracts/dapps we reviewed can... [Read More]

This post was originally published on the Ethereum blog. Summary: In some situations, variables can overwrite other variables in storage. **Affected Solidity compiler versions: **0.1.6 to 0.4.3 (including 0.4.4 pre-release versions) Detailed description: Storage variables that are smaller than 256 bits are packed together into the same 256 bit slot if they can fit. If a value larger than what is allowed by the type is assigned to the first variable, that value will overwrite the second variable. This means... [Read More]

This post was originally published on the Ethereum blog. Solidity was started in October 2014 when neither the Ethereum network nor the virtual machine had any real-world testing, the gas costs at that time were even drastically different from what they are now. Furthermore, some of the early design decisions were taken over from Serpent. During the last couple of months, examples and patterns that were initially considered best-practice were exposed to reality and some of them actually turned out... [Read More]