Skip to content

Commit

Permalink
Merge pull request #4957 from ethereum/develop_v0425
Browse files Browse the repository at this point in the history
Merge to release for 0.4.25
  • Loading branch information
chriseth authored Sep 13, 2018
2 parents e67f014 + 76812ed commit 59dbf8f
Show file tree
Hide file tree
Showing 32 changed files with 1,000 additions and 66 deletions.
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ build/
docs/_build
docs/utils/__pycache__
docs/utils/*.pyc
/deps/downloads/

# vim stuff
*.swp
Expand All @@ -43,3 +44,5 @@ docs/utils/*.pyc
.idea
browse.VC.db
CMakeLists.txt.user
/CMakeSettings.json
/.vs
2 changes: 1 addition & 1 deletion CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ include(EthPolicy)
eth_policy()

# project name and version should be set after cmake_policy CMP0048
set(PROJECT_VERSION "0.4.24")
set(PROJECT_VERSION "0.4.25")
project(solidity VERSION ${PROJECT_VERSION})

option(SOLC_LINK_STATIC "Link solc executable statically on supported platforms" OFF)
Expand Down
11 changes: 11 additions & 0 deletions Changelog.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,14 @@
### 0.4.25 (2018-09-12)

Important Bugfixes:
* Code Generator: Properly perform cleanup for exponentiation and non-256 bit types.
* Type Checker: Report error when using indexed structs in events with experimental ABIEncoderV2. This used to log wrong values.
* Type Checker: Report error when using structs in events without experimental ABIEncoderV2. This used to crash or log the wrong values.
* Parser: Consider all unicode line terminators (LF, VF, FF, CR, NEL, LS, PS) for single-line comments
and string literals. They are invalid in strings and will end comments.
* Parser: Disallow unterminated multi-line comments at the end of input.
* Parser: Treat ``/** /`` as unterminated multi-line comment.

### 0.4.24 (2018-05-16)

Language Features:
Expand Down
18 changes: 18 additions & 0 deletions circle.yml
Original file line number Diff line number Diff line change
Expand Up @@ -155,6 +155,23 @@ jobs:
- store_artifacts: *solc_artifact
- persist_to_workspace: *all_artifacts

test_buglist:
docker:
- image: circleci/node
environment:
TERM: xterm
steps:
- checkout
- run:
name: JS deps
command: |
npm install download
npm install JSONPath
npm install mktemp
- run:
name: Test buglist
command: ./test/buglistTests.js

test_x86_linux:
docker:
- image: buildpack-deps:artful
Expand Down Expand Up @@ -217,6 +234,7 @@ workflows:
version: 2
build_all:
jobs:
- test_buglist: *build_on_tags
- build_emscripten: *build_on_tags
- test_emscripten_solcjs:
<<: *build_on_tags
Expand Down
11 changes: 0 additions & 11 deletions cmake/EthCompilerSettings.cmake
Original file line number Diff line number Diff line change
Expand Up @@ -132,17 +132,6 @@ elseif (DEFINED MSVC)
add_compile_options(-D_WIN32_WINNT=0x0600) # declare Windows Vista API requirement
add_compile_options(-DNOMINMAX) # undefine windows.h MAX && MIN macros cause it cause conflicts with std::min && std::max functions

# Always use Release variant of C++ runtime.
# We don't want to provide Debug variants of all dependencies. Some default
# flags set by CMake must be tweaked.
string(REPLACE "/MDd" "/MD" CMAKE_CXX_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_DEBUG}")
string(REPLACE "/D_DEBUG" "" CMAKE_CXX_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_DEBUG}")
string(REPLACE "/RTC1" "" CMAKE_CXX_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_DEBUG}")
string(REPLACE "/MDd" "/MD" CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG}")
string(REPLACE "/D_DEBUG" "" CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG}")
string(REPLACE "/RTC1" "" CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG}")
set_property(GLOBAL PROPERTY DEBUG_CONFIGURATIONS OFF)

# disable empty object file warning
set(CMAKE_STATIC_LINKER_FLAGS "${CMAKE_STATIC_LINKER_FLAGS} /ignore:4221")
# warning LNK4075: ignoring '/EDITANDCONTINUE' due to '/SAFESEH' specification
Expand Down
22 changes: 14 additions & 8 deletions cmake/jsoncpp.cmake
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,20 @@ else()
set(JSONCPP_CMAKE_COMMAND ${CMAKE_COMMAND})
endif()

include(GNUInstallDirs)
set(prefix "${CMAKE_BINARY_DIR}/deps")
set(JSONCPP_LIBRARY "${prefix}/${CMAKE_INSTALL_LIBDIR}/${CMAKE_STATIC_LIBRARY_PREFIX}jsoncpp${CMAKE_STATIC_LIBRARY_SUFFIX}")
set(JSONCPP_LIBRARY "${prefix}/lib/${CMAKE_STATIC_LIBRARY_PREFIX}jsoncpp${CMAKE_STATIC_LIBRARY_SUFFIX}")
set(JSONCPP_INCLUDE_DIR "${prefix}/include")

if(NOT MSVC)
set(JSONCPP_EXTRA_FLAGS "-std=c++11")
# TODO: Investigate why this breaks some emscripten builds and
# check whether this can be removed after updating the emscripten
# versions used in the CI runs.
if(EMSCRIPTEN)
# Do not include all flags in CMAKE_CXX_FLAGS for emscripten,
# but only use -std=c++11. Using all flags causes build failures
# at the moment.
set(JSONCPP_CXX_FLAGS -std=c++11)
else()
set(JSONCPP_CXX_FLAGS ${CMAKE_CXX_FLAGS})
endif()

set(byproducts "")
Expand All @@ -30,14 +37,13 @@ ExternalProject_Add(jsoncpp-project
CMAKE_ARGS -DCMAKE_INSTALL_PREFIX=<INSTALL_DIR>
-DCMAKE_C_COMPILER=${CMAKE_C_COMPILER}
-DCMAKE_CXX_COMPILER=${CMAKE_CXX_COMPILER}
-DCMAKE_INSTALL_LIBDIR=lib
# Build static lib but suitable to be included in a shared lib.
-DCMAKE_POSITION_INDEPENDENT_CODE=${BUILD_SHARED_LIBS}
-DJSONCPP_WITH_TESTS=OFF
-DJSONCPP_WITH_PKGCONFIG_SUPPORT=OFF
-DCMAKE_CXX_FLAGS=${JSONCPP_EXTRA_FLAGS}
# Overwrite build and install commands to force Release build on MSVC.
BUILD_COMMAND cmake --build <BINARY_DIR> --config Release
INSTALL_COMMAND cmake --build <BINARY_DIR> --config Release --target install
-DCMAKE_CXX_FLAGS=${JSONCPP_CXX_FLAGS}
-DCMAKE_BUILD_TYPE=${CMAKE_BUILD_TYPE}
${byproducts}
)

Expand Down
34 changes: 34 additions & 0 deletions docs/bugs.json
Original file line number Diff line number Diff line change
@@ -1,4 +1,29 @@
[
{
"name": "ExpExponentCleanup",
"summary": "Using the ** operator with an exponent of type shorter than 256 bits can result in unexpected values.",
"description": "Higher order bits in the exponent are not properly cleaned before the EXP opcode is applied if the type of the exponent expression is smaller than 256 bits and not smaller than the type of the base. In that case, the result might be larger than expected if the exponent is assumed to lie within the value range of the type. Literal numbers as exponents are unaffected as are exponents or bases of type uint256.",
"fixed": "0.4.25",
"severity": "medium/high",
"check": {"regex-source": "[^/]\\*\\* *[^/0-9 ]"}
},
{
"name": "EventStructWrongData",
"summary": "Using structs in events logged wrong data.",
"description": "If a struct is used in an event, the address of the struct is logged instead of the actual data.",
"introduced": "0.4.17",
"fixed": "0.4.25",
"severity": "very low",
"check": {"ast-compact-json-path": "$..[?(@.nodeType === 'EventDefinition')]..[?(@.nodeType === 'UserDefinedTypeName' && @.typeDescriptions.typeString.startsWith('struct'))]"}
},
{
"name": "PublicLibFunctionsDoNotReturnNestedArrays",
"summary": "Calls to public library functions (internal functions are safe) that return nested arrays return only zeroes.",
"description": "The compiler does not complain about public library functions (internal functions are safe) returning nested arrays, but it also does not return it correctly. Thus, the function caller receives only zeroes.",
"introduced": "0.4.11",
"fixed": "0.4.22",
"severity": "low"
},
{
"name": "OneOfTwoConstructorsSkipped",
"summary": "If a contract has both a new-style constructor (using the constructor keyword) and an old-style constructor (a function with the same name as the contract) at the same time, one of them will be ignored.",
Expand All @@ -7,6 +32,15 @@
"fixed": "0.4.23",
"severity": "very low"
},
{
"name": "NestedArrayFunctionCallDecoder",
"summary": "Calling functions that return multi-dimensional fixed-size arrays can result in memory corruption.",
"description": "If Solidity code calls a function that returns a multi-dimensional fixed-size array, array elements are incorrectly interpreted as memory pointers and thus can cause memory corruption if the return values are accessed. Calling functions with multi-dimensional fixed-size arrays is unaffected as is returning fixed-size arrays from function calls. The regular expression only checks if such functions are present, not if they are called, which is required for the contract to be affected.",
"introduced": "0.1.4",
"fixed": "0.4.22",
"severity": "medium",
"check": {"regex-source": "returns[^;{]*\\[\\s*[^\\] \\t\\r\\n\\v\\f][^\\]]*\\]\\s*\\[\\s*[^\\] \\t\\r\\n\\v\\f][^\\]]*\\][^{;]*[;{]"}
},
{
"name": "ZeroFunctionSelector",
"summary": "It is possible to craft the name of a function such that it is executed instead of the fallback function in very specific circumstances.",
Expand Down
14 changes: 14 additions & 0 deletions docs/bugs.rst
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,20 @@ conditions
is an object that can contain a boolean value ``optimizer``, which
means that the optimizer has to be switched on to enable the bug.
If no conditions are given, assume that the bug is present.
check
This field contains different checks that can be used to determine
whether a smart contract
contains the bug or not. The first type of check are Javascript regular
expressions that are to be matched against the source code ("source-regex").
If there is no match, then the bug is very likely
not present. If there is a match, the bug might be present. For improved
accuracy, the checks should be applied to the source code after stripping
comments.
The second type of check are patterns to be applied to the compact AST of
the Solidity program ("ast-compact-json-path"). The specified search query
is a `JsonPath <https://github.com/json-path/JsonPath>`_ expression.
If at least one path of the Solidity AST matches the query, the bug is
likely present.

.. literalinclude:: bugs.json
:language: js
Loading

0 comments on commit 59dbf8f

Please sign in to comment.