Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

check msg.data length #13352

Merged
merged 3 commits into from
May 31, 2024
Merged

check msg.data length #13352

merged 3 commits into from
May 31, 2024

Conversation

shileiwill
Copy link
Contributor

No description provided.

@shileiwill shileiwill marked this pull request as ready for review May 30, 2024 06:29
@shileiwill shileiwill requested review from a team as code owners May 30, 2024 06:29
@cl-sonarqube-production
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube

RyanRHall
RyanRHall approved these changes May 31, 2024
View reviewed changes
Copy link
Contributor

@RyanRHall RyanRHall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

one nitpick, not a blocker :)

contracts/scripts/native_solc_compile_all_automation
@@ -103,5 +103,6 @@ compileContract automation/dev/v2_3/AutomationRegistrar2_3.sol
compileContract automation/dev/v2_3/AutomationRegistry2_3.sol
compileContract automation/dev/v2_3/AutomationRegistryLogicA2_3.sol
compileContract automation/dev/v2_3/AutomationRegistryLogicB2_3.sol
compileContract automation/dev/v2_3/AutomationRegistryLogicC2_3.sol
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 crazy we've made it this far without having to add this lol

contracts/src/v0.8/automation/dev/test/AutomationRegistry2_3.t.sol
Comment on lines +1616 to +1618
bytes32(0x1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef),
bytes32(0xabcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890),
bytes32(0x7890abcdef1234567890abcdef1234567890abcdef1234567890abcdef123456)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

total nitpick, but it might be a little cleaner if we just use the _random() function to generate these bytes ex...

bytes32[3] memory exampleReportContext = [_random(), _random(), _random()];

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good call! I will take a note for this. will leave it as is for now since dont want tobother to get approvals again.

contracts/src/v0.8/automation/dev/test/AutomationRegistry2_3.t.sol
Comment on lines +1645 to +1647
(bool success, bytes memory returnData) = address(registry).call(badTransmitData); // send the bogus transmit
assertFalse(success, "Call did not revert as expected");
assertEq(returnData, abi.encodePacked(Registry.InvalidDataLength.selector));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't realize we wouldn't be able to use the expectRevert prank, but this seems like a very reasonable alternative! Nicely done 😎

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

indeed, i also prefer the shorter expectRevert, but expectRevert doesnt work for low level calls, which we are doing here.

contracts/src/v0.8/automation/dev/v2_3/AutomationRegistry2_3.sol
Comment on lines +93 to +96
// use this msg.data length check to ensure no extra data is included in the call
// 4 is first 4 bytes of the keccak-256 hash of the function signature. ss.length == rs.length so use one of them
// 4 + (32 * 3) + (rawReport.length + 32 + 32) + (32 * rs.length + 32 + 32) + (32 * ss.length + 32 + 32) + 32
uint256 requiredLength = 324 + rawReport.length + 64 * rs.length;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

amazing 🎉 I'm so glad there was a minimally complex solution to this problem

@shileiwill shileiwill added this pull request to the merge queue May 31, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks May 31, 2024
@shileiwill shileiwill added this pull request to the merge queue May 31, 2024
Merged via the queue into develop with commit 33a9cdf May 31, 2024
113 checks passed
@shileiwill shileiwill deleted the data_size branch May 31, 2024 18:09
@github-actions github-actions bot mentioned this pull request May 31, 2024
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FelixFan1992 FelixFan1992 FelixFan1992 approved these changes

@RyanRHall RyanRHall RyanRHall approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@shileiwill @RyanRHall @FelixFan1992