Silent failure while validating multi-component parameters

[theethernaut]

There might be a problem when checking for multi-component parameters such as votingSettings in templates like company: https://github.com/aragon/dao-templates/blob/master/templates/company/contracts/CompanyTemplate.sol#L197

I believe that Web3 is always setting the length to 3 and filling it with zeroes, or something like that. To demonstrate, I set up an example, in which the last 2 tests fail: https://github.com/ajsantander/arraylen/blob/master/test/arraylen.test.js#L15

[izqui]

A fixed-sized array (type[n]) always has length = n, so that check isn't doing anything and could be removed (or we could instead check that the values are not 0 if that's not allowed).

Fixed-sized arrays are ABI encoded differently than arbitrarily sized ones, as they are encoded inline and without the need to specify the length (because it's always n, and therefore the amount of bytes that the array takes when encoded can only depend on n which is known at compile time).

My guess is that this particular version of web3 just fills the calldata with 0s if one of the values is missing.

[theethernaut]

So, we have proof, and an explanation of why the current check doesn't work. I'd go with verifying each component individually then.