Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upDisallow conflicting method IDs #1530
Conversation
|
LGTM |
|
@jacqueswww @fubuloubu Not sure if this check is happening in the right place. But I guess we can move it to wherever it needs to go. |
|
LGTM too So, this will throw when compiling other people's interfaces? That's not terrible because no one should have this anyways. |
|
@fubuloubu Didn't realize that same code was used in that context but yes, it should throw in that case as well. Although it should probably say that the problem is with an external interface. |
|
Interfaces is fine I reckon, the other location could've been: |
|
@fubuloubu @jacqueswww Actually, this will not throw for issues with external interfaces as far as I know. For example, with this patch, this contract compiles just fine: contract TestContract:
def gsf() -> uint256: constant
def tgeo() -> uint256: constant
@public
@constant
def foo() -> uint256:
return 1 |
What was wrong?
It's possible to compile a vyper contract that contains conflicting methods. That is, if a contract has two or more methods that produce the same internal routing ID (used for method selection during contract execution), it will still compile and create a contract with a security vulnerability.
How did I fix it?
Added a check for duplicate method IDs in the contract interface.
How to verify it?
Run the tests.
Description for the changelog
Cute Animal Picture