Importing a function from a JSON interface which returns bytes generates bytecode which does not clamp bytes length, potentially resulting in a buffer overrun.
bytes
0.3.2 (as of 049dbdc)
Use .vy interfaces.
Impact
Importing a function from a JSON interface which returns
bytesgenerates bytecode which does not clamp bytes length, potentially resulting in a buffer overrun.Patches
0.3.2 (as of 049dbdc)
Workarounds
Use .vy interfaces.