Conversation
| function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s, uint blockExpired, bytes32 salt) | ||
| returns (address) | ||
| { | ||
| require(hash == sha3(blockExpired, salt)); |
There was a problem hiding this comment.
What is the point having blockExpired/salt?
There was a problem hiding this comment.
It was just part of the example code that triggered the bug.
There was a problem hiding this comment.
Oh, now I see. No, we actually need it, computing sha3(blockExpired, salt) is the part that puts the correct data into the correct point in memory that was not properly zeroed out.
There was a problem hiding this comment.
In that case wouldn’t an assembly piece to write random stuff at the free memory pointer would be the most definitive test? This test now depends on sha3 behaving as it is. (Also we renamed it to keccak256 internally :) )
|
Added the assembly test. |
| function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s, uint blockExpired, bytes32 salt) | ||
| returns (address) | ||
| { | ||
| require(hash == sha3(blockExpired, salt)); |
There was a problem hiding this comment.
Please use keccak256 instead of sha3 as in the rest of the tests.
| [ | ||
| { | ||
| "name": "ECRecoverMalformedInput", | ||
| "summary": "The ecrecover() builtin can return garbage for malformed input.", |
There was a problem hiding this comment.
Just marking it here: this indentation is off and below too. We'll fix later.
2 participants
No description provided.