New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sig collision? #2

Open

nmushegian opened this issue Mar 7, 2017 · 2 comments

Member

nmushegian commented Mar 7, 2017

Looks like ANY trick is fine for src/dest, but is there some fuckery that could happen with a malicious function signature bytes4(uint32(-1))? @dbrock

The text was updated successfully, but these errors were encountered:

Contributor

dbrock commented Mar 8, 2017

I think not because I use bytes32 for precisely this reason, such that in case of a would-be collision we would be still comparing these distinct values:

0xffffffff00000000000000000000000000000000000000000000000000000000 # sig 
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff # ANY

Member Author

nmushegian commented Mar 8, 2017

Nice, I think that works as long as the previous bug where it wouldn't zero your bytes <32 args (because args are word aligned) isn't accidentally reverted with the loosey goosey solidity reference implentation

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment