Skip to content
This repository was archived by the owner on Nov 15, 2023. It is now read-only.
This repository was archived by the owner on Nov 15, 2023. It is now read-only.

Zero-padding in storage should not be applied #347

Closed
Closed
Zero-padding in storage should not be applied#347
Assignees
gavofyork
Labels
I2-securityThe client fails to follow expected, security-sensitive, behaviour.Z1-easyCan be fixed primarily by duplicating and adapting code by an intermediate coder
Milestone
1.0 beta
@gavofyork

Description

@gavofyork
gavofyork
opened on Jul 17, 2018

Currently when reading from storage, if the entry in storage is too small, zeroes are appended. This works fine for single LE ints, but less well in pretty much any other situation and could easily lead to security issues.

Zero-padding should only be applied when reading specific types, essentially just Balance. In other instances, the runtime should simply be allowed to fail.

In any case, all zero-padding this should be removed entirely once we decommission the PoC-1/2 testnet.

Metadata

Metadata

Assignees

Labels

I2-securityThe client fails to follow expected, security-sensitive, behaviour.Z1-easyCan be fixed primarily by duplicating and adapting code by an intermediate coder

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions