Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The `concat` built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the `build_IR` for `concat` doesn't properly adhere to the API of copy functions (for `>=0.3.2` the `copy_bytes` function). A contract search was performed and no vulnerable contracts were found in production. The buffer overflow can result in the change of semantics of the contract. The overflow is length-dependent and thus it might go unnoticed during contract testing. However, certainly not all usages of concat will result in overwritten valid data as we require it to be in an internal function and close to the return statement where other memory allocations don't occur. This issue has been addressed in commit `55e18f6d1` which will be included in future releases. Users are advised to update when possible.
Vyper es un lenguaje de contrato inteligente pitónico para la máquina virtual Ethereum. El `concat` integrado puede escribir sobre los límites del búfer de memoria que se le asignó y así sobrescribir los datos válidos existentes. La causa principal es que `build_IR` para `concat` no se adhiere correctamente a la API de funciones de copia (para `>=0.3.2` la función `copy_bytes`). Se realizó una búsqueda de contratos y no se encontraron contratos vulnerables en producción. El desbordamiento de búfer puede provocar un cambio en la semántica del contrato. El desbordamiento depende de la longitud y, por lo tanto, puede pasar desapercibido durante las pruebas del contrato. Sin embargo, ciertamente no todos los usos de concat darán como resultado la sobrescritura de datos válidos, ya que requerimos que estén en una función interna y cerca de la declaración de devolución donde no ocurren otras asignaciones de memoria. Este problema se solucionó en el commit `55e18f6d1` que se incluirá en versiones futuras. Se recomienda a los usuarios que actualicen cuando sea posible.
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The `concat` built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the `build_IR` for `concat` doesn't properly adhere to the API of copy functions (for `>=0.3.2` the `copy_bytes` function). A contract search was performed and no vulnerable contracts were found in production. The buffer overflow can result in the change of semantics of the contract. The overflow is length-dependent and thus it might go unnoticed during contract testing. However, certainly not all usages of concat will result in overwritten valid data as we require it to be in an internal function and close to the return statement where other memory allocations don't occur. This issue has been addressed in 0.4.0.
