Overview: In certain circumstances, variables may overwrite others in storage.
Affected versions of Solidity compiler: 0.1.6 up to 0.4.3 (inclusive of 0.4.4 pre-release versions)
In-depth explanation:
Storage variables smaller than 256 bits are grouped within the same 256 bit slot if they can fit together. When a value exceeding the allowed range of the type is assigned to the first variable, that value overwrites the subsequent variable.
Consequently, if an adversary manages to induce an overflow in the value of the first variable, the second variable could be altered. An overflow can be triggered in the first variable through arithmetic operations or by directly supplying a value from the call data (as call data values align to 32 bytes, padding is not checked or enforced).
Contracts exclusively utilizing the types specified below for state variables are not impacted. Arrays, mappings, and structs (constructed from those specified types) are also not impacted:
- signed integers, including those smaller than 256 bits
- bytesNN types, including those smaller than 256 bits
- unsigned integers (uint) of 256 bits
Contracts comprising types smaller than 256 bits that are never adjacent to one another (it should be noted that state variables from base contracts are “pulled in”) are not affected.
The Ethereum multisignature wallet contract remains not affected.
It’s important to note that addresses consume 160 bits, which means contracts that solely utilize addresses and 256-bit types are secure. Furthermore, addresses and booleans are rarely manipulated through arithmetic in practice, so contracts using only addresses, booleans, and 256-bit types should also be deemed secure.
The following contracts might be at risk:
Contracts containing two or more adjacent state variables whose total size is less than 256 bits, where the first state variable is neither a signed integer nor of bytesNN type.
Types smaller than 256 bits encompass:
bool, enums, uint8, …, uint248, int8, …, int248, address, any contract type
Suggested measures:
- Recompile contracts that are not yet deployed using at least Solidity version 0.4.4 (excluding pre-release or nightly versions).
- Deactivate, withdraw funds from, or upgrade already deployed contracts.
This vulnerability was discovered by [github.com/catageek](https://github.com/catageek): [https://github.com/ethereum/solidity/issues/1306](https://github.com/ethereum/solidity/issues/1306)