Skip to content
This repository has been archived by the owner on Jan 9, 2025. It is now read-only.

bug: Underconstrained output in felt_to_bytes_little() allows contract deployments to incorrect addresses[1] #1563

Closed
obatirou opened this issue Oct 31, 2024 · 2 comments · Fixed by #1573
Closed

bug: Underconstrained output in felt_to_bytes_little() allows contract deployments to incorrect addresses[1] #1563

obatirou opened this issue Oct 31, 2024 · 2 comments · Fixed by #1573
Assignees
@obatirou
Labels
c4-october-2024

Comments

@obatirou
Copy link
Collaborator

obatirou commented Oct 31, 2024
edited
Loading

Bug Report

code-423n4/2024-09-kakarot-findings#118

Fix implementation

Check bytes_len do not exceed 31.
@github-project-automation github-project-automation bot moved this to 🆕 Backlog in Kakarot on Starknet Oct 31, 2024
@obatirou obatirou changed the title bug: Underconstrained output in felt_to_bytes_little() allows contract deployments to incorrect addresses bug: Underconstrained output in felt_to_bytes_little() allows contract deployments to incorrect addresses[1] Oct 31, 2024
@Pvsaint
Copy link

Pvsaint commented Oct 31, 2024

Hi, please let me handle this issue, as this would be my first open source contribution. I'm a fronted and smart contract developer, proficient in solidity and cairo languages.

@ShantelPeters

This comment was marked as abuse.

Sign in to view
@obatirou obatirou self-assigned this Nov 4, 2024
@obatirou obatirou mentioned this issue Nov 4, 2024
Merged
@github-project-automation github-project-automation bot moved this from 🆕 Backlog to ✅ Done in Kakarot on Starknet Nov 4, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@obatirou obatirou

Labels
c4-october-2024
Projects
No open projects
Kakarot on Starknet
Status: ✅ Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[KGA-31] [KGA-130] [KGA-138] fix: felt_to_bytes_little loop stop condition obatirou/kakarot
3 participants
@obatirou @Pvsaint @ShantelPeters