Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

QA Report #110

Closed
howlbot-integration bot opened this issue Sep 20, 2024 · 2 comments
Closed

QA Report #110

howlbot-integration bot opened this issue Sep 20, 2024 · 2 comments
Labels
bug Something isn't working grade-c QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality unsatisfactory does not satisfy C4 submission criteria; not eligible for awards

Comments

@howlbot-integration
Copy link

howlbot-integration bot commented Sep 20, 2024

See the markdown file with the details of this report here.

@howlbot-integration howlbot-integration bot added bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality labels Sep 20, 2024
howlbot-integration bot added a commit that referenced this issue Sep 20, 2024
howlbot-integration bot added a commit that referenced this issue Sep 20, 2024
@3docSec
Copy link

3docSec commented Oct 4, 2024

L-01 is very vague about what's wrong and how it should be fixed.

This test works just fine:

  function test3doc() external {
    string memory testStr = hex'0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728';
    (bytes32 word0, bytes32 word1) = _packString(testStr);

    console.logBytes32(word0);
    console.logBytes32(word1);
  }

L-02 invalid - it's a feature to protect from reorgs. I'd argue that allowing "0" is not strict enough...

L-03 invalid - it's a misunderstanding. hooksTemplate is likely expecting the code to have been stored with a mechanism like SSTORE2, which prefixes the actual code with a 00 STOP operation to prevent execution in-place)

L-04 valid L, similar to #9 but I wouldn't dupe because it fails to highlight an impact

L-05 invalid - avoid collisions is the reason Transient:TmpMarketParametersStorage why is hashed as key.

Stopping here, signal to noise ratio is too low.

@c4-judge
Copy link
Contributor

c4-judge commented Oct 4, 2024

3docSec marked the issue as grade-c

@c4-judge c4-judge closed this as completed Oct 4, 2024
@c4-judge c4-judge added grade-c unsatisfactory does not satisfy C4 submission criteria; not eligible for awards labels Oct 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working grade-c QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality unsatisfactory does not satisfy C4 submission criteria; not eligible for awards
Projects
None yet
Development

No branches or pull requests

2 participants