npm - @1inch/solidity-utils - Versions diffs - 2.0.24 → 2.0.25 - Mend

@1inch/solidity-utils 2.0.24 → 2.0.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/contracts/libraries/ECDSA.sol +4 -8
package/contracts/libraries/StringUtil.sol +5 -5
package/contracts/libraries/UniERC20.sol +13 -11
package/contracts/mocks/ERC20PermitMock.sol +16 -0
package/package.json +1 -1

package/contracts/libraries/ECDSA.sol CHANGED Viewed

@@ -133,9 +133,8 @@ library ECDSA {
             mstore(add(ptr, 0x24), 0x40)
             mstore(add(ptr, 0x44), signature.length)
             calldatacopy(add(ptr, 0x64), signature.offset, signature.length)
-            mstore(0, 0)
             if staticcall(gas(), signer, ptr, add(0x64, signature.length), 0, 0x20) {
-                success := eq(selector, mload(0))
+                success := and(eq(selector, mload(0)), eq(returndatasize(), 0x20))
             }
         }
     }
@@ -153,9 +152,8 @@ library ECDSA {
             mstore(add(ptr, 0x64), r)
             mstore(add(ptr, 0x84), s)
             mstore8(add(ptr, 0xa4), v)
-            mstore(0, 0)
             if staticcall(gas(), signer, ptr, 0xa5, 0, 0x20) {
-                success := eq(selector, mload(0))
+                success := and(eq(selector, mload(0)), eq(returndatasize(), 0x20))
             }
         }
     }
@@ -174,9 +172,8 @@ library ECDSA {
             mstore(add(ptr, 0x44), 64)
             mstore(add(ptr, 0x64), r)
             mstore(add(ptr, 0x84), vs)
-            mstore(0, 0)
             if staticcall(gas(), signer, ptr, 0xa5, 0, 0x20) {
-                success := eq(selector, mload(0))
+                success := and(eq(selector, mload(0)), eq(returndatasize(), 0x20))
             }
         }
     }
@@ -196,9 +193,8 @@ library ECDSA {
             mstore(add(ptr, 0x64), r)
             mstore(add(ptr, 0x84), shr(1, shl(1, vs)))
             mstore8(add(ptr, 0xa4), add(27, shr(255, vs)))
-            mstore(0, 0)
             if staticcall(gas(), signer, ptr, 0xa5, 0, 0x20) {
-                success := eq(selector, mload(0))
+                success := and(eq(selector, mload(0)), eq(returndatasize(), 0x20))
             }
         }
     }

package/contracts/libraries/StringUtil.sol CHANGED Viewed

@@ -51,12 +51,12 @@ library StringUtil {
             result := mload(0x40)
             let length := mload(data)
-            let resultLength := add(mul(length, 2), 2)
-            let toPtr := add(result, 0x20)
+            let resultLength := shl(1, length)
+            let toPtr := add(result, 0x22)          // 32 bytes for length + 2 bytes for '0x'
             mstore(0x40, add(toPtr, resultLength))  // move free memory pointer
-            mstore(result, resultLength)
-            mstore(toPtr, 0x3078000000000000000000000000000000000000000000000000000000000000)  // set 0x as first two bytes
-            toPtr := add(toPtr, 0x02)
+            mstore(add(result, 2), 0x3078)          // 0x3078 is right aligned so we write to `result + 2`
+                                                    // to store the last 2 bytes in the beginning of the string
+            mstore(result, add(resultLength, 2))    // extra 2 bytes for '0x'
             for {
                 let fromPtr := add(data, 0x20)

package/contracts/libraries/UniERC20.sol CHANGED Viewed

@@ -17,7 +17,6 @@ library UniERC20 {
     using SafeERC20 for IERC20;
     error InsufficientBalance();
-    error ETHSendFailed();
     error ApproveCalledOnETH();
     error NotEnoughValue();
     error FromIsNotSender();
@@ -42,8 +41,8 @@ library UniERC20 {
         if (amount > 0) {
             if (isETH(token)) {
                 if (address(this).balance < amount) revert InsufficientBalance();
-                (bool success, ) = to.call{value: amount}("");  // solhint-disable-line avoid-low-level-calls
-                if (!success) revert ETHSendFailed();
+                // we do not use low-level calls to protect from possible reentrancy
+                to.transfer(amount);
             } else {
                 token.safeTransfer(to, amount);
             }
@@ -58,10 +57,8 @@ library UniERC20 {
                 if (to != address(this)) revert ToIsNotThis();
                 if (msg.value > amount) {
                     // Return remainder if exist
-                    unchecked {
-                        (bool success, ) = to.call{value: msg.value - amount}("");  // solhint-disable-line avoid-low-level-calls
-                        if (!success) revert ETHSendFailed();
-                    }
+                    // we do not use low-level calls to protect from possible reentrancy
+                    unchecked { from.transfer(msg.value - amount); }
                 }
             } else {
                 token.safeTransferFrom(from, to, amount);
@@ -83,7 +80,7 @@ library UniERC20 {
         token.forceApprove(to, amount);
     }
-    function _uniDecode(IERC20 token, bytes4 lowerCaseSelector, bytes4 upperCaseSelector) private view returns(string memory) {
+    function _uniDecode(IERC20 token, bytes4 lowerCaseSelector, bytes4 upperCaseSelector) private view returns(string memory result) {
         if (isETH(token)) {
             return "ETH";
         }
@@ -97,10 +94,14 @@ library UniERC20 {
             );
         }
-        if (success && data.length >= 96) {
+        if (success && data.length >= 0x40) {
             (uint256 offset, uint256 len) = abi.decode(data, (uint256, uint256));
-            if (offset == 0x20 && len > 0 && len <= 256) {
-                return abi.decode(data, (string));
+            if (offset == 0x20 && len > 0 && data.length == 0x40 + len) {
+                /// @solidity memory-safe-assembly
+                assembly { // solhint-disable-line no-inline-assembly
+                    result := add(data, 0x20)
+                }
+                return result;
             }
         }
@@ -113,6 +114,7 @@ library UniERC20 {
             }
             if (len > 0) {
+                /// @solidity memory-safe-assembly
                 assembly { // solhint-disable-line no-inline-assembly
                     mstore(data, len)
                 }

package/contracts/mocks/ERC20PermitMock.sol ADDED Viewed

@@ -0,0 +1,16 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.0;
+import "@openzeppelin/contracts/token/ERC20/extensions/draft-ERC20Permit.sol";
+contract ERC20PermitMock is ERC20Permit {
+    constructor(
+        string memory name,
+        string memory symbol,
+        address initialAccount,
+        uint256 initialBalance
+    ) payable ERC20(name, symbol) ERC20Permit(name) {
+        _mint(initialAccount, initialBalance);
+    }
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@1inch/solidity-utils",
-  "version": "2.0.24",
+  "version": "2.0.25",
   "main": "dist/src/index.js",
   "types": "dist/src/index.d.ts",
   "repository": {