Storage abiencoderv2 array SLITHER-W1001
Anti-pattern
Critical
solc versions 0.4.7-0.5.9 contain a compiler bug leading to incorrect ABI encoder usage.
Exploit Scenario
contract A {
uint[2][3] bad_arr = [[1, 2], [3, 4], [5, 6]];
/* Array of arrays passed to abi.encode is vulnerable */
function bad() public {
bytes memory b = abi.encode(bad_arr);
}
}
abi.encode(bad_arr) in a call to bad() will incorrectly encode the array as [[1, 2], [2, 3], [3, 4]] and lead to unintended behavior.
Recommendation
Use a compiler >= 0.5.10.
Learn more
abiencoderv2-array on Slither's wiki.