Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(contracts): quote management for L2->L1 hooks #4552

Merged
merged 56 commits into from
Oct 31, 2024
+223 −155

test1->test4

5edc95a
Select commit
Loading
Failed to load commit list.
Merged

fix(contracts): quote management for L2->L1 hooks #4552

test1->test4
5edc95a
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / Olympix Integrated Security succeeded Oct 31, 2024 in 9s

13 new alerts including 10 medium severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 10 medium
  • 3 low

See annotations below for details.

View all branch alerts.

Annotations

Check notice on line 44 in solidity/contracts/hooks/ArbL2ToL1Hook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Some state variables are not being fuzzed in test functions, potentially leaving vulnerabilities unexplored. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-variables Medium

Some state variables are not being fuzzed in test functions, potentially leaving vulnerabilities unexplored. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-variables

Check notice on line 43 in solidity/contracts/hooks/OPL2ToL1Hook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Some state variables are not being fuzzed in test functions, potentially leaving vulnerabilities unexplored. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-variables Medium

Some state variables are not being fuzzed in test functions, potentially leaving vulnerabilities unexplored. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-variables

Check notice on line 45 in solidity/contracts/hooks/OPL2ToL1Hook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Some state variables are not being fuzzed in test functions, potentially leaving vulnerabilities unexplored. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-variables Medium

Some state variables are not being fuzzed in test functions, potentially leaving vulnerabilities unexplored. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-variables

Check warning on line 81 in solidity/contracts/hooks/OPL2ToL1Hook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables Medium

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables

Check warning on line 76 in solidity/contracts/hooks/OPStackHook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables Medium

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables

Check warning on line 78 in solidity/contracts/hooks/PolygonPosHook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables Medium

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables

Check warning on line 66 in solidity/contracts/hooks/aggregation/ERC5164Hook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables Medium

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables

Check warning on line 61 in solidity/contracts/hooks/layer-zero/LayerZeroV2Hook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables Medium

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables

Check warning on line 82 in solidity/contracts/hooks/layer-zero/LayerZeroV2Hook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables Low

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables

Check warning on line 83 in solidity/contracts/hooks/layer-zero/LayerZeroV2Hook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Calling a function without checking the return value may lead to silent failures. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unused-return-function-call Medium

Calling a function without checking the return value may lead to silent failures. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unused-return-function-call

Check warning on line 83 in solidity/contracts/hooks/layer-zero/LayerZeroV2Hook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Using send() without checking the return value may lead to silent failures of ether transmittal. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unchecked-send Medium

Using send() without checking the return value may lead to silent failures of ether transmittal. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unchecked-send

Check warning on line 93 in solidity/contracts/hooks/libs/AbstractMessageIdAuthHook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables Low

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables

Check warning on line 95 in solidity/contracts/hooks/libs/AbstractMessageIdAuthHook.sol

See this annotation in the file changed.

Code scanning / Olympix Integrated Security

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables Low

Local variables in test functions are not properly fuzzed, potentially reducing the effectiveness of property-based testing. For more information, visit: http://detectors.olympixdevsectools.com/article/web3-vulnerability/unfuzzed-local-variables