Mark assembly blocks as memory-safe

safe-fndn · mmv08 · Jun 30, 2023 · Feb 10, 2023 · Feb 10, 2023 · Mar 31, 2023
commit 78fdf78cc9b873541331399b8a938673b9970a65
diff --git a/contracts/Safe.sol b/contracts/Safe.sol
@@ -192,6 +192,7 @@ contract Safe is
                 );
             }
         }
+
         // We require some gas to emit the events (at least 2500) after the execution and some to perform code until the execution (500)
         // We also include the 1/64 in the check that is not send along with a call to counteract potential shortings because of EIP-150
         require(gasleft() >= ((safeTxGas * 64) / 63).max(safeTxGas + 2500) + 500, "GS010");
@@ -300,6 +301,7 @@ contract Safe is
                 // Check if the contract signature is in bounds: start of data is s + 32 and end is start + signature length
                 uint256 contractSignatureLen;
                 // solhint-disable-next-line no-inline-assembly
+                /// @solidity memory-safe-assembly
                 assembly {
                     contractSignatureLen := mload(add(add(signatures, s), 0x20))
                 }
@@ -308,6 +310,7 @@ contract Safe is
                 // Check signature
                 bytes memory contractSignature;
                 // solhint-disable-next-line no-inline-assembly
+                /// @solidity memory-safe-assembly
                 assembly {
                     // The signature data for contract signatures is appended to the concatenated signatures and the offset is stored in s
                     contractSignature := add(add(signatures, s), 0x20)
@@ -352,6 +355,7 @@ contract Safe is
     function getChainId() public view returns (uint256) {
         uint256 id;
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             id := chainid()
         }

diff --git a/contracts/accessors/SimulateTxAccessor.sol b/contracts/accessors/SimulateTxAccessor.sol
@@ -49,6 +49,7 @@ contract SimulateTxAccessor is Executor {
         success = execute(to, value, data, operation, gasleft());
         estimate = startGas - gasleft();
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             // Load free memory location
             let ptr := mload(0x40)

diff --git a/contracts/base/Executor.sol b/contracts/base/Executor.sol
@@ -27,11 +27,13 @@ abstract contract Executor {
     ) internal returns (bool success) {
         if (operation == Enum.Operation.DelegateCall) {
             // solhint-disable-next-line no-inline-assembly
+            /// @solidity memory-safe-assembly
             assembly {
                 success := delegatecall(txGas, to, add(data, 0x20), mload(data), 0, 0)
             }
         } else {
             // solhint-disable-next-line no-inline-assembly
+            /// @solidity memory-safe-assembly
             assembly {
                 success := call(txGas, to, value, add(data, 0x20), mload(data), 0, 0)
             }

diff --git a/contracts/base/FallbackManager.sol b/contracts/base/FallbackManager.sol
@@ -35,6 +35,7 @@ abstract contract FallbackManager is SelfAuthorized {
 
         bytes32 slot = FALLBACK_HANDLER_STORAGE_SLOT;
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             sstore(slot, handler)
         }
@@ -61,6 +62,7 @@ abstract contract FallbackManager is SelfAuthorized {
     fallback() external {
         bytes32 slot = FALLBACK_HANDLER_STORAGE_SLOT;
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             let handler := sload(slot)
             if iszero(handler) {

diff --git a/contracts/base/GuardManager.sol b/contracts/base/GuardManager.sol
@@ -56,6 +56,7 @@ abstract contract GuardManager is SelfAuthorized {
         }
         bytes32 slot = GUARD_STORAGE_SLOT;
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             sstore(slot, guard)
         }
@@ -72,6 +73,7 @@ abstract contract GuardManager is SelfAuthorized {
     function getGuard() internal view returns (address guard) {
         bytes32 slot = GUARD_STORAGE_SLOT;
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             guard := sload(slot)
         }

diff --git a/contracts/base/ModuleManager.sol b/contracts/base/ModuleManager.sol
@@ -109,6 +109,7 @@ abstract contract ModuleManager is SelfAuthorized, Executor {
     ) public returns (bool success, bytes memory returnData) {
         success = execTransactionFromModule(to, value, data, operation);
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             // Load free memory location
             let ptr := mload(0x40)
@@ -169,6 +170,7 @@ abstract contract ModuleManager is SelfAuthorized, Executor {
         }
         // Set correct size of returned array
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             mstore(array, moduleCount)
         }
@@ -183,6 +185,7 @@ abstract contract ModuleManager is SelfAuthorized, Executor {
     function isContract(address account) internal view returns (bool) {
         uint256 size;
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             size := extcodesize(account)
         }

diff --git a/contracts/common/SecuredTokenTransfer.sol b/contracts/common/SecuredTokenTransfer.sol
@@ -19,6 +19,7 @@ abstract contract SecuredTokenTransfer {
         // 0xa9059cbb - keccack("transfer(address,uint256)")
         bytes memory data = abi.encodeWithSelector(0xa9059cbb, receiver, amount);
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             // We write the return value to scratch space.
             // See https://docs.soliditylang.org/en/v0.7.6/internals/layout_in_memory.html#layout-in-memory

diff --git a/contracts/common/SignatureDecoder.sol b/contracts/common/SignatureDecoder.sol
@@ -20,6 +20,7 @@ abstract contract SignatureDecoder {
      */
     function signatureSplit(bytes memory signatures, uint256 pos) internal pure returns (uint8 v, bytes32 r, bytes32 s) {
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             let signaturePos := mul(0x41, pos)
             r := mload(add(signatures, add(signaturePos, 0x20)))

diff --git a/contracts/common/StorageAccessible.sol b/contracts/common/StorageAccessible.sol
@@ -18,6 +18,7 @@ abstract contract StorageAccessible {
         bytes memory result = new bytes(length * 32);
         for (uint256 index = 0; index < length; index++) {
             // solhint-disable-next-line no-inline-assembly
+            /// @solidity memory-safe-assembly
             assembly {
                 let word := sload(add(offset, index))
                 mstore(add(add(result, 0x20), mul(index, 0x20)), word)
@@ -39,6 +40,7 @@ abstract contract StorageAccessible {
      */
     function simulateAndRevert(address targetContract, bytes memory calldataPayload) external {
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             let success := delegatecall(gas(), targetContract, add(calldataPayload, 0x20), mload(calldataPayload), 0, 0)
 

diff --git a/contracts/examples/guards/ReentrancyTransactionGuard.sol b/contracts/examples/guards/ReentrancyTransactionGuard.sol
@@ -30,6 +30,7 @@ contract ReentrancyTransactionGuard is BaseGuard {
     function getGuard() internal pure returns (GuardValue storage guard) {
         bytes32 slot = GUARD_STORAGE_SLOT;
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             guard.slot := slot
         }

diff --git a/contracts/handler/CompatibilityFallbackHandler.sol b/contracts/handler/CompatibilityFallbackHandler.sol
@@ -108,6 +108,7 @@ contract CompatibilityFallbackHandler is TokenCallbackHandler, ISignatureValidat
         calldataPayload;
 
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             let internalCalldata := mload(0x40)
             /**

diff --git a/contracts/handler/HandlerContext.sol b/contracts/handler/HandlerContext.sol
@@ -20,6 +20,7 @@ abstract contract HandlerContext {
     function _msgSender() internal pure returns (address sender) {
         // The assembly code is more direct than the Solidity version using `abi.decode`.
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             sender := shr(96, calldataload(sub(calldatasize(), 20)))
         }

diff --git a/contracts/libraries/CreateCall.sol b/contracts/libraries/CreateCall.sol
@@ -20,6 +20,7 @@ contract CreateCall {
      */
     function performCreate2(uint256 value, bytes memory deploymentData, bytes32 salt) public returns (address newContract) {
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             newContract := create2(value, add(0x20, deploymentData), mload(deploymentData), salt)
         }
@@ -35,6 +36,7 @@ contract CreateCall {
      */
     function performCreate(uint256 value, bytes memory deploymentData) public returns (address newContract) {
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             newContract := create(value, add(deploymentData, 0x20), mload(deploymentData))
         }

diff --git a/contracts/libraries/MultiSend.sol b/contracts/libraries/MultiSend.sol
@@ -30,6 +30,7 @@ contract MultiSend {
     function multiSend(bytes memory transactions) public payable {
         require(address(this) != multisendSingleton, "MultiSend should only be called via delegatecall");
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             let length := mload(transactions)
             let i := 0x20

diff --git a/contracts/libraries/MultiSendCallOnly.sol b/contracts/libraries/MultiSendCallOnly.sol
@@ -24,6 +24,7 @@ contract MultiSendCallOnly {
      */
     function multiSend(bytes memory transactions) public payable {
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             let length := mload(transactions)
             let i := 0x20

diff --git a/contracts/proxies/SafeProxy.sol b/contracts/proxies/SafeProxy.sol
@@ -31,6 +31,7 @@ contract SafeProxy {
     /// @dev Fallback function forwards all transactions and returns all received return data.
     fallback() external payable {
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             let _singleton := and(sload(0), 0xffffffffffffffffffffffffffffffffffffffff)
             // 0xa619486e == keccak("masterCopy()"). The value is right padded to 32-bytes with 0s

diff --git a/contracts/proxies/SafeProxyFactory.sol b/contracts/proxies/SafeProxyFactory.sol
@@ -28,13 +28,15 @@ contract SafeProxyFactory {
 
         bytes memory deploymentData = abi.encodePacked(type(SafeProxy).creationCode, uint256(uint160(_singleton)));
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             proxy := create2(0x0, add(0x20, deploymentData), mload(deploymentData), salt)
         }
         require(address(proxy) != address(0), "Create2 call failed");
 
         if (initializer.length > 0) {
             // solhint-disable-next-line no-inline-assembly
+            /// @solidity memory-safe-assembly
             assembly {
                 if eq(call(gas(), proxy, 0, add(initializer, 0x20), mload(initializer), 0, 0), 0) {
                     revert(0, 0)
@@ -104,6 +106,7 @@ contract SafeProxyFactory {
     function isContract(address account) internal view returns (bool) {
         uint256 size;
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             size := extcodesize(account)
         }
@@ -117,6 +120,7 @@ contract SafeProxyFactory {
     function getChainId() public view returns (uint256) {
         uint256 id;
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             id := chainid()
         }

diff --git a/contracts/test/ERC1155Token.sol b/contracts/test/ERC1155Token.sol
@@ -75,6 +75,7 @@ contract ERC1155Token {
     function isContract(address account) internal view returns (bool) {
         uint256 size;
         // solhint-disable-next-line no-inline-assembly
+        /// @solidity memory-safe-assembly
         assembly {
             size := extcodesize(account)
         }