VYPR
Moderate severityNVD Advisory· Published Apr 25, 2024· Updated Aug 2, 2024

vyper's range(start, start + N) reverts for negative numbers

CVE-2024-32481

Description

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in version 0.3.8 and prior to version 0.4.0b1, when looping over a range of the form range(start, start + N), if start is negative, the execution will always revert. This issue is caused by an incorrect assertion inserted by the code generation of the range stmt.parse_For_range(). The issue arises when start is signed, instead of using sle, le is used and start is interpreted as an unsigned integer for the comparison. If it is a negative number, its 255th bit is set to 1 and is hence interpreted as a very large unsigned integer making the assertion always fail. Any contract having a range(start, start + N) where start is a signed integer with the possibility for start to be negative is affected. If a call goes through the loop while supplying a negative start the execution will revert. Version 0.4.0b1 fixes the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
vyperPyPI
>= 0.3.8, < 0.4.00.4.0

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.