Skip to main content

incorrect-shift

Incorrect shift in assembly

Usage

codeql query run codeql-research/solidity/ql/lib/slither-bitshift-order.ql -d /path-to-database/

Description

Based on Slither's incorrect-shift detector. Detects if the values in a shift operation are reversed.

Recomendation

Invert the order of call arguments to correctly perform the shift operation.

Example

Vulnerable

contract C {
    function f() internal returns (uint a) {
        assembly {
            a := shr(a, 8)
        }
    }
}

Fixed

contract C {
    function f() internal returns (uint a) {
        assembly {
            a := shr(8, a)
        }
    }
}