-
Notifications
You must be signed in to change notification settings - Fork 11.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ReentrancyGuard status getter #3714
Add ReentrancyGuard status getter #3714
Conversation
Hello @zhiqiangxu I'm not sure about this one. If multiple functions in the contract are nonReentrant, you don't know which one was you are entering from. You are also not sure what path you are entering trough, and if you are not entering twice (either one after the other or one within the other). Can you give us more details about your usecase? |
Your concern makes sense, I now prefer just exposing the guard status and let users decide his own logic? |
I'm ok with exposing the guard status but we shouldn't make this function virtual. |
Yeah internal is enough. |
Coverage wants you to add a test for the new getter. |
/** | ||
* expose _status as internal function, the caller decides what to do with it | ||
*/ | ||
function _guardStatus() internal view returns (uint256) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's call this _reentrancyGuardStatus
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
Added a check in an existing nonReentrant function, let's see if Coverage will be happy this time. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me! Awaiting review by @Amxx.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
contracts/mocks/ReentrancyMock.sol
Outdated
@@ -35,6 +35,8 @@ contract ReentrancyMock is ReentrancyGuard { | |||
_count(); | |||
bytes4 func = bytes4(keccak256("callback()")); | |||
attacker.callSender(func); | |||
|
|||
require(_reentrancyGuardStatus() == 2, "ReentrancyMock: _reentrancyGuardStatus failed"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this is getting executed, the attacker line above probably reverts.
Please add a separate test specifically for the guard status, and for the various values it can have.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 for specific testing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
Sorry for late response, busy doing a bunch of other things lol:)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks mostly good. Need better testing.
I'd do an function that emit the value of the guard ... and this function would be called through 2 public function (one with the modifier, one without)
Sorry for the back and forth. I realized the getter was leaking the exact values we use for entered and not entered, and these are values we might want to change in the future, given that they were chosen to optimize gas usage and the optimal values may be different once again in the future. So in order to avoid leaking the exact values I've changed the function to return a boolean and renamed the function accordingly. @zhiqiangxu @Amxx Let me know what you think. |
Cool, I think that's better ! |
Any update? |
Congrats, your important contribution to this open-source project has earned you a GitPOAP! GitPOAP: 2022 OpenZeppelin Contracts Contributor: Head to gitpoap.io & connect your GitHub account to mint! Learn more about GitPOAPs here. |
Co-authored-by: Francisco Giordano <frangio.1@gmail.com> Co-authored-by: Hadrien Croubois <hadrien.croubois@gmail.com>
This PR adds a entered modifier to ReentrancyGuard contract, it's useful for callbacks.