FV-SOL-3-C2 Sign Extension

TLDR

Sign extension issues can occur when smaller integer types are converted to larger signed integers, potentially causing unintended sign changes in the process

An int8 value of -1 might be interpreted incorrectly if expanded to an int256, as sign extension might lead to an unexpected value

Game

A signed integer is mishandled, can you spot the issue?

// SPDX-License-Identifier: MIT
// Open me in VSCode and really think before opening the hints!
// Add @audit tags wherever suspicious
// Go to the solidity docs to complete missing knowledge of what's happening here
// Solve by drafting a fix!
pragma solidity ^0.8.0;

contract SignExtensionGame {
    int8 public score;

    function setScore(int8 newScore) public {
        score = newScore;
    }

    // This function rewards or penalizes the user based on score
    function applyBonus() public view returns (int256) {
        int256 reward = int256(score) * 1000;
        return reward;
    }
}

When extending int8 to int256, the sign bit can extend to fill the additional bits, leading to unintended results.

function applyBonus() public view returns (int256) {
    int256 reward = int256(int8(score & 0xFF)) * 1000; // Fix: Masking to prevent sign extension
    return reward;
}

PreviousFV-SOL-3-C1 Overflow and Underflow NextFV-SOL-3-C3 Truncation in Type Casting

Last updated 7 months ago

Was this helpful?