Skip to content

Commit

Permalink
Merge pull request #240 from CoinFabrik/239-correct-ink-version-docum…
Browse files Browse the repository at this point in the history 
…entation

239 correct ink version documentation
  • Loading branch information
@faculerena
faculerena authored Apr 8, 2024
2 parents 5e4da78 + 5bae2a4 commit 74b4055
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ Visit [Scout's website](https://coinfabrik.github.io/scout/) to view the full do
| [avoid-format-string](https://coinfabrik.github.io/scout/docs/detectors/avoid-format-string) | [The `format!` macro is not recommended. A custom error is recommended instead.](https://coinfabrik.github.io/scout/docs/vulnerabilities/avoid-format-string) | [1](https://github.com/CoinFabrik/scout/tree/main/test-cases/avoid-format-string/avoid-format-string-1) | Enhacement |
| [unprotected-self-destruct](https://coinfabrik.github.io/scout/docs/detectors/unprotected-self-destruct) | [If users are allowed to call terminate_contract, they can intentionally or accidentally destroy the contract.](https://coinfabrik.github.io/scout/docs/vulnerabilities/unprotected-self-destruct) | [1](https://github.com/CoinFabrik/scout/tree/main/test-cases/unprotected-self-destruct/unprotected-self-destruct-1) | Critical |
| [iterators-over-indexing](https://coinfabrik.github.io/scout/docs/detectors/iterators-over-indexing) | [Iterating with hardcoded indexes is slower than using an iterator. Also, if the index is out of bounds, it will panic.](https://coinfabrik.github.io/scout/docs/vulnerabilities/iterators-over-indexing) | [1](https://github.com/CoinFabrik/scout/tree/main/test-cases/iterators-over-indexing/iterators-over-indexing-1) | Enhacement |
| [ink-version](https://coinfabrik.github.io/scout/docs/detectors/ink-version) | [Using a pinned version of ink! can be dangerous, as it may have bugs or security issues. Use the latest version available.](https://coinfabrik.github.io/scout/docs/vulnerabilities/ink-version) | [1](https://github.com/CoinFabrik/scout/tree/main/test-cases/ink-version/ink-version-1) | Enhacement |
| [ink-version](https://coinfabrik.github.io/scout/docs/detectors/ink-version) | [Using an old version of ink! can be dangerous, as it may have bugs or security issues. Use the latest version available.](https://coinfabrik.github.io/scout/docs/vulnerabilities/ink-version) | [1](https://github.com/CoinFabrik/scout/tree/main/test-cases/ink-version/ink-version-1) | Enhacement |
| [unprotected-set-code-hash](https://coinfabrik.github.io/scout/docs/detectors/unprotected-set-code-hash) | [If users are allowed to call terminate_contract, they can intentionally modify the contract behaviour.](https://coinfabrik.github.io/scout/docs/vulnerabilities/unprotected-set-code-hash) | [1](https://github.com/CoinFabrik/scout/tree/main/test-cases/set-code-hash/set-code-hash-1) | Critical |
| [unprotected-mapping-operation](https://coinfabrik.github.io/scout/docs/detectors/unprotected-mapping-operation) | [Modifying mappings with an arbitrary key given by the user could lead to unintented modifications of critical data, modifying data belonging to other users, causing denial of service, unathorized access, and other potential issues.](https://coinfabrik.github.io/scout/docs/vulnerabilities/unprotected-mapping-operation) | [1](https://github.com/CoinFabrik/scout/tree/main/test-cases/unprotected-mapping-operation/unprotected-mapping-operation-1) | Critical |
| [lazy-delegate](https://coinfabrik.github.io/scout/docs/detectors/lazy-delegate) | [Delegated calls in ink! need lazy storage.](https://coinfabrik.github.io/scout/docs/vulnerabilities/lazy-delegate) | [1](https://github.com/CoinFabrik/scout/tree/main/test-cases/lazy-delegate/lazy-delegate-1) | Critical |
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/vulnerabilities/20-ink-version.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
- Detectors: [`ink-version`](https://github.com/CoinFabrik/scout/tree/main/detectors/ink-version)
- Test Cases: [`ink-version-1`](https://github.com/CoinFabrik/scout/tree/main/test-cases/ink-version/ink-version-1)

Using a pinned version of ink! can be dangerous, as it may have bugs or security issues. Use the latest version available.
Using an old version of ink! can be dangerous, as it may have bugs or security issues. Use the latest version available.

## Exploit Scenario

Expand Down
2 changes: 1 addition & 1 deletion docs/docs/vulnerabilities/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -315,7 +315,7 @@ security implications, under the [Best practices](#vulnerability-categories) cat

### 20 - Ink version

Using a pinned version of ink! can be dangerous, as it may have bugs or security issues. Use the latest version available.
Using an old version of ink! can be dangerous, as it may have bugs or security issues. Use the latest version available.

We classified this issue, a deviation from best practices which could have
security implications, under the [Best practices](#vulnerability-categories) category and assigned it an Enhancement severity.
Expand Down

0 comments on commit 74b4055

Please sign in to comment.