feat(lint): add UnsafeTypecast lint #11046
Conversation
TropicalDog17
requested review from
grandizzy,
yash-atreya and
zerosnacks
as code owners
| warning[unsafe-typecast]: typecasts that can truncate values should be avoided | ||
| --> ROOT/testdata/UnsafeTypecast.sol:LL:CC | ||
| | | ||
| 5 | uint128 b = uint128(a); |
There was a problem hiding this comment.
uint128 -> uint128 is safe
uintN -> uintN is always safe
intN -> intN is always safe
There was a problem hiding this comment.
a is an address type so i think it still unsafe
There was a problem hiding this comment.
Definitely ensure the compiler isn't catching some of these, cannot directly convert an address to uint128 without a compile error.
| warning[unsafe-typecast]: typecasts that can truncate values should be avoided | ||
| --> ROOT/testdata/UnsafeTypecast.sol:LL:CC | ||
| | | ||
| 94 | uint128 a = uint128(1000000000000000000000000000000000000000); |
There was a problem hiding this comment.
Pretty sure the compiler prevents you from downcasting a literal that's smaller than the target type size.
| warning[unsafe-typecast]: typecasts that can truncate values should be avoided | ||
| --> ROOT/testdata/UnsafeTypecast.sol:LL:CC | ||
| | | ||
| 8 | uint64 c = uint64(a); | ||
| | --------- | ||
| | | ||
| = help: https://book.getfoundry.sh/reference/forge/forge-lint#unsafe-typecast |
|
Any updates, can update the tests for you if needed @TropicalDog17 |
…foundry into feat/unsafe-typecast-lint
|
Hi @0xClandestine, I've updated the test, but not sure how to emit a helpful fix for the lint, can you help me on that? Thank a lot! |
maybe in this case a warning is enough, and no fix suggestion is required, but you could tell them to consider adding an explicit check like: if (a > type(uint32).max) revert TypecastOverflow(); |
| solar_ast::LitKind::Number(num) => { | ||
| if is_negative_number_literal(num) { | ||
| Some(hir::ElementaryType::Int(solar_ast::TypeSize::ZERO)) | ||
| } else { | ||
| Some(hir::ElementaryType::UInt(solar_ast::TypeSize::ZERO)) | ||
| } | ||
| } |
There was a problem hiding this comment.
the compiler performs checks when assigning literal values, i think it is safe to remove this check, which would also remove the need of the bigint dep.
Please return None and add a comment explaining the reason why
Assigning values which cannot fit into the type gives a compiler error. For example:
uint8 foo = 300;The largest value an uint8 can hold is (2 8) - 1 = 255. So, the compiler says:
value 300 does not fit into type uint8
ref: https://solang.readthedocs.io/en/latest/language/types.html
…foundry into feat/unsafe-typecast-lint
Motivation
Closes #11029
Solution
PR Checklist