← Back to CVE List

CVE-2024-34704

Published: 2024-05-14T15:39Z
Last Modified: 2024-11-21T09:19Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
era-compiler-solidity is the ZKsync compiler for Solidity. The problem occurred during instruction selection in the `DAGCombine` phase while visiting the XOR operation. The issue arises when attempting to fold the expression `!(x cc y)` into `(x !cc y)`. To perform this transformation, the second operand of XOR should be a constant representing the true value. However, it was incorrectly assumed that -1 represents the true value, when in fact, 1 is the correct representation, so this transformation for this case should be skipped. This vulnerability is fixed in 1.4.1. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt