Copying malicious calldata to memory in Assembly

I am looking at the assembly in Proxy.sol (reference below)

Question: What if someone calls the Proxy with some malformed / extremely large piece of data, won’t calldatacopy have free reign over the entire memory? Overwriting free memory pointer at 0x40 etc.? Also, can the same be said for returndatacopy? I know returndata will be from our implementation logic, so it shouldn’t be malformed.

I’m sure there’s some simple answer, ie. “memory is independent for each subsequent call, so as long as we don’t return to non-assembly in this contract’s call frame, memory doesn’t matter since nothing will access it in any meaningful way.”

1 Like

Hi @junderw,

Welcome to the community :wave:

I don’t know the answer unfortunately, I tried looking through the Solidity documentation on assembly/Yul but didn’t find the simple answer. I will see what I can find out or hopefully someone from the community can provide the answer.

1 Like

From gitter

Marius van der Wijden @MariusVanDerWijden 21:53
Afaik we create a new stack for every call into another contract, see

1 Like

Exactly! :slight_smile: