AA-131 L-12: Unsafe ABI encoding (#220)

remove encodeWithSignature, use direct call (with try/catch)

contracts/gnosis/EIP4337Manager.sol

@@ -175,11 +175,11 @@ contract EIP4337Manager is GnosisSafe, IAccount {
         (address[] memory modules,) = safe.getModulesPaginated(SENTINEL_MODULES, 100);
         for (uint i = 0; i < modules.length; i++) {
             address module = modules[i];
-            (bool success,bytes memory ret) = module.staticcall(abi.encodeWithSignature("eip4337manager()"));
-            if (success) {
-                manager = abi.decode(ret, (address));
-                return (prev, manager);
+            try EIP4337Fallback(module).eip4337manager() returns (address _manager) {
+                return (prev, _manager);
             }
+            // solhint-disable-next-line no-empty-blocks
+            catch {}
             prev = module;
         }
         return (address(0), address(0));

test/gnosis.test.ts

@@ -88,6 +88,13 @@ describe('Gnosis Proxy', function () {
     beneficiary = createAddress()
   })
 
+  it('#getCurrentEIP4337Manager', async () => {
+    // need some manager to query the current manager of a safe
+    const tempManager = await new EIP4337Manager__factory(ethersSigner).deploy(AddressZero)
+    const { manager: curManager } = await tempManager.getCurrentEIP4337Manager(proxySafe.address)
+    expect(curManager).to.eq(manager.address)
+  })
+
   it('should validate', async function () {
     await manager.callStatic.validateEip4337(proxySafe.address, manager.address, { gasLimit: 10e6 })
   })
@@ -250,6 +257,9 @@ describe('Gnosis Proxy', function () {
       expect(await proxySafe.isModuleEnabled(newFallback)).to.equal(true)
       expect(await proxySafe.isModuleEnabled(entryPoint.address)).to.equal(false)
       expect(await proxySafe.isModuleEnabled(oldFallback)).to.equal(false)
+
+      const { manager: curManager } = await manager.getCurrentEIP4337Manager(proxySafe.address)
+      expect(curManager).to.eq(newManager.address)
     })
   })
 })