2.7 Data Location

We talked about value types and reference types. Reference types, which consist of structs, arrays and mappings in Solidity allow for a specification of their data location. This is an additional annotation and it indicates where that reference type variable is stored.

There are three locations: memory, storage and calle data. Remember that these are 3 of the 4 locations that the EVM supports besides the stack. These data location affects the lifetime or the scope and persistence of the variables stored in those locations.

• Memory indicates that the lifetime is limited to that external function call.

• Storage indicates that the lifetime extends to that whole contract and this is also the location where state variables are stored.

• Call data is a non-modifiable and non-persistent area where function arguments are stored. This is required for parameters of external functions but can also be used for other variables.\

  This data location annotation impacts the scope of the variables that use this lotation. From a security perspective this affects the persistence of those variables.

Assignments

The data location annotation we just talked about not only affects the persistency of those variables, the scope in which they are relevant, but it also affects what are known as assignment semantics.

In the context of Solidity, what this means is that during an assignment, using such variables is a copy of that variable being created? Or is simply a reference being created to the existing variable?

In Solidity, storage to memory assignments always create an independent copy. Memory to memory assignments only create references. Similarly storage to storage assignments only create a reference. All other variants, create a copy.

From a security perspective how this impacts the semantics is: if a copy were to be created because of these assignment rules, then any modifications to the copy affect only the copy and not the original variable from where it was copied.

On the other hand, if a reference was created, in the case of memory to memory assignments or storage to storage assignments, then the new variable modifications to that affect the original variable because both of them are just different names pointing to the same underlying variable data (the same memory address on the machine).

So this becomes important when you analyze programs and notice what the data locations are for those reference types, because there's a big difference if modifications are being made to the copy versus a reference.