TheDude
/
mythril
mirror of https://github.com/ConsenSys/mythril
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1338 from ConsenSys/creator_origin_fix

Browse Source 
Add constraints on tx.origin
pull/1343/head
Bernhard Mueller 5 years ago committed by GitHub
parent 8f93f525dd 2af3eaa512
commit 066e10667d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 9 additions and 5 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 5
      mythril/analysis/module/modules/ether_thief.py
  2. 5
      mythril/analysis/module/modules/suicide.py
  3. 4
      mythril/laser/ethereum/transaction/symbolic.py

5
mythril/analysis/module/modules/ether_thief.py
Unescape View File

@ -14,6 +14,7 @@ from mythril.laser.ethereum.state.global_state import GlobalState
from mythril.laser.ethereum.transaction import ContractCreationTransaction from mythril.laser.ethereum.transaction import ContractCreationTransaction
from mythril.laser.smt import UGT, UGE from mythril.laser.smt import UGT, UGE
from mythril.laser.smt.bool import And
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
@ -86,7 +87,9 @@ class EtherThief(DetectionModule):
This prevents false positives where the owner willingly transfers ownership to another address. This prevents false positives where the owner willingly transfers ownership to another address.
""" """
if not isinstance(tx, ContractCreationTransaction): if not isinstance(tx, ContractCreationTransaction):
constraints += [tx.caller != ACTORS.creator] constraints.append(
And(tx.caller == ACTORS.attacker, tx.caller == tx.origin)
)
attacker_address_bitvec = ACTORS.attacker attacker_address_bitvec = ACTORS.attacker

5
mythril/analysis/module/modules/suicide.py
Unescape View File

@ -5,6 +5,7 @@ from mythril.exceptions import UnsatError
from mythril.analysis.module.base import DetectionModule, EntryPoint from mythril.analysis.module.base import DetectionModule, EntryPoint
from mythril.laser.ethereum.state.global_state import GlobalState from mythril.laser.ethereum.state.global_state import GlobalState
from mythril.laser.ethereum.transaction.symbolic import ACTORS from mythril.laser.ethereum.transaction.symbolic import ACTORS
from mythril.laser.smt.bool import And
from mythril.laser.ethereum.transaction.transaction_models import ( from mythril.laser.ethereum.transaction.transaction_models import (
ContractCreationTransaction, ContractCreationTransaction,
) )
@ -68,7 +69,9 @@ class SuicideModule(DetectionModule):
for tx in state.world_state.transaction_sequence: for tx in state.world_state.transaction_sequence:
if not isinstance(tx, ContractCreationTransaction): if not isinstance(tx, ContractCreationTransaction):
constraints.append(tx.caller == ACTORS.attacker) constraints.append(
And(tx.caller == ACTORS.attacker, tx.caller == tx.origin)
)
try: try:
try: try:
transaction_sequence = solver.get_transaction_sequence( transaction_sequence = solver.get_transaction_sequence(

4
mythril/laser/ethereum/transaction/symbolic.py
Unescape View File

@ -134,9 +134,7 @@ def execute_contract_creation(
"gas_price{}".format(next_transaction_id), 256 "gas_price{}".format(next_transaction_id), 256
), ),
gas_limit=8000000, # block gas limit gas_limit=8000000, # block gas limit
origin=symbol_factory.BitVecSym( origin=ACTORS["CREATOR"],
"origin{}".format(next_transaction_id), 256
),
code=Disassembly(contract_initialization_code), code=Disassembly(contract_initialization_code),
caller=ACTORS["CREATOR"], caller=ACTORS["CREATOR"],
contract_name=contract_name, contract_name=contract_name,

Write Preview
Loading…
Cancel
Save