TheDude
/
mythril
mirror of https://github.com/ConsenSys/mythril
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:ConsenSys/mythril

Browse Source
pull/336/head
Nikhil Parasaram 6 years ago
parent 9b5ae7acb7 24280969b5
commit 07ecc62aac
99 changed files with 2820 additions and 3701 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      .gitignore
  2. 4
      mythril/analysis/callgraph.py
  3. 4
      mythril/analysis/modules/integer.py
  4. 2
      mythril/analysis/modules/transaction_order_independence.py
  5. 4
      mythril/analysis/ops.py
  6. 6
      mythril/analysis/report.py
  7. 15
      mythril/analysis/solver.py
  8. 8
      mythril/analysis/traceexplore.py
  9. 38
      mythril/disassembler/disassembly.py
  10. 157
      mythril/ether/contractstorage.py
  11. 2
      mythril/ether/soliditycontract.py
  12. 40
      mythril/interfaces/cli.py
  13. 145
      mythril/laser/ethereum/call.py
  14. 65
      mythril/laser/ethereum/cfg.py
  15. 74
      mythril/laser/ethereum/gascost.py
  16. 994
      mythril/laser/ethereum/instructions.py
  17. 20
      mythril/laser/ethereum/natives.py
  18. 151
      mythril/laser/ethereum/state.py
  19. 0
      mythril/laser/ethereum/strategy/__init__.py
  20. 54
      mythril/laser/ethereum/strategy/basic.py
  21. 1238
      mythril/laser/ethereum/svm.py
  22. 3
      mythril/laser/ethereum/taint_analysis.py
  23. 0
      mythril/laser/ethereum/util.py
  24. 60
      mythril/leveldb/client.py
  25. 8
      mythril/leveldb/state.py
  26. 148
      mythril/mythril.py
  27. 282
      mythril/support/signatures.py
  28. 8
      mythril/support/truffle.py
  29. 8
      requirements.txt
  30. 47
      setup.py
  31. 12
      tests/analysis/test_delegatecall.py
  32. 32
      tests/contractstorage_test.py
  33. 18
      tests/native_test.py
  34. 12
      tests/svm_test.py
  35. 4
      tests/taint_result_test.py
  36. 17
      tests/taint_runner_test.py
  37. 202
      tests/testdata/outputs_expected/calls.sol.graph.html
  38. 4
      tests/testdata/outputs_expected/calls.sol.o.graph.html
  39. 87
      tests/testdata/outputs_expected/calls.sol.o.json
  40. 22
      tests/testdata/outputs_expected/calls.sol.o.markdown
  41. 22
      tests/testdata/outputs_expected/calls.sol.o.text
  42. 28
      tests/testdata/outputs_expected/ether_send.sol.json
  43. 4
      tests/testdata/outputs_expected/ether_send.sol.o.graph.html
  44. 23
      tests/testdata/outputs_expected/ether_send.sol.o.json
  45. 2
      tests/testdata/outputs_expected/ether_send.sol.o.markdown
  46. 2
      tests/testdata/outputs_expected/ether_send.sol.o.text
  47. 252
      tests/testdata/outputs_expected/exceptions.sol.graph.html
  48. 4
      tests/testdata/outputs_expected/exceptions.sol.o.graph.html
  49. 39
      tests/testdata/outputs_expected/exceptions.sol.o.json
  50. 178
      tests/testdata/outputs_expected/kinds_of_calls.sol.graph.html
  51. 4
      tests/testdata/outputs_expected/kinds_of_calls.sol.o.graph.html
  52. 23
      tests/testdata/outputs_expected/kinds_of_calls.sol.o.json
  53. 24
      tests/testdata/outputs_expected/kinds_of_calls.sol.o.markdown
  54. 18
      tests/testdata/outputs_expected/kinds_of_calls.sol.o.text
  55. 150
      tests/testdata/outputs_expected/metacoin.sol.graph.html
  56. 4
      tests/testdata/outputs_expected/metacoin.sol.o.graph.html
  57. 15
      tests/testdata/outputs_expected/metacoin.sol.o.json
  58. 2
      tests/testdata/outputs_expected/metacoin.sol.o.markdown
  59. 2
      tests/testdata/outputs_expected/metacoin.sol.o.text
  60. 134
      tests/testdata/outputs_expected/multi_contracts.sol.graph.html
  61. 17
      tests/testdata/outputs_expected/multi_contracts.sol.json
  62. 18
      tests/testdata/outputs_expected/multi_contracts.sol.markdown
  63. 4
      tests/testdata/outputs_expected/multi_contracts.sol.o.graph.html
  64. 15
      tests/testdata/outputs_expected/multi_contracts.sol.o.json
  65. 14
      tests/testdata/outputs_expected/multi_contracts.sol.text
  66. 4
      tests/testdata/outputs_expected/nonascii.sol.o.graph.html
  67. 4
      tests/testdata/outputs_expected/origin.sol.o.graph.html
  68. 15
      tests/testdata/outputs_expected/origin.sol.o.json
  69. 39
      tests/testdata/outputs_expected/overflow.sol.json
  70. 52
      tests/testdata/outputs_expected/overflow.sol.markdown
  71. 4
      tests/testdata/outputs_expected/overflow.sol.o.graph.html
  72. 31
      tests/testdata/outputs_expected/overflow.sol.o.json
  73. 2
      tests/testdata/outputs_expected/overflow.sol.o.markdown
  74. 2
      tests/testdata/outputs_expected/overflow.sol.o.text
  75. 42
      tests/testdata/outputs_expected/overflow.sol.text
  76. 146
      tests/testdata/outputs_expected/returnvalue.sol.graph.html
  77. 4
      tests/testdata/outputs_expected/returnvalue.sol.o.graph.html
  78. 31
      tests/testdata/outputs_expected/returnvalue.sol.o.json
  79. 2
      tests/testdata/outputs_expected/returnvalue.sol.o.markdown
  80. 2
      tests/testdata/outputs_expected/returnvalue.sol.o.text
  81. 166
      tests/testdata/outputs_expected/rubixi.sol.o.json
  82. 238
      tests/testdata/outputs_expected/rubixi.sol.o.markdown
  83. 177
      tests/testdata/outputs_expected/rubixi.sol.o.text
  84. 17
      tests/testdata/outputs_expected/suicide.sol.json
  85. 19
      tests/testdata/outputs_expected/suicide.sol.markdown
  86. 4
      tests/testdata/outputs_expected/suicide.sol.o.graph.html
  87. 15
      tests/testdata/outputs_expected/suicide.sol.o.json
  88. 15
      tests/testdata/outputs_expected/suicide.sol.text
  89. 168
      tests/testdata/outputs_expected/underflow.sol.graph.html
  90. 39
      tests/testdata/outputs_expected/underflow.sol.json
  91. 52
      tests/testdata/outputs_expected/underflow.sol.markdown
  92. 4
      tests/testdata/outputs_expected/underflow.sol.o.graph.html
  93. 31
      tests/testdata/outputs_expected/underflow.sol.o.json
  94. 2
      tests/testdata/outputs_expected/underflow.sol.o.markdown
  95. 2
      tests/testdata/outputs_expected/underflow.sol.o.text
  96. 42
      tests/testdata/outputs_expected/underflow.sol.text
  97. 46
      tests/testdata/outputs_expected/weak_random.sol.o.json
  98. 62
      tests/testdata/outputs_expected/weak_random.sol.o.markdown
  99. 46
      tests/testdata/outputs_expected/weak_random.sol.o.text

3
.gitignore vendored
Unescape View File

@ -177,3 +177,6 @@ coverage_html_report/
tests/testdata/outputs_current/
tests/testdata/outputs_current_laser_result/
tests/mythril_dir/signatures.json
# VSCode
.vscode

4
mythril/analysis/callgraph.py
Unescape View File

@ -134,8 +134,8 @@ def extract_edges(statespace):
label = re.sub(r'([^_])([\d]{2}\d+)', lambda m: m.group(1) + hex(int(m.group(2))), label)
edges.append({
'from': str(edge.as_dict()['from']),
'to': str(edge.as_dict()['to']),
'from': str(edge.as_dict['from']),
'to': str(edge.as_dict['to']),
'arrows': 'to',
'label': label,
'smooth': {'type': 'cubicBezier'}

4
mythril/analysis/modules/integer.py
Unescape View File

@ -83,9 +83,9 @@ def _check_integer_overflow(statespace, state, node):
if not _verify_integer_overflow(statespace, node, expr, state, model, constraint, op0, op1):
return issues
# Build issue
issue = Issue(node.contract_name, node.function_name, instruction['address'], "Integer Overflow ", "Warning")
issue = Issue(node.contract_name, node.function_name, instruction['address'], "Integer Overflow", "Warning")
issue.description = "A possible integer overflow exists in the function `{}`.\n" \
"The addition or multiplication may result in a value higher than the maximum representable integer.".format(

2
mythril/analysis/modules/transaction_order_independence.py
Unescape View File

@ -111,7 +111,7 @@ def _get_influencing_sstores(statespace, interesting_storages):
for sstore_state, node in _get_states_with_opcode(statespace, 'SSTORE'):
index, value = sstore_state.mstate.stack[-1], sstore_state.mstate.stack[-2]
try:
index = helper.get_concrete_int(index)
index = util.get_concrete_int(index)
except AttributeError:
index = str(index)
if "storage_{}".format(index) not in interesting_storages:

4
mythril/analysis/ops.py
Unescape View File

@ -1,6 +1,6 @@
from z3 import *
from enum import Enum
from mythril.laser.ethereum import helper
from mythril.laser.ethereum import util
class VarType(Enum):
@ -20,7 +20,7 @@ class Variable:
def get_variable(i):
try:
return Variable(helper.get_concrete_int(i), VarType.CONCRETE)
return Variable(util.get_concrete_int(i), VarType.CONCRETE)
except AttributeError:
return Variable(simplify(i), VarType.SYMBOLIC)

6
mythril/analysis/report.py
Unescape View File

@ -18,9 +18,11 @@ class Issue:
self.code = None
self.lineno = None
@property
def as_dict(self):
issue = {'title': self.title, 'description':self.description, 'function': self.function, 'type': self.type, 'address': self.address, 'debug': self.debug}
issue = {'title': self.title, 'contract': self.contract, 'description': self.description, 'function': self.function, 'type': self.type, 'address': self.address, 'debug': self.debug}
if self.filename and self.lineno:
issue['filename'] = self.filename
@ -47,7 +49,7 @@ class Report:
pass
def sorted_issues(self):
issue_list = [issue.as_dict() for key, issue in self.issues.items()]
issue_list = [issue.as_dict for key, issue in self.issues.items()]
return sorted(issue_list, key=operator.itemgetter('address', 'title'))
def append_issue(self, issue):

15
mythril/analysis/solver.py
Unescape View File

@ -1,6 +1,6 @@
from z3 import Solver, simplify, sat
from z3 import Solver, simplify, sat, unknown
from mythril.exceptions import UnsatError
import logging
def get_model(constraints):
s = Solver()
@ -8,13 +8,12 @@ def get_model(constraints):
for constraint in constraints:
s.add(constraint)
if (s.check() == sat):
result = s.check()
if result == sat:
return s.model()
else:
raise UnsatError
elif result == unknown:
logging.info("Timeout encountered while solving expression using z3")
raise UnsatError
def pretty_print_model(model):

8
mythril/analysis/traceexplore.py
Unescape View File

@ -43,7 +43,7 @@ def get_serializable_statespace(statespace):
def get_state_accounts(state):
state_accounts = []
for key in state.accounts:
account = state.accounts[key].as_dict()
account = state.accounts[key].as_dict
account.pop('code', None)
account['balance'] = str(account['balance'])
@ -57,7 +57,7 @@ def get_serializable_statespace(statespace):
})
return state_accounts
states = [{'machine': x.mstate.as_dict(), 'accounts': get_state_accounts(x)} for x in node.states]
states = [{'machine': x.mstate.as_dict, 'accounts': get_state_accounts(x)} for x in node.states]
for state in states:
state['machine']['stack'] = [str(s) for s in state['machine']['stack']]
@ -94,8 +94,8 @@ def get_serializable_statespace(statespace):
code = re.sub("([0-9a-f]{8})[0-9a-f]+", lambda m: m.group(1) + "(...)", code)
s_edge = {
'from': str(edge.as_dict()['from']),
'to': str(edge.as_dict()['to']),
'from': str(edge.as_dict['from']),
'to': str(edge.as_dict['to']),
'arrows': 'to',
'label': label,
'smooth': { 'type': "cubicBezier" }

38
mythril/disassembler/disassembly.py
Unescape View File

@ -1,32 +1,22 @@
from mythril.ether import asm,util
import os
import json
from mythril.support.signatures import SignatureDb
import logging
class Disassembly:
class Disassembly(object):
def __init__(self, code):
self.instruction_list = asm.disassemble(util.safe_decode(code))
self.xrefs = []
self.func_to_addr = {}
self.addr_to_func = {}
self.bytecode = code
signatures = SignatureDb(enable_online_lookup=True) # control if you want to have online sighash lookups
try:
mythril_dir = os.environ['MYTHRIL_DIR']
except KeyError:
mythril_dir = os.path.join(os.path.expanduser('~'), ".mythril")
# Load function signatures
signatures_file = os.path.join(mythril_dir, 'signatures.json')
if not os.path.exists(signatures_file):
logging.info("Missing function signature file. Resolving of function names disabled.")
signatures = {}
else:
with open(signatures_file) as f:
signatures = json.load(f)
signatures.open() # open from default locations
except FileNotFoundError:
logging.info("Missing function signature file. Resolving of function names from signature file disabled.")
# Parse jump table & resolve function names
@ -35,7 +25,15 @@ class Disassembly:
for i in jmptable_indices:
func_hash = self.instruction_list[i]['argument']
try:
func_name = signatures[func_hash]
# tries local cache, file and optional online lookup
# may return more than one function signature. since we cannot probe for the correct one we'll use the first
func_names = signatures.get(func_hash)
if len(func_names) > 1:
# ambigious result
func_name = "**ambiguous** %s" % func_names[0] # return first hit but note that result was ambiguous
else:
# only one item
func_name = func_names[0]
except KeyError:
func_name = "_function_" + func_hash
@ -48,8 +46,8 @@ class Disassembly:
except:
continue
signatures.write() # store resolved signatures (potentially resolved online)
def get_easm(self):
# todo: tintinweb - print funcsig resolved data from self.addr_to_func?
return asm.instruction_list_to_easm(self.instruction_list)

157
mythril/ether/contractstorage.py
Unescape View File

@ -1,157 +0,0 @@
import os
import hashlib
import persistent.list
import transaction
from BTrees.OOBTree import BTree
import ZODB
from ZODB import FileStorage
from multiprocessing import Pool
import logging
from mythril.ether.ethcontract import ETHContract, InstanceList
from mythril import ether
import time
BLOCKS_PER_THREAD = 256
NUM_THREADS = 8
def get_persistent_storage(db_dir=None):
if not db_dir:
db_dir = os.path.join(os.path.expanduser('~'), ".mythril")
if not os.path.exists(db_dir):
os.makedirs(db_dir)
db_path = os.path.join(db_dir, "contractstorage.fs")
storage = FileStorage.FileStorage(db_path)
db = ZODB.DB(storage)
connection = db.open()
storage_root = connection.root()
try:
contract_storage = storage_root['contractStorage']
except KeyError:
contract_storage = ContractStorage()
storage_root['contractStorage'] = contract_storage
return contract_storage, db
class SyncBlocks(object):
'''
Processes the block chunk
'''
def __init__(self, eth):
self.eth = eth
def __call__(self, startblock):
'''
Processesing method
'''
logging.info("SYNC_BLOCKS %d to %d" % (startblock, startblock + BLOCKS_PER_THREAD))
contracts = {}
for blockNum in range(startblock, startblock + BLOCKS_PER_THREAD):
block = self.eth.eth_getBlockByNumber(blockNum)
for tx in block['transactions']:
if not tx['to']:
receipt = self.eth.eth_getTransactionReceipt(tx['hash'])
if receipt is not None:
contract_address = receipt['contractAddress']
contract_code = self.eth.eth_getCode(contract_address)
contract_balance = self.eth.eth_getBalance(contract_address)
if not contract_balance:
continue
ethcontract = ETHContract(contract_code, tx['input'])
m = hashlib.md5()
m.update(contract_code.encode('UTF-8'))
contract_hash = m.digest()
contracts[contract_hash] = {'ethcontract': ethcontract, 'address': contract_address, 'balance': contract_balance}
blockNum -= 1
return contracts
class ContractStorage(persistent.Persistent):
def __init__(self):
self.contracts = BTree()
self.instance_lists = BTree()
self.last_block = 0
self.eth = None
def get_contract_by_hash(self, contract_hash):
return self.contracts[contract_hash]
def initialize(self, eth):
self.eth = eth
if self.last_block:
blockNum = self.last_block
print("Resuming synchronization from block " + str(blockNum))
else:
blockNum = eth.eth_blockNumber()
print("Starting synchronization from latest block: " + str(blockNum))
processed = 0
while (blockNum > 0):
numbers = []
for i in range(1, NUM_THREADS + 1):
numbers.append(max(0, blockNum - (i * BLOCKS_PER_THREAD)))
pool = Pool(NUM_THREADS, initargs=(self.eth))
results = pool.map(SyncBlocks(self.eth), numbers)
pool.close()
pool.join()
for result in results:
for (contract_hash, data) in result.items():
try:
self.contracts[contract_hash]
except KeyError:
self.contracts[contract_hash] = data['ethcontract']
m = InstanceList()
self.instance_lists[contract_hash] = m
self.instance_lists[contract_hash].add(data['address'], data['balance'])
blockNum -= NUM_THREADS * BLOCKS_PER_THREAD
processed += NUM_THREADS * BLOCKS_PER_THREAD
self.last_block = blockNum
transaction.commit()
cost_time = time.time() - ether.start_time
print("%d blocks processed (in %d seconds), %d unique contracts in database, next block: %d" % (processed, cost_time, len(self.contracts), max(0, blockNum)))
# If we've finished initializing the database, start over from the end of the chain if we want to initialize again
self.last_block = 0
print("Finished synchronization")
def search(self, expression, callback_func):
all_keys = list(self.contracts)
for k in all_keys:
if self.contracts[k].matches_expression(expression):
m = self.instance_lists[k]
callback_func(k.hex(), self.contracts[k], m.addresses, m.balances)

2
mythril/ether/soliditycontract.py
Unescape View File

@ -1,4 +1,4 @@
import mythril.laser.ethereum.helper as helper
import mythril.laser.ethereum.util as helper
from mythril.ether.ethcontract import ETHContract
from mythril.ether.util import *
from mythril.exceptions import NoContractFoundError

40
mythril/interfaces/cli.py
Unescape View File

@ -49,8 +49,9 @@ def main():
outputs.add_argument('--verbose-report', action='store_true', help='Include debugging information in report')
database = parser.add_argument_group('local contracts database')
database.add_argument('--init-db', action='store_true', help='initialize the contract database')
database.add_argument('-s', '--search', help='search the contract database', metavar='EXPRESSION')
database.add_argument('--leveldb-dir', help='specify leveldb directory for search or direct access operations', metavar='LEVELDB_PATH')
database.add_argument('--search-all', action='store_true', help='search all contracts instead of active (non-zero balance) only')
utilities = parser.add_argument_group('utilities')
utilities.add_argument('--hash', help='calculate function signature hash', metavar='SIGNATURE')
@ -67,13 +68,13 @@ def main():
options.add_argument('--phrack', action='store_true', help='Phrack-style call graph')
options.add_argument('--enable-physics', action='store_true', help='enable graph physics simulation')
options.add_argument('-v', type=int, help='log level (0-2)', metavar='LOG_LEVEL')
options.add_argument('--leveldb', help='enable direct leveldb access operations', metavar='LEVELDB_PATH')
rpc = parser.add_argument_group('RPC options')
rpc.add_argument('-i', action='store_true', help='Preset: Infura Node service (Mainnet)')
rpc.add_argument('--rpc', help='custom RPC settings', metavar='HOST:PORT / ganache / infura-[network_name]')
rpc.add_argument('--rpctls', type=bool, default=False, help='RPC connection over TLS')
rpc.add_argument('--ipc', action='store_true', help='Connect via local IPC')
rpc.add_argument('--leveldb', action='store_true', help='Enable direct leveldb access operations')
# Get config values
@ -87,7 +88,7 @@ def main():
# Parse cmdline args
if not (args.search or args.init_db or args.hash or args.disassemble or args.graph or args.fire_lasers
if not (args.search or args.hash or args.disassemble or args.graph or args.fire_lasers
or args.storage or args.truffle or args.statespace_json):
parser.print_help()
sys.exit()
@ -106,27 +107,31 @@ def main():
try:
# the mythril object should be our main interface
#init_db = None, infura = None, rpc = None, rpctls = None, ipc = None,
#infura = None, rpc = None, rpctls = None, ipc = None,
#solc_args = None, dynld = None, max_recursion_depth = 12):
mythril = Mythril(solv=args.solv, dynld=args.dynld,
solc_args=args.solc_args)
if args.leveldb:
# Open LevelDB if specified
mythril.set_db_leveldb(args.leveldb)
elif (args.address or args.init_db) and not args.leveldb:
if args.address and not args.leveldb:
# Establish RPC/IPC connection if necessary
if args.i:
mythril.set_db_rpc_infura()
mythril.set_api_rpc_infura()
elif args.rpc:
mythril.set_db_rpc(rpc=args.rpc, rpctls=args.rpctls)
mythril.set_api_rpc(rpc=args.rpc, rpctls=args.rpctls)
elif args.ipc:
mythril.set_db_ipc()
mythril.set_api_ipc()
else:
mythril.set_db_rpc_localhost()
mythril.set_api_rpc_localhost()
elif args.leveldb or args.search:
# Open LevelDB if necessary
mythril.set_api_leveldb(mythril.leveldb_dir if not args.leveldb_dir else args.leveldb_dir)
if args.search:
# Database search ops
mythril.search_db(args.search, args.search_all)
sys.exit()
if args.truffle:
try:
@ -137,15 +142,6 @@ def main():
"Build directory not found. Make sure that you start the analysis from the project root, and that 'truffle compile' has executed successfully.")
sys.exit()
elif args.search:
# Database search ops
mythril.search_db(args.search)
sys.exit()
elif args.init_db:
mythril.init_db()
sys.exit()
# Load / compile input contracts
address = None

145
mythril/laser/ethereum/call.py
Unescape View File

@ -0,0 +1,145 @@
import logging
from z3 import BitVec, simplify
import mythril.laser.ethereum.util as util
from mythril.laser.ethereum.state import Account
from mythril.laser.ethereum.svm import CalldataType
import re
"""
This module contains the business logic used by Instruction in instructions.py
to get the necessary elements from the stack and determine the parameters for the new global state.
"""
def get_call_parameters(global_state, dynamic_loader, with_value=False):
"""
Gets call parameters from global state
Pops the values from the stack and determines output parameters
:param global_state: state to look in
:param dynamic_loader: dynamic loader to use
:param with_value: whether to pop the value argument from the stack
:return: callee_account, call_data, value, call_data_type, gas
"""
state = global_state.mstate
instr = global_state.get_current_instruction()
if with_value:
gas, to, value, meminstart, meminsz, memory_out_offset, memory_out_size = \
state.stack.pop(), state.stack.pop(), state.stack.pop(), state.stack.pop(), state.stack.pop(), state.stack.pop(), state.stack.pop()
else:
gas, to, meminstart, meminsz, memory_out_offset, memory_out_size = \
state.stack.pop(), state.stack.pop(), state.stack.pop(), state.stack.pop(), state.stack.pop(), state.stack.pop()
value = None
callee_address = get_callee_address(global_state, dynamic_loader, to)
callee_account = None
call_data, call_data_type = get_call_data(global_state, meminstart, meminsz, False)
if int(callee_address, 16) >= 5 or int(callee_address, 16) == 0:
call_data, call_data_type = get_call_data(global_state, meminstart, meminsz)
callee_account = get_callee_account(global_state, callee_address, dynamic_loader)
return callee_address, callee_account, call_data, value, call_data_type, gas, memory_out_offset, memory_out_size
def get_callee_address(global_state, dynamic_loader, to):
"""
Gets the address of the callee
:param global_state: state to look in
:param dynamic_loader: dynamic loader to use
:return: Address of the callee
"""
environment = global_state.environment
try:
callee_address = hex(util.get_concrete_int(to))
except AttributeError:
logging.info("Symbolic call encountered")
match = re.search(r'storage_(\d+)', str(simplify(to)))
logging.debug("CALL to: " + str(simplify(to)))
if match is None or dynamic_loader is None:
raise ValueError()
index = int(match.group(1))
logging.info("Dynamic contract address at storage index {}".format(index))
# attempt to read the contract address from instance storage
# TODO: we need to do this correctly using multi transactional analysis
try:
callee_address = dynamic_loader.read_storage(environment.active_account.address, index)
except:
logging.debug("Error accessing contract storage.")
raise ValueError
# testrpc simply returns the address, geth response is more elaborate.
if not re.match(r"^0x[0-9a-f]{40}$", callee_address):
callee_address = "0x" + callee_address[26:]
return callee_address
def get_callee_account(global_state, callee_address, dynamic_loader):
"""
Gets the callees account from the global_state
:param global_state: state to look in
:param callee_address: address of the callee
:param dynamic_loader: dynamic loader to use
:return: Account belonging to callee
"""
environment = global_state.environment
accounts = global_state.accounts
try:
return global_state.accounts[callee_address]
except KeyError:
# We have a valid call address, but contract is not in the modules list
logging.info("Module with address " + callee_address + " not loaded.")
if dynamic_loader is None:
raise ValueError()
logging.info("Attempting to load dependency")
try:
code = dynamic_loader.dynld(environment.active_account.address, callee_address)
except Exception as e:
logging.info("Unable to execute dynamic loader.")
raise ValueError()
if code is None:
logging.info("No code returned, not a contract account?")
raise ValueError()
logging.info("Dependency loaded: " + callee_address)
callee_account = Account(callee_address, code, callee_address)
accounts[callee_address] = callee_account
return callee_account
def get_call_data(global_state, memory_start, memory_size, pad=True):
"""
Gets call_data from the global_state
:param global_state: state to look in
:param memory_start: Start index
:param memory_size: Size
:return: Tuple containing: call_data array from memory or empty array if symbolic, type found
"""
state = global_state.mstate
try:
# TODO: This only allows for either fully concrete or fully symbolic calldata.
# Improve management of memory and callata to support a mix between both types.
call_data = state.memory[util.get_concrete_int(memory_start):util.get_concrete_int(memory_start + memory_size)]
if len(call_data) < 32 and pad:
call_data += [0] * (32 - len(call_data))
call_data_type = CalldataType.CONCRETE
logging.debug("Calldata: " + str(call_data))
except AttributeError:
logging.info("Unsupported symbolic calldata offset")
call_data_type = CalldataType.SYMBOLIC
call_data = []
return call_data, call_data_type

65
mythril/laser/ethereum/cfg.py
Unescape View File

@ -0,0 +1,65 @@
from flags import Flags
from enum import Enum
gbl_next_uid = 0 # node counter
class JumpType(Enum):
CONDITIONAL = 1
UNCONDITIONAL = 2
CALL = 3
RETURN = 4
class NodeFlags(Flags):
FUNC_ENTRY = 1
CALL_RETURN = 2
class Node:
def __init__(self, contract_name, start_addr=0, constraints=None):
constraints = constraints if constraints else []
self.contract_name = contract_name
self.start_addr = start_addr
self.states = []
self.constraints = constraints
self.function_name = "unknown"
self.flags = NodeFlags()
# Self-assign a unique ID
global gbl_next_uid
self.uid = gbl_next_uid
gbl_next_uid += 1
def get_cfg_dict(self):
code = ""
for state in self.states:
instruction = state.get_current_instruction()
code += str(instruction['address']) + " " + instruction['opcode']
if instruction['opcode'].startswith("PUSH"):
code += " " + instruction['argument']
code += "\\n"
return dict(contract_name=self.contract_name, start_addr=self.start_addr, function_name=self.function_name,
code=code)
class Edge:
def __init__(self, node_from, node_to, edge_type=JumpType.UNCONDITIONAL, condition=None):
self.node_from = node_from
self.node_to = node_to
self.type = edge_type
self.condition = condition
def __str__(self):
return str(self.as_dict)
@property
def as_dict(self):
return {"from": self.node_from, 'to': self.node_to}

74
mythril/laser/ethereum/gascost.py
Unescape View File

@ -1,74 +0,0 @@
gascost = {
'PUSH': 3,
'DUP': 3,
'SWAP': 3,
'STOP': 0,
'ADD': 3,
'MUL': 5,
'SUB': 3,
'DIV': 5,
'SDIV': 5,
'MOD': 5,
'SMOD': 5,
'ADDMOD': 8,
'MULMOD': 8,
'EXP': 10,
'SIGNEXTEND': 5,
'LT': 3,
'GT': 3,
'SLT': 3,
'SGT': 3,
'EQ': 3,
'ISZERO': 3,
'AND': 3,
'OR': 3,
'XOR': 3,
'NOT': 3,
'BYTE': 3,
'SHA3': 30,
'ADDRESS': 2,
'BALANCE': 400,
'ORIGIN': 2,
'CALLER': 2,
'CALLVALUE': 2,
'CALLDATALOAD': 3,
'CALLDATASIZE': 2,
'CALLDATACOPY': 3,
'CODESIZE': 2,
'CODECOPY': 3,
'GASPRICE': 2,
'EXTCODESIZE': 700,
'EXTCODECOPY': 700,
'BLOCKHASH': 20,
'COINBASE': 2,
'TIMESTAMP': 2,
'NUMBER': 2,
'DIFFICULTY': 2,
'GASLIMIT': 2,
'POP': 2,
'MLOAD': 3,
'MSTORE': 3,
'MSTORE8': 3,
'SLOAD': 50,
'SSTORE': 0,
'JUMP': 8,
'JUMPI': 10,
'PC': 2,
'MSIZE': 2,
'GAS': 2,
'JUMPDEST': 1,
'LOG0': 375,
'LOG1': 750,
'LOG2': 1125,
'LOG3': 1500,
'LOG4': 1875,
'CREATE': 32000,
'CALL': 40,
'CALLCODE': 40,
'RETURN': 0,
'DELEGATECALL': 40,
'CALLBLACKBOX': 40,
'STATICCALL': 40,
'REVERT': 0,
'SUICIDE': 5000,
}

994
mythril/laser/ethereum/instructions.py
Unescape View File

@ -0,0 +1,994 @@
import binascii
import logging
from copy import copy, deepcopy
import ethereum.opcodes as opcodes
from ethereum import utils
from z3 import BitVec, Extract, UDiv, simplify, Concat, ULT, UGT, BitVecNumRef, Not, \
is_false
from z3 import BitVecVal, If, BoolRef
import mythril.laser.ethereum.util as helper
from mythril.laser.ethereum import util
from mythril.laser.ethereum.call import get_call_parameters
from mythril.laser.ethereum.state import GlobalState, MachineState, Environment, CalldataType
import mythril.laser.ethereum.natives as natives
TT256 = 2 ** 256
TT256M1 = 2 ** 256 - 1
class StackUnderflowException(Exception):
pass
class StopSignal(Exception):
pass
def instruction(func):
""" Wrapper that handles copy and original return """
def wrapper(self, global_state):
global_state_copy = copy(global_state)
new_global_states = func(self, global_state_copy)
for state in new_global_states:
state.mstate.pc += 1
return new_global_states
return wrapper
class Instruction:
"""
Instruction class is used to mutate a state according to the current instruction
"""
def __init__(self, op_code, dynamic_loader):
self.dynamic_loader = dynamic_loader
self.op_code = op_code
def evaluate(self, global_state):
""" Performs the mutation for this instruction """
# Generalize some ops
logging.debug("Evaluating {}".format(self.op_code))
op = self.op_code.lower()
if self.op_code.startswith("PUSH"):
op = "push"
elif self.op_code.startswith("DUP"):
op = "dup"
elif self.op_code.startswith("SWAP"):
op = "swap"
elif self.op_code.startswith("LOG"):
op = "log"
instruction_mutator = getattr(self, op + '_', None)
if instruction_mutator is None:
raise NotImplementedError
return instruction_mutator(global_state)
@instruction
def jumpdest_(self, global_state):
return [global_state]
@instruction
def push_(self, global_state):
value = BitVecVal(int(global_state.get_current_instruction()['argument'][2:], 16), 256)
global_state.mstate.stack.append(value)
return [global_state]
@instruction
def dup_(self, global_state):
value = int(global_state.get_current_instruction()['opcode'][3:], 10)
global_state.mstate.stack.append(global_state.mstate.stack[-value])
return [global_state]
@instruction
def swap_(self, global_state):
depth = int(self.op_code[4:])
try:
stack = global_state.mstate.stack
stack[-depth - 1], stack[-1] = stack[-1], stack[-depth - 1]
except IndexError:
raise StackUnderflowException()
return [global_state]
@instruction
def pop_(self, global_state):
try:
global_state.mstate.stack.pop()
except IndexError:
raise StackUnderflowException()
return [global_state]
@instruction
def and_(self, global_state):
try:
stack = global_state.mstate.stack
op1, op2 = stack.pop(), stack.pop()
if type(op1) == BoolRef:
op1 = If(op1, BitVecVal(1, 256), BitVecVal(0, 256))
if type(op2) == BoolRef:
op2 = If(op2, BitVecVal(1, 256), BitVecVal(0, 256))
stack.append(op1 & op2)
except IndexError:
raise StackUnderflowException()
return [global_state]
@instruction
def or_(self, global_state):
stack = global_state.mstate.stack
try:
op1, op2 = stack.pop(), stack.pop()
if type(op1) == BoolRef:
op1 = If(op1, BitVecVal(1, 256), BitVecVal(0, 256))
if type(op2) == BoolRef:
op2 = If(op2, BitVecVal(1, 256), BitVecVal(0, 256))
stack.append(op1 | op2)
except IndexError: # Stack underflow
raise StackUnderflowException()
return [global_state]
@instruction
def xor_(self, global_state):
mstate = global_state.mstate
mstate.stack.append(mstate.stack.pop() ^ mstate.stack.pop())
return [global_state]
@instruction
def not_(self, global_state: GlobalState):
mstate = global_state.mstate
mstate.stack.append(TT256M1 - mstate.stack.pop())
return [global_state]
@instruction
def byte_(self, global_state):
mstate = global_state.mstate
op0, op1 = mstate.stack.pop(), mstate.stack.pop()
try:
index = util.get_concrete_int(op0)
offset = (31 - index) * 8
result = Concat(BitVecVal(0, 248), Extract(offset + 7, offset, op1))
except AttributeError:
logging.debug("BYTE: Unsupported symbolic byte offset")
result = BitVec(str(simplify(op1)) + "[" + str(simplify(op0)) + "]", 256)
mstate.stack.append(simplify(result))
return [global_state]
# Arithmetic
@instruction
def add_(self, global_state):
global_state.mstate.stack.append(
(helper.pop_bitvec(global_state.mstate) + helper.pop_bitvec(global_state.mstate)))
return [global_state]
@instruction
def sub_(self, global_state):
global_state.mstate.stack.append(
(helper.pop_bitvec(global_state.mstate) - helper.pop_bitvec(global_state.mstate)))
return [global_state]
@instruction
def mul_(self, global_state):
global_state.mstate.stack.append(
(helper.pop_bitvec(global_state.mstate) * helper.pop_bitvec(global_state.mstate)))
return [global_state]
@instruction
def div_(self, global_state):
global_state.mstate.stack.append(
UDiv(util.pop_bitvec(global_state.mstate), util.pop_bitvec(global_state.mstate)))
return [global_state]
@instruction
def sdiv_(self, global_state):
s0, s1 = util.pop_bitvec(global_state.mstate), util.pop_bitvec(global_state.mstate)
global_state.mstate.stack.append(s0 / s1)
return [global_state]
@instruction
def smod_(self, global_state):
s0, s1 = util.pop_bitvec(global_state.mstate), util.pop_bitvec(global_state.mstate)
global_state.mstate.stack.append(0 if s1 == 0 else s0 % s1)
return [global_state]
@instruction
def addmod_(self, global_state):
s0, s1, s2 = util.pop_bitvec(global_state.mstate), util.pop_bitvec(global_state.mstate), util.pop_bitvec(
global_state.mstate)
global_state.mstate.stack.append((s0 + s1) % s2)
return [global_state]
@instruction
def mulmod_(self, global_state):
s0, s1, s2 = util.pop_bitvec(global_state.mstate), util.pop_bitvec(global_state.mstate), util.pop_bitvec(
global_state.mstate)
global_state.mstate.stack.append((s0 * s1) % s2 if s2 else 0)
@instruction
def exp_(self, global_state):
state = global_state.mstate
# we only implement 2 ** x
base, exponent = util.pop_bitvec(state), util.pop_bitvec(state)
if (type(base) != BitVecNumRef) or (type(exponent) != BitVecNumRef):
state.stack.append(BitVec("(" + str(simplify(base)) + ")^(" + str(simplify(exponent)) + ")", 256))
elif base.as_long() == 2:
if exponent.as_long() == 0:
state.stack.append(BitVecVal(1, 256))
else:
state.stack.append(base << (exponent - 1))
else:
state.stack.append(base)
return [global_state]
@instruction
def signextend_(self, global_state):
state = global_state.mstate
s0, s1 = state.stack.pop(), state.stack.pop()
try:
s0 = util.get_concrete_int(s0)
s1 = util.get_concrete_int(s1)
if s0 <= 31:
testbit = s0 * 8 + 7
if s1 & (1 << testbit):
state.stack.append(s1 | (TT256 - (1 << testbit)))
else:
state.stack.append(s1 & ((1 << testbit) - 1))
else:
state.stack.append(s1)
# TODO: broad exception handler
except:
return []
return [global_state]
# Comparisons
@instruction
def lt_(self, global_state):
state = global_state.mstate
exp = ULT(util.pop_bitvec(state), util.pop_bitvec(state))
state.stack.append(exp)
return [global_state]
@instruction
def gt_(self, global_state):
state = global_state.mstate
exp = UGT(util.pop_bitvec(state), util.pop_bitvec(state))
state.stack.append(exp)
return [global_state]
@instruction
def slt_(self, global_state):
state = global_state.mstate
exp = util.pop_bitvec(state) < util.pop_bitvec(state)
state.stack.append(exp)
return [global_state]
@instruction
def sgt_(self, global_state):
state = global_state.mstate
exp = util.pop_bitvec(state) > util.pop_bitvec(state)
state.stack.append(exp)
return [global_state]
@instruction
def eq_(self, global_state):
state = global_state.mstate
op1 = state.stack.pop()
op2 = state.stack.pop()
if type(op1) == BoolRef:
op1 = If(op1, BitVecVal(1, 256), BitVecVal(0, 256))
if type(op2) == BoolRef:
op2 = If(op2, BitVecVal(1, 256), BitVecVal(0, 256))
exp = op1 == op2
state.stack.append(exp)
return [global_state]
@instruction
def iszero_(self, global_state):
state = global_state.mstate
val = state.stack.pop()
exp = val == False if type(val) == BoolRef else val == 0
state.stack.append(exp)
return [global_state]
# Call data
@instruction
def callvalue_(self, global_state):
state = global_state.mstate
environment = global_state.environment
state.stack.append(environment.callvalue)
return [global_state]
@instruction
def calldataload_(self, global_state):
state = global_state.mstate
environment = global_state.environment
op0 = state.stack.pop()
try:
offset = util.get_concrete_int(simplify(op0))
b = environment.calldata[offset]
except AttributeError:
logging.debug("CALLDATALOAD: Unsupported symbolic index")
state.stack.append(BitVec(
"calldata_" + str(environment.active_account.contract_name) + "[" + str(simplify(op0)) + "]", 256))
return [global_state]
except IndexError:
logging.debug("Calldata not set, using symbolic variable instead")
state.stack.append(BitVec(
"calldata_" + str(environment.active_account.contract_name) + "[" + str(simplify(op0)) + "]", 256))
return [global_state]
if type(b) == int:
val = b''
try:
for i in range(offset, offset + 32):
val += environment.calldata[i].to_bytes(1, byteorder='big')
logging.debug("Final value: " + str(int.from_bytes(val, byteorder='big')))
state.stack.append(BitVecVal(int.from_bytes(val, byteorder='big'), 256))
# FIXME: broad exception catch
except:
state.stack.append(BitVec(
"calldata_" + str(environment.active_account.contract_name) + "[" + str(simplify(op0)) + "]", 256))
else:
# symbolic variable
state.stack.append(BitVec(
"calldata_" + str(environment.active_account.contract_name) + "[" + str(simplify(op0)) + "]", 256))
return [global_state]
@instruction
def calldatasize_(self, global_state):
state = global_state.mstate
environment = global_state.environment
if environment.calldata_type == CalldataType.SYMBOLIC:
state.stack.append(BitVec("calldatasize_" + environment.active_account.contract_name, 256))
else:
state.stack.append(BitVecVal(len(environment.calldata), 256))
return [global_state]
@instruction
def calldatacopy_(self, global_state):
state = global_state.mstate
environment = global_state.environment
op0, op1, op2 = state.stack.pop(), state.stack.pop(), state.stack.pop()
try:
mstart = util.get_concrete_int(op0)
# FIXME: broad exception catch
except:
logging.debug("Unsupported symbolic memory offset in CALLDATACOPY")
return [global_state]
dstart_sym = False
try:
dstart = util.get_concrete_int(op1)
# FIXME: broad exception catch
except:
logging.debug("Unsupported symbolic calldata offset in CALLDATACOPY")
dstart = simplify(op1)
dstart_sym = True
size_sym = False
try:
size = util.get_concrete_int(op2)
# FIXME: broad exception catch
except:
logging.debug("Unsupported symbolic size in CALLDATACOPY")
size = simplify(op2)
size_sym = True
if dstart_sym or size_sym:
state.mem_extend(mstart, 1)
state.memory[mstart] = BitVec(
"calldata_" + str(environment.active_account.contract_name) + "[" + str(dstart) + ": + " + str(
size) + "]", 256)
return [global_state]
if size > 0:
try:
state.mem_extend(mstart, size)
# FIXME: broad exception catch
except:
logging.debug("Memory allocation error: mstart = " + str(mstart) + ", size = " + str(size))
state.mem_extend(mstart, 1)
state.memory[mstart] = BitVec(
"calldata_" + str(environment.active_account.contract_name) + "[" + str(dstart) + ": + " + str(
size) + "]", 256)
return [global_state]
try:
i_data = environment.calldata[dstart]
for i in range(mstart, mstart + size):
state.memory[i] = environment.calldata[i_data]
i_data += 1
except:
logging.debug("Exception copying calldata to memory")
state.memory[mstart] = BitVec(
"calldata_" + str(environment.active_account.contract_name) + "[" + str(dstart) + ": + " + str(
size) + "]", 256)
return [global_state]
# Environment
@instruction
def address_(self, global_state):
state = global_state.mstate
environment = global_state.environment
state.stack.append(environment.address)
return [global_state]
@instruction
def balance_(self, global_state):
state = global_state.mstate
address = state.stack.pop()
state.stack.append(BitVec("balance_at_" + str(address), 256))
return [global_state]
@instruction
def origin_(self, global_state):
state = global_state.mstate
environment = global_state.environment
state.stack.append(environment.origin)
return [global_state]
@instruction
def caller_(self, global_state):
state = global_state.mstate
environment = global_state.environment
state.stack.append(environment.sender)
return [global_state]
@instruction
def codesize_(self, global_state):
state = global_state.mstate
environment = global_state.environment
disassembly = environment.code
state.stack.append(len(disassembly.bytecode) // 2)
return [global_state]
@instruction
def sha3_(self, global_state):
state = global_state.mstate
environment = global_state.environment
op0, op1 = state.stack.pop(), state.stack.pop()
try:
index, length = util.get_concrete_int(op0), util.get_concrete_int(op1)
# FIXME: broad exception catch
except:
# Can't access symbolic memory offsets
state.stack.append(BitVec("KECCAC_mem[" + str(simplify(op0)) + "]", 256))
return [global_state]
try:
data = b''
for i in range(index, index + length):
data += util.get_concrete_int(state.memory[i]).to_bytes(1, byteorder='big')
i += 1
# FIXME: broad exception catch
except:
svar = str(state.memory[index])
svar = svar.replace(" ", "_")
state.stack.append(BitVec("keccac_" + svar, 256))
return [global_state]
keccac = utils.sha3(utils.bytearray_to_bytestr(data))
logging.debug("Computed SHA3 Hash: " + str(binascii.hexlify(keccac)))
state.stack.append(BitVecVal(util.concrete_int_from_bytes(keccac, 0), 256))
return [global_state]
@instruction
def gasprice_(self, global_state):
global_state.mstate.stack.append(BitVec("gasprice", 256))
return [global_state]
@instruction
def codecopy(self, global_state):
# FIXME: not implemented
state = global_state.mstate
start, s1, size = state.stack.pop(), state.stack.pop(), state.stack.pop()
return [global_state]
@instruction
def extcodesize_(self, global_state):
state = global_state.mstate
addr = state.stack.pop()
environment = global_state.environment
try:
addr = hex(helper.get_concrete_int(addr))
except AttributeError:
logging.info("unsupported symbolic address for EXTCODESIZE")
state.stack.append(BitVec("extcodesize_" + str(addr), 256))
return [global_state]
try:
code = self.dynamic_loader.dynld(environment.active_account.address, addr)
except Exception as e:
logging.info("error accessing contract storage due to: " + str(e))
state.stack.append(BitVec("extcodesize_" + str(addr), 256))
return [global_state]
if code is None:
state.stack.append(0)
else:
state.stack.append(len(code.bytecode) // 2)
return [global_state]
@instruction
def extcodecopy_(self, global_state):
# FIXME: not implemented
state = global_state.mstate
addr = state.stack.pop()
start, s2, size = state.stack.pop(), state.stack.pop(), state.stack.pop()
return [global_state]
@instruction
def returndatasize_(self, global_state):
global_state.mstate.stack.append(BitVec("returndatasize", 256))
return [global_state]
@instruction
def blockhash_(self, global_state):
state = global_state.mstate
blocknumber = state.stack.pop()
state.stack.append(BitVec("blockhash_block_" + str(blocknumber), 256))
return [global_state]
@instruction
def coinbase_(self, global_state):
global_state.mstate.stack.append(BitVec("coinbase", 256))
return [global_state]
@instruction
def timestamp_(self, global_state):
global_state.mstate.stack.append(BitVec("timestamp", 256))
return [global_state]
@instruction
def number_(self, global_state):
global_state.mstate.stack.append(BitVec("block_number", 256))
return [global_state]
@instruction
def difficulty_(self, global_state):
global_state.mstate.stack.append(BitVec("block_difficulty", 256))
return [global_state]
@instruction
def gaslimit_(self, global_state):
global_state.mstate.stack.append(BitVec("block_gaslimit", 256))
return [global_state]
# Memory operations
@instruction
def mload_(self, global_state):
state = global_state.mstate
op0 = state.stack.pop()
logging.debug("MLOAD[" + str(op0) + "]")
try:
offset = util.get_concrete_int(op0)
except AttributeError:
logging.debug("Can't MLOAD from symbolic index")
data = BitVec("mem[" + str(simplify(op0)) + "]", 256)
state.stack.append(data)
return [global_state]
try:
data = util.concrete_int_from_bytes(state.memory, offset)
except IndexError: # Memory slot not allocated
data = BitVec("mem[" + str(offset) + "]", 256)
except TypeError: # Symbolic memory
data = state.memory[offset]
logging.debug("Load from memory[" + str(offset) + "]: " + str(data))
state.stack.append(data)
return [global_state]
@instruction
def mstore_(self, global_state):
state = global_state.mstate
op0, value = state.stack.pop(), state.stack.pop()
try:
mstart = util.get_concrete_int(op0)
except AttributeError:
logging.debug("MSTORE to symbolic index. Not supported")
return [global_state]
try:
state.mem_extend(mstart, 32)
except Exception:
logging.debug("Error extending memory, mstart = " + str(mstart) + ", size = 32")
logging.debug("MSTORE to mem[" + str(mstart) + "]: " + str(value))
try:
# Attempt to concretize value
_bytes = util.concrete_int_to_bytes(value)
i = 0
for b in _bytes:
state.memory[mstart + i] = _bytes[i]
i += 1
except:
try:
state.memory[mstart] = value
except:
logging.debug("Invalid memory access")
return [global_state]
@instruction
def mstore8_(self, global_state):
state = global_state.mstate
op0, value = state.stack.pop(), state.stack.pop()
try:
offset = util.get_concrete_int(op0)
except AttributeError:
logging.debug("MSTORE to symbolic index. Not supported")
return [global_state]
state.mem_extend(offset, 1)
state.memory[offset] = value % 256
return [global_state]
@instruction
def sload_(self, global_state):
state = global_state.mstate
index = state.stack.pop()
logging.debug("Storage access at index " + str(index))
try:
index = util.get_concrete_int(index)
except AttributeError:
index = str(index)
try:
data = global_state.environment.active_account.storage[index]
except KeyError:
data = BitVec("storage_" + str(index), 256)
global_state.environment.active_account.storage[index] = data
state.stack.append(data)
return [global_state]
@instruction
def sstore_(self, global_state):
state = global_state.mstate
index, value = state.stack.pop(), state.stack.pop()
logging.debug("Write to storage[" + str(index) + "]")
try:
index = util.get_concrete_int(index)
except AttributeError:
index = str(index)
try:
# Create a fresh copy of the account object before modifying storage
for k in global_state.accounts:
if global_state.accounts[k] == global_state.environment.active_account:
global_state.accounts[k] = deepcopy(global_state.accounts[k])
global_state.environment.active_account = global_state.accounts[k]
break
global_state.environment.active_account.storage[index] = value
except KeyError:
logging.debug("Error writing to storage: Invalid index")
return [global_state]
@instruction
def jump_(self, global_state):
state = global_state.mstate
disassembly = global_state.environment.code
try:
jump_addr = util.get_concrete_int(state.stack.pop())
except AttributeError:
logging.debug("Invalid jump argument (symbolic address)")
return []
except IndexError: # Stack Underflow
return []
index = util.get_instruction_index(disassembly.instruction_list, jump_addr)
if index is None:
logging.debug("JUMP to invalid address")
return []
op_code = disassembly.instruction_list[index]['opcode']
if op_code != "JUMPDEST":
logging.debug("Skipping JUMP to invalid destination (not JUMPDEST): " + str(jump_addr))
return []
new_state = copy(global_state)
new_state.mstate.pc = index
new_state.mstate.depth += 1
return [new_state]
@instruction
def jumpi_(self, global_state):
state = global_state.mstate
disassembly = global_state.environment.code
states = []
op0, condition = state.stack.pop(), state.stack.pop()
try:
jump_addr = util.get_concrete_int(op0)
# FIXME: to broad exception handler
except:
logging.debug("Skipping JUMPI to invalid destination.")
return [global_state]
index = util.get_instruction_index(disassembly.instruction_list, jump_addr)
if not index:
logging.debug("Invalid jump destination: " + str(jump_addr))
return [global_state]
instr = disassembly.instruction_list[index]
# True case
condi = condition if type(condition) == BoolRef else condition != 0
if instr['opcode'] == "JUMPDEST":
if (type(condi) == bool and condi) or (type(condi) == BoolRef and not is_false(simplify(condi))):
new_state = copy(global_state)
new_state.mstate.pc = index
new_state.mstate.depth += 1
new_state.mstate.constraints.append(condi)
states.append(new_state)
else:
logging.debug("Pruned unreachable states.")
# False case
negated = Not(condition) if type(condition) == BoolRef else condition == 0
sat = not is_false(simplify(negated)) if type(condi) == BoolRef else not negated
if sat:
new_state = copy(global_state)
new_state.mstate.depth += 1
new_state.mstate.constraints.append(negated)
states.append(new_state)
else:
logging.debug("Pruned unreachable states.")
return states
@instruction
def pc_(self, global_state):
global_state.mstate.stack.append(global_state.mstate.pc - 1)
return [global_state]
@instruction
def msize_(self, global_state):
global_state.mstate.stack.append(BitVec("msize", 256))
return [global_state]
@instruction
def gas_(self, global_state):
global_state.mstate.stack.append(BitVec("gas", 256))
return [global_state]
@instruction
def log_(self, global_state):
# TODO: implement me
state = global_state.mstate
dpth = int(self.op_code[3:])
state.stack.pop(), state.stack.pop()
[state.stack.pop() for x in range(dpth)]
# Not supported
return [global_state]
@instruction
def create_(self, global_state):
# TODO: implement me
state = global_state.mstate
state.stack.pop(), state.stack.pop(), state.stack.pop()
# Not supported
state.stack.append(0)
return [global_state]
@instruction
def return_(self, global_state):
# TODO: memory
state = global_state.mstate
offset, length = state.stack.pop(), state.stack.pop()
try:
_ = state.memory[util.get_concrete_int(offset):util.get_concrete_int(offset + length)]
except AttributeError:
logging.debug("Return with symbolic length or offset. Not supported")
#TODO: return 1
return_value = BitVec("retval_" + global_state.environment.active_function_name, 256)
state.stack.append(return_value)
if not global_state.call_stack:
return []
global_state.mstate.pc = global_state.call_stack.pop()
return [global_state]
@instruction
def suicide_(self, global_state):
return []
@instruction
def revert_(self, global_state):
return []
@instruction
def assert_fail_(self, global_state):
return []
@instruction
def invalid_(self, global_state):
return []
@instruction
def stop_(self, global_state):
state = global_state.mstate
state.stack.append(BitVecVal(0, 256))
if len(global_state.call_stack) is 0:
return []
global_state.mstate.pc = global_state.call_stack.pop()
return [global_state]
@instruction
def call_(self, global_state):
instr = global_state.get_current_instruction()
environment = global_state.environment
try:
callee_address, callee_account, call_data, value, call_data_type, gas, memory_out_offset, memory_out_size = get_call_parameters(global_state, self.dynamic_loader, True)
except ValueError as e:
logging.info(
"Could not determine required parameters for call, putting fresh symbol on the stack. \n{}".format(e)
)
# TODO: decide what to do in this case
global_state.mstate.stack.append(BitVec("retval_" + str(instr['address']), 256))
return [global_state]
if 0 < int(callee_address, 16) < 5:
logging.info("Native contract called: " + callee_address)
if call_data == [] and call_data_type == CalldataType.SYMBOLIC:
logging.debug("CALL with symbolic data not supported")
global_state.mstate.stack.append(BitVec("retval_" + str(instr['address']), 256))
return [global_state]
data = natives.native_contracts(int(callee_address, 16), call_data)
try:
mem_out_start = helper.get_concrete_int(memory_out_offset)
mem_out_sz = memory_out_size.as_long()
except AttributeError:
logging.debug("CALL with symbolic start or offset not supported")
global_state.mstate.stack.append(BitVec("retval_" + str(instr['address']), 256))
return [global_state]
global_state.mstate.mem_extend(mem_out_start, mem_out_sz)
try:
for i in range(min(len(data), mem_out_sz)): # If more data is used then it's chopped off
global_state.mstate.memory[mem_out_start + i] = data[i]
except:
global_state.mstate.memory[mem_out_start] = BitVec(data, 256)
# TODO: maybe use BitVec here constrained to 1
global_state.mstate.stack.append(BitVec("retval_" + str(instr['address']), 256))
return [global_state]
global_state.call_stack.append(instr['address'])
callee_environment = Environment(callee_account,
BitVecVal(int(environment.active_account.address, 16), 256),
call_data,
environment.gasprice,
value,
environment.origin,
calldata_type=call_data_type)
new_global_state = GlobalState(global_state.accounts, callee_environment, global_state.node, MachineState(gas))
new_global_state.mstate.depth = global_state.mstate.depth + 1
new_global_state.mstate.constraints = copy(global_state.mstate.constraints)
return [global_state]
@instruction
def callcode_(self, global_state):
instr = global_state.get_current_instruction()
environment = global_state.environment
try:
callee_address, callee_account, call_data, value, call_data_type, gas, _, _ = get_call_parameters(global_state, self.dynamic_loader, True)
except ValueError as e:
logging.info(
"Could not determine required parameters for call, putting fresh symbol on the stack. \n{}".format(e)
)
global_state.mstate.stack.append(BitVec("retval_" + str(instr['address']), 256))
return [global_state]
global_state.call_stack.append(instr['address'])
environment = deepcopy(environment)
environment.callvalue = value
environment.caller = environment.address
environment.calldata = call_data
new_global_state = GlobalState(global_state.accounts, environment, global_state.node, MachineState(gas))
new_global_state.mstate.depth = global_state.mstate.depth + 1
new_global_state.mstate.constraints = copy(global_state.mstate.constraints)
return [new_global_state]
@instruction
def delegatecall_(self, global_state):
instr = global_state.get_current_instruction()
environment = global_state.environment
try:
callee_address, callee_account, call_data, _, call_data_type, gas, _, _ = get_call_parameters(global_state, self.dynamic_loader)
except ValueError as e:
logging.info(
"Could not determine required parameters for call, putting fresh symbol on the stack. \n{}".format(e)
)
global_state.mstate.stack.append(BitVec("retval_" + str(instr['address']), 256))
return [global_state]
global_state.call_stack.append(instr['address'])
environment = deepcopy(environment)
environment = deepcopy(environment)
environment.code = callee_account.code
environment.calldata = call_data
new_global_state = GlobalState(global_state.accounts, environment, global_state.node, MachineState(gas))
new_global_state.mstate.depth = global_state.mstate.depth + 1
new_global_state.mstate.constraints = copy(global_state.mstate.constraints)
return [new_global_state]
@instruction
def staticcall_(self, global_state):
# TODO: implement me
instr = global_state.get_current_instruction()
global_state.mstate.stack.append(BitVec("retval_" + str(instr['address']), 256))
return [global_state]

20
mythril/laser/ethereum/natives.py
Unescape View File

@ -1,11 +1,12 @@
# -*- coding: utf8 -*-
import copy
import hashlib
import coincurve
from py_ecc.secp256k1 import N as secp256k1n
from mythril.laser.ethereum.helper import ALL_BYTES, bytearray_to_int, concrete_int_to_bytes, sha3, zpad
from mythril.laser.ethereum.util import ALL_BYTES, bytearray_to_int, concrete_int_to_bytes, sha3, zpad
def int_to_32bytes(i): #used because int can't fit as bytes function's input
@ -40,7 +41,10 @@ def extract32(data, i):
def ecrecover(data):
data = bytearray(data)
try:
data = bytearray(data)
except TypeError:
return "ecrecover_"+str(data)
message = b''.join(map(lambda x: ALL_BYTES[x], data[0:32]))
v = extract32(data, 32)
r = extract32(data, 64)
@ -56,12 +60,18 @@ def ecrecover(data):
def sha256(data):
data = bytes(data)
try:
data = bytes(data)
except TypeError:
return "sha256_"+str(data)
return hashlib.sha256(data).digest()
def ripemd160(data):
data = bytes(data)
try:
data = bytes(data)
except TypeError:
return "ripemd160_"+str(data)
return 12*[0]+[i for i in hashlib.new('ripemd160', data).digest()]

151
mythril/laser/ethereum/state.py
Unescape View File

@ -0,0 +1,151 @@
from z3 import BitVec, BitVecVal
from copy import copy, deepcopy
from enum import Enum
class CalldataType(Enum):
CONCRETE = 1
SYMBOLIC = 2
class Account:
"""
Account class representing ethereum accounts
"""
def __init__(self, address, code=None, contract_name="unknown", balance=None):
"""
Constructor for account
:param address: Address of the account
:param code: The contract code of the account
:param contract_name: The name associated with the account
:param balance: The balance for the account
"""
self.nonce = 0
self.code = code
self.balance = balance if balance else BitVec("balance", 256)
self.storage = {}
# Metadata
self.address = address
self.contract_name = contract_name
def __str__(self):
return str(self.as_dict)
def get_storage(self, index):
return self.storage[index] if index in self.storage.keys() else BitVec("storage_" + str(index), 256)
@property
def as_dict(self):
return {'nonce': self.nonce, 'code': self.code, 'balance': self.balance, 'storage': self.storage}
class Environment:
"""
The environment class represents the current execution environment for the symbolic executor
"""
def __init__(
self,
active_account,
sender,
calldata,
gasprice,
callvalue,
origin,
calldata_type=CalldataType.SYMBOLIC,
):
# Metadata
self.active_account = active_account
self.active_function_name = ""
self.address = BitVecVal(int(active_account.address, 16), 256)
self.code = active_account.code
self.sender = sender
self.calldata = calldata
self.calldata_type = calldata_type
self.gasprice = gasprice
self.origin = origin
self.callvalue = callvalue
def __str__(self):
return str(self.as_dict)
@property
def as_dict(self):
return dict(active_account=self.active_account, sender=self.sender, calldata=self.calldata,
gasprice=self.gasprice, callvalue=self.callvalue, origin=self.origin,
calldata_type=self.calldata_type)
class MachineState:
"""
MachineState represents current machine state also referenced to as \mu
"""
def __init__(self, gas):
""" Constructor for machineState """
self.pc = 0
self.stack = []
self.memory = []
self.memory_size = 0
self.gas = gas
self.constraints = []
self.depth = 0
def mem_extend(self, start, size):
"""
Extends the memory of this machine state
:param start: Start of memory extension
:param size: Size of memory extension
"""
if start < 4096 and size < 4096:
if size and start + size > len(self.memory):
n_append = start + size - len(self.memory)
while n_append > 0:
self.memory.append(0)
n_append -= 1
# FIXME: this does not seem right
self.memory_size = size
else:
# TODO: Specific exception
raise Exception
# TODO: Deduct gas for memory extension... not yet implemented
def __str__(self):
return str(self.as_dict)
@property
def as_dict(self):
return dict(pc=self.pc, stack=self.stack, memory=self.memory, memsize=self.memory_size, gas=self.gas)
class GlobalState:
"""
GlobalState represents the current globalstate
"""
def __init__(self, accounts, environment, node, machine_state=None, call_stack=None):
""" Constructor for GlobalState"""
self.node = node
self.accounts = accounts
self.environment = environment
self.mstate = machine_state if machine_state else MachineState(gas=10000000)
self.call_stack = call_stack if call_stack else []
self.op_code = ""
def __copy__(self):
accounts = copy(self.accounts)
environment = copy(self.environment)
mstate = deepcopy(self.mstate)
return GlobalState(accounts, environment, self.node, mstate)
#TODO: remove this, as two instructions are confusing
def get_current_instruction(self):
""" Gets the current instruction for this GlobalState"""
instructions = self.environment.code.instruction_list
return instructions[self.mstate.pc]

0
mythril/laser/ethereum/strategy/__init__.py
Unescape View File

54
mythril/laser/ethereum/strategy/basic.py
Unescape View File

@ -0,0 +1,54 @@
"""
This module implements basic symbolic execution search strategies
"""
class DepthFirstSearchStrategy:
"""
Implements a depth first search strategy
I.E. Follow one path to a leaf, and then continue to the next one
"""
def __init__(self, work_list, max_depth):
self.work_list = work_list
self.max_depth = max_depth
def __iter__(self):
return self
def __next__(self):
""" Picks the next state to execute """
try:
# This strategies assumes that new states are appended at the end of the work_list
# By taking the last element we effectively pick the "newest" states, which amounts to dfs
global_state = self.work_list.pop()
if global_state.mstate.depth >= self.max_depth:
return self.__next__()
return global_state
except IndexError:
raise StopIteration()
class BreadthFirstSearchStrategy:
"""
Implements a breadth first search strategy
I.E. Execute all states of a "level" before continuing
"""
def __init__(self, work_list, max_depth):
self.work_list = work_list
self.max_depth = max_depth
def __iter__(self):
return self
def __next__(self):
""" Picks the next state to execute """
try:
# This strategies assumes that new states are appended at the end of the work_list
# By taking the first element we effectively pick the "oldest" states, which amounts to bfs
global_state = self.work_list.pop(0)
if global_state.mstate.depth >= self.max_depth:
return self.__next__()
return global_state
except IndexError:
raise StopIteration()

1238
mythril/laser/ethereum/svm.py
View File

File diff suppressed because it is too large Load Diff

3
mythril/laser/ethereum/taint_analysis.py
Unescape View File

@ -1,5 +1,5 @@
import logging, copy
import mythril.laser.ethereum.helper as helper
import mythril.laser.ethereum.util as helper
class TaintRecord:
@ -135,6 +135,7 @@ class TaintRunner:
# Apply Change
op = state.get_current_instruction()['opcode']
if op in TaintRunner.stack_taint_table.keys():
mutator = TaintRunner.stack_taint_table[op]
TaintRunner.mutate_stack(new_record, mutator)

0
mythril/laser/ethereum/helper.py → mythril/laser/ethereum/util.py
Unescape View File

60
mythril/leveldb/client.py
Unescape View File

@ -39,55 +39,27 @@ class EthLevelDB(object):
self.db = ETH_DB(path)
self.headBlockHeader = None
self.headState = None
self.all_contracts = None
self.active_contracts = None
self.instance_lists = None
def get_all_contracts(self):
def get_contracts(self, search_all):
'''
get all contracts
iterate through contracts with non-zero balance by default or all if search_all is set
'''
if not self.all_contracts:
self.all_contracts = []
self.active_contracts = []
self.instance_lists = []
state = self._get_head_state()
accounts = state.get_all_accounts()
for account in self._get_head_state().get_all_accounts():
if account.code is not None and (search_all or account.balance != 0):
code = _encode_hex(account.code)
md5 = hashlib.md5()
md5.update(code.encode('UTF-8'))
contract_hash = md5.digest()
contract = ETHContract(code, name=contract_hash.hex())
yield contract, _encode_hex(account.address), account.balance
for a in accounts:
if a.code is not None:
code = _encode_hex(a.code)
md5 = hashlib.md5()
md5.update(code.encode('UTF-8'))
contract_hash = md5.digest()
contract = ETHContract(code, name=contract_hash.hex())
self.all_contracts.append(contract)
if a.balance != 0:
md5 = InstanceList()
md5.add(_encode_hex(a.address), a.balance)
self.instance_lists.append(md5)
self.active_contracts.append(contract)
return self.all_contracts
def get_active_contracts(self):
'''
get all contracts with non-zero balance
'''
if not self.active_contracts:
self.get_all_contracts() # optimized
return self.active_contracts
def search(self, expression, callback_func):
def search(self, expression, search_all, callback_func):
'''
searches through non-zero balance contracts
'''
contracts = self.get_active_contracts()
for i in range(0, len(contracts)):
if contracts[i].matches_expression(expression):
m = self.instance_lists[i]
callback_func(contracts[i].name, contracts[i], m.addresses, m.balances)
for contract, address, balance in self.get_contracts(search_all):
if contract.matches_expression(expression):
callback_func(contract.name, contract, [address], [balance])
def eth_getBlockHeaderByNumber(self, number):
'''
@ -167,7 +139,7 @@ class EthLevelDB(object):
hash = self.headBlockHeader.prevhash
num = self._get_block_number(hash)
self.headBlockHeader = self._get_block_header(hash, num)
return self.headBlockHeader
def _get_block_number(self, hash):
@ -184,4 +156,4 @@ class EthLevelDB(object):
headerKey = headerPrefix + num + hash
blockHeaderData = self.db.get(headerKey)
header = rlp.decode(blockHeaderData, sedes=BlockHeader)
return header
return header

8
mythril/leveldb/state.py
Unescape View File

@ -121,10 +121,8 @@ class State():
def get_all_accounts(self):
'''
iterates through trie to get all items
iterates through trie to and yields non-blank leafs as accounts
'''
accounts = []
for addressHash, rlpdata in self.secureTrie.trie.to_dict().items():
for addressHash, rlpdata in self.secureTrie.trie.iter_branch():
if rlpdata != trie.BLANK_NODE:
accounts.append(rlp.decode(rlpdata, Account, db=self.db, address=addressHash))
return accounts
yield rlp.decode(rlpdata, Account, db=self.db, address=addressHash)

148
mythril/mythril.py
Unescape View File

@ -11,11 +11,13 @@ import os
import re
from ethereum import utils
import codecs
from solc.exceptions import SolcError
import solc
from configparser import ConfigParser
import platform
from mythril.ether import util
from mythril.ether.contractstorage import get_persistent_storage
from mythril.ether.ethcontract import ETHContract
from mythril.ether.soliditycontract import SolidityContract
from mythril.rpc.client import EthJsonRpc
@ -37,7 +39,7 @@ from mythril.leveldb.client import EthLevelDB
class Mythril(object):
"""
Mythril main interface class.
Mythril main interface class.
1. create mythril object
2. set rpc or leveldb interface if needed
@ -46,17 +48,17 @@ class Mythril(object):
Example:
mythril = Mythril()
mythril.set_db_rpc_infura()
mythril.set_api_rpc_infura()
# (optional) other db adapters
mythril.set_db_rpc(args)
mythril.set_db_ipc()
mythril.set_db_rpc_localhost()
# (optional) other API adapters
mythril.set_api_rpc(args)
mythril.set_api_ipc()
mythril.set_api_rpc_localhost()
mythril.set_api_leveldb(path)
# (optional) other func
mythril.analyze_truffle_project(args)
mythril.search_db(args)
mythril.init_db()
# load contract
mythril.load_from_bytecode(bytecode)
@ -69,15 +71,13 @@ class Mythril(object):
# (optional) graph
for contract in mythril.contracts:
print(mythril.graph_html(args)) # prints html or save it to file
# (optional) other funcs
mythril.dump_statespaces(args)
mythril.disassemble(contract)
mythril.get_state_variable_from_storage(args)
"""
def __init__(self, solv=None,
solc_args=None, dynld=False):
@ -86,12 +86,22 @@ class Mythril(object):
self.dynld = dynld
self.mythril_dir = self._init_mythril_dir()
self.signatures_file, self.sigs = self._init_signatures()
self.sigs = signatures.SignatureDb()
try:
self.sigs.open() # tries mythril_dir/signatures.json by default (provide path= arg to make this configurable)
except FileNotFoundError as fnfe:
logging.info(
"No signature database found. Creating database if sigs are loaded in: " + self.sigs.signatures_file + "\n" +
"Consider replacing it with the pre-initialized database at https://raw.githubusercontent.com/ConsenSys/mythril/master/signatures.json")
except json.JSONDecodeError as jde:
raise CriticalError("Invalid JSON in signatures file " + self.sigs.signatures_file + "\n" + str(jde))
self.solc_binary = self._init_solc_binary(solv)
self.leveldb_dir = self._init_config()
self.eth = None
self.ethDb = None
self.dbtype = None # track type of db (rpc,ipc,leveldb) used
self.eth = None # ethereum API client
self.ethDb = None # ethereum LevelDB client
self.contracts = [] # loaded contracts
@ -108,32 +118,40 @@ class Mythril(object):
os.mkdir(mythril_dir)
return mythril_dir
def _init_signatures(self):
def _init_config(self):
# If no function signature file exists, create it. Function signatures from Solidity source code are added automatically.
signatures_file = os.path.join(self.mythril_dir, 'signatures.json')
sigs = {}
if not os.path.exists(signatures_file):
logging.info("No signature database found. Creating empty database: " + signatures_file + "\n" +
"Consider replacing it with the pre-initialized database at https://raw.githubusercontent.com/ConsenSys/mythril/master/signatures.json")
with open(signatures_file, 'a') as f:
json.dump({}, f)
with open(signatures_file) as f:
try:
sigs = json.load(f)
except json.JSONDecodeError as e:
raise CriticalError("Invalid JSON in signatures file " + signatures_file + "\n" + str(e))
return signatures_file, sigs
def _update_signatures(self, jsonsigs):
# Save updated function signatures
with open(self.signatures_file, 'w') as f:
json.dump(jsonsigs, f)
# If no config file exists, create it. Default LevelDB path is specified based on OS
self.sigs = jsonsigs
config_path = os.path.join(self.mythril_dir, 'config.ini')
system = platform.system().lower()
fallback_dir = os.path.expanduser('~')
if system.startswith("darwin"):
fallback_dir = os.path.join(fallback_dir, "Library", "Ethereum")
elif system.startswith("windows"):
fallback_dir = os.path.join(fallback_dir, "AppData", "Roaming", "Ethereum")
else:
fallback_dir = os.path.join(fallback_dir, ".ethereum")
fallback_dir = os.path.join(fallback_dir, "geth", "chaindata")
if not os.path.exists(config_path):
logging.info("No config file found. Creating default: " + config_path)
config = ConfigParser(allow_no_value=True)
config.optionxform = str
config.add_section('defaults')
config.set('defaults', "#Default chaindata locations:")
config.set('defaults', "#– Mac: ~/Library/Ethereum/geth/chaindata")
config.set('defaults', "#– Linux: ~/.ethereum/geth/chaindata")
config.set('defaults', "#– Windows: %USERPROFILE%\\AppData\\Roaming\\Ethereum\\geth\\chaindata")
config.set('defaults', 'leveldb_dir', fallback_dir)
with codecs.open(config_path, 'w', 'utf-8') as fp:
config.write(fp)
config = ConfigParser(allow_no_value=True)
config.optionxform = str
config.read(config_path, 'utf-8')
leveldb_dir = config.get('defaults', 'leveldb_dir', fallback=fallback_dir)
return os.path.expanduser(leveldb_dir)
def analyze_truffle_project(self, *args, **kwargs):
return analyze_truffle_project(*args, **kwargs) # just passthru for now
@ -168,18 +186,16 @@ class Mythril(object):
solc_binary = 'solc'
return solc_binary
def set_db_leveldb(self, leveldb):
def set_api_leveldb(self, leveldb):
self.ethDb = EthLevelDB(leveldb)
self.eth = self.ethDb
self.dbtype = "leveldb"
return self.eth
def set_db_rpc_infura(self):
def set_api_rpc_infura(self):
self.eth = EthJsonRpc('mainnet.infura.io', 443, True)
logging.info("Using INFURA for RPC queries")
self.dbtype = "rpc"
def set_db_rpc(self, rpc=None, rpctls=False):
def set_api_rpc(self, rpc=None, rpctls=False):
if rpc == 'ganache':
rpcconfig = ('localhost', 7545, False)
else:
@ -195,26 +211,23 @@ class Mythril(object):
if rpcconfig:
self.eth = EthJsonRpc(rpcconfig[0], int(rpcconfig[1]), rpcconfig[2])
self.dbtype = "rpc"
logging.info("Using RPC settings: %s" % str(rpcconfig))
else:
raise CriticalError("Invalid RPC settings, check help for details.")
def set_db_ipc(self):
def set_api_ipc(self):
try:
self.eth = EthIpc()
self.dbtype = "ipc"
except Exception as e:
raise CriticalError(
"IPC initialization failed. Please verify that your local Ethereum node is running, or use the -i flag to connect to INFURA. \n" + str(
e))
def set_db_rpc_localhost(self):
def set_api_rpc_localhost(self):
self.eth = EthJsonRpc('localhost', 8545)
self.dbtype = "rpc"
logging.info("Using default RPC settings: http://localhost:8545")
def search_db(self, search):
def search_db(self, search, search_all):
def search_callback(code_hash, code, addresses, balances):
print("Matched contract with code hash " + code_hash)
@ -222,24 +235,11 @@ class Mythril(object):
print("Address: " + addresses[i] + ", balance: " + str(balances[i]))
try:
if self.dbtype=="leveldb":
self.ethDb.search(search, search_callback)
else:
contract_storage, _ = get_persistent_storage(self.mythril_dir)
contract_storage.search(search, search_callback)
self.ethDb.search(search, search_all, search_callback)
except SyntaxError:
raise CriticalError("Syntax error in search expression.")
def init_db(self):
contract_storage, _ = get_persistent_storage(self.mythril_dir)
try:
contract_storage.initialize(self.eth)
except FileNotFoundError as e:
raise CriticalError("Error syncing database over IPC: " + str(e))
except ConnectionError as e:
raise CriticalError("Could not connect to RPC server. Make sure that your node is running and that RPC parameters are set correctly.")
def load_from_bytecode(self, code):
address = util.get_indexed_address(0)
self.contracts.append(ETHContract(code, name="MAIN"))
@ -281,27 +281,32 @@ class Mythril(object):
file = os.path.expanduser(file)
try:
signatures.add_signatures_from_file(file, self.sigs)
self._update_signatures(self.sigs)
# import signatures from solidity source
with open(file, encoding="utf-8") as f:
self.sigs.import_from_solidity_source(f.read())
contract = SolidityContract(file, contract_name, solc_args=self.solc_args)
logging.info("Analyzing contract %s:%s" % (file, contract.name))
except FileNotFoundError:
raise CriticalError("Input file not found: " + file)
raise CriticalError("Input file not found: " + file)
except CompilerError as e:
raise CriticalError(e)
raise CriticalError(e)
except NoContractFoundError:
logging.info("The file " + file + " does not contain a compilable contract.")
else:
self.contracts.append(contract)
contracts.append(contract)
# Save updated function signatures
self.sigs.write() # dump signatures to disk (previously opened file or default location)
return address, contracts
def dump_statespace(self, contract, address=None, max_depth=12):
sym = SymExecWrapper(contract, address,
dynloader=DynLoader(self.eth) if self.dynld else None,
max_depth=max_depth)
dynloader=DynLoader(self.eth) if self.dynld else None,
max_depth=max_depth)
return get_serializable_statespace(sym)
@ -316,8 +321,9 @@ class Mythril(object):
verbose_report=False, max_depth=12):
all_issues = []
if self.dynld and self.eth is None:
self.set_api_rpc_infura()
for contract in (contracts or self.contracts):
sym = SymExecWrapper(contract, address,
dynloader=DynLoader(self.eth) if self.dynld else None,
max_depth=max_depth)

282
mythril/support/signatures.py
Unescape View File

@ -1,44 +1,244 @@
#!/usr/bin/env python3
# -*- coding: UTF-8 -*-
"""mythril.py: Function Signature Database
"""
import re
import os
import json
import time
import pathlib
import logging
from ethereum import utils
def add_signatures_from_file(file, sigs={}):
funcs = []
with open(file, encoding="utf-8") as f:
code = f.read()
funcs = re.findall(r'function[\s]+(\w+\([^\)]*\))', code, re.DOTALL)
for f in funcs:
f = re.sub(r'[\n]', '', f)
m = re.search(r'^([A-Za-z0-9_]+)', f)
if (m):
signature = m.group(1)
m = re.search(r'\((.*)\)', f)
_args = m.group(1).split(",")
types = []
for arg in _args:
_type = arg.lstrip().split(" ")[0]
if _type == "uint":
_type = "uint256"
types.append(_type)
typelist = ",".join(types)
signature += "(" + typelist + ")"
signature = re.sub(r'\s', '', signature)
sigs["0x" + utils.sha3(signature)[:4].hex()] = signature
# todo: tintinweb - make this a normal requirement? (deps: eth-abi and requests, both already required by mythril)
try:
# load if available but do not fail
import ethereum_input_decoder
from ethereum_input_decoder.decoder import FourByteDirectoryOnlineLookupError
except ImportError:
# fake it :)
ethereum_input_decoder = None
FourByteDirectoryOnlineLookupError = Exception
class SimpleFileLock(object):
# todo: replace with something more reliable. this is a quick shot on concurrency and might not work in all cases
def __init__(self, path):
self.path = path
self.lockfile = pathlib.Path("%s.lck" % path)
self.locked = False
def aquire(self, timeout=5):
if self.locked:
raise Exception("SimpleFileLock: lock already aquired")
t_end = time.time()+timeout
while time.time() < t_end:
# try to aquire lock
try:
self.lockfile.touch(mode=0o0000, exist_ok=False) # touch the lockfile
# lockfile does not exist. we have a lock now
self.locked = True
return
except FileExistsError as fee:
# check if lockfile date exceeds age and cleanup lock
if time.time() > self.lockfile.stat().st_mtime + 60 * 5:
self.release(force=True) # cleanup old lockfile > 5mins
time.sleep(0.5) # busywait is evil
continue
raise Exception("SimpleFileLock: timeout hit. failed to aquire lock: %s"% (time.time()-self.lockfile.stat().st_mtime))
def release(self, force=False):
if not force and not self.locked:
raise Exception("SimpleFileLock: aquire lock first")
try:
self.lockfile.unlink() # might throw if we force unlock and the file gets removed in the meantime. TOCTOU
except FileNotFoundError as fnfe:
logging.warning("SimpleFileLock: release(force=%s) on unavailable file. race? %r" % (force, fnfe))
self.locked = False
class SignatureDb(object):
def __init__(self, enable_online_lookup=True):
"""
Constr
:param enable_online_lookup: enable onlien signature hash lookup
"""
self.signatures = {} # signatures in-mem cache
self.signatures_file = None
self.signatures_file_lock = None
self.enable_online_lookup = enable_online_lookup # enable online funcsig resolving
self.online_lookup_miss = set() # temporarily track misses from onlinedb to avoid requesting the same non-existent sighash multiple times
self.online_directory_unavailable_until = 0 # flag the online directory as unavailable for some time
def open(self, path=None):
"""
Open a function signature db from json file
:param path: specific path to signatures.json; default mythril location if not specified
:return: self
"""
if not path:
# try default locations
try:
mythril_dir = os.environ['MYTHRIL_DIR']
except KeyError:
mythril_dir = os.path.join(os.path.expanduser('~'), ".mythril")
path = os.path.join(mythril_dir, 'signatures.json')
self.signatures_file = path # store early to allow error handling to access the place we tried to load the file
if not os.path.exists(path):
logging.debug("Signatures: file not found: %s" % path)
raise FileNotFoundError("Missing function signature file. Resolving of function names disabled.")
self.signatures_file_lock = self.signatures_file_lock or SimpleFileLock(self.signatures_file) # lock file to prevent concurrency issues
self.signatures_file_lock.aquire() # try to aquire it within the next 10s
with open(path, 'r') as f:
sigs = json.load(f)
self.signatures_file_lock.release() # release lock
# normalize it to {sighash:list(signatures,...)}
for sighash, funcsig in sigs.items():
if isinstance(funcsig, list):
self.signatures = sigs
break # already normalized
self.signatures.setdefault(sighash, [])
self.signatures[sighash].append(funcsig)
return self
def write(self, path=None, sync=True):
"""
Write signatures database as json to file
:param path: specify path otherwise update the file that was loaded with open()
:param sync: lock signature file, load contents and merge it into memcached sighash db, then save it
:return: self
"""
path = path or self.signatures_file
self.signatures_file_lock = self.signatures_file_lock or SimpleFileLock(path) # lock file to prevent concurrency issues
self.signatures_file_lock.aquire() # try to aquire it within the next 10s
if sync and os.path.exists(path):
# reload and save if file exists
with open(path, 'r') as f:
sigs = json.load(f)
sigs.update(self.signatures) # reload file and merge cached sigs into what we load from file
self.signatures = sigs
with open(path, 'w') as f:
json.dump(self.signatures, f)
self.signatures_file_lock.release()
return self
def get(self, sighash, timeout=2):
"""
get a function signature for a sighash
1) try local cache
2) try online lookup (if enabled; if not flagged as unavailable)
:param sighash: function signature hash as hexstr
:param timeout: online lookup timeout
:return: list of matching function signatures
"""
if not sighash.startswith("0x"):
sighash = "0x%s" % sighash # normalize sighash format
if self.enable_online_lookup and not self.signatures.get(sighash) and sighash not in self.online_lookup_miss and time.time() > self.online_directory_unavailable_until:
# online lookup enabled, and signature not in cache, sighash was not a miss earlier, and online directory not down
logging.debug("Signatures: performing online lookup for sighash %r" % sighash)
try:
funcsigs = SignatureDb.lookup_online(sighash, timeout=timeout) # might return multiple sigs
if funcsigs:
# only store if we get at least one result
self.signatures[sighash] = funcsigs
else:
# miss
self.online_lookup_miss.add(sighash)
except FourByteDirectoryOnlineLookupError as fbdole:
self.online_directory_unavailable_until = time.time() + 2 * 60 # wait at least 2 mins to try again
logging.warning("online function signature lookup not available. will not try to lookup hash for the next 2 minutes. exception: %r" % fbdole)
return self.signatures[sighash] # raise keyerror
def __getitem__(self, item):
"""
Provide dict interface Signatures()[sighash]
:param item: sighash
:return: list of matching signatures
"""
return self.get(sighash=item)
def import_from_solidity_source(self, code):
"""
Import Function Signatures from solidity source files
:param code: solidity source code
:return: self
"""
self.signatures.update(SignatureDb.parse_function_signatures_from_solidity_source(code))
return self
@staticmethod
def lookup_online(sighash, timeout=None, proxies=None):
"""
Lookup function signatures from 4byte.directory.
//tintinweb: the smart-contract-sanctuary project dumps contracts from etherscan.io and feeds them into
4bytes.directory.
https://github.com/tintinweb/smart-contract-sanctuary
:param sighash: function signature hash as hexstr
:param timeout: optional timeout for online lookup
:param proxies: optional proxy servers for online lookup
:return: a list of matching function signatures for this hash
"""
if not ethereum_input_decoder:
return None
return list(ethereum_input_decoder.decoder.FourByteDirectory.lookup_signatures(sighash,
timeout=timeout,
proxies=proxies))
@staticmethod
def parse_function_signatures_from_solidity_source(code):
"""
Parse solidity sourcecode for function signatures and return the signature hash and function signature
:param code: solidity source code
:return: dictionary {sighash: function_signature}
"""
sigs = {}
funcs = re.findall(r'function[\s]+(.*?\))', code, re.DOTALL)
for f in funcs:
f = re.sub(r'[\n]', '', f)
m = re.search(r'^([A-Za-z0-9_]+)', f)
if m:
signature = m.group(1)
m = re.search(r'\((.*)\)', f)
_args = m.group(1).split(",")
types = []
for arg in _args:
_type = arg.lstrip().split(" ")[0]
if _type == "uint":
_type = "uint256"
types.append(_type)
typelist = ",".join(types)
signature += "(" + typelist + ")"
signature = re.sub(r'\s', '', signature)
sigs["0x" + utils.sha3(signature)[:4].hex()] = signature
logging.debug("Signatures: parse soldiity found %d signatures" % len(sigs))
return sigs

8
mythril/support/truffle.py
Unescape View File

@ -10,7 +10,7 @@ from mythril.analysis.symbolic import SymExecWrapper
from mythril.analysis.report import Report
from mythril.ether import util
from mythril.laser.ethereum import helper
from mythril.laser.ethereum.util import get_instruction_index
def analyze_truffle_project(args):
@ -41,7 +41,7 @@ def analyze_truffle_project(args):
ethcontract = ETHContract(bytecode, name=name)
address = util.get_indexed_address(0)
sym = SymExecWrapper(ethcontract, address, max_depth=10)
sym = SymExecWrapper(ethcontract, address, max_depth=args.max_depth)
issues = fire_lasers(sym)
if not len(issues):
@ -80,7 +80,7 @@ def analyze_truffle_project(args):
for issue in issues:
index = helper.get_instruction_index(disassembly.instruction_list, issue.address)
index = get_instruction_index(disassembly.instruction_list, issue.address)
if index:
try:
@ -97,7 +97,7 @@ def analyze_truffle_project(args):
if (args.outform == 'json'):
result = {'contract': name, 'result': {'success': True, 'error': None, 'issues': list(map(lambda x: x.as_dict(), issues))}}
result = {'contract': name, 'result': {'success': True, 'error': None, 'issues': list(map(lambda x: x.as_dict, issues))}}
print(json.dumps(result))
else:

8
requirements.txt
Unescape View File

@ -1,16 +1,17 @@
BTrees
configparser>=3.5.0
coverage
eth_abi>=1.0.0
eth-account>=0.1.0a2
ethereum>=2.3.0
ethereum==2.3.1
eth-hash>=0.1.0
eth-keyfile>=0.5.1
eth-keys>=0.2.0b3
eth-rlp>=0.1.0
eth-tester>=0.1.0b21
eth-utils>=1.0.1
jinja2
jinja2>=2.9
mock
persistent>=4.2.0
plyvel
py-flags
py-solc
@ -20,4 +21,3 @@ pytest_mock
requests
rlp<1.0.0
z3-solver>=4.5
ZODB>=5.3.0

47
setup.py
Unescape View File

@ -6,7 +6,7 @@ import os
# Package version (vX.Y.Z). It must match git tag being used for CircleCI
# deployment; otherwise the build will failed.
VERSION = "v0.18.5"
VERSION = "v0.18.7"
class VerifyVersionCommand(install):
@ -159,26 +159,24 @@ unfortunately completely destroys usability.
Blockchain exploration
----------------------
Mythril builds its own contract database to enable fast search
operations. This enables operations like those described in the
`legendary "Mitch Brenner" blog
post <https://medium.com/@rtaylor30/how-i-snatched-your-153-037-eth-after-a-bad-tinder-date-d1d84422a50b>`__
in [STRIKEOUT:seconds] minutes instead of days. Unfortunately, the
initial sync process is slow. You don't need to sync the whole
blockchain right away though: If you abort the syncing process with
``ctrl+c``, it will be auto-resumed the next time you run the
``--init-db`` command.
Mythril allows to search geth contract database directly as well as
perform other operations targetting local geth database instead of
exposed RPC/IPC API. This enables operations like those described
in the `legendary "Mitch Brenner" blog post
<https://medium.com/@rtaylor30/how-i-snatched-your-153-037-eth-after-a-bad-tinder-date-d1d84422a50b>`__
in [STRIKEOUT:seconds] minutes instead of days.
.. code:: bash
The default behavior is to search contracts with a non-zero balance.
You can disable this behavior with the ``--search-all`` flag.
$ myth --init-db
Starting synchronization from latest block: 4323706
Processing block 4323000, 3 individual contracts in database
(...)
You may also use geth database directly for fetching contracts instead of
using IPC/RPC APIs by specifying ``--leveldb`` flag. This is useful
because search will return hashed addresses which will not be accepted by
IPC/RPC APIs.
The default behavior is to only sync contracts with a non-zero balance.
You can disable this behavior with the ``--sync-all`` flag, but be aware
that this will result in a huge (as in: dozens of GB) database.
By default database operations will target default geth data directory on
your system. You may edit the generated configuration at ``~/.mythril/config.ini``
or you may supply ``--leveldb-dir <PATH>`` parameter in command line.
Searching from the command line
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@ -190,8 +188,9 @@ expressions, such as:
.. code:: bash
$ myth --search "func#changeMultisig(address)#"
$ myth --search "code#PUSH1 0x50,POP#"
$ myth --search "code#PUSH1 0x50,POP#" --search-all
$ myth --search "func#changeMultisig(address)# and code#PUSH1 0x50#"
$ myth -s "code#PUSH#" --leveldb-dir /Volumes/MyPassport/Ether/Rinkeby/geth/chaindata
Reading contract storage
~~~~~~~~~~~~~~~~~~~~~~~~
@ -306,11 +305,9 @@ setup(
packages=find_packages(exclude=['contrib', 'docs', 'tests']),
install_requires=[
'ethereum>=2.3.0',
'ZODB>=5.3.0',
'ethereum==2.3.1',
'z3-solver>=4.5',
'requests',
'BTrees',
'py-solc',
'plyvel',
'eth_abi>=1.0.0',
@ -322,10 +319,12 @@ setup(
'eth-rlp>=0.1.0',
'eth-tester>=0.1.0b21',
'coverage',
'jinja2',
'jinja2>=2.9',
'rlp<1.0.0',
'py-flags',
'mock'
'mock',
'configparser>=3.5.0',
'persistent>=4.2.0'
],
tests_require=[

12
tests/analysis/test_delegatecall.py
Unescape View File

@ -11,7 +11,7 @@ def test_concrete_call():
# arrange
address = "0x10"
state = GlobalState(None, None)
state = GlobalState(None, None, None)
state.mstate.memory = ["placeholder", "calldata_bling_0"]
node = Node("example")
@ -42,7 +42,7 @@ def test_concrete_call_symbolic_to():
# arrange
address = "0x10"
state = GlobalState(None, None)
state = GlobalState(None, None, None)
state.mstate.memory = ["placeholder", "calldata_bling_0"]
node = Node("example")
@ -71,7 +71,7 @@ def test_concrete_call_symbolic_to():
def test_concrete_call_not_calldata():
# arrange
state = GlobalState(None, None)
state = GlobalState(None, None, None)
state.mstate.memory = ["placeholder", "not_calldata"]
meminstart = Variable(1, VarType.CONCRETE)
@ -88,7 +88,7 @@ def test_symbolic_call_storage_to(mocker):
active_account = Account(address)
environment = Environment(active_account, None, None, None, None, None)
state = GlobalState(None, environment)
state = GlobalState(None, environment, None)
state.mstate.memory = ["placeholder", "calldata_bling_0"]
@ -126,7 +126,7 @@ def test_symbolic_call_calldata_to(mocker):
# arrange
address = "0x10"
state = GlobalState(None, None)
state = GlobalState(None, None, None)
state.mstate.memory = ["placeholder", "calldata_bling_0"]
@ -172,7 +172,7 @@ def test_delegate_call(sym_mock, concrete_mock, curr_instruction):
active_account = Account('0x10')
environment = Environment(active_account, None, None, None, None, None)
state = GlobalState(None, environment)
state = GlobalState(None, environment, Node)
state.mstate.memory = ["placeholder", "calldata_bling_0"]
state.mstate.stack = [1, 2, 3]
assert state.get_current_instruction() == {'address': '0x10'}

32
tests/contractstorage_test.py
Unescape View File

@ -1,32 +0,0 @@
from mythril.ether.contractstorage import get_persistent_storage
import os
from tests import BaseTestCase
class GetAndSearchContractTestCase(BaseTestCase):
def setUp(self):
super(GetAndSearchContractTestCase, self).setUp()
script_path = os.path.dirname(os.path.realpath(__file__))
storage_dir = os.path.join(script_path, 'teststorage')
self.storage, self.db = get_persistent_storage(storage_dir)
def tearDown(self):
self.db.close()
super(GetAndSearchContractTestCase, self).tearDown()
def mockCallback(self, code_hash, code, addresses, balances):
self.code_hash = code_hash
self.isFound = True
pass
def runTest(self):
contract = self.storage.get_contract_by_hash(bytes.fromhex("ea061445eacbe86b7ffed2bb9e52075e"))
self.assertTrue("0x60606040" in contract.code, 'error reading contract code from database')
self.isFound = False
self.storage.search("code#PUSH1#", self.mockCallback)
self.assertTrue(self.isFound, 'storage search error')
self.assertEqual(self.code_hash, 'ea061445eacbe86b7ffed2bb9e52075e', 'storage search error')

18
tests/native_test.py
Unescape View File

@ -1,7 +1,7 @@
import json
from mythril.ether.soliditycontract import SolidityContract
from mythril.laser.ethereum.svm import GlobalState, MachineState
from mythril.laser.ethereum.state import GlobalState, MachineState
from mythril.laser.ethereum import svm
from tests import *
@ -48,7 +48,7 @@ IDENTITY_TEST[3] = (83269476937987, False)
def _all_info(laser):
accounts = {}
for address, _account in laser.accounts.items():
account = _account.as_dict()
account = _account.as_dict
account["code"] = account["code"].instruction_list
account['balance'] = str(account['balance'])
accounts[address] = account
@ -58,14 +58,14 @@ def _all_info(laser):
states = []
for state in node.states:
if isinstance(state, MachineState):
states.append(state.as_dict())
states.append(state.as_dict)
elif isinstance(state, GlobalState):
environment = state.environment.as_dict()
environment = state.environment.as_dict
environment["active_account"] = environment["active_account"].address
states.append({
'accounts': state.accounts.keys(),
'environment': environment,
'mstate': state.mstate.as_dict()
'mstate': state.mstate.as_dict
})
nodes[uid] = {
@ -78,7 +78,7 @@ def _all_info(laser):
'flags': str(node.flags)
}
edges = [edge.as_dict() for edge in laser.edges]
edges = [edge.as_dict for edge in laser.edges]
return {
'accounts': accounts,
@ -90,11 +90,11 @@ def _all_info(laser):
def _test_natives(laser_info, test_list, test_name):
success = 0
for i,j in test_list:
for i, j in test_list:
if (str(i) in laser_info) == j:
success+=1
success += 1
else:
print ("Failed: "+str(i)+" "+str(j))
print("Failed: "+str(i)+" "+str(j))
assert(success == len(test_list))

12
tests/svm_test.py
Unescape View File

@ -4,7 +4,7 @@ from mythril.analysis.callgraph import generate_graph
from mythril.ether.ethcontract import ETHContract
from mythril.ether.soliditycontract import SolidityContract
from mythril.laser.ethereum.svm import GlobalState, MachineState
from mythril.laser.ethereum.state import GlobalState, MachineState
from mythril.laser.ethereum import svm
from tests import *
@ -19,7 +19,7 @@ class LaserEncoder(json.JSONEncoder):
def _all_info(laser):
accounts = {}
for address, _account in laser.accounts.items():
account = _account.as_dict()
account = _account.as_dict
account["code"] = account["code"].instruction_list
account['balance'] = str(account['balance'])
accounts[address] = account
@ -29,14 +29,14 @@ def _all_info(laser):
states = []
for state in node.states:
if isinstance(state, MachineState):
states.append(state.as_dict())
states.append(state.as_dict)
elif isinstance(state, GlobalState):
environment = state.environment.as_dict()
environment = state.environment.as_dict
environment["active_account"] = environment["active_account"].address
states.append({
'accounts': state.accounts.keys(),
'environment': environment,
'mstate': state.mstate.as_dict()
'mstate': state.mstate.as_dict
})
nodes[uid] = {
@ -49,7 +49,7 @@ def _all_info(laser):
'flags': str(node.flags)
}
edges = [edge.as_dict() for edge in laser.edges]
edges = [edge.as_dict for edge in laser.edges]
return {
'accounts': accounts,

4
tests/taint_result_test.py
Unescape View File

@ -6,7 +6,7 @@ def test_result_state():
# arrange
taint_result = TaintResult()
record = TaintRecord()
state = GlobalState(2, None)
state = GlobalState(2, None, None)
state.mstate.stack = [1,2,3]
record.add_state(state)
record.stack = [False, False, False]
@ -23,7 +23,7 @@ def test_result_no_state():
# arrange
taint_result = TaintResult()
record = TaintRecord()
state = GlobalState(2, None)
state = GlobalState(2, None, None)
state.mstate.stack = [1,2,3]

17
tests/taint_runner_test.py
Unescape View File

@ -2,14 +2,15 @@ import mock
import pytest
from pytest_mock import mocker
from mythril.laser.ethereum.taint_analysis import *
from mythril.laser.ethereum.svm import GlobalState, Node, Edge, LaserEVM, MachineState
from mythril.laser.ethereum.svm import GlobalState, Node, Edge, LaserEVM
from mythril.laser.ethereum.state import MachineState
def test_execute_state(mocker):
record = TaintRecord()
record.stack = [True, False, True]
state = GlobalState(None, None)
state = GlobalState(None, None, None)
state.mstate.stack = [1, 2, 3]
mocker.patch.object(state, 'get_current_instruction')
state.get_current_instruction.return_value = {"opcode": "ADD"}
@ -26,13 +27,13 @@ def test_execute_node(mocker):
record = TaintRecord()
record.stack = [True, True, False, False]
state_1 = GlobalState(None, None)
state_1.mstate.stack = [1, 2, 3]
state_1 = GlobalState(None, None, None)
state_1.mstate.stack = [1, 2, 3, 1]
state_1.mstate.pc = 1
mocker.patch.object(state_1, 'get_current_instruction')
state_1.get_current_instruction.return_value = {"opcode": "SWAP1"}
state_2 = GlobalState(None, 1)
state_2 = GlobalState(None, 1, None)
state_2.mstate.stack = [1, 2, 4, 1]
mocker.patch.object(state_2, 'get_current_instruction')
state_2.get_current_instruction.return_value = {"opcode": "ADD"}
@ -56,12 +57,12 @@ def test_execute_node(mocker):
def test_execute(mocker):
state_1 = GlobalState(None, None, MachineState(gas=10000000))
state_1 = GlobalState(None, None, None, MachineState(gas=10000000))
state_1.mstate.stack = [1, 2]
mocker.patch.object(state_1, 'get_current_instruction')
state_1.get_current_instruction.return_value = {"opcode": "PUSH"}
state_2 = GlobalState(None, None, MachineState(gas=10000000))
state_2 = GlobalState(None, None, None, MachineState(gas=10000000))
state_2.mstate.stack = [1, 2, 3]
mocker.patch.object(state_2, 'get_current_instruction')
state_2.get_current_instruction.return_value = {"opcode": "ADD"}
@ -69,7 +70,7 @@ def test_execute(mocker):
node_1 = Node("Test contract")
node_1.states = [state_1, state_2]
state_3 = GlobalState(None, None, MachineState(gas=10000000))
state_3 = GlobalState(None, None, None, MachineState(gas=10000000))
state_3.mstate.stack = [1, 2]
mocker.patch.object(state_3, 'get_current_instruction')
state_3.get_current_instruction.return_value = {"opcode": "ADD"}

202
tests/testdata/outputs_expected/calls.sol.graph.html vendored
Unescape View File

@ -1,202 +0,0 @@
<html>
<head>
<style type="text/css">
#mynetwork {
background-color: #232625;
}
body {
background-color: #232625;
color: #ffffff;
font-size: 10px;
}
</style>
<link href="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.css" rel="stylesheet" type="text/css" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.js"></script>
<script>
var options = {
autoResize: true,
height: '100%',
width: '100%',
manipulation: false,
height: '90%',
layout: {
randomSeed: undefined,
improvedLayout:true,
hierarchical: {
enabled:true,
levelSeparation: 450,
nodeSpacing: 200,
treeSpacing: 100,
blockShifting: true,
edgeMinimization: true,
parentCentralization: false,
direction: 'LR', // UD, DU, LR, RL
sortMethod: 'directed' // hubsize, directed
}
},
nodes:{
borderWidth: 1,
borderWidthSelected: 2,
chosen: true,
shape: 'box',
font: {
align: 'left',
color: '#FFFFFF',
},
},
edges:{
font: {
color: '#ffffff',
size: 12, // px
face: 'arial',
background: 'none',
strokeWidth: 0, // px
strokeColor: '#ffffff',
align: 'horizontal',
multi: false,
vadjust: 0,
}
},
physics:{
enabled: false,
}
}
var nodes = [
{id: '672', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '131 JUMPDEST\n132 PUSH1 0x00\n134 DUP1\n135 REVERT\n', 'fullLabel': '131 JUMPDEST\n132 PUSH1 0x00\n134 DUP1\n135 REVERT\n', 'truncLabel': '131 JUMPDEST\n132 PUSH1 0x00\n134 DUP1\n135 REVERT\n', 'isExpanded': false},
{id: '677', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '191 JUMPDEST\n192 STOP\n', 'fullLabel': '191 JUMPDEST\n192 STOP\n', 'truncLabel': '191 JUMPDEST\n192 STOP\n', 'isExpanded': false},
{id: '676', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '483 JUMPDEST\n484 DUP1\n485 PUSH1 0x01\n487 PUSH1 0x00\n489 PUSH2 0x0100\n492 EXP\n(click to expand +)', 'fullLabel': '483 JUMPDEST\n484 DUP1\n485 PUSH1 0x01\n487 PUSH1 0x00\n489 PUSH2 0x0100\n492 EXP\n493 DUP2\n494 SLOAD\n495 DUP2\n496 PUSH20 0xffffffff(...)\n517 MUL\n518 NOT\n519 AND\n520 SWAP1\n521 DUP4\n522 PUSH20 0xffffffff(...)\n543 AND\n544 MUL\n545 OR\n546 SWAP1\n547 SSTORE\n548 POP\n549 POP\n550 JUMP\n', 'truncLabel': '483 JUMPDEST\n484 DUP1\n485 PUSH1 0x01\n487 PUSH1 0x00\n489 PUSH2 0x0100\n492 EXP\n(click to expand +)', 'isExpanded': false},
{id: '675', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '147 JUMPDEST\n148 PUSH2 0x00bf\n151 PUSH1 0x04\n153 DUP1\n154 DUP1\n155 CALLDATALOAD\n(click to expand +)', 'fullLabel': '147 JUMPDEST\n148 PUSH2 0x00bf\n151 PUSH1 0x04\n153 DUP1\n154 DUP1\n155 CALLDATALOAD\n156 PUSH20 0xffffffff(...)\n177 AND\n178 SWAP1\n179 PUSH1 0x20\n181 ADD\n182 SWAP1\n183 SWAP2\n184 SWAP1\n185 POP\n186 POP\n187 PUSH2 0x01e3\n190 JUMP\n', 'truncLabel': '147 JUMPDEST\n148 PUSH2 0x00bf\n151 PUSH1 0x04\n153 DUP1\n154 DUP1\n155 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '678', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '143 PUSH1 0x00\n145 DUP1\n146 REVERT\n', 'fullLabel': '143 PUSH1 0x00\n145 DUP1\n146 REVERT\n', 'truncLabel': '143 PUSH1 0x00\n145 DUP1\n146 REVERT\n', 'isExpanded': false},
{id: '674', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '136 _function_0x2776b163\n137 CALLVALUE\n138 ISZERO\n139 PUSH2 0x0093\n142 JUMPI\n', 'fullLabel': '136 _function_0x2776b163\n137 CALLVALUE\n138 ISZERO\n139 PUSH2 0x0093\n142 JUMPI\n', 'truncLabel': '136 _function_0x2776b163\n137 CALLVALUE\n138 ISZERO\n139 PUSH2 0x0093\n142 JUMPI\n', 'isExpanded': false},
{id: '683', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '212 JUMPDEST\n213 PUSH1 0x40\n215 MLOAD\n216 DUP1\n217 DUP3\n218 PUSH20 0xffffffff(...)\n(click to expand +)', 'fullLabel': '212 JUMPDEST\n213 PUSH1 0x40\n215 MLOAD\n216 DUP1\n217 DUP3\n218 PUSH20 0xffffffff(...)\n239 AND\n240 PUSH20 0xffffffff(...)\n261 AND\n262 DUP2\n263 MSTORE\n264 PUSH1 0x20\n266 ADD\n267 SWAP2\n268 POP\n269 POP\n270 PUSH1 0x40\n272 MLOAD\n273 DUP1\n274 SWAP2\n275 SUB\n276 SWAP1\n277 RETURN\n', 'truncLabel': '212 JUMPDEST\n213 PUSH1 0x40\n215 MLOAD\n216 DUP1\n217 DUP3\n218 PUSH20 0xffffffff(...)\n(click to expand +)', 'isExpanded': false},
{id: '682', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '551 JUMPDEST\n552 PUSH1 0x00\n554 DUP1\n555 SWAP1\n556 SLOAD\n557 SWAP1\n(click to expand +)', 'fullLabel': '551 JUMPDEST\n552 PUSH1 0x00\n554 DUP1\n555 SWAP1\n556 SLOAD\n557 SWAP1\n558 PUSH2 0x0100\n561 EXP\n562 SWAP1\n563 DIV\n564 PUSH20 0xffffffff(...)\n585 AND\n586 DUP2\n587 JUMP\n', 'truncLabel': '551 JUMPDEST\n552 PUSH1 0x00\n554 DUP1\n555 SWAP1\n556 SLOAD\n557 SWAP1\n(click to expand +)', 'isExpanded': false},
{id: '681', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '204 JUMPDEST\n205 PUSH2 0x00d4\n208 PUSH2 0x0227\n211 JUMP\n', 'fullLabel': '204 JUMPDEST\n205 PUSH2 0x00d4\n208 PUSH2 0x0227\n211 JUMP\n', 'truncLabel': '204 JUMPDEST\n205 PUSH2 0x00d4\n208 PUSH2 0x0227\n211 JUMP\n', 'isExpanded': false},
{id: '684', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '200 PUSH1 0x00\n202 DUP1\n203 REVERT\n', 'fullLabel': '200 PUSH1 0x00\n202 DUP1\n203 REVERT\n', 'truncLabel': '200 PUSH1 0x00\n202 DUP1\n203 REVERT\n', 'isExpanded': false},
{id: '680', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '193 _function_0x379bf63c\n194 CALLVALUE\n195 ISZERO\n196 PUSH2 0x00cc\n199 JUMPI\n', 'fullLabel': '193 _function_0x379bf63c\n194 CALLVALUE\n195 ISZERO\n196 PUSH2 0x00cc\n199 JUMPI\n', 'truncLabel': '193 _function_0x379bf63c\n194 CALLVALUE\n195 ISZERO\n196 PUSH2 0x00cc\n199 JUMPI\n', 'isExpanded': false},
{id: '689', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '297 JUMPDEST\n298 STOP\n', 'fullLabel': '297 JUMPDEST\n298 STOP\n', 'truncLabel': '297 JUMPDEST\n298 STOP\n', 'isExpanded': false},
{id: '688', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '588 JUMPDEST\n589 PUSH1 0x00\n591 DUP1\n592 SWAP1\n593 SLOAD\n594 SWAP1\n(click to expand +)', 'fullLabel': '588 JUMPDEST\n589 PUSH1 0x00\n591 DUP1\n592 SWAP1\n593 SLOAD\n594 SWAP1\n595 PUSH2 0x0100\n598 EXP\n599 SWAP1\n600 DIV\n601 PUSH20 0xffffffff(...)\n622 AND\n623 PUSH20 0xffffffff(...)\n644 AND\n645 PUSH1 0x40\n647 MLOAD\n648 PUSH1 0x00\n650 PUSH1 0x40\n652 MLOAD\n653 DUP1\n654 DUP4\n655 SUB\n656 DUP2\n657 PUSH1 0x00\n659 DUP7\n660 GAS\n661 CALL\n662 SWAP2\n663 POP\n664 POP\n665 POP\n666 JUMP\n', 'truncLabel': '588 JUMPDEST\n589 PUSH1 0x00\n591 DUP1\n592 SWAP1\n593 SLOAD\n594 SWAP1\n(click to expand +)', 'isExpanded': false},
{id: '687', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '289 JUMPDEST\n290 PUSH2 0x0129\n293 PUSH2 0x024c\n296 JUMP\n', 'fullLabel': '289 JUMPDEST\n290 PUSH2 0x0129\n293 PUSH2 0x024c\n296 JUMP\n', 'truncLabel': '289 JUMPDEST\n290 PUSH2 0x0129\n293 PUSH2 0x024c\n296 JUMP\n', 'isExpanded': false},
{id: '690', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '285 PUSH1 0x00\n287 DUP1\n288 REVERT\n', 'fullLabel': '285 PUSH1 0x00\n287 DUP1\n288 REVERT\n', 'truncLabel': '285 PUSH1 0x00\n287 DUP1\n288 REVERT\n', 'isExpanded': false},
{id: '686', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '278 _function_0x5a6814ec\n279 CALLVALUE\n280 ISZERO\n281 PUSH2 0x0121\n284 JUMPI\n', 'fullLabel': '278 _function_0x5a6814ec\n279 CALLVALUE\n280 ISZERO\n281 PUSH2 0x0121\n284 JUMPI\n', 'truncLabel': '278 _function_0x5a6814ec\n279 CALLVALUE\n280 ISZERO\n281 PUSH2 0x0121\n284 JUMPI\n', 'isExpanded': false},
{id: '695', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '318 JUMPDEST\n319 PUSH1 0x40\n321 MLOAD\n322 DUP1\n323 DUP3\n324 PUSH20 0xffffffff(...)\n(click to expand +)', 'fullLabel': '318 JUMPDEST\n319 PUSH1 0x40\n321 MLOAD\n322 DUP1\n323 DUP3\n324 PUSH20 0xffffffff(...)\n345 AND\n346 PUSH20 0xffffffff(...)\n367 AND\n368 DUP2\n369 MSTORE\n370 PUSH1 0x20\n372 ADD\n373 SWAP2\n374 POP\n375 POP\n376 PUSH1 0x40\n378 MLOAD\n379 DUP1\n380 SWAP2\n381 SUB\n382 SWAP1\n383 RETURN\n', 'truncLabel': '318 JUMPDEST\n319 PUSH1 0x40\n321 MLOAD\n322 DUP1\n323 DUP3\n324 PUSH20 0xffffffff(...)\n(click to expand +)', 'isExpanded': false},
{id: '694', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '667 JUMPDEST\n668 PUSH1 0x01\n670 PUSH1 0x00\n672 SWAP1\n673 SLOAD\n674 SWAP1\n(click to expand +)', 'fullLabel': '667 JUMPDEST\n668 PUSH1 0x01\n670 PUSH1 0x00\n672 SWAP1\n673 SLOAD\n674 SWAP1\n675 PUSH2 0x0100\n678 EXP\n679 SWAP1\n680 DIV\n681 PUSH20 0xffffffff(...)\n702 AND\n703 DUP2\n704 JUMP\n', 'truncLabel': '667 JUMPDEST\n668 PUSH1 0x01\n670 PUSH1 0x00\n672 SWAP1\n673 SLOAD\n674 SWAP1\n(click to expand +)', 'isExpanded': false},
{id: '693', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '310 JUMPDEST\n311 PUSH2 0x013e\n314 PUSH2 0x029b\n317 JUMP\n', 'fullLabel': '310 JUMPDEST\n311 PUSH2 0x013e\n314 PUSH2 0x029b\n317 JUMP\n', 'truncLabel': '310 JUMPDEST\n311 PUSH2 0x013e\n314 PUSH2 0x029b\n317 JUMP\n', 'isExpanded': false},
{id: '696', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '306 PUSH1 0x00\n308 DUP1\n309 REVERT\n', 'fullLabel': '306 PUSH1 0x00\n308 DUP1\n309 REVERT\n', 'truncLabel': '306 PUSH1 0x00\n308 DUP1\n309 REVERT\n', 'isExpanded': false},
{id: '692', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '299 _function_0xb5d02c8a\n300 CALLVALUE\n301 ISZERO\n302 PUSH2 0x0136\n305 JUMPI\n', 'fullLabel': '299 _function_0xb5d02c8a\n300 CALLVALUE\n301 ISZERO\n302 PUSH2 0x0136\n305 JUMPI\n', 'truncLabel': '299 _function_0xb5d02c8a\n300 CALLVALUE\n301 ISZERO\n302 PUSH2 0x0136\n305 JUMPI\n', 'isExpanded': false},
{id: '701', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '403 JUMPDEST\n404 STOP\n', 'fullLabel': '403 JUMPDEST\n404 STOP\n', 'truncLabel': '403 JUMPDEST\n404 STOP\n', 'isExpanded': false},
{id: '700', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '705 JUMPDEST\n706 PUSH1 0x01\n708 PUSH1 0x00\n710 SWAP1\n711 SLOAD\n712 SWAP1\n(click to expand +)', 'fullLabel': '705 JUMPDEST\n706 PUSH1 0x01\n708 PUSH1 0x00\n710 SWAP1\n711 SLOAD\n712 SWAP1\n713 PUSH2 0x0100\n716 EXP\n717 SWAP1\n718 DIV\n719 PUSH20 0xffffffff(...)\n740 AND\n741 PUSH20 0xffffffff(...)\n762 AND\n763 PUSH1 0x40\n765 MLOAD\n766 PUSH1 0x00\n768 PUSH1 0x40\n770 MLOAD\n771 DUP1\n772 DUP4\n773 SUB\n774 DUP2\n775 PUSH1 0x00\n777 DUP7\n778 GAS\n779 CALL\n780 SWAP2\n781 POP\n782 POP\n783 POP\n784 JUMP\n', 'truncLabel': '705 JUMPDEST\n706 PUSH1 0x01\n708 PUSH1 0x00\n710 SWAP1\n711 SLOAD\n712 SWAP1\n(click to expand +)', 'isExpanded': false},
{id: '699', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '395 JUMPDEST\n396 PUSH2 0x0193\n399 PUSH2 0x02c1\n402 JUMP\n', 'fullLabel': '395 JUMPDEST\n396 PUSH2 0x0193\n399 PUSH2 0x02c1\n402 JUMP\n', 'truncLabel': '395 JUMPDEST\n396 PUSH2 0x0193\n399 PUSH2 0x02c1\n402 JUMP\n', 'isExpanded': false},
{id: '702', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '391 PUSH1 0x00\n393 DUP1\n394 REVERT\n', 'fullLabel': '391 PUSH1 0x00\n393 DUP1\n394 REVERT\n', 'truncLabel': '391 PUSH1 0x00\n393 DUP1\n394 REVERT\n', 'isExpanded': false},
{id: '698', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '384 _function_0xd24b08cc\n385 CALLVALUE\n386 ISZERO\n387 PUSH2 0x018b\n390 JUMPI\n', 'fullLabel': '384 _function_0xd24b08cc\n385 CALLVALUE\n386 ISZERO\n387 PUSH2 0x018b\n390 JUMPI\n', 'truncLabel': '384 _function_0xd24b08cc\n385 CALLVALUE\n386 ISZERO\n387 PUSH2 0x018b\n390 JUMPI\n', 'isExpanded': false},
{id: '707', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '424 JUMPDEST\n425 STOP\n', 'fullLabel': '424 JUMPDEST\n425 STOP\n', 'truncLabel': '424 JUMPDEST\n425 STOP\n', 'isExpanded': false},
{id: '706', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '785 JUMPDEST\n786 PUSH1 0x00\n788 DUP1\n789 SWAP1\n790 SLOAD\n791 SWAP1\n(click to expand +)', 'fullLabel': '785 JUMPDEST\n786 PUSH1 0x00\n788 DUP1\n789 SWAP1\n790 SLOAD\n791 SWAP1\n792 PUSH2 0x0100\n795 EXP\n796 SWAP1\n797 DIV\n798 PUSH20 0xffffffff(...)\n819 AND\n820 PUSH20 0xffffffff(...)\n841 AND\n842 PUSH1 0x40\n844 MLOAD\n845 PUSH1 0x00\n847 PUSH1 0x40\n849 MLOAD\n850 DUP1\n851 DUP4\n852 SUB\n853 DUP2\n854 PUSH1 0x00\n856 DUP7\n857 GAS\n858 CALL\n859 SWAP2\n860 POP\n861 POP\n862 POP\n863 PUSH1 0x00\n865 PUSH1 0x02\n867 DUP2\n868 SWAP1\n869 SSTORE\n870 POP\n871 JUMP\n', 'truncLabel': '785 JUMPDEST\n786 PUSH1 0x00\n788 DUP1\n789 SWAP1\n790 SLOAD\n791 SWAP1\n(click to expand +)', 'isExpanded': false},
{id: '705', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '416 JUMPDEST\n417 PUSH2 0x01a8\n420 PUSH2 0x0311\n423 JUMP\n', 'fullLabel': '416 JUMPDEST\n417 PUSH2 0x01a8\n420 PUSH2 0x0311\n423 JUMP\n', 'truncLabel': '416 JUMPDEST\n417 PUSH2 0x01a8\n420 PUSH2 0x0311\n423 JUMP\n', 'isExpanded': false},
{id: '708', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '412 PUSH1 0x00\n414 DUP1\n415 REVERT\n', 'fullLabel': '412 PUSH1 0x00\n414 DUP1\n415 REVERT\n', 'truncLabel': '412 PUSH1 0x00\n414 DUP1\n415 REVERT\n', 'isExpanded': false},
{id: '704', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '405 _function_0xe11f493e\n406 CALLVALUE\n407 ISZERO\n408 PUSH2 0x01a0\n411 JUMPI\n', 'fullLabel': '405 _function_0xe11f493e\n406 CALLVALUE\n407 ISZERO\n408 PUSH2 0x01a0\n411 JUMPI\n', 'truncLabel': '405 _function_0xe11f493e\n406 CALLVALUE\n407 ISZERO\n408 PUSH2 0x01a0\n411 JUMPI\n', 'isExpanded': false},
{id: '713', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '481 JUMPDEST\n482 STOP\n', 'fullLabel': '481 JUMPDEST\n482 STOP\n', 'truncLabel': '481 JUMPDEST\n482 STOP\n', 'isExpanded': false},
{id: '712', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '872 JUMPDEST\n873 DUP1\n874 PUSH20 0xffffffff(...)\n895 AND\n896 PUSH1 0x40\n898 MLOAD\n(click to expand +)', 'fullLabel': '872 JUMPDEST\n873 DUP1\n874 PUSH20 0xffffffff(...)\n895 AND\n896 PUSH1 0x40\n898 MLOAD\n899 PUSH1 0x00\n901 PUSH1 0x40\n903 MLOAD\n904 DUP1\n905 DUP4\n906 SUB\n907 DUP2\n908 PUSH1 0x00\n910 DUP7\n911 GAS\n912 CALL\n913 SWAP2\n914 POP\n915 POP\n916 POP\n917 POP\n918 JUMP\n', 'truncLabel': '872 JUMPDEST\n873 DUP1\n874 PUSH20 0xffffffff(...)\n895 AND\n896 PUSH1 0x40\n898 MLOAD\n(click to expand +)', 'isExpanded': false},
{id: '711', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '437 JUMPDEST\n438 PUSH2 0x01e1\n441 PUSH1 0x04\n443 DUP1\n444 DUP1\n445 CALLDATALOAD\n(click to expand +)', 'fullLabel': '437 JUMPDEST\n438 PUSH2 0x01e1\n441 PUSH1 0x04\n443 DUP1\n444 DUP1\n445 CALLDATALOAD\n446 PUSH20 0xffffffff(...)\n467 AND\n468 SWAP1\n469 PUSH1 0x20\n471 ADD\n472 SWAP1\n473 SWAP2\n474 SWAP1\n475 POP\n476 POP\n477 PUSH2 0x0368\n480 JUMP\n', 'truncLabel': '437 JUMPDEST\n438 PUSH2 0x01e1\n441 PUSH1 0x04\n443 DUP1\n444 DUP1\n445 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '714', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '433 PUSH1 0x00\n435 DUP1\n436 REVERT\n', 'fullLabel': '433 PUSH1 0x00\n435 DUP1\n436 REVERT\n', 'truncLabel': '433 PUSH1 0x00\n435 DUP1\n436 REVERT\n', 'isExpanded': false},
{id: '710', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '426 _function_0xe1d10f79\n427 CALLVALUE\n428 ISZERO\n429 PUSH2 0x01b5\n432 JUMPI\n', 'fullLabel': '426 _function_0xe1d10f79\n427 CALLVALUE\n428 ISZERO\n429 PUSH2 0x01b5\n432 JUMPI\n', 'truncLabel': '426 _function_0xe1d10f79\n427 CALLVALUE\n428 ISZERO\n429 PUSH2 0x01b5\n432 JUMPI\n', 'isExpanded': false},
{id: '715', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '131 JUMPDEST\n132 PUSH1 0x00\n134 DUP1\n135 REVERT\n', 'fullLabel': '131 JUMPDEST\n132 PUSH1 0x00\n134 DUP1\n135 REVERT\n', 'truncLabel': '131 JUMPDEST\n132 PUSH1 0x00\n134 DUP1\n135 REVERT\n', 'isExpanded': false},
{id: '709', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '120 DUP1\n121 PUSH4 0xe1d10f79\n126 EQ\n127 PUSH2 0x01aa\n130 JUMPI\n', 'fullLabel': '120 DUP1\n121 PUSH4 0xe1d10f79\n126 EQ\n127 PUSH2 0x01aa\n130 JUMPI\n', 'truncLabel': '120 DUP1\n121 PUSH4 0xe1d10f79\n126 EQ\n127 PUSH2 0x01aa\n130 JUMPI\n', 'isExpanded': false},
{id: '703', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '109 DUP1\n110 PUSH4 0xe11f493e\n115 EQ\n116 PUSH2 0x0195\n119 JUMPI\n', 'fullLabel': '109 DUP1\n110 PUSH4 0xe11f493e\n115 EQ\n116 PUSH2 0x0195\n119 JUMPI\n', 'truncLabel': '109 DUP1\n110 PUSH4 0xe11f493e\n115 EQ\n116 PUSH2 0x0195\n119 JUMPI\n', 'isExpanded': false},
{id: '697', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '98 DUP1\n99 PUSH4 0xd24b08cc\n104 EQ\n105 PUSH2 0x0180\n108 JUMPI\n', 'fullLabel': '98 DUP1\n99 PUSH4 0xd24b08cc\n104 EQ\n105 PUSH2 0x0180\n108 JUMPI\n', 'truncLabel': '98 DUP1\n99 PUSH4 0xd24b08cc\n104 EQ\n105 PUSH2 0x0180\n108 JUMPI\n', 'isExpanded': false},
{id: '691', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '87 DUP1\n88 PUSH4 0xb5d02c8a\n93 EQ\n94 PUSH2 0x012b\n97 JUMPI\n', 'fullLabel': '87 DUP1\n88 PUSH4 0xb5d02c8a\n93 EQ\n94 PUSH2 0x012b\n97 JUMPI\n', 'truncLabel': '87 DUP1\n88 PUSH4 0xb5d02c8a\n93 EQ\n94 PUSH2 0x012b\n97 JUMPI\n', 'isExpanded': false},
{id: '685', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '76 DUP1\n77 PUSH4 0x5a6814ec\n82 EQ\n83 PUSH2 0x0116\n86 JUMPI\n', 'fullLabel': '76 DUP1\n77 PUSH4 0x5a6814ec\n82 EQ\n83 PUSH2 0x0116\n86 JUMPI\n', 'truncLabel': '76 DUP1\n77 PUSH4 0x5a6814ec\n82 EQ\n83 PUSH2 0x0116\n86 JUMPI\n', 'isExpanded': false},
{id: '679', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '65 DUP1\n66 PUSH4 0x379bf63c\n71 EQ\n72 PUSH2 0x00c1\n75 JUMPI\n', 'fullLabel': '65 DUP1\n66 PUSH4 0x379bf63c\n71 EQ\n72 PUSH2 0x00c1\n75 JUMPI\n', 'truncLabel': '65 DUP1\n66 PUSH4 0x379bf63c\n71 EQ\n72 PUSH2 0x00c1\n75 JUMPI\n', 'isExpanded': false},
{id: '673', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n(click to expand +)', 'fullLabel': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n53 AND\n54 DUP1\n55 PUSH4 0x2776b163\n60 EQ\n61 PUSH2 0x0088\n64 JUMPI\n', 'truncLabel': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n(click to expand +)', 'isExpanded': false},
{id: '671', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'fullLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n9 PUSH2 0x0083\n12 JUMPI\n', 'truncLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'isExpanded': false}
];
var edges = [
{from: '671', to: '672', 'arrows': 'to', 'label': 'Not(ULE(4, calldatasize_Caller))', 'smooth': {'type': 'cubicBezier'}},
{from: '676', to: '677', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '675', to: '676', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '674', to: '675', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '674', to: '678', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '673', to: '674', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Caller_0) == 0x2776b163', 'smooth': {'type': 'cubicBezier'}},
{from: '682', to: '683', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '681', to: '682', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '680', to: '681', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '680', to: '684', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '679', to: '680', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Caller_0) == 0x379bf63c', 'smooth': {'type': 'cubicBezier'}},
{from: '688', to: '689', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '687', to: '688', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '686', to: '687', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '686', to: '690', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '685', to: '686', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Caller_0) == 0x5a6814ec', 'smooth': {'type': 'cubicBezier'}},
{from: '694', to: '695', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '693', to: '694', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '692', to: '693', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '692', to: '696', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '691', to: '692', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Caller_0) == 0xb5d02c8a', 'smooth': {'type': 'cubicBezier'}},
{from: '700', to: '701', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '699', to: '700', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '698', to: '699', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '698', to: '702', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '697', to: '698', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Caller_0) == 0xd24b08cc', 'smooth': {'type': 'cubicBezier'}},
{from: '706', to: '707', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '705', to: '706', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '704', to: '705', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '704', to: '708', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '703', to: '704', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Caller_0) == 0xe11f493e', 'smooth': {'type': 'cubicBezier'}},
{from: '712', to: '713', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '711', to: '712', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '710', to: '711', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '710', to: '714', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '709', to: '710', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Caller_0) == 0xe1d10f79', 'smooth': {'type': 'cubicBezier'}},
{from: '709', to: '715', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Caller_0) == 0xe1d10f79)', 'smooth': {'type': 'cubicBezier'}},
{from: '703', to: '709', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Caller_0) == 0xe11f493e)', 'smooth': {'type': 'cubicBezier'}},
{from: '697', to: '703', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Caller_0) == 0xd24b08cc)', 'smooth': {'type': 'cubicBezier'}},
{from: '691', to: '697', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Caller_0) == 0xb5d02c8a)', 'smooth': {'type': 'cubicBezier'}},
{from: '685', to: '691', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Caller_0) == 0x5a6814ec)', 'smooth': {'type': 'cubicBezier'}},
{from: '679', to: '685', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Caller_0) == 0x379bf63c)', 'smooth': {'type': 'cubicBezier'}},
{from: '673', to: '679', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Caller_0) == 0x2776b163)', 'smooth': {'type': 'cubicBezier'}},
{from: '671', to: '673', 'arrows': 'to', 'label': 'ULE(4, calldatasize_Caller)', 'smooth': {'type': 'cubicBezier'}}
];
</script>
</head>
<body>
<p>Mythril / LASER Symbolic VM</p>
<p><div id="mynetwork"></div><br/></p>
<script type="text/javascript">
var container = document.getElementById('mynetwork');
var nodesSet = new vis.DataSet(nodes);
var edgesSet = new vis.DataSet(edges);
var data = {'nodes': nodesSet, 'edges': edgesSet}
var gph = new vis.Network(container, data, options);
gph.on("click", function (params) {
// parse node id
var nodeID = params['nodes']['0'];
if (nodeID) {
var clickedNode = nodesSet.get(nodeID);
if(clickedNode.isExpanded) {
clickedNode.label = clickedNode.truncLabel;
}
else {
clickedNode.label = clickedNode.fullLabel;
}
clickedNode.isExpanded = !clickedNode.isExpanded;
nodesSet.update(clickedNode);
}
});
</script>
</body>
</html>

4
tests/testdata/outputs_expected/calls.sol.o.graph.html vendored
View File

File diff suppressed because one or more lines are too long

87
tests/testdata/outputs_expected/calls.sol.o.json vendored
Unescape View File

@ -1,86 +1 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Message call to external contract",
"description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.",
"function": "_function_0x5a6814ec",
"type": "Informational",
"address": 661,
"debug": "<DEBUG-DATA>"
},
{
"title": "Message call to external contract",
"description": "This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.",
"function": "_function_0xd24b08cc",
"type": "Warning",
"address": 779,
"debug": "<DEBUG-DATA>"
},
{
"title": "Message call to external contract",
"description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.",
"function": "_function_0xe11f493e",
"type": "Informational",
"address": 858,
"debug": "<DEBUG-DATA>"
},
{
"title": "State change after external call",
"description": "The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.",
"function": "_function_0xe11f493e",
"type": "Warning",
"address": 869,
"debug": "<DEBUG-DATA>"
},
{
"title": "Message call to external contract",
"description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.",
"function": "_function_0xe1d10f79",
"type": "Warning",
"address": 912,
"debug": "<DEBUG-DATA>"
},
{
"title": "Transaction order dependence",
"description": "A possible transaction order independence vulnerability exists in function _function_0xd24b08cc. The value or direction of the call statement is determined from a tainted storage location",
"function": "_function_0xd24b08cc",
"type": "Warning",
"address": 779,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0x5a6814ec",
"type": "Informational",
"address": 661,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0xd24b08cc",
"type": "Informational",
"address": 779,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0xe11f493e",
"type": "Informational",
"address": 858,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0xe1d10f79",
"type": "Informational",
"address": 912,
"debug": "<DEBUG-DATA>"
}
]
}
{"error": null, "issues": [{"address": 661, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0x5a6814ec", "title": "Message call to external contract", "type": "Informational"}, {"address": 666, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0x5a6814ec", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 779, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xd24b08cc", "title": "Message call to external contract", "type": "Warning"}, {"address": 779, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible transaction order independence vulnerability exists in function _function_0xd24b08cc. The value or direction of the call statement is determined from a tainted storage location", "function": "_function_0xd24b08cc", "title": "Transaction order dependence", "type": "Warning"}, {"address": 784, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xd24b08cc", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 858, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0xe11f493e", "title": "Message call to external contract", "type": "Informational"}, {"address": 869, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.", "function": "_function_0xe11f493e", "title": "State change after external call", "type": "Warning"}, {"address": 871, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe11f493e", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 912, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xe1d10f79", "title": "Message call to external contract", "type": "Warning"}, {"address": 918, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe1d10f79", "title": "Unchecked CALL return value", "type": "Informational"}], "success": true}

22
tests/testdata/outputs_expected/calls.sol.o.markdown vendored
Unescape View File

@ -16,7 +16,7 @@ This contract executes a message call to to another contract. Make sure that the
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x5a6814ec`
- PC address: 661
- PC address: 666
### Description
@ -49,7 +49,7 @@ A possible transaction order independence vulnerability exists in function _func
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xd24b08cc`
- PC address: 779
- PC address: 784
### Description
@ -66,27 +66,27 @@ The return value of an external call is not checked. Note that execution continu
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
## Unchecked CALL return value
## State change after external call
- Type: Informational
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xe11f493e`
- PC address: 858
- PC address: 869
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.
## State change after external call
## Unchecked CALL return value
- Type: Warning
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xe11f493e`
- PC address: 869
- PC address: 871
### Description
The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
## Message call to external contract
@ -104,7 +104,7 @@ This contract executes a message call to an address provided as a function argum
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xe1d10f79`
- PC address: 912
- PC address: 918
### Description

22
tests/testdata/outputs_expected/calls.sol.o.text vendored
Unescape View File

@ -10,7 +10,7 @@ This contract executes a message call to to another contract. Make sure that the
Type: Informational
Contract: Unknown
Function name: _function_0x5a6814ec
PC address: 661
PC address: 666
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
@ -34,7 +34,7 @@ A possible transaction order independence vulnerability exists in function _func
Type: Informational
Contract: Unknown
Function name: _function_0xd24b08cc
PC address: 779
PC address: 784
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
@ -46,14 +46,6 @@ PC address: 858
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Unknown
Function name: _function_0xe11f493e
PC address: 858
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
==== State change after external call ====
Type: Warning
Contract: Unknown
@ -62,6 +54,14 @@ PC address: 869
The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Unknown
Function name: _function_0xe11f493e
PC address: 871
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
==== Message call to external contract ====
Type: Warning
Contract: Unknown
@ -74,7 +74,7 @@ This contract executes a message call to an address provided as a function argum
Type: Informational
Contract: Unknown
Function name: _function_0xe1d10f79
PC address: 912
PC address: 918
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------

28
tests/testdata/outputs_expected/ether_send.sol.json vendored
Unescape View File

@ -1,28 +0,0 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Ether send",
"description": "In the function `withdrawfunds()` a non-zero amount of Ether is sent to msg.sender.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.",
"function": "withdrawfunds()",
"type": "Warning",
"address": 816,
"debug": "<DEBUG-DATA>",
"filename": "<TESTDATA>/inputs/ether_send.sol",
"lineno": 18,
"code": "msg.sender.transfer(this.balance)"
},
{
"title": "Integer Overflow ",
"description": "A possible integer overflow exists in the function `invest()`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.",
"function": "invest()",
"type": "Warning",
"address": 483,
"debug": "<DEBUG-DATA>",
"filename": "<TESTDATA>/inputs/ether_send.sol",
"lineno": 24,
"code": "balances[msg.sender] += msg.value"
}
]
}

4
tests/testdata/outputs_expected/ether_send.sol.o.graph.html vendored
View File

File diff suppressed because one or more lines are too long

23
tests/testdata/outputs_expected/ether_send.sol.o.json vendored
Unescape View File

@ -1,22 +1 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Ether send",
"description": "In the function `withdrawfunds()` a non-zero amount of Ether is sent to msg.sender.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.",
"function": "withdrawfunds()",
"type": "Warning",
"address": 722,
"debug": "<DEBUG-DATA>"
},
{
"title": "Integer Overflow ",
"description": "A possible integer overflow exists in the function `invest()`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.",
"function": "invest()",
"type": "Warning",
"address": 883,
"debug": "<DEBUG-DATA>"
}
]
}
{"error": null, "issues": [{"address": 722, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "In the function `withdrawfunds()` a non-zero amount of Ether is sent to msg.sender.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.", "function": "withdrawfunds()", "title": "Ether send", "type": "Warning"}, {"address": 883, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer overflow exists in the function `invest()`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.", "function": "invest()", "title": "Integer Overflow", "type": "Warning"}], "success": true}

2
tests/testdata/outputs_expected/ether_send.sol.o.markdown vendored
Unescape View File

@ -13,7 +13,7 @@ In the function `withdrawfunds()` a non-zero amount of Ether is sent to msg.send
There is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.
## Integer Overflow
## Integer Overflow
- Type: Warning
- Contract: Unknown

2
tests/testdata/outputs_expected/ether_send.sol.o.text vendored
Unescape View File

@ -8,7 +8,7 @@ In the function `withdrawfunds()` a non-zero amount of Ether is sent to msg.send
There is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.
--------------------
==== Integer Overflow ====
==== Integer Overflow ====
Type: Warning
Contract: Unknown
Function name: invest()

252
tests/testdata/outputs_expected/exceptions.sol.graph.html vendored
Unescape View File

@ -1,252 +0,0 @@
<html>
<head>
<style type="text/css">
#mynetwork {
background-color: #232625;
}
body {
background-color: #232625;
color: #ffffff;
font-size: 10px;
}
</style>
<link href="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.css" rel="stylesheet" type="text/css" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.js"></script>
<script>
var options = {
autoResize: true,
height: '100%',
width: '100%',
manipulation: false,
height: '90%',
layout: {
randomSeed: undefined,
improvedLayout:true,
hierarchical: {
enabled:true,
levelSeparation: 450,
nodeSpacing: 200,
treeSpacing: 100,
blockShifting: true,
edgeMinimization: true,
parentCentralization: false,
direction: 'LR', // UD, DU, LR, RL
sortMethod: 'directed' // hubsize, directed
}
},
nodes:{
borderWidth: 1,
borderWidthSelected: 2,
chosen: true,
shape: 'box',
font: {
align: 'left',
color: '#FFFFFF',
},
},
edges:{
font: {
color: '#ffffff',
size: 12, // px
face: 'arial',
background: 'none',
strokeWidth: 0, // px
strokeColor: '#ffffff',
align: 'horizontal',
multi: false,
vadjust: 0,
}
},
physics:{
enabled: false,
}
}
var nodes = [
{id: '1093', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '142 JUMPDEST\n143 PUSH1 0x00\n145 DUP1\n146 REVERT\n', 'fullLabel': '142 JUMPDEST\n143 PUSH1 0x00\n145 DUP1\n146 REVERT\n', 'truncLabel': '142 JUMPDEST\n143 PUSH1 0x00\n145 DUP1\n146 REVERT\n', 'isExpanded': false},
{id: '1099', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '180 JUMPDEST\n181 STOP\n', 'fullLabel': '180 JUMPDEST\n181 STOP\n', 'truncLabel': '180 JUMPDEST\n181 STOP\n', 'isExpanded': false},
{id: '1098', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '430 JUMPDEST\n431 POP\n432 POP\n433 JUMP\n', 'fullLabel': '430 JUMPDEST\n431 POP\n432 POP\n433 JUMP\n', 'truncLabel': '430 JUMPDEST\n431 POP\n432 POP\n433 JUMP\n', 'isExpanded': false},
{id: '1102', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '180 JUMPDEST\n181 STOP\n', 'fullLabel': '180 JUMPDEST\n181 STOP\n', 'truncLabel': '180 JUMPDEST\n181 STOP\n', 'isExpanded': false},
{id: '1101', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '425 JUMPDEST\n426 ADD\n427 SLOAD\n428 SWAP1\n429 POP\n430 JUMPDEST\n(click to expand +)', 'fullLabel': '425 JUMPDEST\n426 ADD\n427 SLOAD\n428 SWAP1\n429 POP\n430 JUMPDEST\n431 POP\n432 POP\n433 JUMP\n', 'truncLabel': '425 JUMPDEST\n426 ADD\n427 SLOAD\n428 SWAP1\n429 POP\n430 JUMPDEST\n(click to expand +)', 'isExpanded': false},
{id: '1103', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '424 ASSERT_FAIL\n', 'fullLabel': '424 ASSERT_FAIL\n', 'truncLabel': '424 ASSERT_FAIL\n', 'isExpanded': false},
{id: '1100', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '411 PUSH1 0x00\n413 DUP3\n414 PUSH1 0x08\n416 DUP2\n417 LT\n418 ISZERO\n(click to expand +)', 'fullLabel': '411 PUSH1 0x00\n413 DUP3\n414 PUSH1 0x08\n416 DUP2\n417 LT\n418 ISZERO\n419 ISZERO\n420 PUSH2 0x01a9\n423 JUMPI\n', 'truncLabel': '411 PUSH1 0x00\n413 DUP3\n414 PUSH1 0x08\n416 DUP2\n417 LT\n418 ISZERO\n(click to expand +)', 'isExpanded': false},
{id: '1097', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '399 JUMPDEST\n400 PUSH1 0x00\n402 PUSH1 0x08\n404 DUP3\n405 LT\n406 ISZERO\n(click to expand +)', 'fullLabel': '399 JUMPDEST\n400 PUSH1 0x00\n402 PUSH1 0x08\n404 DUP3\n405 LT\n406 ISZERO\n407 PUSH2 0x01ae\n410 JUMPI\n', 'truncLabel': '399 JUMPDEST\n400 PUSH1 0x00\n402 PUSH1 0x08\n404 DUP3\n405 LT\n406 ISZERO\n(click to expand +)', 'isExpanded': false},
{id: '1096', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '158 JUMPDEST\n159 PUSH2 0x00b4\n162 PUSH1 0x04\n164 DUP1\n165 DUP1\n166 CALLDATALOAD\n(click to expand +)', 'fullLabel': '158 JUMPDEST\n159 PUSH2 0x00b4\n162 PUSH1 0x04\n164 DUP1\n165 DUP1\n166 CALLDATALOAD\n167 SWAP1\n168 PUSH1 0x20\n170 ADD\n171 SWAP1\n172 SWAP2\n173 SWAP1\n174 POP\n175 POP\n176 PUSH2 0x018f\n179 JUMP\n', 'truncLabel': '158 JUMPDEST\n159 PUSH2 0x00b4\n162 PUSH1 0x04\n164 DUP1\n165 DUP1\n166 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '1104', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '154 PUSH1 0x00\n156 DUP1\n157 REVERT\n', 'fullLabel': '154 PUSH1 0x00\n156 DUP1\n157 REVERT\n', 'truncLabel': '154 PUSH1 0x00\n156 DUP1\n157 REVERT\n', 'isExpanded': false},
{id: '1095', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '147 _function_0x01d4277c\n148 CALLVALUE\n149 ISZERO\n150 PUSH2 0x009e\n153 JUMPI\n', 'fullLabel': '147 _function_0x01d4277c\n148 CALLVALUE\n149 ISZERO\n150 PUSH2 0x009e\n153 JUMPI\n', 'truncLabel': '147 _function_0x01d4277c\n148 CALLVALUE\n149 ISZERO\n150 PUSH2 0x009e\n153 JUMPI\n', 'isExpanded': false},
{id: '1110', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '215 JUMPDEST\n216 STOP\n', 'fullLabel': '215 JUMPDEST\n216 STOP\n', 'truncLabel': '215 JUMPDEST\n216 STOP\n', 'isExpanded': false},
{id: '1109', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '447 JUMPDEST\n448 POP\n449 JUMP\n', 'fullLabel': '447 JUMPDEST\n448 POP\n449 JUMP\n', 'truncLabel': '447 JUMPDEST\n448 POP\n449 JUMP\n', 'isExpanded': false},
{id: '1111', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '446 ASSERT_FAIL\n', 'fullLabel': '446 ASSERT_FAIL\n', 'truncLabel': '446 ASSERT_FAIL\n', 'isExpanded': false},
{id: '1108', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '434 JUMPDEST\n435 PUSH1 0x17\n437 DUP2\n438 EQ\n439 ISZERO\n440 ISZERO\n(click to expand +)', 'fullLabel': '434 JUMPDEST\n435 PUSH1 0x17\n437 DUP2\n438 EQ\n439 ISZERO\n440 ISZERO\n441 ISZERO\n442 PUSH2 0x01bf\n445 JUMPI\n', 'truncLabel': '434 JUMPDEST\n435 PUSH1 0x17\n437 DUP2\n438 EQ\n439 ISZERO\n440 ISZERO\n(click to expand +)', 'isExpanded': false},
{id: '1107', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '193 JUMPDEST\n194 PUSH2 0x00d7\n197 PUSH1 0x04\n199 DUP1\n200 DUP1\n201 CALLDATALOAD\n(click to expand +)', 'fullLabel': '193 JUMPDEST\n194 PUSH2 0x00d7\n197 PUSH1 0x04\n199 DUP1\n200 DUP1\n201 CALLDATALOAD\n202 SWAP1\n203 PUSH1 0x20\n205 ADD\n206 SWAP1\n207 SWAP2\n208 SWAP1\n209 POP\n210 POP\n211 PUSH2 0x01b2\n214 JUMP\n', 'truncLabel': '193 JUMPDEST\n194 PUSH2 0x00d7\n197 PUSH1 0x04\n199 DUP1\n200 DUP1\n201 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '1112', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '189 PUSH1 0x00\n191 DUP1\n192 REVERT\n', 'fullLabel': '189 PUSH1 0x00\n191 DUP1\n192 REVERT\n', 'truncLabel': '189 PUSH1 0x00\n191 DUP1\n192 REVERT\n', 'isExpanded': false},
{id: '1106', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '182 _function_0x546455b5\n183 CALLVALUE\n184 ISZERO\n185 PUSH2 0x00c1\n188 JUMPI\n', 'fullLabel': '182 _function_0x546455b5\n183 CALLVALUE\n184 ISZERO\n185 PUSH2 0x00c1\n188 JUMPI\n', 'truncLabel': '182 _function_0x546455b5\n183 CALLVALUE\n184 ISZERO\n185 PUSH2 0x00c1\n188 JUMPI\n', 'isExpanded': false},
{id: '1118', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '250 JUMPDEST\n251 STOP\n', 'fullLabel': '250 JUMPDEST\n251 STOP\n', 'truncLabel': '250 JUMPDEST\n251 STOP\n', 'isExpanded': false},
{id: '1117', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '466 JUMPDEST\n467 POP\n468 JUMP\n', 'fullLabel': '466 JUMPDEST\n467 POP\n468 JUMP\n', 'truncLabel': '466 JUMPDEST\n467 POP\n468 JUMP\n', 'isExpanded': false},
{id: '1119', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '462 PUSH1 0x00\n464 DUP1\n465 REVERT\n', 'fullLabel': '462 PUSH1 0x00\n464 DUP1\n465 REVERT\n', 'truncLabel': '462 PUSH1 0x00\n464 DUP1\n465 REVERT\n', 'isExpanded': false},
{id: '1116', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '450 JUMPDEST\n451 PUSH1 0x17\n453 DUP2\n454 EQ\n455 ISZERO\n456 ISZERO\n(click to expand +)', 'fullLabel': '450 JUMPDEST\n451 PUSH1 0x17\n453 DUP2\n454 EQ\n455 ISZERO\n456 ISZERO\n457 ISZERO\n458 PUSH2 0x01d2\n461 JUMPI\n', 'truncLabel': '450 JUMPDEST\n451 PUSH1 0x17\n453 DUP2\n454 EQ\n455 ISZERO\n456 ISZERO\n(click to expand +)', 'isExpanded': false},
{id: '1115', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '228 JUMPDEST\n229 PUSH2 0x00fa\n232 PUSH1 0x04\n234 DUP1\n235 DUP1\n236 CALLDATALOAD\n(click to expand +)', 'fullLabel': '228 JUMPDEST\n229 PUSH2 0x00fa\n232 PUSH1 0x04\n234 DUP1\n235 DUP1\n236 CALLDATALOAD\n237 SWAP1\n238 PUSH1 0x20\n240 ADD\n241 SWAP1\n242 SWAP2\n243 SWAP1\n244 POP\n245 POP\n246 PUSH2 0x01c2\n249 JUMP\n', 'truncLabel': '228 JUMPDEST\n229 PUSH2 0x00fa\n232 PUSH1 0x04\n234 DUP1\n235 DUP1\n236 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '1120', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '224 PUSH1 0x00\n226 DUP1\n227 REVERT\n', 'fullLabel': '224 PUSH1 0x00\n226 DUP1\n227 REVERT\n', 'truncLabel': '224 PUSH1 0x00\n226 DUP1\n227 REVERT\n', 'isExpanded': false},
{id: '1114', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '217 _function_0x78375f14\n218 CALLVALUE\n219 ISZERO\n220 PUSH2 0x00e4\n223 JUMPI\n', 'fullLabel': '217 _function_0x78375f14\n218 CALLVALUE\n219 ISZERO\n220 PUSH2 0x00e4\n223 JUMPI\n', 'truncLabel': '217 _function_0x78375f14\n218 CALLVALUE\n219 ISZERO\n220 PUSH2 0x00e4\n223 JUMPI\n', 'isExpanded': false},
{id: '1126', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '285 JUMPDEST\n286 STOP\n', 'fullLabel': '285 JUMPDEST\n286 STOP\n', 'truncLabel': '285 JUMPDEST\n286 STOP\n', 'isExpanded': false},
{id: '1125', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '485 JUMPDEST\n486 ADD\n487 SLOAD\n488 SWAP1\n489 POP\n490 POP\n(click to expand +)', 'fullLabel': '485 JUMPDEST\n486 ADD\n487 SLOAD\n488 SWAP1\n489 POP\n490 POP\n491 POP\n492 JUMP\n', 'truncLabel': '485 JUMPDEST\n486 ADD\n487 SLOAD\n488 SWAP1\n489 POP\n490 POP\n(click to expand +)', 'isExpanded': false},
{id: '1127', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '484 ASSERT_FAIL\n', 'fullLabel': '484 ASSERT_FAIL\n', 'truncLabel': '484 ASSERT_FAIL\n', 'isExpanded': false},
{id: '1124', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '469 JUMPDEST\n470 PUSH1 0x00\n472 DUP1\n473 DUP3\n474 PUSH1 0x08\n476 DUP2\n(click to expand +)', 'fullLabel': '469 JUMPDEST\n470 PUSH1 0x00\n472 DUP1\n473 DUP3\n474 PUSH1 0x08\n476 DUP2\n477 LT\n478 ISZERO\n479 ISZERO\n480 PUSH2 0x01e5\n483 JUMPI\n', 'truncLabel': '469 JUMPDEST\n470 PUSH1 0x00\n472 DUP1\n473 DUP3\n474 PUSH1 0x08\n476 DUP2\n(click to expand +)', 'isExpanded': false},
{id: '1123', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '263 JUMPDEST\n264 PUSH2 0x011d\n267 PUSH1 0x04\n269 DUP1\n270 DUP1\n271 CALLDATALOAD\n(click to expand +)', 'fullLabel': '263 JUMPDEST\n264 PUSH2 0x011d\n267 PUSH1 0x04\n269 DUP1\n270 DUP1\n271 CALLDATALOAD\n272 SWAP1\n273 PUSH1 0x20\n275 ADD\n276 SWAP1\n277 SWAP2\n278 SWAP1\n279 POP\n280 POP\n281 PUSH2 0x01d5\n284 JUMP\n', 'truncLabel': '263 JUMPDEST\n264 PUSH2 0x011d\n267 PUSH1 0x04\n269 DUP1\n270 DUP1\n271 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '1128', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '259 PUSH1 0x00\n261 DUP1\n262 REVERT\n', 'fullLabel': '259 PUSH1 0x00\n261 DUP1\n262 REVERT\n', 'truncLabel': '259 PUSH1 0x00\n261 DUP1\n262 REVERT\n', 'isExpanded': false},
{id: '1122', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '252 _function_0x92dd38ea\n253 CALLVALUE\n254 ISZERO\n255 PUSH2 0x0107\n258 JUMPI\n', 'fullLabel': '252 _function_0x92dd38ea\n253 CALLVALUE\n254 ISZERO\n255 PUSH2 0x0107\n258 JUMPI\n', 'truncLabel': '252 _function_0x92dd38ea\n253 CALLVALUE\n254 ISZERO\n255 PUSH2 0x0107\n258 JUMPI\n', 'isExpanded': false},
{id: '1134', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '320 JUMPDEST\n321 STOP\n', 'fullLabel': '320 JUMPDEST\n321 STOP\n', 'truncLabel': '320 JUMPDEST\n321 STOP\n', 'isExpanded': false},
{id: '1133', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '507 JUMPDEST\n508 DIV\n509 SWAP1\n510 POP\n511 POP\n512 POP\n(click to expand +)', 'fullLabel': '507 JUMPDEST\n508 DIV\n509 SWAP1\n510 POP\n511 POP\n512 POP\n513 JUMP\n', 'truncLabel': '507 JUMPDEST\n508 DIV\n509 SWAP1\n510 POP\n511 POP\n512 POP\n(click to expand +)', 'isExpanded': false},
{id: '1135', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '506 ASSERT_FAIL\n', 'fullLabel': '506 ASSERT_FAIL\n', 'truncLabel': '506 ASSERT_FAIL\n', 'isExpanded': false},
{id: '1132', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '493 JUMPDEST\n494 PUSH1 0x00\n496 DUP2\n497 PUSH1 0x01\n499 DUP2\n500 ISZERO\n(click to expand +)', 'fullLabel': '493 JUMPDEST\n494 PUSH1 0x00\n496 DUP2\n497 PUSH1 0x01\n499 DUP2\n500 ISZERO\n501 ISZERO\n502 PUSH2 0x01fb\n505 JUMPI\n', 'truncLabel': '493 JUMPDEST\n494 PUSH1 0x00\n496 DUP2\n497 PUSH1 0x01\n499 DUP2\n500 ISZERO\n(click to expand +)', 'isExpanded': false},
{id: '1131', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '298 JUMPDEST\n299 PUSH2 0x0140\n302 PUSH1 0x04\n304 DUP1\n305 DUP1\n306 CALLDATALOAD\n(click to expand +)', 'fullLabel': '298 JUMPDEST\n299 PUSH2 0x0140\n302 PUSH1 0x04\n304 DUP1\n305 DUP1\n306 CALLDATALOAD\n307 SWAP1\n308 PUSH1 0x20\n310 ADD\n311 SWAP1\n312 SWAP2\n313 SWAP1\n314 POP\n315 POP\n316 PUSH2 0x01ed\n319 JUMP\n', 'truncLabel': '298 JUMPDEST\n299 PUSH2 0x0140\n302 PUSH1 0x04\n304 DUP1\n305 DUP1\n306 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '1136', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '294 PUSH1 0x00\n296 DUP1\n297 REVERT\n', 'fullLabel': '294 PUSH1 0x00\n296 DUP1\n297 REVERT\n', 'truncLabel': '294 PUSH1 0x00\n296 DUP1\n297 REVERT\n', 'isExpanded': false},
{id: '1130', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '287 _function_0xa08299f1\n288 CALLVALUE\n289 ISZERO\n290 PUSH2 0x012a\n293 JUMPI\n', 'fullLabel': '287 _function_0xa08299f1\n288 CALLVALUE\n289 ISZERO\n290 PUSH2 0x012a\n293 JUMPI\n', 'truncLabel': '287 _function_0xa08299f1\n288 CALLVALUE\n289 ISZERO\n290 PUSH2 0x012a\n293 JUMPI\n', 'isExpanded': false},
{id: '1141', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '531 ASSERT_FAIL\n', 'fullLabel': '531 ASSERT_FAIL\n', 'truncLabel': '531 ASSERT_FAIL\n', 'isExpanded': false},
{id: '1140', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '514 JUMPDEST\n515 PUSH1 0x00\n517 PUSH1 0x01\n519 SWAP1\n520 POP\n521 PUSH1 0x00\n(click to expand +)', 'fullLabel': '514 JUMPDEST\n515 PUSH1 0x00\n517 PUSH1 0x01\n519 SWAP1\n520 POP\n521 PUSH1 0x00\n523 DUP2\n524 EQ\n525 ISZERO\n526 ISZERO\n527 PUSH2 0x0214\n530 JUMPI\n', 'truncLabel': '514 JUMPDEST\n515 PUSH1 0x00\n517 PUSH1 0x01\n519 SWAP1\n520 POP\n521 PUSH1 0x00\n(click to expand +)', 'isExpanded': false},
{id: '1139', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '333 JUMPDEST\n334 PUSH2 0x0155\n337 PUSH2 0x0202\n340 JUMP\n', 'fullLabel': '333 JUMPDEST\n334 PUSH2 0x0155\n337 PUSH2 0x0202\n340 JUMP\n', 'truncLabel': '333 JUMPDEST\n334 PUSH2 0x0155\n337 PUSH2 0x0202\n340 JUMP\n', 'isExpanded': false},
{id: '1142', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '329 PUSH1 0x00\n331 DUP1\n332 REVERT\n', 'fullLabel': '329 PUSH1 0x00\n331 DUP1\n332 REVERT\n', 'truncLabel': '329 PUSH1 0x00\n331 DUP1\n332 REVERT\n', 'isExpanded': false},
{id: '1138', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '322 _function_0xb34c3610\n323 CALLVALUE\n324 ISZERO\n325 PUSH2 0x014d\n328 JUMPI\n', 'fullLabel': '322 _function_0xb34c3610\n323 CALLVALUE\n324 ISZERO\n325 PUSH2 0x014d\n328 JUMPI\n', 'truncLabel': '322 _function_0xb34c3610\n323 CALLVALUE\n324 ISZERO\n325 PUSH2 0x014d\n328 JUMPI\n', 'isExpanded': false},
{id: '1148', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '376 JUMPDEST\n377 STOP\n', 'fullLabel': '376 JUMPDEST\n377 STOP\n', 'truncLabel': '376 JUMPDEST\n377 STOP\n', 'isExpanded': false},
{id: '1147', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '561 JUMPDEST\n562 POP\n563 POP\n564 JUMP\n', 'fullLabel': '561 JUMPDEST\n562 POP\n563 POP\n564 JUMP\n', 'truncLabel': '561 JUMPDEST\n562 POP\n563 POP\n564 JUMP\n', 'isExpanded': false},
{id: '1151', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '376 JUMPDEST\n377 STOP\n', 'fullLabel': '376 JUMPDEST\n377 STOP\n', 'truncLabel': '376 JUMPDEST\n377 STOP\n', 'isExpanded': false},
{id: '1150', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '557 JUMPDEST\n558 DIV\n559 SWAP1\n560 POP\n561 JUMPDEST\n562 POP\n(click to expand +)', 'fullLabel': '557 JUMPDEST\n558 DIV\n559 SWAP1\n560 POP\n561 JUMPDEST\n562 POP\n563 POP\n564 JUMP\n', 'truncLabel': '557 JUMPDEST\n558 DIV\n559 SWAP1\n560 POP\n561 JUMPDEST\n562 POP\n(click to expand +)', 'isExpanded': false},
{id: '1152', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '556 ASSERT_FAIL\n', 'fullLabel': '556 ASSERT_FAIL\n', 'truncLabel': '556 ASSERT_FAIL\n', 'isExpanded': false},
{id: '1149', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '546 DUP2\n547 PUSH1 0x01\n549 DUP2\n550 ISZERO\n551 ISZERO\n552 PUSH2 0x022d\n(click to expand +)', 'fullLabel': '546 DUP2\n547 PUSH1 0x01\n549 DUP2\n550 ISZERO\n551 ISZERO\n552 PUSH2 0x022d\n555 JUMPI\n', 'truncLabel': '546 DUP2\n547 PUSH1 0x01\n549 DUP2\n550 ISZERO\n551 ISZERO\n552 PUSH2 0x022d\n(click to expand +)', 'isExpanded': false},
{id: '1146', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '535 JUMPDEST\n536 PUSH1 0x00\n538 DUP1\n539 DUP3\n540 GT\n541 ISZERO\n(click to expand +)', 'fullLabel': '535 JUMPDEST\n536 PUSH1 0x00\n538 DUP1\n539 DUP3\n540 GT\n541 ISZERO\n542 PUSH2 0x0231\n545 JUMPI\n', 'truncLabel': '535 JUMPDEST\n536 PUSH1 0x00\n538 DUP1\n539 DUP3\n540 GT\n541 ISZERO\n(click to expand +)', 'isExpanded': false},
{id: '1145', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '354 JUMPDEST\n355 PUSH2 0x0178\n358 PUSH1 0x04\n360 DUP1\n361 DUP1\n362 CALLDATALOAD\n(click to expand +)', 'fullLabel': '354 JUMPDEST\n355 PUSH2 0x0178\n358 PUSH1 0x04\n360 DUP1\n361 DUP1\n362 CALLDATALOAD\n363 SWAP1\n364 PUSH1 0x20\n366 ADD\n367 SWAP1\n368 SWAP2\n369 SWAP1\n370 POP\n371 POP\n372 PUSH2 0x0217\n375 JUMP\n', 'truncLabel': '354 JUMPDEST\n355 PUSH2 0x0178\n358 PUSH1 0x04\n360 DUP1\n361 DUP1\n362 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '1153', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '350 PUSH1 0x00\n352 DUP1\n353 REVERT\n', 'fullLabel': '350 PUSH1 0x00\n352 DUP1\n353 REVERT\n', 'truncLabel': '350 PUSH1 0x00\n352 DUP1\n353 REVERT\n', 'isExpanded': false},
{id: '1144', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '343 _function_0xb630d706\n344 CALLVALUE\n345 ISZERO\n346 PUSH2 0x0162\n349 JUMPI\n', 'fullLabel': '343 _function_0xb630d706\n344 CALLVALUE\n345 ISZERO\n346 PUSH2 0x0162\n349 JUMPI\n', 'truncLabel': '343 _function_0xb630d706\n344 CALLVALUE\n345 ISZERO\n346 PUSH2 0x0162\n349 JUMPI\n', 'isExpanded': false},
{id: '1159', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '397 JUMPDEST\n398 STOP\n', 'fullLabel': '397 JUMPDEST\n398 STOP\n', 'truncLabel': '397 JUMPDEST\n398 STOP\n', 'isExpanded': false},
{id: '1158', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '583 JUMPDEST\n584 POP\n585 JUMP\n', 'fullLabel': '583 JUMPDEST\n584 POP\n585 JUMP\n', 'truncLabel': '583 JUMPDEST\n584 POP\n585 JUMP\n', 'isExpanded': false},
{id: '1157', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '565 JUMPDEST\n566 PUSH1 0x00\n568 PUSH1 0x01\n570 SWAP1\n571 POP\n572 PUSH1 0x00\n(click to expand +)', 'fullLabel': '565 JUMPDEST\n566 PUSH1 0x00\n568 PUSH1 0x01\n570 SWAP1\n571 POP\n572 PUSH1 0x00\n574 DUP2\n575 GT\n576 ISZERO\n577 ISZERO\n578 PUSH2 0x0247\n581 JUMPI\n', 'truncLabel': '565 JUMPDEST\n566 PUSH1 0x00\n568 PUSH1 0x01\n570 SWAP1\n571 POP\n572 PUSH1 0x00\n(click to expand +)', 'isExpanded': false},
{id: '1156', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '389 JUMPDEST\n390 PUSH2 0x018d\n393 PUSH2 0x0235\n396 JUMP\n', 'fullLabel': '389 JUMPDEST\n390 PUSH2 0x018d\n393 PUSH2 0x0235\n396 JUMP\n', 'truncLabel': '389 JUMPDEST\n390 PUSH2 0x018d\n393 PUSH2 0x0235\n396 JUMP\n', 'isExpanded': false},
{id: '1160', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '385 PUSH1 0x00\n387 DUP1\n388 REVERT\n', 'fullLabel': '385 PUSH1 0x00\n387 DUP1\n388 REVERT\n', 'truncLabel': '385 PUSH1 0x00\n387 DUP1\n388 REVERT\n', 'isExpanded': false},
{id: '1155', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '378 _function_0xf44f13d8\n379 CALLVALUE\n380 ISZERO\n381 PUSH2 0x0185\n384 JUMPI\n', 'fullLabel': '378 _function_0xf44f13d8\n379 CALLVALUE\n380 ISZERO\n381 PUSH2 0x0185\n384 JUMPI\n', 'truncLabel': '378 _function_0xf44f13d8\n379 CALLVALUE\n380 ISZERO\n381 PUSH2 0x0185\n384 JUMPI\n', 'isExpanded': false},
{id: '1161', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '142 JUMPDEST\n143 PUSH1 0x00\n145 DUP1\n146 REVERT\n', 'fullLabel': '142 JUMPDEST\n143 PUSH1 0x00\n145 DUP1\n146 REVERT\n', 'truncLabel': '142 JUMPDEST\n143 PUSH1 0x00\n145 DUP1\n146 REVERT\n', 'isExpanded': false},
{id: '1154', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '131 DUP1\n132 PUSH4 0xf44f13d8\n137 EQ\n138 PUSH2 0x017a\n141 JUMPI\n', 'fullLabel': '131 DUP1\n132 PUSH4 0xf44f13d8\n137 EQ\n138 PUSH2 0x017a\n141 JUMPI\n', 'truncLabel': '131 DUP1\n132 PUSH4 0xf44f13d8\n137 EQ\n138 PUSH2 0x017a\n141 JUMPI\n', 'isExpanded': false},
{id: '1143', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '120 DUP1\n121 PUSH4 0xb630d706\n126 EQ\n127 PUSH2 0x0157\n130 JUMPI\n', 'fullLabel': '120 DUP1\n121 PUSH4 0xb630d706\n126 EQ\n127 PUSH2 0x0157\n130 JUMPI\n', 'truncLabel': '120 DUP1\n121 PUSH4 0xb630d706\n126 EQ\n127 PUSH2 0x0157\n130 JUMPI\n', 'isExpanded': false},
{id: '1137', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '109 DUP1\n110 PUSH4 0xb34c3610\n115 EQ\n116 PUSH2 0x0142\n119 JUMPI\n', 'fullLabel': '109 DUP1\n110 PUSH4 0xb34c3610\n115 EQ\n116 PUSH2 0x0142\n119 JUMPI\n', 'truncLabel': '109 DUP1\n110 PUSH4 0xb34c3610\n115 EQ\n116 PUSH2 0x0142\n119 JUMPI\n', 'isExpanded': false},
{id: '1129', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '98 DUP1\n99 PUSH4 0xa08299f1\n104 EQ\n105 PUSH2 0x011f\n108 JUMPI\n', 'fullLabel': '98 DUP1\n99 PUSH4 0xa08299f1\n104 EQ\n105 PUSH2 0x011f\n108 JUMPI\n', 'truncLabel': '98 DUP1\n99 PUSH4 0xa08299f1\n104 EQ\n105 PUSH2 0x011f\n108 JUMPI\n', 'isExpanded': false},
{id: '1121', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '87 DUP1\n88 PUSH4 0x92dd38ea\n93 EQ\n94 PUSH2 0x00fc\n97 JUMPI\n', 'fullLabel': '87 DUP1\n88 PUSH4 0x92dd38ea\n93 EQ\n94 PUSH2 0x00fc\n97 JUMPI\n', 'truncLabel': '87 DUP1\n88 PUSH4 0x92dd38ea\n93 EQ\n94 PUSH2 0x00fc\n97 JUMPI\n', 'isExpanded': false},
{id: '1113', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '76 DUP1\n77 PUSH4 0x78375f14\n82 EQ\n83 PUSH2 0x00d9\n86 JUMPI\n', 'fullLabel': '76 DUP1\n77 PUSH4 0x78375f14\n82 EQ\n83 PUSH2 0x00d9\n86 JUMPI\n', 'truncLabel': '76 DUP1\n77 PUSH4 0x78375f14\n82 EQ\n83 PUSH2 0x00d9\n86 JUMPI\n', 'isExpanded': false},
{id: '1105', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '65 DUP1\n66 PUSH4 0x546455b5\n71 EQ\n72 PUSH2 0x00b6\n75 JUMPI\n', 'fullLabel': '65 DUP1\n66 PUSH4 0x546455b5\n71 EQ\n72 PUSH2 0x00b6\n75 JUMPI\n', 'truncLabel': '65 DUP1\n66 PUSH4 0x546455b5\n71 EQ\n72 PUSH2 0x00b6\n75 JUMPI\n', 'isExpanded': false},
{id: '1094', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n(click to expand +)', 'fullLabel': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n53 AND\n54 DUP1\n55 PUSH4 0x01d4277c\n60 EQ\n61 PUSH2 0x0093\n64 JUMPI\n', 'truncLabel': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n(click to expand +)', 'isExpanded': false},
{id: '1092', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'fullLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n9 PUSH2 0x008e\n12 JUMPI\n', 'truncLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'isExpanded': false}
];
var edges = [
{from: '1092', to: '1093', 'arrows': 'to', 'label': 'Not(ULE(4, calldatasize_Exceptions))', 'smooth': {'type': 'cubicBezier'}},
{from: '1098', to: '1099', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1097', to: '1098', 'arrows': 'to', 'label': 'ULE(8, calldata_Exceptions_4)', 'smooth': {'type': 'cubicBezier'}},
{from: '1101', to: '1102', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1100', to: '1101', 'arrows': 'to', 'label': 'Not(ULE(8, calldata_Exceptions_4))', 'smooth': {'type': 'cubicBezier'}},
{from: '1100', to: '1103', 'arrows': 'to', 'label': 'ULE(8, calldata_Exceptions_4)', 'smooth': {'type': 'cubicBezier'}},
{from: '1097', to: '1100', 'arrows': 'to', 'label': 'Not(ULE(8, calldata_Exceptions_4))', 'smooth': {'type': 'cubicBezier'}},
{from: '1096', to: '1097', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1095', to: '1096', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1095', to: '1104', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1094', to: '1095', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Exceptions_0) == 0x1d4277c', 'smooth': {'type': 'cubicBezier'}},
{from: '1109', to: '1110', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1108', to: '1109', 'arrows': 'to', 'label': 'Not(calldata_Exceptions_4 == 23)', 'smooth': {'type': 'cubicBezier'}},
{from: '1108', to: '1111', 'arrows': 'to', 'label': 'calldata_Exceptions_4 == 23', 'smooth': {'type': 'cubicBezier'}},
{from: '1107', to: '1108', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1106', to: '1107', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1106', to: '1112', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1105', to: '1106', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Exceptions_0) == 0x546455b5', 'smooth': {'type': 'cubicBezier'}},
{from: '1117', to: '1118', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1116', to: '1117', 'arrows': 'to', 'label': 'Not(calldata_Exceptions_4 == 23)', 'smooth': {'type': 'cubicBezier'}},
{from: '1116', to: '1119', 'arrows': 'to', 'label': 'calldata_Exceptions_4 == 23', 'smooth': {'type': 'cubicBezier'}},
{from: '1115', to: '1116', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1114', to: '1115', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1114', to: '1120', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1113', to: '1114', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Exceptions_0) == 0x78375f14', 'smooth': {'type': 'cubicBezier'}},
{from: '1125', to: '1126', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1124', to: '1125', 'arrows': 'to', 'label': 'Not(ULE(8, calldata_Exceptions_4))', 'smooth': {'type': 'cubicBezier'}},
{from: '1124', to: '1127', 'arrows': 'to', 'label': 'ULE(8, calldata_Exceptions_4)', 'smooth': {'type': 'cubicBezier'}},
{from: '1123', to: '1124', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1122', to: '1123', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1122', to: '1128', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1121', to: '1122', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Exceptions_0) == 0x92dd38ea', 'smooth': {'type': 'cubicBezier'}},
{from: '1133', to: '1134', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1132', to: '1133', 'arrows': 'to', 'label': 'Not(calldata_Exceptions_4 == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1132', to: '1135', 'arrows': 'to', 'label': 'calldata_Exceptions_4 == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1131', to: '1132', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1130', to: '1131', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1130', to: '1136', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1129', to: '1130', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Exceptions_0) == 0xa08299f1', 'smooth': {'type': 'cubicBezier'}},
{from: '1140', to: '1141', 'arrows': 'to', 'label': 'True', 'smooth': {'type': 'cubicBezier'}},
{from: '1139', to: '1140', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1138', to: '1139', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1138', to: '1142', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1137', to: '1138', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Exceptions_0) == 0xb34c3610', 'smooth': {'type': 'cubicBezier'}},
{from: '1147', to: '1148', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1146', to: '1147', 'arrows': 'to', 'label': 'calldata_Exceptions_4 == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1150', to: '1151', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1149', to: '1150', 'arrows': 'to', 'label': 'Not(calldata_Exceptions_4 == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1149', to: '1152', 'arrows': 'to', 'label': 'calldata_Exceptions_4 == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1146', to: '1149', 'arrows': 'to', 'label': 'Not(calldata_Exceptions_4 == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1145', to: '1146', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1144', to: '1145', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1144', to: '1153', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1143', to: '1144', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Exceptions_0) == 0xb630d706', 'smooth': {'type': 'cubicBezier'}},
{from: '1158', to: '1159', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1157', to: '1158', 'arrows': 'to', 'label': 'True', 'smooth': {'type': 'cubicBezier'}},
{from: '1156', to: '1157', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1155', to: '1156', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1155', to: '1160', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1154', to: '1155', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Exceptions_0) == 0xf44f13d8', 'smooth': {'type': 'cubicBezier'}},
{from: '1154', to: '1161', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Exceptions_0) == 0xf44f13d8)', 'smooth': {'type': 'cubicBezier'}},
{from: '1143', to: '1154', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Exceptions_0) == 0xb630d706)', 'smooth': {'type': 'cubicBezier'}},
{from: '1137', to: '1143', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Exceptions_0) == 0xb34c3610)', 'smooth': {'type': 'cubicBezier'}},
{from: '1129', to: '1137', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Exceptions_0) == 0xa08299f1)', 'smooth': {'type': 'cubicBezier'}},
{from: '1121', to: '1129', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Exceptions_0) == 0x92dd38ea)', 'smooth': {'type': 'cubicBezier'}},
{from: '1113', to: '1121', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Exceptions_0) == 0x78375f14)', 'smooth': {'type': 'cubicBezier'}},
{from: '1105', to: '1113', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Exceptions_0) == 0x546455b5)', 'smooth': {'type': 'cubicBezier'}},
{from: '1094', to: '1105', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Exceptions_0) == 0x1d4277c)', 'smooth': {'type': 'cubicBezier'}},
{from: '1092', to: '1094', 'arrows': 'to', 'label': 'ULE(4, calldatasize_Exceptions)', 'smooth': {'type': 'cubicBezier'}}
];
</script>
</head>
<body>
<p>Mythril / LASER Symbolic VM</p>
<p><div id="mynetwork"></div><br/></p>
<script type="text/javascript">
var container = document.getElementById('mynetwork');
var nodesSet = new vis.DataSet(nodes);
var edgesSet = new vis.DataSet(edges);
var data = {'nodes': nodesSet, 'edges': edgesSet}
var gph = new vis.Network(container, data, options);
gph.on("click", function (params) {
// parse node id
var nodeID = params['nodes']['0'];
if (nodeID) {
var clickedNode = nodesSet.get(nodeID);
if(clickedNode.isExpanded) {
clickedNode.label = clickedNode.truncLabel;
}
else {
clickedNode.label = clickedNode.fullLabel;
}
clickedNode.isExpanded = !clickedNode.isExpanded;
nodesSet.update(clickedNode);
}
});
</script>
</body>
</html>

4
tests/testdata/outputs_expected/exceptions.sol.o.graph.html vendored
View File

File diff suppressed because one or more lines are too long

39
tests/testdata/outputs_expected/exceptions.sol.o.json vendored
Unescape View File

@ -1,38 +1 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Exception state",
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ",
"function": "_function_0x546455b5",
"type": "Informational",
"address": 446,
"debug": "<DEBUG-DATA>"
},
{
"title": "Exception state",
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ",
"function": "_function_0x92dd38ea",
"type": "Informational",
"address": 484,
"debug": "<DEBUG-DATA>"
},
{
"title": "Exception state",
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ",
"function": "_function_0xa08299f1",
"type": "Informational",
"address": 506,
"debug": "<DEBUG-DATA>"
},
{
"title": "Exception state",
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ",
"function": "_function_0xb34c3610",
"type": "Informational",
"address": 531,
"debug": "<DEBUG-DATA>"
}
]
}
{"error": null, "issues": [{"address": 446, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0x546455b5", "title": "Exception state", "type": "Informational"}, {"address": 484, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0x92dd38ea", "title": "Exception state", "type": "Informational"}, {"address": 506, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0xa08299f1", "title": "Exception state", "type": "Informational"}, {"address": 531, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0xb34c3610", "title": "Exception state", "type": "Informational"}], "success": true}

178
tests/testdata/outputs_expected/kinds_of_calls.sol.graph.html vendored
Unescape View File

@ -1,178 +0,0 @@
<html>
<head>
<style type="text/css">
#mynetwork {
background-color: #232625;
}
body {
background-color: #232625;
color: #ffffff;
font-size: 10px;
}
</style>
<link href="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.css" rel="stylesheet" type="text/css" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.js"></script>
<script>
var options = {
autoResize: true,
height: '100%',
width: '100%',
manipulation: false,
height: '90%',
layout: {
randomSeed: undefined,
improvedLayout:true,
hierarchical: {
enabled:true,
levelSeparation: 450,
nodeSpacing: 200,
treeSpacing: 100,
blockShifting: true,
edgeMinimization: true,
parentCentralization: false,
direction: 'LR', // UD, DU, LR, RL
sortMethod: 'directed' // hubsize, directed
}
},
nodes:{
borderWidth: 1,
borderWidthSelected: 2,
chosen: true,
shape: 'box',
font: {
align: 'left',
color: '#FFFFFF',
},
},
edges:{
font: {
color: '#ffffff',
size: 12, // px
face: 'arial',
background: 'none',
strokeWidth: 0, // px
strokeColor: '#ffffff',
align: 'horizontal',
multi: false,
vadjust: 0,
}
},
physics:{
enabled: false,
}
}
var nodes = [
{id: '1193', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '109 JUMPDEST\n110 PUSH1 0x00\n112 DUP1\n113 REVERT\n', 'fullLabel': '109 JUMPDEST\n110 PUSH1 0x00\n112 DUP1\n113 REVERT\n', 'truncLabel': '109 JUMPDEST\n110 PUSH1 0x00\n112 DUP1\n113 REVERT\n', 'isExpanded': false},
{id: '1198', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '178 JUMPDEST\n179 STOP\n', 'fullLabel': '178 JUMPDEST\n179 STOP\n', 'truncLabel': '178 JUMPDEST\n179 STOP\n', 'isExpanded': false},
{id: '1197', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '438 JUMPDEST\n439 DUP2\n440 PUSH20 0xffffffff(...)\n461 AND\n462 PUSH1 0x40\n464 MLOAD\n(click to expand +)', 'fullLabel': '438 JUMPDEST\n439 DUP2\n440 PUSH20 0xffffffff(...)\n461 AND\n462 PUSH1 0x40\n464 MLOAD\n465 DUP1\n466 DUP1\n467 PUSH32 0x7365744e(...)\n500 DUP2\n501 MSTORE\n502 POP\n503 PUSH1 0x0d\n505 ADD\n506 SWAP1\n507 POP\n508 PUSH1 0x40\n510 MLOAD\n511 DUP1\n512 SWAP2\n513 SUB\n514 SWAP1\n515 SHA3\n516 PUSH29 0x01000000(...)\n546 SWAP1\n547 DIV\n548 DUP3\n549 PUSH1 0x40\n551 MLOAD\n552 DUP3\n553 PUSH4 0xffffffff\n558 AND\n559 PUSH29 0x01000000(...)\n589 MUL\n590 DUP2\n591 MSTORE\n592 PUSH1 0x04\n594 ADD\n595 DUP1\n596 DUP3\n597 DUP2\n598 MSTORE\n599 PUSH1 0x20\n601 ADD\n602 SWAP2\n603 POP\n604 POP\n605 PUSH1 0x00\n607 PUSH1 0x40\n609 MLOAD\n610 DUP1\n611 DUP4\n612 SUB\n613 DUP2\n614 PUSH1 0x00\n616 DUP8\n617 GAS\n618 CALLCODE\n619 SWAP3\n620 POP\n621 POP\n622 POP\n623 POP\n624 POP\n625 POP\n626 JUMP\n', 'truncLabel': '438 JUMPDEST\n439 DUP2\n440 PUSH20 0xffffffff(...)\n461 AND\n462 PUSH1 0x40\n464 MLOAD\n(click to expand +)', 'isExpanded': false},
{id: '1196', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '125 JUMPDEST\n126 PUSH2 0x00b2\n129 PUSH1 0x04\n131 DUP1\n132 DUP1\n133 CALLDATALOAD\n(click to expand +)', 'fullLabel': '125 JUMPDEST\n126 PUSH2 0x00b2\n129 PUSH1 0x04\n131 DUP1\n132 DUP1\n133 CALLDATALOAD\n134 PUSH20 0xffffffff(...)\n155 AND\n156 SWAP1\n157 PUSH1 0x20\n159 ADD\n160 SWAP1\n161 SWAP2\n162 SWAP1\n163 DUP1\n164 CALLDATALOAD\n165 SWAP1\n166 PUSH1 0x20\n168 ADD\n169 SWAP1\n170 SWAP2\n171 SWAP1\n172 POP\n173 POP\n174 PUSH2 0x01b6\n177 JUMP\n', 'truncLabel': '125 JUMPDEST\n126 PUSH2 0x00b2\n129 PUSH1 0x04\n131 DUP1\n132 DUP1\n133 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '1199', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '121 PUSH1 0x00\n123 DUP1\n124 REVERT\n', 'fullLabel': '121 PUSH1 0x00\n123 DUP1\n124 REVERT\n', 'truncLabel': '121 PUSH1 0x00\n123 DUP1\n124 REVERT\n', 'isExpanded': false},
{id: '1195', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '114 _function_0x141f32ff\n115 CALLVALUE\n116 ISZERO\n117 PUSH2 0x007d\n120 JUMPI\n', 'fullLabel': '114 _function_0x141f32ff\n115 CALLVALUE\n116 ISZERO\n117 PUSH2 0x007d\n120 JUMPI\n', 'truncLabel': '114 _function_0x141f32ff\n115 CALLVALUE\n116 ISZERO\n117 PUSH2 0x007d\n120 JUMPI\n', 'isExpanded': false},
{id: '1204', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '199 JUMPDEST\n200 PUSH1 0x40\n202 MLOAD\n203 DUP1\n204 DUP3\n205 DUP2\n(click to expand +)', 'fullLabel': '199 JUMPDEST\n200 PUSH1 0x40\n202 MLOAD\n203 DUP1\n204 DUP3\n205 DUP2\n206 MSTORE\n207 PUSH1 0x20\n209 ADD\n210 SWAP2\n211 POP\n212 POP\n213 PUSH1 0x40\n215 MLOAD\n216 DUP1\n217 SWAP2\n218 SUB\n219 SWAP1\n220 RETURN\n', 'truncLabel': '199 JUMPDEST\n200 PUSH1 0x40\n202 MLOAD\n203 DUP1\n204 DUP3\n205 DUP2\n(click to expand +)', 'isExpanded': false},
{id: '1203', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '627 JUMPDEST\n628 PUSH1 0x00\n630 SLOAD\n631 DUP2\n632 JUMP\n', 'fullLabel': '627 JUMPDEST\n628 PUSH1 0x00\n630 SLOAD\n631 DUP2\n632 JUMP\n', 'truncLabel': '627 JUMPDEST\n628 PUSH1 0x00\n630 SLOAD\n631 DUP2\n632 JUMP\n', 'isExpanded': false},
{id: '1202', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '191 JUMPDEST\n192 PUSH2 0x00c7\n195 PUSH2 0x0273\n198 JUMP\n', 'fullLabel': '191 JUMPDEST\n192 PUSH2 0x00c7\n195 PUSH2 0x0273\n198 JUMP\n', 'truncLabel': '191 JUMPDEST\n192 PUSH2 0x00c7\n195 PUSH2 0x0273\n198 JUMP\n', 'isExpanded': false},
{id: '1205', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '187 PUSH1 0x00\n189 DUP1\n190 REVERT\n', 'fullLabel': '187 PUSH1 0x00\n189 DUP1\n190 REVERT\n', 'truncLabel': '187 PUSH1 0x00\n189 DUP1\n190 REVERT\n', 'isExpanded': false},
{id: '1201', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '180 _function_0x2e52d606\n181 CALLVALUE\n182 ISZERO\n183 PUSH2 0x00bf\n186 JUMPI\n', 'fullLabel': '180 _function_0x2e52d606\n181 CALLVALUE\n182 ISZERO\n183 PUSH2 0x00bf\n186 JUMPI\n', 'truncLabel': '180 _function_0x2e52d606\n181 CALLVALUE\n182 ISZERO\n183 PUSH2 0x00bf\n186 JUMPI\n', 'isExpanded': false},
{id: '1210', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '240 JUMPDEST\n241 PUSH1 0x40\n243 MLOAD\n244 DUP1\n245 DUP3\n246 PUSH20 0xffffffff(...)\n(click to expand +)', 'fullLabel': '240 JUMPDEST\n241 PUSH1 0x40\n243 MLOAD\n244 DUP1\n245 DUP3\n246 PUSH20 0xffffffff(...)\n267 AND\n268 PUSH20 0xffffffff(...)\n289 AND\n290 DUP2\n291 MSTORE\n292 PUSH1 0x20\n294 ADD\n295 SWAP2\n296 POP\n297 POP\n298 PUSH1 0x40\n300 MLOAD\n301 DUP1\n302 SWAP2\n303 SUB\n304 SWAP1\n305 RETURN\n', 'truncLabel': '240 JUMPDEST\n241 PUSH1 0x40\n243 MLOAD\n244 DUP1\n245 DUP3\n246 PUSH20 0xffffffff(...)\n(click to expand +)', 'isExpanded': false},
{id: '1209', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '633 JUMPDEST\n634 PUSH1 0x01\n636 PUSH1 0x00\n638 SWAP1\n639 SLOAD\n640 SWAP1\n(click to expand +)', 'fullLabel': '633 JUMPDEST\n634 PUSH1 0x01\n636 PUSH1 0x00\n638 SWAP1\n639 SLOAD\n640 SWAP1\n641 PUSH2 0x0100\n644 EXP\n645 SWAP1\n646 DIV\n647 PUSH20 0xffffffff(...)\n668 AND\n669 DUP2\n670 JUMP\n', 'truncLabel': '633 JUMPDEST\n634 PUSH1 0x01\n636 PUSH1 0x00\n638 SWAP1\n639 SLOAD\n640 SWAP1\n(click to expand +)', 'isExpanded': false},
{id: '1208', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '232 JUMPDEST\n233 PUSH2 0x00f0\n236 PUSH2 0x0279\n239 JUMP\n', 'fullLabel': '232 JUMPDEST\n233 PUSH2 0x00f0\n236 PUSH2 0x0279\n239 JUMP\n', 'truncLabel': '232 JUMPDEST\n233 PUSH2 0x00f0\n236 PUSH2 0x0279\n239 JUMP\n', 'isExpanded': false},
{id: '1211', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '228 PUSH1 0x00\n230 DUP1\n231 REVERT\n', 'fullLabel': '228 PUSH1 0x00\n230 DUP1\n231 REVERT\n', 'truncLabel': '228 PUSH1 0x00\n230 DUP1\n231 REVERT\n', 'isExpanded': false},
{id: '1207', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '221 _function_0x67e404ce\n222 CALLVALUE\n223 ISZERO\n224 PUSH2 0x00e8\n227 JUMPI\n', 'fullLabel': '221 _function_0x67e404ce\n222 CALLVALUE\n223 ISZERO\n224 PUSH2 0x00e8\n227 JUMPI\n', 'truncLabel': '221 _function_0x67e404ce\n222 CALLVALUE\n223 ISZERO\n224 PUSH2 0x00e8\n227 JUMPI\n', 'isExpanded': false},
{id: '1216', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '370 JUMPDEST\n371 STOP\n', 'fullLabel': '370 JUMPDEST\n371 STOP\n', 'truncLabel': '370 JUMPDEST\n371 STOP\n', 'isExpanded': false},
{id: '1215', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '671 JUMPDEST\n672 DUP2\n673 PUSH20 0xffffffff(...)\n694 AND\n695 PUSH1 0x40\n697 MLOAD\n(click to expand +)', 'fullLabel': '671 JUMPDEST\n672 DUP2\n673 PUSH20 0xffffffff(...)\n694 AND\n695 PUSH1 0x40\n697 MLOAD\n698 DUP1\n699 DUP1\n700 PUSH32 0x7365744e(...)\n733 DUP2\n734 MSTORE\n735 POP\n736 PUSH1 0x0d\n738 ADD\n739 SWAP1\n740 POP\n741 PUSH1 0x40\n743 MLOAD\n744 DUP1\n745 SWAP2\n746 SUB\n747 SWAP1\n748 SHA3\n749 PUSH29 0x01000000(...)\n779 SWAP1\n780 DIV\n781 DUP3\n782 PUSH1 0x40\n784 MLOAD\n785 DUP3\n786 PUSH4 0xffffffff\n791 AND\n792 PUSH29 0x01000000(...)\n822 MUL\n823 DUP2\n824 MSTORE\n825 PUSH1 0x04\n827 ADD\n828 DUP1\n829 DUP3\n830 DUP2\n831 MSTORE\n832 PUSH1 0x20\n834 ADD\n835 SWAP2\n836 POP\n837 POP\n838 PUSH1 0x00\n840 PUSH1 0x40\n842 MLOAD\n843 DUP1\n844 DUP4\n845 SUB\n846 DUP2\n847 DUP7\n848 GAS\n849 DELEGATECALL\n850 SWAP3\n851 POP\n852 POP\n853 POP\n854 POP\n855 POP\n856 POP\n857 JUMP\n', 'truncLabel': '671 JUMPDEST\n672 DUP2\n673 PUSH20 0xffffffff(...)\n694 AND\n695 PUSH1 0x40\n697 MLOAD\n(click to expand +)', 'isExpanded': false},
{id: '1214', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '317 JUMPDEST\n318 PUSH2 0x0172\n321 PUSH1 0x04\n323 DUP1\n324 DUP1\n325 CALLDATALOAD\n(click to expand +)', 'fullLabel': '317 JUMPDEST\n318 PUSH2 0x0172\n321 PUSH1 0x04\n323 DUP1\n324 DUP1\n325 CALLDATALOAD\n326 PUSH20 0xffffffff(...)\n347 AND\n348 SWAP1\n349 PUSH1 0x20\n351 ADD\n352 SWAP1\n353 SWAP2\n354 SWAP1\n355 DUP1\n356 CALLDATALOAD\n357 SWAP1\n358 PUSH1 0x20\n360 ADD\n361 SWAP1\n362 SWAP2\n363 SWAP1\n364 POP\n365 POP\n366 PUSH2 0x029f\n369 JUMP\n', 'truncLabel': '317 JUMPDEST\n318 PUSH2 0x0172\n321 PUSH1 0x04\n323 DUP1\n324 DUP1\n325 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '1217', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '313 PUSH1 0x00\n315 DUP1\n316 REVERT\n', 'fullLabel': '313 PUSH1 0x00\n315 DUP1\n316 REVERT\n', 'truncLabel': '313 PUSH1 0x00\n315 DUP1\n316 REVERT\n', 'isExpanded': false},
{id: '1213', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '306 _function_0x9b58bc26\n307 CALLVALUE\n308 ISZERO\n309 PUSH2 0x013d\n312 JUMPI\n', 'fullLabel': '306 _function_0x9b58bc26\n307 CALLVALUE\n308 ISZERO\n309 PUSH2 0x013d\n312 JUMPI\n', 'truncLabel': '306 _function_0x9b58bc26\n307 CALLVALUE\n308 ISZERO\n309 PUSH2 0x013d\n312 JUMPI\n', 'isExpanded': false},
{id: '1222', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '436 JUMPDEST\n437 STOP\n', 'fullLabel': '436 JUMPDEST\n437 STOP\n', 'truncLabel': '436 JUMPDEST\n437 STOP\n', 'isExpanded': false},
{id: '1221', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '858 JUMPDEST\n859 DUP2\n860 PUSH20 0xffffffff(...)\n881 AND\n882 PUSH1 0x40\n884 MLOAD\n(click to expand +)', 'fullLabel': '858 JUMPDEST\n859 DUP2\n860 PUSH20 0xffffffff(...)\n881 AND\n882 PUSH1 0x40\n884 MLOAD\n885 DUP1\n886 DUP1\n887 PUSH32 0x7365744e(...)\n920 DUP2\n921 MSTORE\n922 POP\n923 PUSH1 0x0d\n925 ADD\n926 SWAP1\n927 POP\n928 PUSH1 0x40\n930 MLOAD\n931 DUP1\n932 SWAP2\n933 SUB\n934 SWAP1\n935 SHA3\n936 PUSH29 0x01000000(...)\n966 SWAP1\n967 DIV\n968 DUP3\n969 PUSH1 0x40\n971 MLOAD\n972 DUP3\n973 PUSH4 0xffffffff\n978 AND\n979 PUSH29 0x01000000(...)\n1009 MUL\n1010 DUP2\n1011 MSTORE\n1012 PUSH1 0x04\n1014 ADD\n1015 DUP1\n1016 DUP3\n1017 DUP2\n1018 MSTORE\n1019 PUSH1 0x20\n1021 ADD\n1022 SWAP2\n1023 POP\n1024 POP\n1025 PUSH1 0x00\n1027 PUSH1 0x40\n1029 MLOAD\n1030 DUP1\n1031 DUP4\n1032 SUB\n1033 DUP2\n1034 PUSH1 0x00\n1036 DUP8\n1037 GAS\n1038 CALL\n1039 SWAP3\n1040 POP\n1041 POP\n1042 POP\n1043 POP\n1044 POP\n1045 POP\n1046 JUMP\n', 'truncLabel': '858 JUMPDEST\n859 DUP2\n860 PUSH20 0xffffffff(...)\n881 AND\n882 PUSH1 0x40\n884 MLOAD\n(click to expand +)', 'isExpanded': false},
{id: '1220', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '383 JUMPDEST\n384 PUSH2 0x01b4\n387 PUSH1 0x04\n389 DUP1\n390 DUP1\n391 CALLDATALOAD\n(click to expand +)', 'fullLabel': '383 JUMPDEST\n384 PUSH2 0x01b4\n387 PUSH1 0x04\n389 DUP1\n390 DUP1\n391 CALLDATALOAD\n392 PUSH20 0xffffffff(...)\n413 AND\n414 SWAP1\n415 PUSH1 0x20\n417 ADD\n418 SWAP1\n419 SWAP2\n420 SWAP1\n421 DUP1\n422 CALLDATALOAD\n423 SWAP1\n424 PUSH1 0x20\n426 ADD\n427 SWAP1\n428 SWAP2\n429 SWAP1\n430 POP\n431 POP\n432 PUSH2 0x035a\n435 JUMP\n', 'truncLabel': '383 JUMPDEST\n384 PUSH2 0x01b4\n387 PUSH1 0x04\n389 DUP1\n390 DUP1\n391 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '1223', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '379 PUSH1 0x00\n381 DUP1\n382 REVERT\n', 'fullLabel': '379 PUSH1 0x00\n381 DUP1\n382 REVERT\n', 'truncLabel': '379 PUSH1 0x00\n381 DUP1\n382 REVERT\n', 'isExpanded': false},
{id: '1219', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '372 _function_0xeea4c864\n373 CALLVALUE\n374 ISZERO\n375 PUSH2 0x017f\n378 JUMPI\n', 'fullLabel': '372 _function_0xeea4c864\n373 CALLVALUE\n374 ISZERO\n375 PUSH2 0x017f\n378 JUMPI\n', 'truncLabel': '372 _function_0xeea4c864\n373 CALLVALUE\n374 ISZERO\n375 PUSH2 0x017f\n378 JUMPI\n', 'isExpanded': false},
{id: '1224', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '109 JUMPDEST\n110 PUSH1 0x00\n112 DUP1\n113 REVERT\n', 'fullLabel': '109 JUMPDEST\n110 PUSH1 0x00\n112 DUP1\n113 REVERT\n', 'truncLabel': '109 JUMPDEST\n110 PUSH1 0x00\n112 DUP1\n113 REVERT\n', 'isExpanded': false},
{id: '1218', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '98 DUP1\n99 PUSH4 0xeea4c864\n104 EQ\n105 PUSH2 0x0174\n108 JUMPI\n', 'fullLabel': '98 DUP1\n99 PUSH4 0xeea4c864\n104 EQ\n105 PUSH2 0x0174\n108 JUMPI\n', 'truncLabel': '98 DUP1\n99 PUSH4 0xeea4c864\n104 EQ\n105 PUSH2 0x0174\n108 JUMPI\n', 'isExpanded': false},
{id: '1212', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '87 DUP1\n88 PUSH4 0x9b58bc26\n93 EQ\n94 PUSH2 0x0132\n97 JUMPI\n', 'fullLabel': '87 DUP1\n88 PUSH4 0x9b58bc26\n93 EQ\n94 PUSH2 0x0132\n97 JUMPI\n', 'truncLabel': '87 DUP1\n88 PUSH4 0x9b58bc26\n93 EQ\n94 PUSH2 0x0132\n97 JUMPI\n', 'isExpanded': false},
{id: '1206', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '76 DUP1\n77 PUSH4 0x67e404ce\n82 EQ\n83 PUSH2 0x00dd\n86 JUMPI\n', 'fullLabel': '76 DUP1\n77 PUSH4 0x67e404ce\n82 EQ\n83 PUSH2 0x00dd\n86 JUMPI\n', 'truncLabel': '76 DUP1\n77 PUSH4 0x67e404ce\n82 EQ\n83 PUSH2 0x00dd\n86 JUMPI\n', 'isExpanded': false},
{id: '1200', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '65 DUP1\n66 PUSH4 0x2e52d606\n71 EQ\n72 PUSH2 0x00b4\n75 JUMPI\n', 'fullLabel': '65 DUP1\n66 PUSH4 0x2e52d606\n71 EQ\n72 PUSH2 0x00b4\n75 JUMPI\n', 'truncLabel': '65 DUP1\n66 PUSH4 0x2e52d606\n71 EQ\n72 PUSH2 0x00b4\n75 JUMPI\n', 'isExpanded': false},
{id: '1194', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n(click to expand +)', 'fullLabel': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n53 AND\n54 DUP1\n55 PUSH4 0x141f32ff\n60 EQ\n61 PUSH2 0x0072\n64 JUMPI\n', 'truncLabel': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n(click to expand +)', 'isExpanded': false},
{id: '1192', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'fullLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n9 PUSH2 0x006d\n12 JUMPI\n', 'truncLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'isExpanded': false}
];
var edges = [
{from: '1192', to: '1193', 'arrows': 'to', 'label': 'Not(ULE(4, calldatasize_D))', 'smooth': {'type': 'cubicBezier'}},
{from: '1197', to: '1198', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1196', to: '1197', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1195', to: '1196', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1195', to: '1199', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1194', to: '1195', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_D_0) == 0x141f32ff', 'smooth': {'type': 'cubicBezier'}},
{from: '1203', to: '1204', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1202', to: '1203', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1201', to: '1202', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1201', to: '1205', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1200', to: '1201', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_D_0) == 0x2e52d606', 'smooth': {'type': 'cubicBezier'}},
{from: '1209', to: '1210', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1208', to: '1209', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1207', to: '1208', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1207', to: '1211', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1206', to: '1207', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_D_0) == 0x67e404ce', 'smooth': {'type': 'cubicBezier'}},
{from: '1215', to: '1216', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1214', to: '1215', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1213', to: '1214', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1213', to: '1217', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1212', to: '1213', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_D_0) == 0x9b58bc26', 'smooth': {'type': 'cubicBezier'}},
{from: '1221', to: '1222', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1220', to: '1221', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1219', to: '1220', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1219', to: '1223', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1218', to: '1219', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_D_0) == 0xeea4c864', 'smooth': {'type': 'cubicBezier'}},
{from: '1218', to: '1224', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_D_0) == 0xeea4c864)', 'smooth': {'type': 'cubicBezier'}},
{from: '1212', to: '1218', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_D_0) == 0x9b58bc26)', 'smooth': {'type': 'cubicBezier'}},
{from: '1206', to: '1212', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_D_0) == 0x67e404ce)', 'smooth': {'type': 'cubicBezier'}},
{from: '1200', to: '1206', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_D_0) == 0x2e52d606)', 'smooth': {'type': 'cubicBezier'}},
{from: '1194', to: '1200', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_D_0) == 0x141f32ff)', 'smooth': {'type': 'cubicBezier'}},
{from: '1192', to: '1194', 'arrows': 'to', 'label': 'ULE(4, calldatasize_D)', 'smooth': {'type': 'cubicBezier'}}
];
</script>
</head>
<body>
<p>Mythril / LASER Symbolic VM</p>
<p><div id="mynetwork"></div><br/></p>
<script type="text/javascript">
var container = document.getElementById('mynetwork');
var nodesSet = new vis.DataSet(nodes);
var edgesSet = new vis.DataSet(edges);
var data = {'nodes': nodesSet, 'edges': edgesSet}
var gph = new vis.Network(container, data, options);
gph.on("click", function (params) {
// parse node id
var nodeID = params['nodes']['0'];
if (nodeID) {
var clickedNode = nodesSet.get(nodeID);
if(clickedNode.isExpanded) {
clickedNode.label = clickedNode.truncLabel;
}
else {
clickedNode.label = clickedNode.fullLabel;
}
clickedNode.isExpanded = !clickedNode.isExpanded;
nodesSet.update(clickedNode);
}
});
</script>
</body>
</html>

4
tests/testdata/outputs_expected/kinds_of_calls.sol.o.graph.html vendored
View File

File diff suppressed because one or more lines are too long

23
tests/testdata/outputs_expected/kinds_of_calls.sol.o.json vendored
Unescape View File

@ -1,22 +1 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Message call to external contract",
"description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.",
"function": "_function_0xeea4c864",
"type": "Warning",
"address": 1038,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0xeea4c864",
"type": "Informational",
"address": 1038,
"debug": "<DEBUG-DATA>"
}
]
}
{"error": null, "issues": [{"address": 626, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0x141f32ff", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 857, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0x9b58bc26", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 1038, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xeea4c864", "title": "Message call to external contract", "type": "Warning"}, {"address": 1046, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xeea4c864", "title": "Unchecked CALL return value", "type": "Informational"}], "success": true}

24
tests/testdata/outputs_expected/kinds_of_calls.sol.o.markdown vendored
Unescape View File

@ -1,5 +1,27 @@
# Analysis results for test-filename.sol
## Unchecked CALL return value
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x141f32ff`
- PC address: 626
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
## Unchecked CALL return value
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x9b58bc26`
- PC address: 857
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
## Message call to external contract
- Type: Warning
@ -16,7 +38,7 @@ This contract executes a message call to an address provided as a function argum
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xeea4c864`
- PC address: 1038
- PC address: 1046
### Description

18
tests/testdata/outputs_expected/kinds_of_calls.sol.o.text vendored
Unescape View File

@ -1,3 +1,19 @@
==== Unchecked CALL return value ====
Type: Informational
Contract: Unknown
Function name: _function_0x141f32ff
PC address: 626
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Unknown
Function name: _function_0x9b58bc26
PC address: 857
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
==== Message call to external contract ====
Type: Warning
Contract: Unknown
@ -10,7 +26,7 @@ This contract executes a message call to an address provided as a function argum
Type: Informational
Contract: Unknown
Function name: _function_0xeea4c864
PC address: 1038
PC address: 1046
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------

150
tests/testdata/outputs_expected/metacoin.sol.graph.html vendored
Unescape View File

@ -1,150 +0,0 @@
<html>
<head>
<style type="text/css">
#mynetwork {
background-color: #232625;
}
body {
background-color: #232625;
color: #ffffff;
font-size: 10px;
}
</style>
<link href="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.css" rel="stylesheet" type="text/css" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.js"></script>
<script>
var options = {
autoResize: true,
height: '100%',
width: '100%',
manipulation: false,
height: '90%',
layout: {
randomSeed: undefined,
improvedLayout:true,
hierarchical: {
enabled:true,
levelSeparation: 450,
nodeSpacing: 200,
treeSpacing: 100,
blockShifting: true,
edgeMinimization: true,
parentCentralization: false,
direction: 'LR', // UD, DU, LR, RL
sortMethod: 'directed' // hubsize, directed
}
},
nodes:{
borderWidth: 1,
borderWidthSelected: 2,
chosen: true,
shape: 'box',
font: {
align: 'left',
color: '#FFFFFF',
},
},
edges:{
font: {
color: '#ffffff',
size: 12, // px
face: 'arial',
background: 'none',
strokeWidth: 0, // px
strokeColor: '#ffffff',
align: 'horizontal',
multi: false,
vadjust: 0,
}
},
physics:{
enabled: false,
}
}
var nodes = [
{id: '1174', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '76 JUMPDEST\n77 PUSH1 0x00\n79 DUP1\n80 REVERT\n', 'fullLabel': '76 JUMPDEST\n77 PUSH1 0x00\n79 DUP1\n80 REVERT\n', 'truncLabel': '76 JUMPDEST\n77 PUSH1 0x00\n79 DUP1\n80 REVERT\n', 'isExpanded': false},
{id: '1179', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '136 JUMPDEST\n137 PUSH1 0x40\n139 MLOAD\n140 DUP1\n141 DUP3\n142 DUP2\n(click to expand +)', 'fullLabel': '136 JUMPDEST\n137 PUSH1 0x40\n139 MLOAD\n140 DUP1\n141 DUP3\n142 DUP2\n143 MSTORE\n144 PUSH1 0x20\n146 ADD\n147 SWAP2\n148 POP\n149 POP\n150 PUSH1 0x40\n152 MLOAD\n153 DUP1\n154 SWAP2\n155 SUB\n156 SWAP1\n157 RETURN\n', 'truncLabel': '136 JUMPDEST\n137 PUSH1 0x40\n139 MLOAD\n140 DUP1\n141 DUP3\n142 DUP2\n(click to expand +)', 'isExpanded': false},
{id: '1178', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '248 JUMPDEST\n249 PUSH1 0x00\n251 PUSH1 0x20\n253 MSTORE\n254 DUP1\n255 PUSH1 0x00\n(click to expand +)', 'fullLabel': '248 JUMPDEST\n249 PUSH1 0x00\n251 PUSH1 0x20\n253 MSTORE\n254 DUP1\n255 PUSH1 0x00\n257 MSTORE\n258 PUSH1 0x40\n260 PUSH1 0x00\n262 SHA3\n263 PUSH1 0x00\n265 SWAP2\n266 POP\n267 SWAP1\n268 POP\n269 SLOAD\n270 DUP2\n271 JUMP\n', 'truncLabel': '248 JUMPDEST\n249 PUSH1 0x00\n251 PUSH1 0x20\n253 MSTORE\n254 DUP1\n255 PUSH1 0x00\n(click to expand +)', 'isExpanded': false},
{id: '1177', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '92 JUMPDEST\n93 PUSH2 0x0088\n96 PUSH1 0x04\n98 DUP1\n99 DUP1\n100 CALLDATALOAD\n(click to expand +)', 'fullLabel': '92 JUMPDEST\n93 PUSH2 0x0088\n96 PUSH1 0x04\n98 DUP1\n99 DUP1\n100 CALLDATALOAD\n101 PUSH20 0xffffffff(...)\n122 AND\n123 SWAP1\n124 PUSH1 0x20\n126 ADD\n127 SWAP1\n128 SWAP2\n129 SWAP1\n130 POP\n131 POP\n132 PUSH2 0x00f8\n135 JUMP\n', 'truncLabel': '92 JUMPDEST\n93 PUSH2 0x0088\n96 PUSH1 0x04\n98 DUP1\n99 DUP1\n100 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '1180', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '88 PUSH1 0x00\n90 DUP1\n91 REVERT\n', 'fullLabel': '88 PUSH1 0x00\n90 DUP1\n91 REVERT\n', 'truncLabel': '88 PUSH1 0x00\n90 DUP1\n91 REVERT\n', 'isExpanded': false},
{id: '1176', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '81 _function_0x27e235e3\n82 CALLVALUE\n83 ISZERO\n84 PUSH2 0x005c\n87 JUMPI\n', 'fullLabel': '81 _function_0x27e235e3\n82 CALLVALUE\n83 ISZERO\n84 PUSH2 0x005c\n87 JUMPI\n', 'truncLabel': '81 _function_0x27e235e3\n82 CALLVALUE\n83 ISZERO\n84 PUSH2 0x005c\n87 JUMPI\n', 'isExpanded': false},
{id: '1186', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '222 JUMPDEST\n223 PUSH1 0x40\n225 MLOAD\n226 DUP1\n227 DUP3\n228 ISZERO\n(click to expand +)', 'fullLabel': '222 JUMPDEST\n223 PUSH1 0x40\n225 MLOAD\n226 DUP1\n227 DUP3\n228 ISZERO\n229 ISZERO\n230 ISZERO\n231 ISZERO\n232 DUP2\n233 MSTORE\n234 PUSH1 0x20\n236 ADD\n237 SWAP2\n238 POP\n239 POP\n240 PUSH1 0x40\n242 MLOAD\n243 DUP1\n244 SWAP2\n245 SUB\n246 SWAP1\n247 RETURN\n', 'truncLabel': '222 JUMPDEST\n223 PUSH1 0x40\n225 MLOAD\n226 DUP1\n227 DUP3\n228 ISZERO\n(click to expand +)', 'isExpanded': false},
{id: '1185', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '353 JUMPDEST\n354 DUP2\n355 PUSH1 0x00\n357 DUP1\n358 CALLER\n359 PUSH20 0xffffffff(...)\n(click to expand +)', 'fullLabel': '353 JUMPDEST\n354 DUP2\n355 PUSH1 0x00\n357 DUP1\n358 CALLER\n359 PUSH20 0xffffffff(...)\n380 AND\n381 PUSH20 0xffffffff(...)\n402 AND\n403 DUP2\n404 MSTORE\n405 PUSH1 0x20\n407 ADD\n408 SWAP1\n409 DUP2\n410 MSTORE\n411 PUSH1 0x20\n413 ADD\n414 PUSH1 0x00\n416 SHA3\n417 PUSH1 0x00\n419 DUP3\n420 DUP3\n421 SLOAD\n422 SUB\n423 SWAP3\n424 POP\n425 POP\n426 DUP2\n427 SWAP1\n428 SSTORE\n429 POP\n430 DUP2\n431 PUSH1 0x00\n433 DUP1\n434 DUP6\n435 PUSH20 0xffffffff(...)\n456 AND\n457 PUSH20 0xffffffff(...)\n478 AND\n479 DUP2\n480 MSTORE\n481 PUSH1 0x20\n483 ADD\n484 SWAP1\n485 DUP2\n486 MSTORE\n487 PUSH1 0x20\n489 ADD\n490 PUSH1 0x00\n492 SHA3\n493 PUSH1 0x00\n495 DUP3\n496 DUP3\n497 SLOAD\n498 ADD\n499 SWAP3\n500 POP\n501 POP\n502 DUP2\n503 SWAP1\n504 SSTORE\n505 POP\n506 PUSH1 0x00\n508 SWAP1\n509 POP\n510 JUMPDEST\n511 SWAP3\n512 SWAP2\n513 POP\n514 POP\n515 JUMP\n', 'truncLabel': '353 JUMPDEST\n354 DUP2\n355 PUSH1 0x00\n357 DUP1\n358 CALLER\n359 PUSH20 0xffffffff(...)\n(click to expand +)', 'isExpanded': false},
{id: '1189', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '222 JUMPDEST\n223 PUSH1 0x40\n225 MLOAD\n226 DUP1\n227 DUP3\n228 ISZERO\n(click to expand +)', 'fullLabel': '222 JUMPDEST\n223 PUSH1 0x40\n225 MLOAD\n226 DUP1\n227 DUP3\n228 ISZERO\n229 ISZERO\n230 ISZERO\n231 ISZERO\n232 DUP2\n233 MSTORE\n234 PUSH1 0x20\n236 ADD\n237 SWAP2\n238 POP\n239 POP\n240 PUSH1 0x40\n242 MLOAD\n243 DUP1\n244 SWAP2\n245 SUB\n246 SWAP1\n247 RETURN\n', 'truncLabel': '222 JUMPDEST\n223 PUSH1 0x40\n225 MLOAD\n226 DUP1\n227 DUP3\n228 ISZERO\n(click to expand +)', 'isExpanded': false},
{id: '1188', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '510 JUMPDEST\n511 SWAP3\n512 SWAP2\n513 POP\n514 POP\n515 JUMP\n(click to expand +)', 'fullLabel': '510 JUMPDEST\n511 SWAP3\n512 SWAP2\n513 POP\n514 POP\n515 JUMP\n', 'truncLabel': '510 JUMPDEST\n511 SWAP3\n512 SWAP2\n513 POP\n514 POP\n515 JUMP\n(click to expand +)', 'isExpanded': false},
{id: '1187', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '345 PUSH1 0x00\n347 SWAP1\n348 POP\n349 PUSH2 0x01fe\n352 JUMP\n', 'fullLabel': '345 PUSH1 0x00\n347 SWAP1\n348 POP\n349 PUSH2 0x01fe\n352 JUMP\n', 'truncLabel': '345 PUSH1 0x00\n347 SWAP1\n348 POP\n349 PUSH2 0x01fe\n352 JUMP\n', 'isExpanded': false},
{id: '1184', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '272 JUMPDEST\n273 PUSH1 0x00\n275 DUP2\n276 PUSH1 0x00\n278 DUP1\n279 CALLER\n(click to expand +)', 'fullLabel': '272 JUMPDEST\n273 PUSH1 0x00\n275 DUP2\n276 PUSH1 0x00\n278 DUP1\n279 CALLER\n280 PUSH20 0xffffffff(...)\n301 AND\n302 PUSH20 0xffffffff(...)\n323 AND\n324 DUP2\n325 MSTORE\n326 PUSH1 0x20\n328 ADD\n329 SWAP1\n330 DUP2\n331 MSTORE\n332 PUSH1 0x20\n334 ADD\n335 PUSH1 0x00\n337 SHA3\n338 SLOAD\n339 LT\n340 ISZERO\n341 PUSH2 0x0161\n344 JUMPI\n', 'truncLabel': '272 JUMPDEST\n273 PUSH1 0x00\n275 DUP2\n276 PUSH1 0x00\n278 DUP1\n279 CALLER\n(click to expand +)', 'isExpanded': false},
{id: '1183', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '169 JUMPDEST\n170 PUSH2 0x00de\n173 PUSH1 0x04\n175 DUP1\n176 DUP1\n177 CALLDATALOAD\n(click to expand +)', 'fullLabel': '169 JUMPDEST\n170 PUSH2 0x00de\n173 PUSH1 0x04\n175 DUP1\n176 DUP1\n177 CALLDATALOAD\n178 PUSH20 0xffffffff(...)\n199 AND\n200 SWAP1\n201 PUSH1 0x20\n203 ADD\n204 SWAP1\n205 SWAP2\n206 SWAP1\n207 DUP1\n208 CALLDATALOAD\n209 SWAP1\n210 PUSH1 0x20\n212 ADD\n213 SWAP1\n214 SWAP2\n215 SWAP1\n216 POP\n217 POP\n218 PUSH2 0x0110\n221 JUMP\n', 'truncLabel': '169 JUMPDEST\n170 PUSH2 0x00de\n173 PUSH1 0x04\n175 DUP1\n176 DUP1\n177 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '1190', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '165 PUSH1 0x00\n167 DUP1\n168 REVERT\n', 'fullLabel': '165 PUSH1 0x00\n167 DUP1\n168 REVERT\n', 'truncLabel': '165 PUSH1 0x00\n167 DUP1\n168 REVERT\n', 'isExpanded': false},
{id: '1182', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '158 sendToken(address,uint256)\n159 CALLVALUE\n160 ISZERO\n161 PUSH2 0x00a9\n164 JUMPI\n', 'fullLabel': '158 sendToken(address,uint256)\n159 CALLVALUE\n160 ISZERO\n161 PUSH2 0x00a9\n164 JUMPI\n', 'truncLabel': '158 sendToken(address,uint256)\n159 CALLVALUE\n160 ISZERO\n161 PUSH2 0x00a9\n164 JUMPI\n', 'isExpanded': false},
{id: '1191', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '76 JUMPDEST\n77 PUSH1 0x00\n79 DUP1\n80 REVERT\n', 'fullLabel': '76 JUMPDEST\n77 PUSH1 0x00\n79 DUP1\n80 REVERT\n', 'truncLabel': '76 JUMPDEST\n77 PUSH1 0x00\n79 DUP1\n80 REVERT\n', 'isExpanded': false},
{id: '1181', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '65 DUP1\n66 PUSH4 0x412664ae\n71 EQ\n72 PUSH2 0x009e\n75 JUMPI\n', 'fullLabel': '65 DUP1\n66 PUSH4 0x412664ae\n71 EQ\n72 PUSH2 0x009e\n75 JUMPI\n', 'truncLabel': '65 DUP1\n66 PUSH4 0x412664ae\n71 EQ\n72 PUSH2 0x009e\n75 JUMPI\n', 'isExpanded': false},
{id: '1175', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n(click to expand +)', 'fullLabel': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n53 AND\n54 DUP1\n55 PUSH4 0x27e235e3\n60 EQ\n61 PUSH2 0x0051\n64 JUMPI\n', 'truncLabel': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n(click to expand +)', 'isExpanded': false},
{id: '1173', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'fullLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n9 PUSH2 0x004c\n12 JUMPI\n', 'truncLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'isExpanded': false}
];
var edges = [
{from: '1173', to: '1174', 'arrows': 'to', 'label': 'Not(ULE(4, calldatasize_metaCoin))', 'smooth': {'type': 'cubicBezier'}},
{from: '1178', to: '1179', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1177', to: '1178', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1176', to: '1177', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1176', to: '1180', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1175', to: '1176', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_metaCoin_0) == 0x27e235e3', 'smooth': {'type': 'cubicBezier'}},
{from: '1185', to: '1186', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1184', to: '1185', 'arrows': 'to', 'label': 'ULE(calldata_metaCoin_32 + 4, storage_keccac_10x50d672faf1bc6a29698f4ed480beffffffffffff_&0xffffffffffffffffffffffffffffffffffffffff_&caller)', 'smooth': {'type': 'cubicBezier'}},
{from: '1188', to: '1189', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1187', to: '1188', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1184', to: '1187', 'arrows': 'to', 'label': 'Not(ULE(calldata_metaCoin_32 + 4, storage_keccac_10x50d672faf1bc6a29698f4ed480beffffffffffff_&0xffffffffffffffffffffffffffffffffffffffff_&caller))', 'smooth': {'type': 'cubicBezier'}},
{from: '1183', to: '1184', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1182', to: '1183', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1182', to: '1190', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1181', to: '1182', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_metaCoin_0) == 0x412664ae', 'smooth': {'type': 'cubicBezier'}},
{from: '1181', to: '1191', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_metaCoin_0) == 0x412664ae)', 'smooth': {'type': 'cubicBezier'}},
{from: '1175', to: '1181', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_metaCoin_0) == 0x27e235e3)', 'smooth': {'type': 'cubicBezier'}},
{from: '1173', to: '1175', 'arrows': 'to', 'label': 'ULE(4, calldatasize_metaCoin)', 'smooth': {'type': 'cubicBezier'}}
];
</script>
</head>
<body>
<p>Mythril / LASER Symbolic VM</p>
<p><div id="mynetwork"></div><br/></p>
<script type="text/javascript">
var container = document.getElementById('mynetwork');
var nodesSet = new vis.DataSet(nodes);
var edgesSet = new vis.DataSet(edges);
var data = {'nodes': nodesSet, 'edges': edgesSet}
var gph = new vis.Network(container, data, options);
gph.on("click", function (params) {
// parse node id
var nodeID = params['nodes']['0'];
if (nodeID) {
var clickedNode = nodesSet.get(nodeID);
if(clickedNode.isExpanded) {
clickedNode.label = clickedNode.truncLabel;
}
else {
clickedNode.label = clickedNode.fullLabel;
}
clickedNode.isExpanded = !clickedNode.isExpanded;
nodesSet.update(clickedNode);
}
});
</script>
</body>
</html>

4
tests/testdata/outputs_expected/metacoin.sol.o.graph.html vendored
View File

File diff suppressed because one or more lines are too long

15
tests/testdata/outputs_expected/metacoin.sol.o.json vendored
Unescape View File

@ -1,14 +1 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Integer Overflow ",
"description": "A possible integer overflow exists in the function `sendToken(address,uint256)`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.",
"function": "sendToken(address,uint256)",
"type": "Warning",
"address": 498,
"debug": "<DEBUG-DATA>"
}
]
}
{"error": null, "issues": [{"address": 498, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer overflow exists in the function `sendToken(address,uint256)`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.", "function": "sendToken(address,uint256)", "title": "Integer Overflow", "type": "Warning"}], "success": true}

2
tests/testdata/outputs_expected/metacoin.sol.o.markdown vendored
Unescape View File

@ -1,6 +1,6 @@
# Analysis results for test-filename.sol
## Integer Overflow
## Integer Overflow
- Type: Warning
- Contract: Unknown

2
tests/testdata/outputs_expected/metacoin.sol.o.text vendored
Unescape View File

@ -1,4 +1,4 @@
==== Integer Overflow ====
==== Integer Overflow ====
Type: Warning
Contract: Unknown
Function name: sendToken(address,uint256)

134
tests/testdata/outputs_expected/multi_contracts.sol.graph.html vendored
Unescape View File

@ -1,134 +0,0 @@
<html>
<head>
<style type="text/css">
#mynetwork {
background-color: #232625;
}
body {
background-color: #232625;
color: #ffffff;
font-size: 10px;
}
</style>
<link href="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.css" rel="stylesheet" type="text/css" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.js"></script>
<script>
var options = {
autoResize: true,
height: '100%',
width: '100%',
manipulation: false,
height: '90%',
layout: {
randomSeed: undefined,
improvedLayout:true,
hierarchical: {
enabled:true,
levelSeparation: 450,
nodeSpacing: 200,
treeSpacing: 100,
blockShifting: true,
edgeMinimization: true,
parentCentralization: false,
direction: 'LR', // UD, DU, LR, RL
sortMethod: 'directed' // hubsize, directed
}
},
nodes:{
borderWidth: 1,
borderWidthSelected: 2,
chosen: true,
shape: 'box',
font: {
align: 'left',
color: '#FFFFFF',
},
},
edges:{
font: {
color: '#ffffff',
size: 12, // px
face: 'arial',
background: 'none',
strokeWidth: 0, // px
strokeColor: '#ffffff',
align: 'horizontal',
multi: false,
vadjust: 0,
}
},
physics:{
enabled: false,
}
}
var nodes = [
{id: '1163', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT\n', 'fullLabel': '63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT\n', 'truncLabel': '63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT\n', 'isExpanded': false},
{id: '1169', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '84 JUMPDEST\n85 STOP\n', 'fullLabel': '84 JUMPDEST\n85 STOP\n', 'truncLabel': '84 JUMPDEST\n85 STOP\n', 'isExpanded': false},
{id: '1168', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '157 JUMPDEST\n158 JUMP\n', 'fullLabel': '157 JUMPDEST\n158 JUMP\n', 'truncLabel': '157 JUMPDEST\n158 JUMP\n', 'isExpanded': false},
{id: '1170', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '153 PUSH1 0x00\n155 DUP1\n156 REVERT\n', 'fullLabel': '153 PUSH1 0x00\n155 DUP1\n156 REVERT\n', 'truncLabel': '153 PUSH1 0x00\n155 DUP1\n156 REVERT\n', 'isExpanded': false},
{id: '1167', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '86 JUMPDEST\n87 CALLER\n88 PUSH20 0xffffffff(...)\n109 AND\n110 PUSH2 0x08fc\n113 PUSH8 0x1bc16d67(...)\n(click to expand +)', 'fullLabel': '86 JUMPDEST\n87 CALLER\n88 PUSH20 0xffffffff(...)\n109 AND\n110 PUSH2 0x08fc\n113 PUSH8 0x1bc16d67(...)\n122 SWAP1\n123 DUP2\n124 ISZERO\n125 MUL\n126 SWAP1\n127 PUSH1 0x40\n129 MLOAD\n130 PUSH1 0x00\n132 PUSH1 0x40\n134 MLOAD\n135 DUP1\n136 DUP4\n137 SUB\n138 DUP2\n139 DUP6\n140 DUP9\n141 DUP9\n142 CALL\n143 SWAP4\n144 POP\n145 POP\n146 POP\n147 POP\n148 ISZERO\n149 ISZERO\n150 PUSH1 0x9d\n152 JUMPI\n', 'truncLabel': '86 JUMPDEST\n87 CALLER\n88 PUSH20 0xffffffff(...)\n109 AND\n110 PUSH2 0x08fc\n113 PUSH8 0x1bc16d67(...)\n(click to expand +)', 'isExpanded': false},
{id: '1166', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '78 JUMPDEST\n79 PUSH1 0x54\n81 PUSH1 0x56\n83 JUMP\n', 'fullLabel': '78 JUMPDEST\n79 PUSH1 0x54\n81 PUSH1 0x56\n83 JUMP\n', 'truncLabel': '78 JUMPDEST\n79 PUSH1 0x54\n81 PUSH1 0x56\n83 JUMP\n', 'isExpanded': false},
{id: '1171', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '74 PUSH1 0x00\n76 DUP1\n77 REVERT\n', 'fullLabel': '74 PUSH1 0x00\n76 DUP1\n77 REVERT\n', 'truncLabel': '74 PUSH1 0x00\n76 DUP1\n77 REVERT\n', 'isExpanded': false},
{id: '1165', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '68 _function_0x8a4068dd\n69 CALLVALUE\n70 ISZERO\n71 PUSH1 0x4e\n73 JUMPI\n', 'fullLabel': '68 _function_0x8a4068dd\n69 CALLVALUE\n70 ISZERO\n71 PUSH1 0x4e\n73 JUMPI\n', 'truncLabel': '68 _function_0x8a4068dd\n69 CALLVALUE\n70 ISZERO\n71 PUSH1 0x4e\n73 JUMPI\n', 'isExpanded': false},
{id: '1172', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT\n', 'fullLabel': '63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT\n', 'truncLabel': '63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT\n', 'isExpanded': false},
{id: '1164', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '12 PUSH1 0x00\n14 CALLDATALOAD\n15 PUSH29 0x01000000(...)\n45 SWAP1\n46 DIV\n47 PUSH4 0xffffffff\n(click to expand +)', 'fullLabel': '12 PUSH1 0x00\n14 CALLDATALOAD\n15 PUSH29 0x01000000(...)\n45 SWAP1\n46 DIV\n47 PUSH4 0xffffffff\n52 AND\n53 DUP1\n54 PUSH4 0x8a4068dd\n59 EQ\n60 PUSH1 0x44\n62 JUMPI\n', 'truncLabel': '12 PUSH1 0x00\n14 CALLDATALOAD\n15 PUSH29 0x01000000(...)\n45 SWAP1\n46 DIV\n47 PUSH4 0xffffffff\n(click to expand +)', 'isExpanded': false},
{id: '1162', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'fullLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n9 PUSH1 0x3f\n11 JUMPI\n', 'truncLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'isExpanded': false}
];
var edges = [
{from: '1162', to: '1163', 'arrows': 'to', 'label': 'Not(ULE(4, calldatasize_Transfer2))', 'smooth': {'type': 'cubicBezier'}},
{from: '1168', to: '1169', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1167', to: '1168', 'arrows': 'to', 'label': 'Not(retval_142 == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1167', to: '1170', 'arrows': 'to', 'label': 'retval_142 == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1166', to: '1167', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '1165', to: '1166', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '1165', to: '1171', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '1164', to: '1165', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Transfer2_0) == 0x8a4068dd', 'smooth': {'type': 'cubicBezier'}},
{from: '1164', to: '1172', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Transfer2_0) == 0x8a4068dd)', 'smooth': {'type': 'cubicBezier'}},
{from: '1162', to: '1164', 'arrows': 'to', 'label': 'ULE(4, calldatasize_Transfer2)', 'smooth': {'type': 'cubicBezier'}}
];
</script>
</head>
<body>
<p>Mythril / LASER Symbolic VM</p>
<p><div id="mynetwork"></div><br/></p>
<script type="text/javascript">
var container = document.getElementById('mynetwork');
var nodesSet = new vis.DataSet(nodes);
var edgesSet = new vis.DataSet(edges);
var data = {'nodes': nodesSet, 'edges': edgesSet}
var gph = new vis.Network(container, data, options);
gph.on("click", function (params) {
// parse node id
var nodeID = params['nodes']['0'];
if (nodeID) {
var clickedNode = nodesSet.get(nodeID);
if(clickedNode.isExpanded) {
clickedNode.label = clickedNode.truncLabel;
}
else {
clickedNode.label = clickedNode.fullLabel;
}
clickedNode.isExpanded = !clickedNode.isExpanded;
nodesSet.update(clickedNode);
}
});
</script>
</body>
</html>

17
tests/testdata/outputs_expected/multi_contracts.sol.json vendored
Unescape View File

@ -1,17 +0,0 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Ether send",
"description": "In the function `_function_0x8a4068dd` a non-zero amount of Ether is sent to msg.sender.\nIt seems that this function can be called without restrictions.",
"function": "_function_0x8a4068dd",
"type": "Warning",
"address": 142,
"debug": "<DEBUG-DATA>",
"filename": "<TESTDATA>/inputs/multi_contracts.sol",
"lineno": 14,
"code": "msg.sender.transfer(2 ether)"
}
]
}

18
tests/testdata/outputs_expected/multi_contracts.sol.markdown vendored
Unescape View File

@ -1,18 +0,0 @@
# Analysis results for <TESTDATA>/inputs/multi_contracts.sol
## Ether send
- Type: Warning
- Contract: Transfer2
- Function name: `_function_0x8a4068dd`
- PC address: 142
### Description
In the function `_function_0x8a4068dd` a non-zero amount of Ether is sent to msg.sender.
It seems that this function can be called without restrictions.
In *<TESTDATA>/inputs/multi_contracts.sol:14*
```
msg.sender.transfer(2 ether)
```

4
tests/testdata/outputs_expected/multi_contracts.sol.o.graph.html vendored
View File

File diff suppressed because one or more lines are too long

15
tests/testdata/outputs_expected/multi_contracts.sol.o.json vendored
Unescape View File

@ -1,14 +1 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Ether send",
"description": "In the function `_function_0x8a4068dd` a non-zero amount of Ether is sent to msg.sender.\nIt seems that this function can be called without restrictions.",
"function": "_function_0x8a4068dd",
"type": "Warning",
"address": 142,
"debug": "<DEBUG-DATA>"
}
]
}
{"error": null, "issues": [{"address": 142, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "In the function `_function_0x8a4068dd` a non-zero amount of Ether is sent to msg.sender.\nIt seems that this function can be called without restrictions.", "function": "_function_0x8a4068dd", "title": "Ether send", "type": "Warning"}], "success": true}

14
tests/testdata/outputs_expected/multi_contracts.sol.text vendored
Unescape View File

@ -1,14 +0,0 @@
==== Ether send ====
Type: Warning
Contract: Transfer2
Function name: _function_0x8a4068dd
PC address: 142
In the function `_function_0x8a4068dd` a non-zero amount of Ether is sent to msg.sender.
It seems that this function can be called without restrictions.
--------------------
In file: <TESTDATA>/inputs/multi_contracts.sol:14
msg.sender.transfer(2 ether)
--------------------

4
tests/testdata/outputs_expected/nonascii.sol.o.graph.html vendored
View File

File diff suppressed because one or more lines are too long

4
tests/testdata/outputs_expected/origin.sol.o.graph.html vendored
View File

File diff suppressed because one or more lines are too long

15
tests/testdata/outputs_expected/origin.sol.o.json vendored
Unescape View File

@ -1,14 +1 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Use of tx.origin",
"description": "Function transferOwnership(address) retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use msg.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin",
"function": "transferOwnership(address)",
"type": "Warning",
"address": 317,
"debug": "<DEBUG-DATA>"
}
]
}
{"error": null, "issues": [{"address": 317, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "Function transferOwnership(address) retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use msg.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin", "function": "transferOwnership(address)", "title": "Use of tx.origin", "type": "Warning"}], "success": true}

39
tests/testdata/outputs_expected/overflow.sol.json vendored
Unescape View File

@ -1,39 +0,0 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Integer Underflow",
"description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.",
"function": "sendeth(address,uint256)",
"type": "Warning",
"address": 649,
"debug": "<DEBUG-DATA>",
"filename": "<TESTDATA>/inputs/overflow.sol",
"lineno": 12,
"code": "balances[msg.sender] -= _value"
},
{
"title": "Integer Overflow ",
"description": "A possible integer overflow exists in the function `sendeth(address,uint256)`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.",
"function": "sendeth(address,uint256)",
"type": "Warning",
"address": 725,
"debug": "<DEBUG-DATA>",
"filename": "<TESTDATA>/inputs/overflow.sol",
"lineno": 13,
"code": "balances[_to] += _value"
},
{
"title": "Integer Underflow",
"description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.",
"function": "sendeth(address,uint256)",
"type": "Warning",
"address": 567,
"debug": "<DEBUG-DATA>",
"filename": "<TESTDATA>/inputs/overflow.sol",
"lineno": 11,
"code": "balances[msg.sender] - _value"
}
]
}

52
tests/testdata/outputs_expected/overflow.sol.markdown vendored
Unescape View File

@ -1,52 +0,0 @@
# Analysis results for <TESTDATA>/inputs/overflow.sol
## Integer Underflow
- Type: Warning
- Contract: Over
- Function name: `sendeth(address,uint256)`
- PC address: 649
### Description
A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
In *<TESTDATA>/inputs/overflow.sol:12*
```
balances[msg.sender] -= _value
```
## Integer Overflow
- Type: Warning
- Contract: Over
- Function name: `sendeth(address,uint256)`
- PC address: 725
### Description
A possible integer overflow exists in the function `sendeth(address,uint256)`.
The addition or multiplication may result in a value higher than the maximum representable integer.
In *<TESTDATA>/inputs/overflow.sol:13*
```
balances[_to] += _value
```
## Integer Underflow
- Type: Warning
- Contract: Over
- Function name: `sendeth(address,uint256)`
- PC address: 567
### Description
A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
In *<TESTDATA>/inputs/overflow.sol:11*
```
balances[msg.sender] - _value
```

4
tests/testdata/outputs_expected/overflow.sol.o.graph.html vendored
View File

File diff suppressed because one or more lines are too long

31
tests/testdata/outputs_expected/overflow.sol.o.json vendored
Unescape View File

@ -1,30 +1 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Integer Underflow",
"description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.",
"function": "sendeth(address,uint256)",
"type": "Warning",
"address": 649,
"debug": "<DEBUG-DATA>"
},
{
"title": "Integer Overflow ",
"description": "A possible integer overflow exists in the function `sendeth(address,uint256)`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.",
"function": "sendeth(address,uint256)",
"type": "Warning",
"address": 725,
"debug": "<DEBUG-DATA>"
},
{
"title": "Integer Underflow",
"description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.",
"function": "sendeth(address,uint256)",
"type": "Warning",
"address": 567,
"debug": "<DEBUG-DATA>"
}
]
}
{"error": null, "issues": [{"address": 567, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.", "function": "sendeth(address,uint256)", "title": "Integer Underflow", "type": "Warning"}, {"address": 649, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.", "function": "sendeth(address,uint256)", "title": "Integer Underflow", "type": "Warning"}, {"address": 725, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer overflow exists in the function `sendeth(address,uint256)`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.", "function": "sendeth(address,uint256)", "title": "Integer Overflow", "type": "Warning"}], "success": true}

2
tests/testdata/outputs_expected/overflow.sol.o.markdown vendored
Unescape View File

@ -24,7 +24,7 @@ The subtraction may result in a value < 0.
A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
## Integer Overflow
## Integer Overflow
- Type: Warning
- Contract: Unknown

2
tests/testdata/outputs_expected/overflow.sol.o.text vendored
Unescape View File

@ -16,7 +16,7 @@ A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
--------------------
==== Integer Overflow ====
==== Integer Overflow ====
Type: Warning
Contract: Unknown
Function name: sendeth(address,uint256)

42
tests/testdata/outputs_expected/overflow.sol.text vendored
Unescape View File

@ -1,42 +0,0 @@
==== Integer Underflow ====
Type: Warning
Contract: Over
Function name: sendeth(address,uint256)
PC address: 649
A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
--------------------
In file: <TESTDATA>/inputs/overflow.sol:12
balances[msg.sender] -= _value
--------------------
==== Integer Overflow ====
Type: Warning
Contract: Over
Function name: sendeth(address,uint256)
PC address: 725
A possible integer overflow exists in the function `sendeth(address,uint256)`.
The addition or multiplication may result in a value higher than the maximum representable integer.
--------------------
In file: <TESTDATA>/inputs/overflow.sol:13
balances[_to] += _value
--------------------
==== Integer Underflow ====
Type: Warning
Contract: Over
Function name: sendeth(address,uint256)
PC address: 567
A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
--------------------
In file: <TESTDATA>/inputs/overflow.sol:11
balances[msg.sender] - _value
--------------------

146
tests/testdata/outputs_expected/returnvalue.sol.graph.html vendored
Unescape View File

@ -1,146 +0,0 @@
<html>
<head>
<style type="text/css">
#mynetwork {
background-color: #232625;
}
body {
background-color: #232625;
color: #ffffff;
font-size: 10px;
}
</style>
<link href="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.css" rel="stylesheet" type="text/css" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.js"></script>
<script>
var options = {
autoResize: true,
height: '100%',
width: '100%',
manipulation: false,
height: '90%',
layout: {
randomSeed: undefined,
improvedLayout:true,
hierarchical: {
enabled:true,
levelSeparation: 450,
nodeSpacing: 200,
treeSpacing: 100,
blockShifting: true,
edgeMinimization: true,
parentCentralization: false,
direction: 'LR', // UD, DU, LR, RL
sortMethod: 'directed' // hubsize, directed
}
},
nodes:{
borderWidth: 1,
borderWidthSelected: 2,
chosen: true,
shape: 'box',
font: {
align: 'left',
color: '#FFFFFF',
},
},
edges:{
font: {
color: '#ffffff',
size: 12, // px
face: 'arial',
background: 'none',
strokeWidth: 0, // px
strokeColor: '#ffffff',
align: 'horizontal',
multi: false,
vadjust: 0,
}
},
physics:{
enabled: false,
}
}
var nodes = [
{id: '655', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '76 JUMPDEST\n77 PUSH1 0x00\n79 DUP1\n80 REVERT\n', 'fullLabel': '76 JUMPDEST\n77 PUSH1 0x00\n79 DUP1\n80 REVERT\n', 'truncLabel': '76 JUMPDEST\n77 PUSH1 0x00\n79 DUP1\n80 REVERT\n', 'isExpanded': false},
{id: '661', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '100 JUMPDEST\n101 STOP\n', 'fullLabel': '100 JUMPDEST\n101 STOP\n', 'truncLabel': '100 JUMPDEST\n101 STOP\n', 'isExpanded': false},
{id: '660', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '210 JUMPDEST\n211 JUMP\n', 'fullLabel': '210 JUMPDEST\n211 JUMP\n', 'truncLabel': '210 JUMPDEST\n211 JUMP\n', 'isExpanded': false},
{id: '662', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '206 PUSH1 0x00\n208 DUP1\n209 REVERT\n', 'fullLabel': '206 PUSH1 0x00\n208 DUP1\n209 REVERT\n', 'truncLabel': '206 PUSH1 0x00\n208 DUP1\n209 REVERT\n', 'isExpanded': false},
{id: '659', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '123 JUMPDEST\n124 PUSH1 0x00\n126 DUP1\n127 SWAP1\n128 SLOAD\n129 SWAP1\n(click to expand +)', 'fullLabel': '123 JUMPDEST\n124 PUSH1 0x00\n126 DUP1\n127 SWAP1\n128 SLOAD\n129 SWAP1\n130 PUSH2 0x0100\n133 EXP\n134 SWAP1\n135 DIV\n136 PUSH20 0xffffffff(...)\n157 AND\n158 PUSH20 0xffffffff(...)\n179 AND\n180 PUSH1 0x40\n182 MLOAD\n183 PUSH1 0x00\n185 PUSH1 0x40\n187 MLOAD\n188 DUP1\n189 DUP4\n190 SUB\n191 DUP2\n192 PUSH1 0x00\n194 DUP7\n195 GAS\n196 CALL\n197 SWAP2\n198 POP\n199 POP\n200 ISZERO\n201 ISZERO\n202 PUSH2 0x00d2\n205 JUMPI\n', 'truncLabel': '123 JUMPDEST\n124 PUSH1 0x00\n126 DUP1\n127 SWAP1\n128 SLOAD\n129 SWAP1\n(click to expand +)', 'isExpanded': false},
{id: '658', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '92 JUMPDEST\n93 PUSH2 0x0064\n96 PUSH2 0x007b\n99 JUMP\n', 'fullLabel': '92 JUMPDEST\n93 PUSH2 0x0064\n96 PUSH2 0x007b\n99 JUMP\n', 'truncLabel': '92 JUMPDEST\n93 PUSH2 0x0064\n96 PUSH2 0x007b\n99 JUMP\n', 'isExpanded': false},
{id: '663', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '88 PUSH1 0x00\n90 DUP1\n91 REVERT\n', 'fullLabel': '88 PUSH1 0x00\n90 DUP1\n91 REVERT\n', 'truncLabel': '88 PUSH1 0x00\n90 DUP1\n91 REVERT\n', 'isExpanded': false},
{id: '657', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '81 _function_0x633ab5e0\n82 CALLVALUE\n83 ISZERO\n84 PUSH2 0x005c\n87 JUMPI\n', 'fullLabel': '81 _function_0x633ab5e0\n82 CALLVALUE\n83 ISZERO\n84 PUSH2 0x005c\n87 JUMPI\n', 'truncLabel': '81 _function_0x633ab5e0\n82 CALLVALUE\n83 ISZERO\n84 PUSH2 0x005c\n87 JUMPI\n', 'isExpanded': false},
{id: '668', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '121 JUMPDEST\n122 STOP\n', 'fullLabel': '121 JUMPDEST\n122 STOP\n', 'truncLabel': '121 JUMPDEST\n122 STOP\n', 'isExpanded': false},
{id: '667', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '212 JUMPDEST\n213 PUSH1 0x00\n215 DUP1\n216 SWAP1\n217 SLOAD\n218 SWAP1\n(click to expand +)', 'fullLabel': '212 JUMPDEST\n213 PUSH1 0x00\n215 DUP1\n216 SWAP1\n217 SLOAD\n218 SWAP1\n219 PUSH2 0x0100\n222 EXP\n223 SWAP1\n224 DIV\n225 PUSH20 0xffffffff(...)\n246 AND\n247 PUSH20 0xffffffff(...)\n268 AND\n269 PUSH1 0x40\n271 MLOAD\n272 PUSH1 0x00\n274 PUSH1 0x40\n276 MLOAD\n277 DUP1\n278 DUP4\n279 SUB\n280 DUP2\n281 PUSH1 0x00\n283 DUP7\n284 GAS\n285 CALL\n286 SWAP2\n287 POP\n288 POP\n289 POP\n290 JUMP\n', 'truncLabel': '212 JUMPDEST\n213 PUSH1 0x00\n215 DUP1\n216 SWAP1\n217 SLOAD\n218 SWAP1\n(click to expand +)', 'isExpanded': false},
{id: '666', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '113 JUMPDEST\n114 PUSH2 0x0079\n117 PUSH2 0x00d4\n120 JUMP\n', 'fullLabel': '113 JUMPDEST\n114 PUSH2 0x0079\n117 PUSH2 0x00d4\n120 JUMP\n', 'truncLabel': '113 JUMPDEST\n114 PUSH2 0x0079\n117 PUSH2 0x00d4\n120 JUMP\n', 'isExpanded': false},
{id: '669', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '109 PUSH1 0x00\n111 DUP1\n112 REVERT\n', 'fullLabel': '109 PUSH1 0x00\n111 DUP1\n112 REVERT\n', 'truncLabel': '109 PUSH1 0x00\n111 DUP1\n112 REVERT\n', 'isExpanded': false},
{id: '665', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '102 _function_0xe3bea282\n103 CALLVALUE\n104 ISZERO\n105 PUSH2 0x0071\n108 JUMPI\n', 'fullLabel': '102 _function_0xe3bea282\n103 CALLVALUE\n104 ISZERO\n105 PUSH2 0x0071\n108 JUMPI\n', 'truncLabel': '102 _function_0xe3bea282\n103 CALLVALUE\n104 ISZERO\n105 PUSH2 0x0071\n108 JUMPI\n', 'isExpanded': false},
{id: '670', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '76 JUMPDEST\n77 PUSH1 0x00\n79 DUP1\n80 REVERT\n', 'fullLabel': '76 JUMPDEST\n77 PUSH1 0x00\n79 DUP1\n80 REVERT\n', 'truncLabel': '76 JUMPDEST\n77 PUSH1 0x00\n79 DUP1\n80 REVERT\n', 'isExpanded': false},
{id: '664', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '65 DUP1\n66 PUSH4 0xe3bea282\n71 EQ\n72 PUSH2 0x0066\n75 JUMPI\n', 'fullLabel': '65 DUP1\n66 PUSH4 0xe3bea282\n71 EQ\n72 PUSH2 0x0066\n75 JUMPI\n', 'truncLabel': '65 DUP1\n66 PUSH4 0xe3bea282\n71 EQ\n72 PUSH2 0x0066\n75 JUMPI\n', 'isExpanded': false},
{id: '656', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n(click to expand +)', 'fullLabel': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n53 AND\n54 DUP1\n55 PUSH4 0x633ab5e0\n60 EQ\n61 PUSH2 0x0051\n64 JUMPI\n', 'truncLabel': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n(click to expand +)', 'isExpanded': false},
{id: '654', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'fullLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n9 PUSH2 0x004c\n12 JUMPI\n', 'truncLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'isExpanded': false}
];
var edges = [
{from: '654', to: '655', 'arrows': 'to', 'label': 'Not(ULE(4, calldatasize_ReturnValue))', 'smooth': {'type': 'cubicBezier'}},
{from: '660', to: '661', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '659', to: '660', 'arrows': 'to', 'label': 'Not(retval_196 == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '659', to: '662', 'arrows': 'to', 'label': 'retval_196 == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '658', to: '659', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '657', to: '658', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '657', to: '663', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '656', to: '657', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_ReturnValue_0) == 0x633ab5e0', 'smooth': {'type': 'cubicBezier'}},
{from: '667', to: '668', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '666', to: '667', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '665', to: '666', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '665', to: '669', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '664', to: '665', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_ReturnValue_0) == 0xe3bea282', 'smooth': {'type': 'cubicBezier'}},
{from: '664', to: '670', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_ReturnValue_0) == 0xe3bea282)', 'smooth': {'type': 'cubicBezier'}},
{from: '656', to: '664', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_ReturnValue_0) == 0x633ab5e0)', 'smooth': {'type': 'cubicBezier'}},
{from: '654', to: '656', 'arrows': 'to', 'label': 'ULE(4, calldatasize_ReturnValue)', 'smooth': {'type': 'cubicBezier'}}
];
</script>
</head>
<body>
<p>Mythril / LASER Symbolic VM</p>
<p><div id="mynetwork"></div><br/></p>
<script type="text/javascript">
var container = document.getElementById('mynetwork');
var nodesSet = new vis.DataSet(nodes);
var edgesSet = new vis.DataSet(edges);
var data = {'nodes': nodesSet, 'edges': edgesSet}
var gph = new vis.Network(container, data, options);
gph.on("click", function (params) {
// parse node id
var nodeID = params['nodes']['0'];
if (nodeID) {
var clickedNode = nodesSet.get(nodeID);
if(clickedNode.isExpanded) {
clickedNode.label = clickedNode.truncLabel;
}
else {
clickedNode.label = clickedNode.fullLabel;
}
clickedNode.isExpanded = !clickedNode.isExpanded;
nodesSet.update(clickedNode);
}
});
</script>
</body>
</html>

4
tests/testdata/outputs_expected/returnvalue.sol.o.graph.html vendored
View File

File diff suppressed because one or more lines are too long

31
tests/testdata/outputs_expected/returnvalue.sol.o.json vendored
Unescape View File

@ -1,30 +1 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Message call to external contract",
"description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.",
"function": "_function_0x633ab5e0",
"type": "Informational",
"address": 196,
"debug": "<DEBUG-DATA>"
},
{
"title": "Message call to external contract",
"description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.",
"function": "_function_0xe3bea282",
"type": "Informational",
"address": 285,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0xe3bea282",
"type": "Informational",
"address": 285,
"debug": "<DEBUG-DATA>"
}
]
}
{"error": null, "issues": [{"address": 196, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0x633ab5e0", "title": "Message call to external contract", "type": "Informational"}, {"address": 285, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0xe3bea282", "title": "Message call to external contract", "type": "Informational"}, {"address": 290, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe3bea282", "title": "Unchecked CALL return value", "type": "Informational"}], "success": true}

2
tests/testdata/outputs_expected/returnvalue.sol.o.markdown vendored
Unescape View File

@ -27,7 +27,7 @@ This contract executes a message call to to another contract. Make sure that the
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xe3bea282`
- PC address: 285
- PC address: 290
### Description

2
tests/testdata/outputs_expected/returnvalue.sol.o.text vendored
Unescape View File

@ -18,7 +18,7 @@ This contract executes a message call to to another contract. Make sure that the
Type: Informational
Contract: Unknown
Function name: _function_0xe3bea282
PC address: 285
PC address: 290
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------

166
tests/testdata/outputs_expected/rubixi.sol.o.json vendored
Unescape View File

@ -0,0 +1,166 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Ether send",
"description": "In the function `_function_0x4229616d` a non-zero amount of Ether is sent to an address taken from storage slot 5.\nThere is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.\n\nThere is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.\nThere is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.",
"function": "_function_0x4229616d",
"type": "Warning",
"address": 1599,
"debug": "<DEBUG-DATA>"
},
{
"title": "Ether send",
"description": "In the function `_function_0xb4022950` a non-zero amount of Ether is sent to an address taken from storage slot 5.\nThere is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.\n\nThere is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.\nThere is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.\nThere is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.\nThere is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.",
"function": "_function_0xb4022950",
"type": "Warning",
"address": 1940,
"debug": "<DEBUG-DATA>"
},
{
"title": "Ether send",
"description": "In the function `_function_0xb4022950` a non-zero amount of Ether is sent to an address taken from storage slot 5.\nThere is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.\n\nThere is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.\nThere is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.\nThere is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.\nThere is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.\nThere is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.",
"function": "_function_0xb4022950",
"type": "Warning",
"address": 2582,
"debug": "<DEBUG-DATA>"
},
{
"title": "Exception state",
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ",
"function": "_function_0x57d4021b",
"type": "Informational",
"address": 1653,
"debug": "<DEBUG-DATA>"
},
{
"title": "Exception state",
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ",
"function": "_function_0x9dbc4f9b",
"type": "Informational",
"address": 2085,
"debug": "<DEBUG-DATA>"
},
{
"title": "Invariant branch condition",
"description": "Found a conditional jump which always follows the same branch",
"function": "fallback",
"type": "Informational",
"address": 3111,
"debug": "<DEBUG-DATA>"
},
{
"title": "Invariant branch condition",
"description": "Found a conditional jump which always follows the same branch",
"function": "fallback",
"type": "Informational",
"address": 3140,
"debug": "<DEBUG-DATA>"
},
{
"title": "Invariant branch condition",
"description": "Found a conditional jump which always follows the same branch",
"function": "fallback",
"type": "Informational",
"address": 2950,
"debug": "<DEBUG-DATA>"
},
{
"title": "Invariant branch condition",
"description": "Found a conditional jump which always follows the same branch",
"function": "fallback",
"type": "Informational",
"address": 1268,
"debug": "<DEBUG-DATA>"
},
{
"title": "Invariant branch condition",
"description": "Found a conditional jump which always follows the same branch",
"function": "_function_0x09dfdc71",
"type": "Informational",
"address": 310,
"debug": "<DEBUG-DATA>"
},
{
"title": "Invariant branch condition",
"description": "Found a conditional jump which always follows the same branch",
"function": "_function_0x09dfdc71",
"type": "Informational",
"address": 1316,
"debug": "<DEBUG-DATA>"
},
{
"title": "Invariant branch condition",
"description": "Found a conditional jump which always follows the same branch",
"function": "_function_0x253459e3",
"type": "Informational",
"address": 1375,
"debug": "<DEBUG-DATA>"
},
{
"title": "Invariant branch condition",
"description": "Found a conditional jump which always follows the same branch",
"function": "_function_0x4229616d",
"type": "Informational",
"address": 1511,
"debug": "<DEBUG-DATA>"
},
{
"title": "Invariant branch condition",
"description": "Found a conditional jump which always follows the same branch",
"function": "_function_0x57d4021b",
"type": "Informational",
"address": 1679,
"debug": "<DEBUG-DATA>"
},
{
"title": "Invariant branch condition",
"description": "Found a conditional jump which always follows the same branch",
"function": "_function_0x6fbaaa1e",
"type": "Informational",
"address": 618,
"debug": "<DEBUG-DATA>"
},
{
"title": "Invariant branch condition",
"description": "Found a conditional jump which always follows the same branch",
"function": "_function_0x8a5fb3ca",
"type": "Informational",
"address": 805,
"debug": "<DEBUG-DATA>"
},
{
"title": "Invariant branch condition",
"description": "Found a conditional jump which always follows the same branch",
"function": "_function_0x9dbc4f9b",
"type": "Informational",
"address": 2187,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0x4229616d",
"type": "Informational",
"address": 1599,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0xb4022950",
"type": "Informational",
"address": 1940,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0xb4022950",
"type": "Informational",
"address": 2582,
"debug": "<DEBUG-DATA>"
}
]
}

238
tests/testdata/outputs_expected/rubixi.sol.o.markdown vendored
Unescape View File

@ -0,0 +1,238 @@
# Analysis results for test-filename.sol
## Ether send
- Type: Warning
- Contract: Unknown
- Function name: `_function_0x4229616d`
- PC address: 1599
### Description
In the function `_function_0x4229616d` a non-zero amount of Ether is sent to an address taken from storage slot 5.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
## Ether send
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xb4022950`
- PC address: 1940
### Description
In the function `_function_0xb4022950` a non-zero amount of Ether is sent to an address taken from storage slot 5.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
## Ether send
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xb4022950`
- PC address: 2582
### Description
In the function `_function_0xb4022950` a non-zero amount of Ether is sent to an address taken from storage slot 5.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
## Exception state
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x57d4021b`
- PC address: 1653
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Exception state
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x9dbc4f9b`
- PC address: 2085
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Tautology
- Type: Informational
- Contract: Unknown
- Function name: `fallback`
- PC address: 3111
### Description
Found a conditional jump which always follows the same branch, value: True
## Tautology
- Type: Informational
- Contract: Unknown
- Function name: `fallback`
- PC address: 3140
### Description
Found a conditional jump which always follows the same branch, value: True
## Tautology
- Type: Informational
- Contract: Unknown
- Function name: `fallback`
- PC address: 2950
### Description
Found a conditional jump which always follows the same branch, value: True
## Tautology
- Type: Informational
- Contract: Unknown
- Function name: `fallback`
- PC address: 1268
### Description
Found a conditional jump which always follows the same branch, value: True
## Tautology
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x09dfdc71`
- PC address: 310
### Description
Found a conditional jump which always follows the same branch, value: False
## Tautology
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x09dfdc71`
- PC address: 1316
### Description
Found a conditional jump which always follows the same branch, value: True
## Tautology
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x253459e3`
- PC address: 1375
### Description
Found a conditional jump which always follows the same branch, value: True
## Tautology
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x4229616d`
- PC address: 1511
### Description
Found a conditional jump which always follows the same branch, value: True
## Tautology
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x57d4021b`
- PC address: 1679
### Description
Found a conditional jump which always follows the same branch, value: True
## Tautology
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x6fbaaa1e`
- PC address: 618
### Description
Found a conditional jump which always follows the same branch, value: False
## Tautology
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x8a5fb3ca`
- PC address: 805
### Description
Found a conditional jump which always follows the same branch, value: False
## Tautology
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x9dbc4f9b`
- PC address: 2187
### Description
Found a conditional jump which always follows the same branch, value: True
## Unchecked CALL return value
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x4229616d`
- PC address: 1599
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
## Unchecked CALL return value
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xb4022950`
- PC address: 1940
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
## Unchecked CALL return value
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xb4022950`
- PC address: 2582
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.

177
tests/testdata/outputs_expected/rubixi.sol.o.text vendored
Unescape View File

@ -0,0 +1,177 @@
==== Ether send ====
Type: Warning
Contract: Unknown
Function name: _function_0x4229616d
PC address: 1599
In the function `_function_0x4229616d` a non-zero amount of Ether is sent to an address taken from storage slot 5.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
--------------------
==== Ether send ====
Type: Warning
Contract: Unknown
Function name: _function_0xb4022950
PC address: 1940
In the function `_function_0xb4022950` a non-zero amount of Ether is sent to an address taken from storage slot 5.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
--------------------
==== Ether send ====
Type: Warning
Contract: Unknown
Function name: _function_0xb4022950
PC address: 2582
In the function `_function_0xb4022950` a non-zero amount of Ether is sent to an address taken from storage slot 5.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
--------------------
==== Exception state ====
Type: Informational
Contract: Unknown
Function name: _function_0x57d4021b
PC address: 1653
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Exception state ====
Type: Informational
Contract: Unknown
Function name: _function_0x9dbc4f9b
PC address: 2085
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Tautology ====
Type: Informational
Contract: Unknown
Function name: fallback
PC address: 3111
Found a conditional jump which always follows the same branch, value: True
--------------------
==== Tautology ====
Type: Informational
Contract: Unknown
Function name: fallback
PC address: 3140
Found a conditional jump which always follows the same branch, value: True
--------------------
==== Tautology ====
Type: Informational
Contract: Unknown
Function name: fallback
PC address: 2950
Found a conditional jump which always follows the same branch, value: True
--------------------
==== Tautology ====
Type: Informational
Contract: Unknown
Function name: fallback
PC address: 1268
Found a conditional jump which always follows the same branch, value: True
--------------------
==== Tautology ====
Type: Informational
Contract: Unknown
Function name: _function_0x09dfdc71
PC address: 310
Found a conditional jump which always follows the same branch, value: False
--------------------
==== Tautology ====
Type: Informational
Contract: Unknown
Function name: _function_0x09dfdc71
PC address: 1316
Found a conditional jump which always follows the same branch, value: True
--------------------
==== Tautology ====
Type: Informational
Contract: Unknown
Function name: _function_0x253459e3
PC address: 1375
Found a conditional jump which always follows the same branch, value: True
--------------------
==== Tautology ====
Type: Informational
Contract: Unknown
Function name: _function_0x4229616d
PC address: 1511
Found a conditional jump which always follows the same branch, value: True
--------------------
==== Tautology ====
Type: Informational
Contract: Unknown
Function name: _function_0x57d4021b
PC address: 1679
Found a conditional jump which always follows the same branch, value: True
--------------------
==== Tautology ====
Type: Informational
Contract: Unknown
Function name: _function_0x6fbaaa1e
PC address: 618
Found a conditional jump which always follows the same branch, value: False
--------------------
==== Tautology ====
Type: Informational
Contract: Unknown
Function name: _function_0x8a5fb3ca
PC address: 805
Found a conditional jump which always follows the same branch, value: False
--------------------
==== Tautology ====
Type: Informational
Contract: Unknown
Function name: _function_0x9dbc4f9b
PC address: 2187
Found a conditional jump which always follows the same branch, value: True
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Unknown
Function name: _function_0x4229616d
PC address: 1599
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Unknown
Function name: _function_0xb4022950
PC address: 1940
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Unknown
Function name: _function_0xb4022950
PC address: 2582
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------

17
tests/testdata/outputs_expected/suicide.sol.json vendored
Unescape View File

@ -1,17 +0,0 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Unchecked SUICIDE",
"description": "The function `_function_0xcbf0b0c0` executes the SUICIDE instruction. The remaining Ether is sent to an address provided as a function argument.\n\nIt seems that this function can be called without restrictions.",
"function": "_function_0xcbf0b0c0",
"type": "Warning",
"address": 146,
"debug": "<DEBUG-DATA>",
"filename": "<TESTDATA>/inputs/suicide.sol",
"lineno": 4,
"code": "selfdestruct(addr)"
}
]
}

19
tests/testdata/outputs_expected/suicide.sol.markdown vendored
Unescape View File

@ -1,19 +0,0 @@
# Analysis results for <TESTDATA>/inputs/suicide.sol
## Unchecked SUICIDE
- Type: Warning
- Contract: Suicide
- Function name: `_function_0xcbf0b0c0`
- PC address: 146
### Description
The function `_function_0xcbf0b0c0` executes the SUICIDE instruction. The remaining Ether is sent to an address provided as a function argument.
It seems that this function can be called without restrictions.
In *<TESTDATA>/inputs/suicide.sol:4*
```
selfdestruct(addr)
```

4
tests/testdata/outputs_expected/suicide.sol.o.graph.html vendored
Unescape View File

@ -18,8 +18,8 @@
<script>
var options = {"autoResize": true, "edges": {"font": {"align": "horizontal", "background": "none", "color": "#FFFFFF", "face": "arial", "multi": false, "strokeColor": "#ffffff", "strokeWidth": 0, "vadjust": 0}}, "height": "100%", "layout": {"hierarchical": {"blockShifting": true, "direction": "LR", "edgeMinimization": true, "enabled": true, "levelSeparation": 450, "nodeSpacing": 200, "parentCentralization": false, "sortMethod": "directed", "treeSpacing": 100}, "improvedLayout": true}, "manipulation": false, "nodes": {"borderWidth": 1, "borderWidthSelected": 2, "chosen": true, "color": "#000000", "font": {"align": "left", "color": "#FFFFFF"}, "shape": "box"}, "physics": {"enabled": false}, "width": "100%"};
var nodes = [{"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "63 JUMPDEST fallback\n64 PUSH1 0x00\n66 DUP1\n67 REVERT", "id": "1125", "isExpanded": false, "label": "63 JUMPDEST fallback\n64 PUSH1 0x00\n66 DUP1\n67 REVERT", "size": 150, "truncLabel": "63 JUMPDEST fallback\n64 PUSH1 0x00\n66 DUP1\n67 REVERT"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "122 JUMPDEST _function_0xcbf0b0c0\n123 DUP1\n124 PUSH20 0xffffffffffffffffffffffffffffffffffffffff\n145 AND\n146 SUICIDE", "id": "1129", "isExpanded": false, "label": "122 JUMPDEST _function_0xcbf0b0c0\n123 DUP1\n124 PUSH20 0xffffffffffffffffffffffffffffffffffffffff\n145 AND\n146 SUICIDE", "size": 150, "truncLabel": "122 JUMPDEST _function_0xcbf0b0c0\n123 DUP1\n124 PUSH20 0xffffffffffffffffffffffffffffffffffffffff\n145 AND\n146 SUICIDE"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "78 JUMPDEST _function_0xcbf0b0c0\n79 PUSH1 0x78\n81 PUSH1 0x04\n83 DUP1\n84 DUP1\n85 CALLDATALOAD\n86 PUSH20 0xffffffffffffffffffffffffffffffffffffffff\n107 AND\n108 SWAP1\n109 PUSH1 0x20\n111 ADD\n112 SWAP1\n113 SWAP2\n114 SWAP1\n115 POP\n116 POP\n117 PUSH1 0x7a\n119 JUMP", "id": "1128", "isExpanded": false, "label": "78 JUMPDEST _function_0xcbf0b0c0\n79 PUSH1 0x78\n81 PUSH1 0x04\n83 DUP1\n84 DUP1\n85 CALLDATALOAD\n(click to expand +)", "size": 150, "truncLabel": "78 JUMPDEST _function_0xcbf0b0c0\n79 PUSH1 0x78\n81 PUSH1 0x04\n83 DUP1\n84 DUP1\n85 CALLDATALOAD\n(click to expand +)"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "74 PUSH1 0x00\n76 DUP1\n77 REVERT", "id": "1130", "isExpanded": false, "label": "74 PUSH1 0x00\n76 DUP1\n77 REVERT", "size": 150, "truncLabel": "74 PUSH1 0x00\n76 DUP1\n77 REVERT"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "68 JUMPDEST _function_0xcbf0b0c0\n69 CALLVALUE\n70 ISZERO\n71 PUSH1 0x4e\n73 JUMPI", "id": "1127", "isExpanded": false, "label": "68 JUMPDEST _function_0xcbf0b0c0\n69 CALLVALUE\n70 ISZERO\n71 PUSH1 0x4e\n73 JUMPI", "size": 150, "truncLabel": "68 JUMPDEST _function_0xcbf0b0c0\n69 CALLVALUE\n70 ISZERO\n71 PUSH1 0x4e\n73 JUMPI"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "63 JUMPDEST _function_0xcbf0b0c0\n64 PUSH1 0x00\n66 DUP1\n67 REVERT", "id": "1131", "isExpanded": false, "label": "63 JUMPDEST _function_0xcbf0b0c0\n64 PUSH1 0x00\n66 DUP1\n67 REVERT", "size": 150, "truncLabel": "63 JUMPDEST _function_0xcbf0b0c0\n64 PUSH1 0x00\n66 DUP1\n67 REVERT"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "12 PUSH1 0x00\n14 CALLDATALOAD\n15 PUSH29 0x0100000000000000000000000000000000000000000000000000000000\n45 SWAP1\n46 DIV\n47 PUSH4 0xffffffff\n52 AND\n53 DUP1\n54 PUSH4 0xcbf0b0c0\n59 EQ\n60 PUSH1 0x44\n62 JUMPI", "id": "1126", "isExpanded": false, "label": "12 PUSH1 0x00\n14 CALLDATALOAD\n15 PUSH29 0x0100000000000000000000000000000000000000000000000000000000\n45 SWAP1\n46 DIV\n47 PUSH4 0xffffffff\n(click to expand +)", "size": 150, "truncLabel": "12 PUSH1 0x00\n14 CALLDATALOAD\n15 PUSH29 0x0100000000000000000000000000000000000000000000000000000000\n45 SWAP1\n46 DIV\n47 PUSH4 0xffffffff\n(click to expand +)"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n9 PUSH1 0x3f\n11 JUMPI", "id": "1124", "isExpanded": false, "label": "0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)", "size": 150, "truncLabel": "0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)"}];
var edges = [{"arrows": "to", "from": "1124", "label": "Not(ULE(4, calldatasize_Unknown))", "smooth": {"type": "cubicBezier"}, "to": "1125"}, {"arrows": "to", "from": "1128", "label": "", "smooth": {"type": "cubicBezier"}, "to": "1129"}, {"arrows": "to", "from": "1127", "label": "callvalue == 0", "smooth": {"type": "cubicBezier"}, "to": "1128"}, {"arrows": "to", "from": "1127", "label": "Not(callvalue == 0)", "smooth": {"type": "cubicBezier"}, "to": "1130"}, {"arrows": "to", "from": "1126", "label": "Extract(0xff, 0xe0, calldata_Unknown_0) == 0xcbf0b0c0", "smooth": {"type": "cubicBezier"}, "to": "1127"}, {"arrows": "to", "from": "1126", "label": "Not(Extract(0xff, 0xe0, calldata_Unknown_0) == 0xcbf0b0c0)", "smooth": {"type": "cubicBezier"}, "to": "1131"}, {"arrows": "to", "from": "1124", "label": "ULE(4, calldatasize_Unknown)", "smooth": {"type": "cubicBezier"}, "to": "1126"}];
var nodes = [{"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n9 PUSH1 0x3f\n11 JUMPI", "id": "305", "isExpanded": false, "label": "0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)", "size": 150, "truncLabel": "0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "64 PUSH1 0x00\n66 DUP1\n67 REVERT", "id": "306", "isExpanded": false, "label": "64 PUSH1 0x00\n66 DUP1\n67 REVERT", "size": 150, "truncLabel": "64 PUSH1 0x00\n66 DUP1\n67 REVERT"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "12 PUSH1 0x00\n14 CALLDATALOAD\n15 PUSH29 0x01000000(...)\n45 SWAP1\n46 DIV\n47 PUSH4 0xffffffff\n52 AND\n53 DUP1\n54 PUSH4 0xcbf0b0c0\n59 EQ\n60 PUSH1 0x44\n62 JUMPI", "id": "307", "isExpanded": false, "label": "12 PUSH1 0x00\n14 CALLDATALOAD\n15 PUSH29 0x01000000(...)\n45 SWAP1\n46 DIV\n47 PUSH4 0xffffffff\n(click to expand +)", "size": 150, "truncLabel": "12 PUSH1 0x00\n14 CALLDATALOAD\n15 PUSH29 0x01000000(...)\n45 SWAP1\n46 DIV\n47 PUSH4 0xffffffff\n(click to expand +)"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "69 CALLVALUE\n70 ISZERO\n71 PUSH1 0x4e\n73 JUMPI", "id": "308", "isExpanded": false, "label": "69 CALLVALUE\n70 ISZERO\n71 PUSH1 0x4e\n73 JUMPI", "size": 150, "truncLabel": "69 CALLVALUE\n70 ISZERO\n71 PUSH1 0x4e\n73 JUMPI"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT", "id": "309", "isExpanded": false, "label": "63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT", "size": 150, "truncLabel": "63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "79 PUSH1 0x78\n81 PUSH1 0x04\n83 DUP1\n84 DUP1\n85 CALLDATALOAD\n86 PUSH20 0xffffffff(...)\n107 AND\n108 SWAP1\n109 PUSH1 0x20\n111 ADD\n112 SWAP1\n113 SWAP2\n114 SWAP1\n115 POP\n116 POP\n117 PUSH1 0x7a\n119 JUMP", "id": "310", "isExpanded": false, "label": "79 PUSH1 0x78\n81 PUSH1 0x04\n83 DUP1\n84 DUP1\n85 CALLDATALOAD\n86 PUSH20 0xffffffff(...)\n(click to expand +)", "size": 150, "truncLabel": "79 PUSH1 0x78\n81 PUSH1 0x04\n83 DUP1\n84 DUP1\n85 CALLDATALOAD\n86 PUSH20 0xffffffff(...)\n(click to expand +)"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "74 PUSH1 0x00\n76 DUP1\n77 REVERT", "id": "311", "isExpanded": false, "label": "74 PUSH1 0x00\n76 DUP1\n77 REVERT", "size": 150, "truncLabel": "74 PUSH1 0x00\n76 DUP1\n77 REVERT"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "123 DUP1\n124 PUSH20 0xffffffff(...)\n145 AND\n146 SUICIDE", "id": "312", "isExpanded": false, "label": "123 DUP1\n124 PUSH20 0xffffffff(...)\n145 AND\n146 SUICIDE", "size": 150, "truncLabel": "123 DUP1\n124 PUSH20 0xffffffff(...)\n145 AND\n146 SUICIDE"}];
var edges = [{"arrows": "to", "from": "305", "label": "Not(ULE(4, calldatasize_Unknown))", "smooth": {"type": "cubicBezier"}, "to": "306"}, {"arrows": "to", "from": "305", "label": "ULE(4, calldatasize_Unknown)", "smooth": {"type": "cubicBezier"}, "to": "307"}, {"arrows": "to", "from": "307", "label": "Extract(0xff, 0xe0, calldata_Unknown_0) == 0xcbf0b0c0", "smooth": {"type": "cubicBezier"}, "to": "308"}, {"arrows": "to", "from": "307", "label": "Not(Extract(0xff, 0xe0, calldata_Unknown_0) == 0xcbf0b0c0)", "smooth": {"type": "cubicBezier"}, "to": "309"}, {"arrows": "to", "from": "308", "label": "callvalue == 0", "smooth": {"type": "cubicBezier"}, "to": "310"}, {"arrows": "to", "from": "308", "label": "Not(callvalue == 0)", "smooth": {"type": "cubicBezier"}, "to": "311"}, {"arrows": "to", "from": "310", "label": "", "smooth": {"type": "cubicBezier"}, "to": "312"}];
</script>
</head>
<body>

15
tests/testdata/outputs_expected/suicide.sol.o.json vendored
Unescape View File

@ -1,14 +1 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Unchecked SUICIDE",
"description": "The function `_function_0xcbf0b0c0` executes the SUICIDE instruction. The remaining Ether is sent to an address provided as a function argument.\n\nIt seems that this function can be called without restrictions.",
"function": "_function_0xcbf0b0c0",
"type": "Warning",
"address": 146,
"debug": "<DEBUG-DATA>"
}
]
}
{"error": null, "issues": [{"address": 146, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The function `_function_0xcbf0b0c0` executes the SUICIDE instruction. The remaining Ether is sent to an address provided as a function argument.\n\nIt seems that this function can be called without restrictions.", "function": "_function_0xcbf0b0c0", "title": "Unchecked SUICIDE", "type": "Warning"}], "success": true}

15
tests/testdata/outputs_expected/suicide.sol.text vendored
Unescape View File

@ -1,15 +0,0 @@
==== Unchecked SUICIDE ====
Type: Warning
Contract: Suicide
Function name: _function_0xcbf0b0c0
PC address: 146
The function `_function_0xcbf0b0c0` executes the SUICIDE instruction. The remaining Ether is sent to an address provided as a function argument.
It seems that this function can be called without restrictions.
--------------------
In file: <TESTDATA>/inputs/suicide.sol:4
selfdestruct(addr)
--------------------

168
tests/testdata/outputs_expected/underflow.sol.graph.html vendored
Unescape View File

@ -1,168 +0,0 @@
<html>
<head>
<style type="text/css">
#mynetwork {
background-color: #232625;
}
body {
background-color: #232625;
color: #ffffff;
font-size: 10px;
}
</style>
<link href="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.css" rel="stylesheet" type="text/css" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.js"></script>
<script>
var options = {
autoResize: true,
height: '100%',
width: '100%',
manipulation: false,
height: '90%',
layout: {
randomSeed: undefined,
improvedLayout:true,
hierarchical: {
enabled:true,
levelSeparation: 450,
nodeSpacing: 200,
treeSpacing: 100,
blockShifting: true,
edgeMinimization: true,
parentCentralization: false,
direction: 'LR', // UD, DU, LR, RL
sortMethod: 'directed' // hubsize, directed
}
},
nodes:{
borderWidth: 1,
borderWidthSelected: 2,
chosen: true,
shape: 'box',
font: {
align: 'left',
color: '#FFFFFF',
},
},
edges:{
font: {
color: '#ffffff',
size: 12, // px
face: 'arial',
background: 'none',
strokeWidth: 0, // px
strokeColor: '#ffffff',
align: 'horizontal',
multi: false,
vadjust: 0,
}
},
physics:{
enabled: false,
}
}
var nodes = [
{id: '1', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '98 JUMPDEST\n99 PUSH1 0x00\n101 DUP1\n102 REVERT\n', 'fullLabel': '98 JUMPDEST\n99 PUSH1 0x00\n101 DUP1\n102 REVERT\n', 'truncLabel': '98 JUMPDEST\n99 PUSH1 0x00\n101 DUP1\n102 REVERT\n', 'isExpanded': false},
{id: '6', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '122 JUMPDEST\n123 PUSH1 0x40\n125 MLOAD\n126 DUP1\n127 DUP3\n128 DUP2\n(click to expand +)', 'fullLabel': '122 JUMPDEST\n123 PUSH1 0x40\n125 MLOAD\n126 DUP1\n127 DUP3\n128 DUP2\n129 MSTORE\n130 PUSH1 0x20\n132 ADD\n133 SWAP2\n134 POP\n135 POP\n136 PUSH1 0x40\n138 MLOAD\n139 DUP1\n140 SWAP2\n141 SUB\n142 SWAP1\n143 RETURN\n', 'truncLabel': '122 JUMPDEST\n123 PUSH1 0x40\n125 MLOAD\n126 DUP1\n127 DUP3\n128 DUP2\n(click to expand +)', 'isExpanded': false},
{id: '5', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '346 JUMPDEST\n347 PUSH1 0x01\n349 SLOAD\n350 DUP2\n351 JUMP\n', 'fullLabel': '346 JUMPDEST\n347 PUSH1 0x01\n349 SLOAD\n350 DUP2\n351 JUMP\n', 'truncLabel': '346 JUMPDEST\n347 PUSH1 0x01\n349 SLOAD\n350 DUP2\n351 JUMP\n', 'isExpanded': false},
{id: '4', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '114 JUMPDEST\n115 PUSH2 0x007a\n118 PUSH2 0x015a\n121 JUMP\n', 'fullLabel': '114 JUMPDEST\n115 PUSH2 0x007a\n118 PUSH2 0x015a\n121 JUMP\n', 'truncLabel': '114 JUMPDEST\n115 PUSH2 0x007a\n118 PUSH2 0x015a\n121 JUMP\n', 'isExpanded': false},
{id: '7', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '110 PUSH1 0x00\n112 DUP1\n113 REVERT\n', 'fullLabel': '110 PUSH1 0x00\n112 DUP1\n113 REVERT\n', 'truncLabel': '110 PUSH1 0x00\n112 DUP1\n113 REVERT\n', 'isExpanded': false},
{id: '3', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '103 _function_0x18160ddd\n104 CALLVALUE\n105 ISZERO\n106 PUSH2 0x0072\n109 JUMPI\n', 'fullLabel': '103 _function_0x18160ddd\n104 CALLVALUE\n105 ISZERO\n106 PUSH2 0x0072\n109 JUMPI\n', 'truncLabel': '103 _function_0x18160ddd\n104 CALLVALUE\n105 ISZERO\n106 PUSH2 0x0072\n109 JUMPI\n', 'isExpanded': false},
{id: '12', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '177 JUMPDEST\n178 STOP\n', 'fullLabel': '177 JUMPDEST\n178 STOP\n', 'truncLabel': '177 JUMPDEST\n178 STOP\n', 'isExpanded': false},
{id: '11', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '352 JUMPDEST\n353 DUP1\n354 PUSH1 0x01\n356 DUP2\n357 SWAP1\n358 SSTORE\n(click to expand +)', 'fullLabel': '352 JUMPDEST\n353 DUP1\n354 PUSH1 0x01\n356 DUP2\n357 SWAP1\n358 SSTORE\n359 PUSH1 0x00\n361 DUP1\n362 CALLER\n363 PUSH20 0xffffffff(...)\n384 AND\n385 PUSH20 0xffffffff(...)\n406 AND\n407 DUP2\n408 MSTORE\n409 PUSH1 0x20\n411 ADD\n412 SWAP1\n413 DUP2\n414 MSTORE\n415 PUSH1 0x20\n417 ADD\n418 PUSH1 0x00\n420 SHA3\n421 DUP2\n422 SWAP1\n423 SSTORE\n424 POP\n425 POP\n426 JUMP\n', 'truncLabel': '352 JUMPDEST\n353 DUP1\n354 PUSH1 0x01\n356 DUP2\n357 SWAP1\n358 SSTORE\n(click to expand +)', 'isExpanded': false},
{id: '10', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '155 JUMPDEST\n156 PUSH2 0x00b1\n159 PUSH1 0x04\n161 DUP1\n162 DUP1\n163 CALLDATALOAD\n(click to expand +)', 'fullLabel': '155 JUMPDEST\n156 PUSH2 0x00b1\n159 PUSH1 0x04\n161 DUP1\n162 DUP1\n163 CALLDATALOAD\n164 SWAP1\n165 PUSH1 0x20\n167 ADD\n168 SWAP1\n169 SWAP2\n170 SWAP1\n171 POP\n172 POP\n173 PUSH2 0x0160\n176 JUMP\n', 'truncLabel': '155 JUMPDEST\n156 PUSH2 0x00b1\n159 PUSH1 0x04\n161 DUP1\n162 DUP1\n163 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '13', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '151 PUSH1 0x00\n153 DUP1\n154 REVERT\n', 'fullLabel': '151 PUSH1 0x00\n153 DUP1\n154 REVERT\n', 'truncLabel': '151 PUSH1 0x00\n153 DUP1\n154 REVERT\n', 'isExpanded': false},
{id: '9', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '144 Token(uint256)\n145 CALLVALUE\n146 ISZERO\n147 PUSH2 0x009b\n150 JUMPI\n', 'fullLabel': '144 Token(uint256)\n145 CALLVALUE\n146 ISZERO\n147 PUSH2 0x009b\n150 JUMPI\n', 'truncLabel': '144 Token(uint256)\n145 CALLVALUE\n146 ISZERO\n147 PUSH2 0x009b\n150 JUMPI\n', 'isExpanded': false},
{id: '18', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '234 JUMPDEST\n235 PUSH1 0x40\n237 MLOAD\n238 DUP1\n239 DUP3\n240 DUP2\n(click to expand +)', 'fullLabel': '234 JUMPDEST\n235 PUSH1 0x40\n237 MLOAD\n238 DUP1\n239 DUP3\n240 DUP2\n241 MSTORE\n242 PUSH1 0x20\n244 ADD\n245 SWAP2\n246 POP\n247 POP\n248 PUSH1 0x40\n250 MLOAD\n251 DUP1\n252 SWAP2\n253 SUB\n254 SWAP1\n255 RETURN\n', 'truncLabel': '234 JUMPDEST\n235 PUSH1 0x40\n237 MLOAD\n238 DUP1\n239 DUP3\n240 DUP2\n(click to expand +)', 'isExpanded': false},
{id: '17', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '427 JUMPDEST\n428 PUSH1 0x00\n430 DUP1\n431 PUSH1 0x00\n433 DUP4\n434 PUSH20 0xffffffff(...)\n(click to expand +)', 'fullLabel': '427 JUMPDEST\n428 PUSH1 0x00\n430 DUP1\n431 PUSH1 0x00\n433 DUP4\n434 PUSH20 0xffffffff(...)\n455 AND\n456 PUSH20 0xffffffff(...)\n477 AND\n478 DUP2\n479 MSTORE\n480 PUSH1 0x20\n482 ADD\n483 SWAP1\n484 DUP2\n485 MSTORE\n486 PUSH1 0x20\n488 ADD\n489 PUSH1 0x00\n491 SHA3\n492 SLOAD\n493 SWAP1\n494 POP\n495 SWAP2\n496 SWAP1\n497 POP\n498 JUMP\n', 'truncLabel': '427 JUMPDEST\n428 PUSH1 0x00\n430 DUP1\n431 PUSH1 0x00\n433 DUP4\n434 PUSH20 0xffffffff(...)\n(click to expand +)', 'isExpanded': false},
{id: '16', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '190 JUMPDEST\n191 PUSH2 0x00ea\n194 PUSH1 0x04\n196 DUP1\n197 DUP1\n198 CALLDATALOAD\n(click to expand +)', 'fullLabel': '190 JUMPDEST\n191 PUSH2 0x00ea\n194 PUSH1 0x04\n196 DUP1\n197 DUP1\n198 CALLDATALOAD\n199 PUSH20 0xffffffff(...)\n220 AND\n221 SWAP1\n222 PUSH1 0x20\n224 ADD\n225 SWAP1\n226 SWAP2\n227 SWAP1\n228 POP\n229 POP\n230 PUSH2 0x01ab\n233 JUMP\n', 'truncLabel': '190 JUMPDEST\n191 PUSH2 0x00ea\n194 PUSH1 0x04\n196 DUP1\n197 DUP1\n198 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '19', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '186 PUSH1 0x00\n188 DUP1\n189 REVERT\n', 'fullLabel': '186 PUSH1 0x00\n188 DUP1\n189 REVERT\n', 'truncLabel': '186 PUSH1 0x00\n188 DUP1\n189 REVERT\n', 'isExpanded': false},
{id: '15', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '179 balanceOf(address)\n180 CALLVALUE\n181 ISZERO\n182 PUSH2 0x00be\n185 JUMPI\n', 'fullLabel': '179 balanceOf(address)\n180 CALLVALUE\n181 ISZERO\n182 PUSH2 0x00be\n185 JUMPI\n', 'truncLabel': '179 balanceOf(address)\n180 CALLVALUE\n181 ISZERO\n182 PUSH2 0x00be\n185 JUMPI\n', 'isExpanded': false},
{id: '25', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '320 JUMPDEST\n321 PUSH1 0x40\n323 MLOAD\n324 DUP1\n325 DUP3\n326 ISZERO\n(click to expand +)', 'fullLabel': '320 JUMPDEST\n321 PUSH1 0x40\n323 MLOAD\n324 DUP1\n325 DUP3\n326 ISZERO\n327 ISZERO\n328 ISZERO\n329 ISZERO\n330 DUP2\n331 MSTORE\n332 PUSH1 0x20\n334 ADD\n335 SWAP2\n336 POP\n337 POP\n338 PUSH1 0x40\n340 MLOAD\n341 DUP1\n342 SWAP2\n343 SUB\n344 SWAP1\n345 RETURN\n', 'truncLabel': '320 JUMPDEST\n321 PUSH1 0x40\n323 MLOAD\n324 DUP1\n325 DUP3\n326 ISZERO\n(click to expand +)', 'isExpanded': false},
{id: '24', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '580 JUMPDEST\n581 DUP2\n582 PUSH1 0x00\n584 DUP1\n585 CALLER\n586 PUSH20 0xffffffff(...)\n(click to expand +)', 'fullLabel': '580 JUMPDEST\n581 DUP2\n582 PUSH1 0x00\n584 DUP1\n585 CALLER\n586 PUSH20 0xffffffff(...)\n607 AND\n608 PUSH20 0xffffffff(...)\n629 AND\n630 DUP2\n631 MSTORE\n632 PUSH1 0x20\n634 ADD\n635 SWAP1\n636 DUP2\n637 MSTORE\n638 PUSH1 0x20\n640 ADD\n641 PUSH1 0x00\n643 SHA3\n644 PUSH1 0x00\n646 DUP3\n647 DUP3\n648 SLOAD\n649 SUB\n650 SWAP3\n651 POP\n652 POP\n653 DUP2\n654 SWAP1\n655 SSTORE\n656 POP\n657 DUP2\n658 PUSH1 0x00\n660 DUP1\n661 DUP6\n662 PUSH20 0xffffffff(...)\n683 AND\n684 PUSH20 0xffffffff(...)\n705 AND\n706 DUP2\n707 MSTORE\n708 PUSH1 0x20\n710 ADD\n711 SWAP1\n712 DUP2\n713 MSTORE\n714 PUSH1 0x20\n716 ADD\n717 PUSH1 0x00\n719 SHA3\n720 PUSH1 0x00\n722 DUP3\n723 DUP3\n724 SLOAD\n725 ADD\n726 SWAP3\n727 POP\n728 POP\n729 DUP2\n730 SWAP1\n731 SSTORE\n732 POP\n733 PUSH1 0x01\n735 SWAP1\n736 POP\n737 SWAP3\n738 SWAP2\n739 POP\n740 POP\n741 JUMP\n', 'truncLabel': '580 JUMPDEST\n581 DUP2\n582 PUSH1 0x00\n584 DUP1\n585 CALLER\n586 PUSH20 0xffffffff(...)\n(click to expand +)', 'isExpanded': false},
{id: '23', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '499 JUMPDEST\n500 PUSH1 0x00\n502 DUP1\n503 DUP3\n504 PUSH1 0x00\n506 DUP1\n(click to expand +)', 'fullLabel': '499 JUMPDEST\n500 PUSH1 0x00\n502 DUP1\n503 DUP3\n504 PUSH1 0x00\n506 DUP1\n507 CALLER\n508 PUSH20 0xffffffff(...)\n529 AND\n530 PUSH20 0xffffffff(...)\n551 AND\n552 DUP2\n553 MSTORE\n554 PUSH1 0x20\n556 ADD\n557 SWAP1\n558 DUP2\n559 MSTORE\n560 PUSH1 0x20\n562 ADD\n563 PUSH1 0x00\n565 SHA3\n566 SLOAD\n567 SUB\n568 LT\n569 ISZERO\n570 ISZERO\n571 ISZERO\n572 PUSH2 0x0244\n575 JUMPI\n', 'truncLabel': '499 JUMPDEST\n500 PUSH1 0x00\n502 DUP1\n503 DUP3\n504 PUSH1 0x00\n506 DUP1\n(click to expand +)', 'isExpanded': false},
{id: '22', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '267 JUMPDEST\n268 PUSH2 0x0140\n271 PUSH1 0x04\n273 DUP1\n274 DUP1\n275 CALLDATALOAD\n(click to expand +)', 'fullLabel': '267 JUMPDEST\n268 PUSH2 0x0140\n271 PUSH1 0x04\n273 DUP1\n274 DUP1\n275 CALLDATALOAD\n276 PUSH20 0xffffffff(...)\n297 AND\n298 SWAP1\n299 PUSH1 0x20\n301 ADD\n302 SWAP1\n303 SWAP2\n304 SWAP1\n305 DUP1\n306 CALLDATALOAD\n307 SWAP1\n308 PUSH1 0x20\n310 ADD\n311 SWAP1\n312 SWAP2\n313 SWAP1\n314 POP\n315 POP\n316 PUSH2 0x01f3\n319 JUMP\n', 'truncLabel': '267 JUMPDEST\n268 PUSH2 0x0140\n271 PUSH1 0x04\n273 DUP1\n274 DUP1\n275 CALLDATALOAD\n(click to expand +)', 'isExpanded': false},
{id: '26', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '263 PUSH1 0x00\n265 DUP1\n266 REVERT\n', 'fullLabel': '263 PUSH1 0x00\n265 DUP1\n266 REVERT\n', 'truncLabel': '263 PUSH1 0x00\n265 DUP1\n266 REVERT\n', 'isExpanded': false},
{id: '21', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '256 sendeth(address,uint256)\n257 CALLVALUE\n258 ISZERO\n259 PUSH2 0x010b\n262 JUMPI\n', 'fullLabel': '256 sendeth(address,uint256)\n257 CALLVALUE\n258 ISZERO\n259 PUSH2 0x010b\n262 JUMPI\n', 'truncLabel': '256 sendeth(address,uint256)\n257 CALLVALUE\n258 ISZERO\n259 PUSH2 0x010b\n262 JUMPI\n', 'isExpanded': false},
{id: '27', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '98 JUMPDEST\n99 PUSH1 0x00\n101 DUP1\n102 REVERT\n', 'fullLabel': '98 JUMPDEST\n99 PUSH1 0x00\n101 DUP1\n102 REVERT\n', 'truncLabel': '98 JUMPDEST\n99 PUSH1 0x00\n101 DUP1\n102 REVERT\n', 'isExpanded': false},
{id: '20', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '87 DUP1\n88 PUSH4 0xa3210e87\n93 EQ\n94 PUSH2 0x0100\n97 JUMPI\n', 'fullLabel': '87 DUP1\n88 PUSH4 0xa3210e87\n93 EQ\n94 PUSH2 0x0100\n97 JUMPI\n', 'truncLabel': '87 DUP1\n88 PUSH4 0xa3210e87\n93 EQ\n94 PUSH2 0x0100\n97 JUMPI\n', 'isExpanded': false},
{id: '14', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '76 DUP1\n77 PUSH4 0x70a08231\n82 EQ\n83 PUSH2 0x00b3\n86 JUMPI\n', 'fullLabel': '76 DUP1\n77 PUSH4 0x70a08231\n82 EQ\n83 PUSH2 0x00b3\n86 JUMPI\n', 'truncLabel': '76 DUP1\n77 PUSH4 0x70a08231\n82 EQ\n83 PUSH2 0x00b3\n86 JUMPI\n', 'isExpanded': false},
{id: '8', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '65 DUP1\n66 PUSH4 0x6241bfd1\n71 EQ\n72 PUSH2 0x0090\n75 JUMPI\n', 'fullLabel': '65 DUP1\n66 PUSH4 0x6241bfd1\n71 EQ\n72 PUSH2 0x0090\n75 JUMPI\n', 'truncLabel': '65 DUP1\n66 PUSH4 0x6241bfd1\n71 EQ\n72 PUSH2 0x0090\n75 JUMPI\n', 'isExpanded': false},
{id: '2', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n(click to expand +)', 'fullLabel': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n53 AND\n54 DUP1\n55 PUSH4 0x18160ddd\n60 EQ\n61 PUSH2 0x0067\n64 JUMPI\n', 'truncLabel': '13 PUSH1 0x00\n15 CALLDATALOAD\n16 PUSH29 0x01000000(...)\n46 SWAP1\n47 DIV\n48 PUSH4 0xffffffff\n(click to expand +)', 'isExpanded': false},
{id: '0', color: {border: '#26996f', background: '#2f7e5b', highlight: {border: '#26996f', background: '#28a16f'}}, size: 150, 'label': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'fullLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n9 PUSH2 0x0062\n12 JUMPI\n', 'truncLabel': '0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)', 'isExpanded': false}
];
var edges = [
{from: '0', to: '1', 'arrows': 'to', 'label': 'Not(ULE(4, calldatasize_Under))', 'smooth': {'type': 'cubicBezier'}},
{from: '5', to: '6', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '4', to: '5', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '3', to: '4', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '3', to: '7', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '2', to: '3', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Under_0) == 0x18160ddd', 'smooth': {'type': 'cubicBezier'}},
{from: '11', to: '12', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '10', to: '11', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '9', to: '10', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '9', to: '13', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '8', to: '9', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Under_0) == 0x6241bfd1', 'smooth': {'type': 'cubicBezier'}},
{from: '17', to: '18', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '16', to: '17', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '15', to: '16', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '15', to: '19', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '14', to: '15', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Under_0) == 0x70a08231', 'smooth': {'type': 'cubicBezier'}},
{from: '24', to: '25', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '23', to: '24', 'arrows': 'to', 'label': 'True', 'smooth': {'type': 'cubicBezier'}},
{from: '22', to: '23', 'arrows': 'to', 'label': '', 'smooth': {'type': 'cubicBezier'}},
{from: '21', to: '22', 'arrows': 'to', 'label': 'callvalue == 0', 'smooth': {'type': 'cubicBezier'}},
{from: '21', to: '26', 'arrows': 'to', 'label': 'Not(callvalue == 0)', 'smooth': {'type': 'cubicBezier'}},
{from: '20', to: '21', 'arrows': 'to', 'label': 'Extract(0xff, 0xe0, calldata_Under_0) == 0xa3210e87', 'smooth': {'type': 'cubicBezier'}},
{from: '20', to: '27', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Under_0) == 0xa3210e87)', 'smooth': {'type': 'cubicBezier'}},
{from: '14', to: '20', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Under_0) == 0x70a08231)', 'smooth': {'type': 'cubicBezier'}},
{from: '8', to: '14', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Under_0) == 0x6241bfd1)', 'smooth': {'type': 'cubicBezier'}},
{from: '2', to: '8', 'arrows': 'to', 'label': 'Not(Extract(0xff, 0xe0, calldata_Under_0) == 0x18160ddd)', 'smooth': {'type': 'cubicBezier'}},
{from: '0', to: '2', 'arrows': 'to', 'label': 'ULE(4, calldatasize_Under)', 'smooth': {'type': 'cubicBezier'}}
];
</script>
</head>
<body>
<p>Mythril / LASER Symbolic VM</p>
<p><div id="mynetwork"></div><br/></p>
<script type="text/javascript">
var container = document.getElementById('mynetwork');
var nodesSet = new vis.DataSet(nodes);
var edgesSet = new vis.DataSet(edges);
var data = {'nodes': nodesSet, 'edges': edgesSet}
var gph = new vis.Network(container, data, options);
gph.on("click", function (params) {
// parse node id
var nodeID = params['nodes']['0'];
if (nodeID) {
var clickedNode = nodesSet.get(nodeID);
if(clickedNode.isExpanded) {
clickedNode.label = clickedNode.truncLabel;
}
else {
clickedNode.label = clickedNode.fullLabel;
}
clickedNode.isExpanded = !clickedNode.isExpanded;
nodesSet.update(clickedNode);
}
});
</script>
</body>
</html>

39
tests/testdata/outputs_expected/underflow.sol.json vendored
Unescape View File

@ -1,39 +0,0 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Integer Underflow",
"description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.",
"function": "sendeth(address,uint256)",
"type": "Warning",
"address": 649,
"debug": "<DEBUG-DATA>",
"filename": "<TESTDATA>/inputs/underflow.sol",
"lineno": 12,
"code": "balances[msg.sender] -= _value"
},
{
"title": "Integer Overflow ",
"description": "A possible integer overflow exists in the function `sendeth(address,uint256)`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.",
"function": "sendeth(address,uint256)",
"type": "Warning",
"address": 725,
"debug": "<DEBUG-DATA>",
"filename": "<TESTDATA>/inputs/underflow.sol",
"lineno": 13,
"code": "balances[_to] += _value"
},
{
"title": "Integer Underflow",
"description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.",
"function": "sendeth(address,uint256)",
"type": "Warning",
"address": 567,
"debug": "<DEBUG-DATA>",
"filename": "<TESTDATA>/inputs/underflow.sol",
"lineno": 11,
"code": "balances[msg.sender] - _value"
}
]
}

52
tests/testdata/outputs_expected/underflow.sol.markdown vendored
Unescape View File

@ -1,52 +0,0 @@
# Analysis results for <TESTDATA>/inputs/underflow.sol
## Integer Underflow
- Type: Warning
- Contract: Under
- Function name: `sendeth(address,uint256)`
- PC address: 649
### Description
A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
In *<TESTDATA>/inputs/underflow.sol:12*
```
balances[msg.sender] -= _value
```
## Integer Overflow
- Type: Warning
- Contract: Under
- Function name: `sendeth(address,uint256)`
- PC address: 725
### Description
A possible integer overflow exists in the function `sendeth(address,uint256)`.
The addition or multiplication may result in a value higher than the maximum representable integer.
In *<TESTDATA>/inputs/underflow.sol:13*
```
balances[_to] += _value
```
## Integer Underflow
- Type: Warning
- Contract: Under
- Function name: `sendeth(address,uint256)`
- PC address: 567
### Description
A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
In *<TESTDATA>/inputs/underflow.sol:11*
```
balances[msg.sender] - _value
```

4
tests/testdata/outputs_expected/underflow.sol.o.graph.html vendored
View File

File diff suppressed because one or more lines are too long

31
tests/testdata/outputs_expected/underflow.sol.o.json vendored
Unescape View File

@ -1,30 +1 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Integer Underflow",
"description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.",
"function": "sendeth(address,uint256)",
"type": "Warning",
"address": 649,
"debug": "<DEBUG-DATA>"
},
{
"title": "Integer Overflow ",
"description": "A possible integer overflow exists in the function `sendeth(address,uint256)`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.",
"function": "sendeth(address,uint256)",
"type": "Warning",
"address": 725,
"debug": "<DEBUG-DATA>"
},
{
"title": "Integer Underflow",
"description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.",
"function": "sendeth(address,uint256)",
"type": "Warning",
"address": 567,
"debug": "<DEBUG-DATA>"
}
]
}
{"error": null, "issues": [{"address": 567, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.", "function": "sendeth(address,uint256)", "title": "Integer Underflow", "type": "Warning"}, {"address": 649, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.", "function": "sendeth(address,uint256)", "title": "Integer Underflow", "type": "Warning"}, {"address": 725, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer overflow exists in the function `sendeth(address,uint256)`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.", "function": "sendeth(address,uint256)", "title": "Integer Overflow", "type": "Warning"}], "success": true}

2
tests/testdata/outputs_expected/underflow.sol.o.markdown vendored
Unescape View File

@ -24,7 +24,7 @@ The subtraction may result in a value < 0.
A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
## Integer Overflow
## Integer Overflow
- Type: Warning
- Contract: Unknown

2
tests/testdata/outputs_expected/underflow.sol.o.text vendored
Unescape View File

@ -16,7 +16,7 @@ A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
--------------------
==== Integer Overflow ====
==== Integer Overflow ====
Type: Warning
Contract: Unknown
Function name: sendeth(address,uint256)

42
tests/testdata/outputs_expected/underflow.sol.text vendored
Unescape View File

@ -1,42 +0,0 @@
==== Integer Underflow ====
Type: Warning
Contract: Under
Function name: sendeth(address,uint256)
PC address: 649
A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
--------------------
In file: <TESTDATA>/inputs/underflow.sol:12
balances[msg.sender] -= _value
--------------------
==== Integer Overflow ====
Type: Warning
Contract: Under
Function name: sendeth(address,uint256)
PC address: 725
A possible integer overflow exists in the function `sendeth(address,uint256)`.
The addition or multiplication may result in a value higher than the maximum representable integer.
--------------------
In file: <TESTDATA>/inputs/underflow.sol:13
balances[_to] += _value
--------------------
==== Integer Underflow ====
Type: Warning
Contract: Under
Function name: sendeth(address,uint256)
PC address: 567
A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
--------------------
In file: <TESTDATA>/inputs/underflow.sol:11
balances[msg.sender] - _value
--------------------

46
tests/testdata/outputs_expected/weak_random.sol.o.json vendored
Unescape View File

@ -0,0 +1,46 @@
{
"success": true,
"error": null,
"issues": [
{
"title": "Dependence on predictable environment variable",
"description": "In the function `_function_0xe9874106` the following predictable state variables are used to determine Ether recipient:\n- block.coinbase\n",
"function": "_function_0xe9874106",
"type": "Warning",
"address": 1285,
"debug": "<DEBUG-DATA>"
},
{
"title": "Ether send",
"description": "In the function `_function_0xe9874106` a non-zero amount of Ether is sent to an address taken from storage slot 0.\nThere is a check on storage index 0. This storage slot can be written to by calling the function `fallback`.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.\nThere is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.",
"function": "_function_0xe9874106",
"type": "Warning",
"address": 1285,
"debug": "<DEBUG-DATA>"
},
{
"title": "Exception state",
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ",
"function": "fallback",
"type": "Informational",
"address": 356,
"debug": "<DEBUG-DATA>"
},
{
"title": "Exception state",
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ",
"function": "_function_0xe9874106",
"type": "Informational",
"address": 146,
"debug": "<DEBUG-DATA>"
},
{
"title": "Transaction order dependence",
"description": "A possible transaction order independence vulnerability exists in function _function_0xe9874106. The value or direction of the call statement is determined from a tainted storage location",
"function": "_function_0xe9874106",
"type": "Warning",
"address": 1285,
"debug": "<DEBUG-DATA>"
}
]
}

62
tests/testdata/outputs_expected/weak_random.sol.o.markdown vendored
Unescape View File

@ -0,0 +1,62 @@
# Analysis results for test-filename.sol
## Dependence on predictable environment variable
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xe9874106`
- PC address: 1285
### Description
In the function `_function_0xe9874106` the following predictable state variables are used to determine Ether recipient:
- block.coinbase
## Ether send
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xe9874106`
- PC address: 1285
### Description
In the function `_function_0xe9874106` a non-zero amount of Ether is sent to an address taken from storage slot 0.
There is a check on storage index 0. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
## Exception state
- Type: Informational
- Contract: Unknown
- Function name: `fallback`
- PC address: 356
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Exception state
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xe9874106`
- PC address: 146
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Transaction order dependence
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xe9874106`
- PC address: 1285
### Description
A possible transaction order independence vulnerability exists in function _function_0xe9874106. The value or direction of the call statement is determined from a tainted storage location

46
tests/testdata/outputs_expected/weak_random.sol.o.text vendored
Unescape View File

@ -0,0 +1,46 @@
==== Dependence on predictable environment variable ====
Type: Warning
Contract: Unknown
Function name: _function_0xe9874106
PC address: 1285
In the function `_function_0xe9874106` the following predictable state variables are used to determine Ether recipient:
- block.coinbase
--------------------
==== Ether send ====
Type: Warning
Contract: Unknown
Function name: _function_0xe9874106
PC address: 1285
In the function `_function_0xe9874106` a non-zero amount of Ether is sent to an address taken from storage slot 0.
There is a check on storage index 0. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
--------------------
==== Exception state ====
Type: Informational
Contract: Unknown
Function name: fallback
PC address: 356
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Exception state ====
Type: Informational
Contract: Unknown
Function name: _function_0xe9874106
PC address: 146
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Transaction order dependence ====
Type: Warning
Contract: Unknown
Function name: _function_0xe9874106
PC address: 1285
A possible transaction order independence vulnerability exists in function _function_0xe9874106. The value or direction of the call statement is determined from a tainted storage location
--------------------
Write Preview
Loading…
Cancel
Save