TheDude
/
mythril
mirror of https://github.com/ConsenSys/mythril
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'develop' of github.com:ConsenSys/mythril into storage/experiment

Browse Source
pull/1102/head
Bernhard Mueller 5 years ago
parent ccf5c3b3c0 3f81b481ce
commit 1ba4091217
5 changed files with 29 additions and 37 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 30
      mythril/analysis/report.py
  2. 15
      mythril/analysis/templates/report_as_markdown.jinja2
  3. 11
      mythril/analysis/templates/report_as_text.jinja2
  4. 6
      mythril/interfaces/cli.py
  5. 4
      mythril/mythril/mythril_analyzer.py

30
mythril/analysis/report.py
Unescape View File

@ -67,19 +67,12 @@ class Issue:
@property @property
def transaction_sequence_users(self): def transaction_sequence_users(self):
""" Returns the transaction sequence in json without pre-generated block data""" """ Returns the transaction sequence without pre-generated block data"""
return ( return self.transaction_sequence
json.dumps(self.transaction_sequence, indent=4)
if self.transaction_sequence
else None
)
@property @property
def transaction_sequence_jsonv2(self): def transaction_sequence_jsonv2(self):
""" """ Returns the transaction sequence as a json string with pre-generated block data"""
Returns the transaction sequence with pre-generated block data.
Jsonv2 tx sequence isn't formatted for user readability.
"""
return ( return (
self.add_block_data(self.transaction_sequence) self.add_block_data(self.transaction_sequence)
if self.transaction_sequence if self.transaction_sequence
@ -105,6 +98,7 @@ class Issue:
:return: :return:
""" """
issue = { issue = {
"title": self.title, "title": self.title,
"swc-id": self.swc_id, "swc-id": self.swc_id,
@ -113,7 +107,7 @@ class Issue:
"function": self.function, "function": self.function,
"severity": self.severity, "severity": self.severity,
"address": self.address, "address": self.address,
"tx_sequence": self.transaction_sequence_users, "tx_sequence": self.transaction_sequence,
"min_gas_used": self.min_gas_used, "min_gas_used": self.min_gas_used,
"max_gas_used": self.max_gas_used, "max_gas_used": self.max_gas_used,
"sourceMap": self.source_mapping, "sourceMap": self.source_mapping,
@ -165,13 +159,13 @@ class Report:
loader=PackageLoader("mythril.analysis"), trim_blocks=True loader=PackageLoader("mythril.analysis"), trim_blocks=True
) )
def __init__(self, verbose=False, contracts=None, exceptions=None): def __init__(self, contracts=None, exceptions=None):
""" """
:param verbose: :param contracts:
:param exceptions:
""" """
self.issues = {} self.issues = {}
self.verbose = verbose
self.solc_version = "" self.solc_version = ""
self.meta = {} self.meta = {}
self.source = Source() self.source = Source()
@ -203,9 +197,7 @@ class Report:
name = self._file_name() name = self._file_name()
template = Report.environment.get_template("report_as_text.jinja2") template = Report.environment.get_template("report_as_text.jinja2")
return template.render( return template.render(filename=name, issues=self.sorted_issues())
filename=name, issues=self.sorted_issues(), verbose=self.verbose
)
def as_json(self): def as_json(self):
""" """
@ -274,9 +266,7 @@ class Report:
""" """
filename = self._file_name() filename = self._file_name()
template = Report.environment.get_template("report_as_markdown.jinja2") template = Report.environment.get_template("report_as_markdown.jinja2")
return template.render( return template.render(filename=filename, issues=self.sorted_issues())
filename=filename, issues=self.sorted_issues(), verbose=self.verbose
)
def _file_name(self): def _file_name(self):
""" """

15
mythril/analysis/templates/report_as_markdown.jinja2
Unescape View File

@ -24,15 +24,20 @@ In file: {{ issue.filename }}:{{ issue.lineno }}
{{ issue.code }} {{ issue.code }}
``` ```
{% endif %} {% endif %}
{% if verbose and issue.tx_sequence %} {% if issue.tx_sequence %}
--------------------
### Debugging Information:
{{ issue.tx_sequence }} ### Transaction Sequence
{% for step in issue.tx_sequence.steps %}
{% if step == issue.tx_sequence.steps[0] and step.input != "0x" and step.origin == "0xaffeaffeaffeaffeaffeaffeaffeaffeaffeaffe" %}
Caller: [CREATOR], data: [CONTRACT CREATION], value: {{ step.value }}
{% else %}
Caller: {% if step.origin == "0xaffeaffeaffeaffeaffeaffeaffeaffeaffeaffe" %}[CREATOR]{% elif step.origin == "0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef" %}[ATTACKER]{% else %}[SOMEGUY]{% endif %}, data: {{ step.input }}, value: {{ step.value }}
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% else %} {% endif %}
{% endfor %}
{% else %}
The analysis was completed successfully. No issues were detected. The analysis was completed successfully. No issues were detected.
{% endif %} {% endif %}

11
mythril/analysis/templates/report_as_text.jinja2
Unescape View File

@ -18,11 +18,16 @@ In file: {{ issue.filename }}:{{ issue.lineno }}
-------------------- --------------------
{% endif %} {% endif %}
{% if verbose and issue.tx_sequence %} {% if issue.tx_sequence %}
--------------------
Transaction Sequence: Transaction Sequence:
{{ issue.tx_sequence }} {% for step in issue.tx_sequence.steps %}
{% if step == issue.tx_sequence.steps[0] and step.input != "0x" and step.origin == "0xaffeaffeaffeaffeaffeaffeaffeaffeaffeaffe" %}
Caller: [CREATOR], data: [CONTRACT CREATION], value: {{ step.value }}
{% else %}
Caller: {% if step.origin == "0xaffeaffeaffeaffeaffeaffeaffeaffeaffeaffe" %}[CREATOR]{% elif step.origin == "0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef" %}[ATTACKER]{% else %}[SOMEGUY]{% endif %}, data: {{ step.input }}, value: {{ step.value }}
{% endif %}
{% endfor %}
{% endif %} {% endif %}
{% endfor %} {% endfor %}

6
mythril/interfaces/cli.py
Unescape View File

@ -119,11 +119,6 @@ def get_output_parser() -> ArgumentParser:
help="report output format", help="report output format",
metavar="<text/markdown/json/jsonv2>", metavar="<text/markdown/json/jsonv2>",
) )
parser.add_argument(
"--verbose-report",
action="store_true",
help="Include debugging information in report",
)
return parser return parser
@ -599,7 +594,6 @@ def execute_command(
modules=[m.strip() for m in args.modules.strip().split(",")] modules=[m.strip() for m in args.modules.strip().split(",")]
if args.modules if args.modules
else [], else [],
verbose_report=args.verbose_report,
transaction_count=args.transaction_count, transaction_count=args.transaction_count,
) )
outputs = { outputs = {

4
mythril/mythril/mythril_analyzer.py
Unescape View File

@ -122,12 +122,10 @@ class MythrilAnalyzer:
def fire_lasers( def fire_lasers(
self, self,
modules: Optional[List[str]] = None, modules: Optional[List[str]] = None,
verbose_report: bool = False,
transaction_count: Optional[int] = None, transaction_count: Optional[int] = None,
) -> Report: ) -> Report:
""" """
:param modules: The analysis modules which should be executed :param modules: The analysis modules which should be executed
:param verbose_report: Gives out the transaction sequence of the vulnerability
:param transaction_count: The amount of transactions to be executed :param transaction_count: The amount of transactions to be executed
:return: The Report class which contains the all the issues/vulnerabilities :return: The Report class which contains the all the issues/vulnerabilities
""" """
@ -177,7 +175,7 @@ class MythrilAnalyzer:
source_data = Source() source_data = Source()
source_data.get_source_from_contracts_list(self.contracts) source_data.get_source_from_contracts_list(self.contracts)
# Finally, output the results # Finally, output the results
report = Report(verbose_report, contracts=self.contracts, exceptions=exceptions) report = Report(contracts=self.contracts, exceptions=exceptions)
for issue in all_issues: for issue in all_issues:
report.append_issue(issue) report.append_issue(issue)

Write Preview
Loading…
Cancel
Save