From 1c3ea80874c07a1da8d89c4d1a2c99e432a8c112 Mon Sep 17 00:00:00 2001 From: Bernhard Mueller Date: Thu, 29 Nov 2018 15:20:48 +0700 Subject: [PATCH] Update tests --- .../outputs_expected/calls.sol.o.json | 67 +------------------ .../outputs_expected/calls.sol.o.markdown | 42 +++++++++++- .../outputs_expected/calls.sol.o.text | 36 +++++++++- .../kinds_of_calls.sol.o.json | 55 +-------------- .../kinds_of_calls.sol.o.markdown | 4 +- .../kinds_of_calls.sol.o.text | 4 +- .../outputs_expected/returnvalue.sol.o.json | 19 +----- .../returnvalue.sol.o.markdown | 24 +++++++ .../outputs_expected/returnvalue.sol.o.text | 20 ++++++ 9 files changed, 123 insertions(+), 148 deletions(-) diff --git a/tests/testdata/outputs_expected/calls.sol.o.json b/tests/testdata/outputs_expected/calls.sol.o.json index 6d4d8063..d8b68faa 100644 --- a/tests/testdata/outputs_expected/calls.sol.o.json +++ b/tests/testdata/outputs_expected/calls.sol.o.json @@ -1,66 +1 @@ -{ - "error": null, - "issues": [ - { - "address": 666, - "contract": "Unknown", - "debug": "", - "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", - "function": "thisisfine()", - "max_gas_used": 35963, - "min_gas_used": 1352, - "swc-id": "104", - "title": "Unchecked CALL return value", - "type": "Informational" - }, - { - "address": 784, - "contract": "Unknown", - "debug": "", - "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", - "function": "callstoredaddress()", - "max_gas_used": 36007, - "min_gas_used": 1396, - "swc-id": "104", - "title": "Unchecked CALL return value", - "type": "Informational" - }, - { - "address": 871, - "contract": "Unknown", - "debug": "", - "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", - "function": "_function_0xe11f493e", - "max_gas_used": 61043, - "min_gas_used": 6432, - "swc-id": "104", - "title": "Unchecked CALL return value", - "type": "Informational" - }, - { - "address": 912, - "contract": "Unknown", - "debug": "", - "description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", - "function": "calluseraddress(address)", - "max_gas_used": 616, - "min_gas_used": 335, - "swc-id": "107", - "title": "Message call to external contract", - "type": "Warning" - }, - { - "address": 918, - "contract": "Unknown", - "debug": "", - "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", - "function": "calluseraddress(address)", - "max_gas_used": 35327, - "min_gas_used": 1046, - "swc-id": "104", - "title": "Unchecked CALL return value", - "type": "Informational" - } - ], - "success": true -} +{"error": null, "issues": [{"address": 661, "contract": "Unknown", "debug": "", "description": "The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable.", "function": "thisisfine()", "max_gas_used": 1254, "min_gas_used": 643, "swc-id": "107", "title": "External call", "type": "Informational"}, {"address": 666, "contract": "Unknown", "debug": "", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "thisisfine()", "max_gas_used": 35963, "min_gas_used": 1352, "swc-id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 779, "contract": "Unknown", "debug": "", "description": "The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable.", "function": "callstoredaddress()", "max_gas_used": 1298, "min_gas_used": 687, "swc-id": "107", "title": "External call", "type": "Informational"}, {"address": 784, "contract": "Unknown", "debug": "", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "callstoredaddress()", "max_gas_used": 36007, "min_gas_used": 1396, "swc-id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 858, "contract": "Unknown", "debug": "", "description": "The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable.", "function": "reentrancy()", "max_gas_used": 1320, "min_gas_used": 709, "swc-id": "107", "title": "External call", "type": "Informational"}, {"address": 871, "contract": "Unknown", "debug": "", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "reentrancy()", "max_gas_used": 61043, "min_gas_used": 6432, "swc-id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 912, "contract": "Unknown", "debug": "", "description": "The contract executes a function call with high gas to a user-supplied address. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent unanticipated effects on the contract state.", "function": "calluseraddress(address)", "max_gas_used": 616, "min_gas_used": 335, "swc-id": "107", "title": "External call to user-supplied address", "type": "Warning"}, {"address": 918, "contract": "Unknown", "debug": "", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "calluseraddress(address)", "max_gas_used": 35327, "min_gas_used": 1046, "swc-id": "104", "title": "Unchecked CALL return value", "type": "Informational"}], "success": true} \ No newline at end of file diff --git a/tests/testdata/outputs_expected/calls.sol.o.markdown b/tests/testdata/outputs_expected/calls.sol.o.markdown index 297047d2..ff656859 100644 --- a/tests/testdata/outputs_expected/calls.sol.o.markdown +++ b/tests/testdata/outputs_expected/calls.sol.o.markdown @@ -1,5 +1,17 @@ # Analysis results for test-filename.sol +## External call +- SWC ID: 107 +- Type: Informational +- Contract: Unknown +- Function name: `thisisfine()` +- PC address: 661 +- Estimated Gas Usage: 643 - 1254 + +### Description + +The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. + ## Unchecked CALL return value - SWC ID: 104 - Type: Informational @@ -12,6 +24,18 @@ The return value of an external call is not checked. Note that execution continue even if the called contract throws. +## External call +- SWC ID: 107 +- Type: Informational +- Contract: Unknown +- Function name: `callstoredaddress()` +- PC address: 779 +- Estimated Gas Usage: 687 - 1298 + +### Description + +The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. + ## Unchecked CALL return value - SWC ID: 104 - Type: Informational @@ -24,11 +48,23 @@ The return value of an external call is not checked. Note that execution continu The return value of an external call is not checked. Note that execution continue even if the called contract throws. +## External call +- SWC ID: 107 +- Type: Informational +- Contract: Unknown +- Function name: `reentrancy()` +- PC address: 858 +- Estimated Gas Usage: 709 - 1320 + +### Description + +The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. + ## Unchecked CALL return value - SWC ID: 104 - Type: Informational - Contract: Unknown -- Function name: `_function_0xe11f493e` +- Function name: `reentrancy()` - PC address: 871 - Estimated Gas Usage: 6432 - 61043 @@ -36,7 +72,7 @@ The return value of an external call is not checked. Note that execution continu The return value of an external call is not checked. Note that execution continue even if the called contract throws. -## Message call to external contract +## External call to user-supplied address - SWC ID: 107 - Type: Warning - Contract: Unknown @@ -46,7 +82,7 @@ The return value of an external call is not checked. Note that execution continu ### Description -This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state. +The contract executes a function call with high gas to a user-supplied address. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent unanticipated effects on the contract state. ## Unchecked CALL return value - SWC ID: 104 diff --git a/tests/testdata/outputs_expected/calls.sol.o.text b/tests/testdata/outputs_expected/calls.sol.o.text index 02407bee..1cbfb35e 100644 --- a/tests/testdata/outputs_expected/calls.sol.o.text +++ b/tests/testdata/outputs_expected/calls.sol.o.text @@ -1,3 +1,13 @@ +==== External call ==== +SWC ID: 107 +Type: Informational +Contract: Unknown +Function name: thisisfine() +PC address: 661 +Estimated Gas Usage: 643 - 1254 +The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. +-------------------- + ==== Unchecked CALL return value ==== SWC ID: 104 Type: Informational @@ -8,6 +18,16 @@ Estimated Gas Usage: 1352 - 35963 The return value of an external call is not checked. Note that execution continue even if the called contract throws. -------------------- +==== External call ==== +SWC ID: 107 +Type: Informational +Contract: Unknown +Function name: callstoredaddress() +PC address: 779 +Estimated Gas Usage: 687 - 1298 +The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. +-------------------- + ==== Unchecked CALL return value ==== SWC ID: 104 Type: Informational @@ -18,24 +38,34 @@ Estimated Gas Usage: 1396 - 36007 The return value of an external call is not checked. Note that execution continue even if the called contract throws. -------------------- +==== External call ==== +SWC ID: 107 +Type: Informational +Contract: Unknown +Function name: reentrancy() +PC address: 858 +Estimated Gas Usage: 709 - 1320 +The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. +-------------------- + ==== Unchecked CALL return value ==== SWC ID: 104 Type: Informational Contract: Unknown -Function name: _function_0xe11f493e +Function name: reentrancy() PC address: 871 Estimated Gas Usage: 6432 - 61043 The return value of an external call is not checked. Note that execution continue even if the called contract throws. -------------------- -==== Message call to external contract ==== +==== External call to user-supplied address ==== SWC ID: 107 Type: Warning Contract: Unknown Function name: calluseraddress(address) PC address: 912 Estimated Gas Usage: 335 - 616 -This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state. +The contract executes a function call with high gas to a user-supplied address. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent unanticipated effects on the contract state. -------------------- ==== Unchecked CALL return value ==== diff --git a/tests/testdata/outputs_expected/kinds_of_calls.sol.o.json b/tests/testdata/outputs_expected/kinds_of_calls.sol.o.json index a373f020..33da5788 100644 --- a/tests/testdata/outputs_expected/kinds_of_calls.sol.o.json +++ b/tests/testdata/outputs_expected/kinds_of_calls.sol.o.json @@ -1,54 +1 @@ -{ - "error": null, - "issues": [ - { - "address": 626, - "contract": "Unknown", - "debug": "", - "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", - "function": "_function_0x141f32ff", - "max_gas_used": 35856, - "min_gas_used": 1104, - "swc-id": "104", - "title": "Unchecked CALL return value", - "type": "Informational" - }, - { - "address": 857, - "contract": "Unknown", - "debug": "", - "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", - "function": "_function_0x9b58bc26", - "max_gas_used": 35919, - "min_gas_used": 1167, - "swc-id": "104", - "title": "Unchecked CALL return value", - "type": "Informational" - }, - { - "address": 1038, - "contract": "Unknown", - "debug": "", - "description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", - "function": "_function_0xeea4c864", - "max_gas_used": 1229, - "min_gas_used": 477, - "swc-id": "107", - "title": "Message call to external contract", - "type": "Warning" - }, - { - "address": 1046, - "contract": "Unknown", - "debug": "", - "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", - "function": "_function_0xeea4c864", - "max_gas_used": 35944, - "min_gas_used": 1192, - "swc-id": "104", - "title": "Unchecked CALL return value", - "type": "Informational" - } - ], - "success": true -} +{"error": null, "issues": [{"address": 626, "contract": "Unknown", "debug": "", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0x141f32ff", "max_gas_used": 35856, "min_gas_used": 1104, "swc-id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 857, "contract": "Unknown", "debug": "", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0x9b58bc26", "max_gas_used": 35919, "min_gas_used": 1167, "swc-id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 1038, "contract": "Unknown", "debug": "", "description": "The contract executes a function call with high gas to a user-supplied address. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent unanticipated effects on the contract state.", "function": "_function_0xeea4c864", "max_gas_used": 1229, "min_gas_used": 477, "swc-id": "107", "title": "External call to user-supplied address", "type": "Warning"}, {"address": 1046, "contract": "Unknown", "debug": "", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xeea4c864", "max_gas_used": 35944, "min_gas_used": 1192, "swc-id": "104", "title": "Unchecked CALL return value", "type": "Informational"}], "success": true} \ No newline at end of file diff --git a/tests/testdata/outputs_expected/kinds_of_calls.sol.o.markdown b/tests/testdata/outputs_expected/kinds_of_calls.sol.o.markdown index 98f6e0b2..d3fb63bf 100644 --- a/tests/testdata/outputs_expected/kinds_of_calls.sol.o.markdown +++ b/tests/testdata/outputs_expected/kinds_of_calls.sol.o.markdown @@ -24,7 +24,7 @@ The return value of an external call is not checked. Note that execution continu The return value of an external call is not checked. Note that execution continue even if the called contract throws. -## Message call to external contract +## External call to user-supplied address - SWC ID: 107 - Type: Warning - Contract: Unknown @@ -34,7 +34,7 @@ The return value of an external call is not checked. Note that execution continu ### Description -This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state. +The contract executes a function call with high gas to a user-supplied address. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent unanticipated effects on the contract state. ## Unchecked CALL return value - SWC ID: 104 diff --git a/tests/testdata/outputs_expected/kinds_of_calls.sol.o.text b/tests/testdata/outputs_expected/kinds_of_calls.sol.o.text index 9a70b216..1f244935 100644 --- a/tests/testdata/outputs_expected/kinds_of_calls.sol.o.text +++ b/tests/testdata/outputs_expected/kinds_of_calls.sol.o.text @@ -18,14 +18,14 @@ Estimated Gas Usage: 1167 - 35919 The return value of an external call is not checked. Note that execution continue even if the called contract throws. -------------------- -==== Message call to external contract ==== +==== External call to user-supplied address ==== SWC ID: 107 Type: Warning Contract: Unknown Function name: _function_0xeea4c864 PC address: 1038 Estimated Gas Usage: 477 - 1229 -This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state. +The contract executes a function call with high gas to a user-supplied address. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent unanticipated effects on the contract state. -------------------- ==== Unchecked CALL return value ==== diff --git a/tests/testdata/outputs_expected/returnvalue.sol.o.json b/tests/testdata/outputs_expected/returnvalue.sol.o.json index 4d41921e..cdcb199b 100644 --- a/tests/testdata/outputs_expected/returnvalue.sol.o.json +++ b/tests/testdata/outputs_expected/returnvalue.sol.o.json @@ -1,18 +1 @@ -{ - "error": null, - "issues": [ - { - "address": 290, - "contract": "Unknown", - "debug": "", - "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", - "function": "callnotchecked()", - "max_gas_used": 35941, - "min_gas_used": 1330, - "swc-id": "104", - "title": "Unchecked CALL return value", - "type": "Informational" - } - ], - "success": true -} +{"error": null, "issues": [{"address": 196, "contract": "Unknown", "debug": "", "description": "The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable.", "function": "callchecked()", "max_gas_used": 1210, "min_gas_used": 599, "swc-id": "107", "title": "External call", "type": "Informational"}, {"address": 285, "contract": "Unknown", "debug": "", "description": "The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable.", "function": "callnotchecked()", "max_gas_used": 1232, "min_gas_used": 621, "swc-id": "107", "title": "External call", "type": "Informational"}, {"address": 290, "contract": "Unknown", "debug": "", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "callnotchecked()", "max_gas_used": 35941, "min_gas_used": 1330, "swc-id": "104", "title": "Unchecked CALL return value", "type": "Informational"}], "success": true} \ No newline at end of file diff --git a/tests/testdata/outputs_expected/returnvalue.sol.o.markdown b/tests/testdata/outputs_expected/returnvalue.sol.o.markdown index 652c22e6..d733d759 100644 --- a/tests/testdata/outputs_expected/returnvalue.sol.o.markdown +++ b/tests/testdata/outputs_expected/returnvalue.sol.o.markdown @@ -1,5 +1,29 @@ # Analysis results for test-filename.sol +## External call +- SWC ID: 107 +- Type: Informational +- Contract: Unknown +- Function name: `callchecked()` +- PC address: 196 +- Estimated Gas Usage: 599 - 1210 + +### Description + +The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. + +## External call +- SWC ID: 107 +- Type: Informational +- Contract: Unknown +- Function name: `callnotchecked()` +- PC address: 285 +- Estimated Gas Usage: 621 - 1232 + +### Description + +The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. + ## Unchecked CALL return value - SWC ID: 104 - Type: Informational diff --git a/tests/testdata/outputs_expected/returnvalue.sol.o.text b/tests/testdata/outputs_expected/returnvalue.sol.o.text index 98898844..29c4b0d0 100644 --- a/tests/testdata/outputs_expected/returnvalue.sol.o.text +++ b/tests/testdata/outputs_expected/returnvalue.sol.o.text @@ -1,3 +1,23 @@ +==== External call ==== +SWC ID: 107 +Type: Informational +Contract: Unknown +Function name: callchecked() +PC address: 196 +Estimated Gas Usage: 599 - 1210 +The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. +-------------------- + +==== External call ==== +SWC ID: 107 +Type: Informational +Contract: Unknown +Function name: callnotchecked() +PC address: 285 +Estimated Gas Usage: 621 - 1232 +The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. +-------------------- + ==== Unchecked CALL return value ==== SWC ID: 104 Type: Informational