test reports generation

pull/99/head
freewind 7 years ago
parent 3fd4272c43
commit 1d12221ff8
  1. 6
      myth
  2. 6
      mythril/analysis/report.py
  3. 37
      tests/analysis/symbolic_test.py
  4. 2
      tests/disassembler_test.py
  5. 2
      tests/solidity_contract_test.py
  6. 1
      tests/testdata/calls.sol.json
  7. 127
      tests/testdata/calls.sol.markdown
  8. 117
      tests/testdata/calls.sol.text
  9. 1
      tests/testdata/ether_send.sol.json
  10. 17
      tests/testdata/ether_send.sol.markdown
  11. 15
      tests/testdata/ether_send.sol.text
  12. 1
      tests/testdata/exceptions.sol.json
  13. 57
      tests/testdata/exceptions.sol.markdown
  14. 52
      tests/testdata/exceptions.sol.text
  15. 1
      tests/testdata/metacoin.sol.json
  16. 1
      tests/testdata/metacoin.sol.markdown
  17. 0
      tests/testdata/metacoin.sol.text
  18. 1
      tests/testdata/multi_contracts.sol.json
  19. 16
      tests/testdata/multi_contracts.sol.markdown
  20. 14
      tests/testdata/multi_contracts.sol.text
  21. 1
      tests/testdata/origin.sol.json
  22. 16
      tests/testdata/origin.sol.markdown
  23. 14
      tests/testdata/origin.sol.text
  24. 1
      tests/testdata/returnvalue.sol.json
  25. 43
      tests/testdata/returnvalue.sol.markdown
  26. 39
      tests/testdata/returnvalue.sol.text
  27. 1
      tests/testdata/rubixi.sol.json
  28. 120
      tests/testdata/rubixi.sol.markdown
  29. 111
      tests/testdata/rubixi.sol.text
  30. 1
      tests/testdata/suicide.sol.json
  31. 17
      tests/testdata/suicide.sol.markdown
  32. 15
      tests/testdata/suicide.sol.text
  33. 1
      tests/testdata/underflow.sol.json
  34. 31
      tests/testdata/underflow.sol.markdown
  35. 28
      tests/testdata/underflow.sol.text
  36. 1
      tests/testdata/weak_random.sol.json
  37. 62
      tests/testdata/weak_random.sol.markdown
  38. 57
      tests/testdata/weak_random.sol.text

@ -383,11 +383,7 @@ elif args.graph or args.fire_lasers:
if type(contract) == SolidityContract: if type(contract) == SolidityContract:
for issue in issues: for issue in issues:
if issue.pc: issue.add_code_info(contract)
codeinfo = contract.get_source_info(issue.pc)
issue.filename = codeinfo.filename
issue.code = codeinfo.code
issue.lineno = codeinfo.lineno
all_issues += issues all_issues += issues

@ -30,6 +30,12 @@ class Issue:
return issue return issue
def add_code_info(self, contract):
if self.pc:
codeinfo = contract.get_source_info(self.pc)
self.filename = codeinfo.filename
self.code = codeinfo.code
self.lineno = codeinfo.lineno
class Report: class Report:

@ -0,0 +1,37 @@
from unittest import TestCase
from pathlib import Path
from mythril.analysis.report import Report
from mythril.analysis.security import fire_lasers
from mythril.analysis.symbolic import SymExecWrapper
from mythril.ether import util
from mythril.ether.soliditycontract import SolidityContract
TEST_FILES = Path(__file__).parents[1] / "testdata"
def _fix_path(text):
return text.replace(str(TEST_FILES), "<TEST_FILES>")
class AnalysisReportTest(TestCase):
def test_reports(self):
for input_file in TEST_FILES.iterdir():
if input_file.is_file and input_file.suffix == '.sol':
contract = SolidityContract(str(input_file), name=None, solc_args=None)
sym = SymExecWrapper(contract, address=(util.get_indexed_address(0)))
issues = fire_lasers(sym)
for issue in issues:
issue.add_code_info(contract)
report = Report()
for issue in issues:
report.append_issue(issue)
text = (TEST_FILES / (input_file.name + ".text")).read_text()
json = (TEST_FILES / (input_file.name + ".json")).read_text()
markdown = (TEST_FILES / (input_file.name + ".markdown")).read_text()
self.assertEqual(_fix_path(report.as_text()), text)
self.assertEqual(_fix_path(report.as_json()), json)
self.assertEqual(_fix_path(report.as_markdown()), markdown)

@ -4,7 +4,7 @@ from pathlib import Path
from mythril.disassembler.disassembly import Disassembly from mythril.disassembler.disassembly import Disassembly
from mythril.ether import util from mythril.ether import util
TEST_FILES = Path.cwd() / "testdata" TEST_FILES = Path(__file__).parent / "testdata"
def _compile_to_code(input_file): def _compile_to_code(input_file):
compiled = util.get_solc_json(str(input_file)) compiled = util.get_solc_json(str(input_file))

@ -3,7 +3,7 @@ from pathlib import Path
from mythril.ether.soliditycontract import SolidityContract from mythril.ether.soliditycontract import SolidityContract
TEST_FILES = Path.cwd() / "testdata" TEST_FILES = Path(__file__).parent / "testdata"
class SolidityContractTest(TestCase): class SolidityContractTest(TestCase):

@ -0,0 +1 @@
{"success": true, "error": null, "issues": [{"title": "Message call to external contract", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0x5a6814ec", "type": "Informational", "address": 661, "debug": "", "filename": "<TEST_FILES>/calls.sol", "lineno": 16, "code": "fixed_address.call()"}, {"title": "Message call to external contract", "description": "This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function '_function_0x2776b163'. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xd24b08cc", "type": "Warning", "address": 779, "debug": "", "filename": "<TEST_FILES>/calls.sol", "lineno": 29, "code": "stored_address.call()"}, {"title": "Message call to external contract", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0xe11f493e", "type": "Informational", "address": 858, "debug": "", "filename": "<TEST_FILES>/calls.sol", "lineno": 20, "code": "fixed_address.call()"}, {"title": "State change after external call", "description": "The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.", "function": "_function_0xe11f493e", "type": "Warning", "address": 869, "debug": "", "filename": "<TEST_FILES>/calls.sol", "lineno": 21, "code": "statevar = 0"}, {"title": "Message call to external contract", "description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xe1d10f79", "type": "Warning", "address": 912, "debug": "", "filename": "<TEST_FILES>/calls.sol", "lineno": 25, "code": "addr.call()"}, {"title": "Unchecked CALL return value", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0x5a6814ec", "type": "Informational", "address": 661, "debug": "", "filename": "<TEST_FILES>/calls.sol", "lineno": 16, "code": "fixed_address.call()"}, {"title": "Unchecked CALL return value", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xd24b08cc", "type": "Informational", "address": 779, "debug": "", "filename": "<TEST_FILES>/calls.sol", "lineno": 29, "code": "stored_address.call()"}, {"title": "Unchecked CALL return value", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe11f493e", "type": "Informational", "address": 858, "debug": "", "filename": "<TEST_FILES>/calls.sol", "lineno": 20, "code": "fixed_address.call()"}, {"title": "Unchecked CALL return value", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe1d10f79", "type": "Informational", "address": 912, "debug": "", "filename": "<TEST_FILES>/calls.sol", "lineno": 25, "code": "addr.call()"}]}

@ -0,0 +1,127 @@
# Analysis Results
## Message call to external contract
- Type: Informational
- Contract: Caller
- Function name: `_function_0x5a6814ec`
- PC address: 661
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
In *<TEST_FILES>/calls.sol:16*
```
fixed_address.call()
```
## Message call to external contract
- Type: Warning
- Contract: Caller
- Function name: `_function_0xd24b08cc`
- PC address: 779
### Description
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function '_function_0x2776b163'. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
In *<TEST_FILES>/calls.sol:29*
```
stored_address.call()
```
## Message call to external contract
- Type: Informational
- Contract: Caller
- Function name: `_function_0xe11f493e`
- PC address: 858
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
In *<TEST_FILES>/calls.sol:20*
```
fixed_address.call()
```
## State change after external call
- Type: Warning
- Contract: Caller
- Function name: `_function_0xe11f493e`
- PC address: 869
### Description
The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.
In *<TEST_FILES>/calls.sol:21*
```
statevar = 0
```
## Message call to external contract
- Type: Warning
- Contract: Caller
- Function name: `_function_0xe1d10f79`
- PC address: 912
### Description
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
In *<TEST_FILES>/calls.sol:25*
```
addr.call()
```
## Unchecked CALL return value
- Type: Informational
- Contract: Caller
- Function name: `_function_0x5a6814ec`
- PC address: 661
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TEST_FILES>/calls.sol:16*
```
fixed_address.call()
```
## Unchecked CALL return value
- Type: Informational
- Contract: Caller
- Function name: `_function_0xd24b08cc`
- PC address: 779
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TEST_FILES>/calls.sol:29*
```
stored_address.call()
```
## Unchecked CALL return value
- Type: Informational
- Contract: Caller
- Function name: `_function_0xe11f493e`
- PC address: 858
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TEST_FILES>/calls.sol:20*
```
fixed_address.call()
```
## Unchecked CALL return value
- Type: Informational
- Contract: Caller
- Function name: `_function_0xe1d10f79`
- PC address: 912
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TEST_FILES>/calls.sol:25*
```
addr.call()
```

@ -0,0 +1,117 @@
==== Message call to external contract ====
Type: Informational
Contract: Caller
Function name: _function_0x5a6814ec
PC address: 661
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
--------------------
In file: <TEST_FILES>/calls.sol:16
fixed_address.call()
--------------------
==== Message call to external contract ====
Type: Warning
Contract: Caller
Function name: _function_0xd24b08cc
PC address: 779
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function '_function_0x2776b163'. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
--------------------
In file: <TEST_FILES>/calls.sol:29
stored_address.call()
--------------------
==== Message call to external contract ====
Type: Informational
Contract: Caller
Function name: _function_0xe11f493e
PC address: 858
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
--------------------
In file: <TEST_FILES>/calls.sol:20
fixed_address.call()
--------------------
==== State change after external call ====
Type: Warning
Contract: Caller
Function name: _function_0xe11f493e
PC address: 869
The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.
--------------------
In file: <TEST_FILES>/calls.sol:21
statevar = 0
--------------------
==== Message call to external contract ====
Type: Warning
Contract: Caller
Function name: _function_0xe1d10f79
PC address: 912
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
--------------------
In file: <TEST_FILES>/calls.sol:25
addr.call()
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Caller
Function name: _function_0x5a6814ec
PC address: 661
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
In file: <TEST_FILES>/calls.sol:16
fixed_address.call()
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Caller
Function name: _function_0xd24b08cc
PC address: 779
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
In file: <TEST_FILES>/calls.sol:29
stored_address.call()
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Caller
Function name: _function_0xe11f493e
PC address: 858
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
In file: <TEST_FILES>/calls.sol:20
fixed_address.call()
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Caller
Function name: _function_0xe1d10f79
PC address: 912
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
In file: <TEST_FILES>/calls.sol:25
addr.call()
--------------------

@ -0,0 +1 @@
{"success": true, "error": null, "issues": [{"title": "Ether send", "description": "In the function 'withdrawfunds()' a non-zero amount of Ether is sent to msg.sender.\n\nThere is a check on storage index 7. This storage slot can be written to by calling the function 'crowdfunding()'.", "function": "withdrawfunds()", "type": "Warning", "address": 816, "debug": "SOLVER OUTPUT:\nstorage_1: 0x0\ncaller: 0x0\ncalldata_Crowdfunding_0: 0x6c343ffe00000000000000000000000000000000000000000000000000000000\ncalldatasize_Crowdfunding: 0x4\ncallvalue: 0x0\n", "filename": "<TEST_FILES>/ether_send.sol", "lineno": 18, "code": "msg.sender.transfer(this.balance)"}]}

@ -0,0 +1,17 @@
# Analysis Results
## Ether send
- Type: Warning
- Contract: Crowdfunding
- Function name: `withdrawfunds()`
- PC address: 816
### Description
In the function 'withdrawfunds()' a non-zero amount of Ether is sent to msg.sender.
There is a check on storage index 7. This storage slot can be written to by calling the function 'crowdfunding()'.
In *<TEST_FILES>/ether_send.sol:18*
```
msg.sender.transfer(this.balance)
```

@ -0,0 +1,15 @@
==== Ether send ====
Type: Warning
Contract: Crowdfunding
Function name: withdrawfunds()
PC address: 816
In the function 'withdrawfunds()' a non-zero amount of Ether is sent to msg.sender.
There is a check on storage index 7. This storage slot can be written to by calling the function 'crowdfunding()'.
--------------------
In file: <TEST_FILES>/ether_send.sol:18
msg.sender.transfer(this.balance)
--------------------

@ -0,0 +1 @@
{"success": true, "error": null, "issues": [{"title": "Exception state", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking. ", "function": "_function_0x546455b5", "type": "Informational", "address": 446, "debug": "The exception is triggered under the following conditions:\n\ncalldata_Exceptions_0: 0x546455b500000000000000000000000000000000000000000000000000000000\ncalldatasize_Exceptions: 0x4\ncalldata_Exceptions_4: 0x17\ncallvalue: 0x0\n", "filename": "<TEST_FILES>/exceptions.sol", "lineno": 16, "code": "assert(input != 23)"}, {"title": "Exception state", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking. ", "function": "_function_0x92dd38ea", "type": "Informational", "address": 484, "debug": "The exception is triggered under the following conditions:\n\ncalldata_Exceptions_4: 0x8\ncalldata_Exceptions_0: 0x92dd38ea00000000000000000000000000000000000000000000000000000000\ncalldatasize_Exceptions: 0x4\ncallvalue: 0x0\n", "filename": "<TEST_FILES>/exceptions.sol", "lineno": 34, "code": "myarray[index]"}, {"title": "Exception state", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking. ", "function": "_function_0xa08299f1", "type": "Informational", "address": 506, "debug": "The exception is triggered under the following conditions:\n\ncalldata_Exceptions_0: 0xa08299f100000000000000000000000000000000000000000000000000000000\ncalldatasize_Exceptions: 0x4\ncalldata_Exceptions_4: 0x0\ncallvalue: 0x0\n", "filename": "<TEST_FILES>/exceptions.sol", "lineno": 24, "code": "1/input"}, {"title": "Exception state", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking. ", "function": "_function_0xb34c3610", "type": "Informational", "address": 531, "debug": "The exception is triggered under the following conditions:\n\ncalldata_Exceptions_0: 0xb34c361000000000000000000000000000000000000000000000000000000000\ncalldatasize_Exceptions: 0x4\ncallvalue: 0x0\n", "filename": "<TEST_FILES>/exceptions.sol", "lineno": 7, "code": "assert(i == 0)"}]}

@ -0,0 +1,57 @@
# Analysis Results
## Exception state
- Type: Informational
- Contract: Exceptions
- Function name: `_function_0x546455b5`
- PC address: 446
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TEST_FILES>/exceptions.sol:16*
```
assert(input != 23)
```
## Exception state
- Type: Informational
- Contract: Exceptions
- Function name: `_function_0x92dd38ea`
- PC address: 484
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TEST_FILES>/exceptions.sol:34*
```
myarray[index]
```
## Exception state
- Type: Informational
- Contract: Exceptions
- Function name: `_function_0xa08299f1`
- PC address: 506
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TEST_FILES>/exceptions.sol:24*
```
1/input
```
## Exception state
- Type: Informational
- Contract: Exceptions
- Function name: `_function_0xb34c3610`
- PC address: 531
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TEST_FILES>/exceptions.sol:7*
```
assert(i == 0)
```

@ -0,0 +1,52 @@
==== Exception state ====
Type: Informational
Contract: Exceptions
Function name: _function_0x546455b5
PC address: 446
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
--------------------
In file: <TEST_FILES>/exceptions.sol:16
assert(input != 23)
--------------------
==== Exception state ====
Type: Informational
Contract: Exceptions
Function name: _function_0x92dd38ea
PC address: 484
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
--------------------
In file: <TEST_FILES>/exceptions.sol:34
myarray[index]
--------------------
==== Exception state ====
Type: Informational
Contract: Exceptions
Function name: _function_0xa08299f1
PC address: 506
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
--------------------
In file: <TEST_FILES>/exceptions.sol:24
1/input
--------------------
==== Exception state ====
Type: Informational
Contract: Exceptions
Function name: _function_0xb34c3610
PC address: 531
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
--------------------
In file: <TEST_FILES>/exceptions.sol:7
assert(i == 0)
--------------------

@ -0,0 +1 @@
{"success": true, "error": null, "issues": []}

@ -0,0 +1 @@
# Analysis Results

@ -0,0 +1 @@
{"success": true, "error": null, "issues": [{"title": "Ether send", "description": "In the function 'transfer()' a non-zero amount of Ether is sent to msg.sender.\nIt seems that this function can be called without restrictions.", "function": "transfer()", "type": "Warning", "address": 142, "debug": "SOLVER OUTPUT:\ncalldata_Transfer2_0: 0x8a4068dd00000000000000000000000000000000000000000000000000000000\ncalldatasize_Transfer2: 0x4\ncallvalue: 0x0\n", "filename": "<TEST_FILES>/multi_contracts.sol", "lineno": 14, "code": "msg.sender.transfer(2 ether)"}]}

@ -0,0 +1,16 @@
# Analysis Results
## Ether send
- Type: Warning
- Contract: Transfer2
- Function name: `transfer()`
- PC address: 142
### Description
In the function 'transfer()' a non-zero amount of Ether is sent to msg.sender.
It seems that this function can be called without restrictions.
In *<TEST_FILES>/multi_contracts.sol:14*
```
msg.sender.transfer(2 ether)
```

@ -0,0 +1,14 @@
==== Ether send ====
Type: Warning
Contract: Transfer2
Function name: transfer()
PC address: 142
In the function 'transfer()' a non-zero amount of Ether is sent to msg.sender.
It seems that this function can be called without restrictions.
--------------------
In file: <TEST_FILES>/multi_contracts.sol:14
msg.sender.transfer(2 ether)
--------------------

@ -0,0 +1 @@
{"success": true, "error": null, "issues": [{"title": "Use of tx.origin", "description": "Function transferOwnership(address) retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use tx.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin", "function": "transferOwnership(address)", "type": "Warning", "address": 317, "debug": "", "filename": "<TEST_FILES>/origin.sol", "lineno": 18, "code": "tx.origin"}]}

@ -0,0 +1,16 @@
# Analysis Results
## Use of tx.origin
- Type: Warning
- Contract: Origin
- Function name: `transferOwnership(address)`
- PC address: 317
### Description
Function transferOwnership(address) retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use tx.sender instead.
See also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin
In *<TEST_FILES>/origin.sol:18*
```
tx.origin
```

@ -0,0 +1,14 @@
==== Use of tx.origin ====
Type: Warning
Contract: Origin
Function name: transferOwnership(address)
PC address: 317
Function transferOwnership(address) retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use tx.sender instead.
See also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin
--------------------
In file: <TEST_FILES>/origin.sol:18
tx.origin
--------------------

@ -0,0 +1 @@
{"success": true, "error": null, "issues": [{"title": "Message call to external contract", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0x633ab5e0", "type": "Informational", "address": 196, "debug": "", "filename": "<TEST_FILES>/returnvalue.sol", "lineno": 10, "code": "callee.call()"}, {"title": "Message call to external contract", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0xe3bea282", "type": "Informational", "address": 285, "debug": "", "filename": "<TEST_FILES>/returnvalue.sol", "lineno": 6, "code": "callee.call()"}, {"title": "Unchecked CALL return value", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe3bea282", "type": "Informational", "address": 285, "debug": "", "filename": "<TEST_FILES>/returnvalue.sol", "lineno": 6, "code": "callee.call()"}]}

@ -0,0 +1,43 @@
# Analysis Results
## Message call to external contract
- Type: Informational
- Contract: ReturnValue
- Function name: `_function_0x633ab5e0`
- PC address: 196
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
In *<TEST_FILES>/returnvalue.sol:10*
```
callee.call()
```
## Message call to external contract
- Type: Informational
- Contract: ReturnValue
- Function name: `_function_0xe3bea282`
- PC address: 285
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
In *<TEST_FILES>/returnvalue.sol:6*
```
callee.call()
```
## Unchecked CALL return value
- Type: Informational
- Contract: ReturnValue
- Function name: `_function_0xe3bea282`
- PC address: 285
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TEST_FILES>/returnvalue.sol:6*
```
callee.call()
```

@ -0,0 +1,39 @@
==== Message call to external contract ====
Type: Informational
Contract: ReturnValue
Function name: _function_0x633ab5e0
PC address: 196
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
--------------------
In file: <TEST_FILES>/returnvalue.sol:10
callee.call()
--------------------
==== Message call to external contract ====
Type: Informational
Contract: ReturnValue
Function name: _function_0xe3bea282
PC address: 285
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
--------------------
In file: <TEST_FILES>/returnvalue.sol:6
callee.call()
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: ReturnValue
Function name: _function_0xe3bea282
PC address: 285
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
In file: <TEST_FILES>/returnvalue.sol:6
callee.call()
--------------------

File diff suppressed because one or more lines are too long

@ -0,0 +1,120 @@
# Analysis Results
## Ether send
- Type: Warning
- Contract: Rubixi
- Function name: `collectPercentOfFees(uint256)`
- PC address: 1599
### Description
In the function 'collectPercentOfFees(uint256)' a non-zero amount of Ether is sent to an address taken from storage slot 5There is a check on storage index 5. This storage slot can be written to by calling the function 'DynamicPyramid()'.
There is a check on storage index 6. This storage slot can be written to by calling the function 'DynamicPyramid()'.
There is a check on storage index 7. This storage slot can be written to by calling the function 'fallback'.
In *<TEST_FILES>/rubixi.sol:93*
```
creator.send(feesToCollect)
```
## Ether send
- Type: Warning
- Contract: Rubixi
- Function name: `collectAllFees()`
- PC address: 1940
### Description
In the function 'collectAllFees()' a non-zero amount of Ether is sent to an address taken from storage slot 5There is a check on storage index 5. This storage slot can be written to by calling the function 'DynamicPyramid()'.
There is a check on storage index 9. This storage slot can be written to by calling the function 'DynamicPyramid()'.
There is a check on storage index 10. This storage slot can be written to by calling the function 'fallback'.
In *<TEST_FILES>/rubixi.sol:75*
```
creator.send(collectedFees)
```
## Exception state
- Type: Informational
- Contract: Rubixi
- Function name: `nextPayoutWhenPyramidBalanceTotalsApproximately()`
- PC address: 1653
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TEST_FILES>/rubixi.sol:131*
```
participants[payoutOrder]
```
## Exception state
- Type: Informational
- Contract: Rubixi
- Function name: `participantDetails(uint256)`
- PC address: 2085
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TEST_FILES>/rubixi.sol:148*
```
participants[orderInPyramid]
```
## Integer Underflow
- Type: Warning
- Contract: Rubixi
- Function name: `numberOfParticipantsWaitingForPayout()`
- PC address: 2743
### Description
A possible integer underflow exists in the function numberOfParticipantsWaitingForPayout().
The substraction may result in a value < 0.
In *<TEST_FILES>/rubixi.sol:143*
```
participants.length - payoutOrder
```
## Unchecked CALL return value
- Type: Informational
- Contract: Rubixi
- Function name: `collectPercentOfFees(uint256)`
- PC address: 1599
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TEST_FILES>/rubixi.sol:93*
```
creator.send(feesToCollect)
```
## Unchecked CALL return value
- Type: Informational
- Contract: Rubixi
- Function name: `collectFeesInEther(uint256)`
- PC address: 1940
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TEST_FILES>/rubixi.sol:75*
```
creator.send(collectedFees)
```
## Unchecked CALL return value
- Type: Informational
- Contract: Rubixi
- Function name: `collectFeesInEther(uint256)`
- PC address: 2582
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TEST_FILES>/rubixi.sol:85*
```
creator.send(_amt)
```

@ -0,0 +1,111 @@
==== Ether send ====
Type: Warning
Contract: Rubixi
Function name: collectPercentOfFees(uint256)
PC address: 1599
In the function 'collectPercentOfFees(uint256)' a non-zero amount of Ether is sent to an address taken from storage slot 5There is a check on storage index 5. This storage slot can be written to by calling the function 'DynamicPyramid()'.
There is a check on storage index 6. This storage slot can be written to by calling the function 'DynamicPyramid()'.
There is a check on storage index 7. This storage slot can be written to by calling the function 'fallback'.
--------------------
In file: <TEST_FILES>/rubixi.sol:93
creator.send(feesToCollect)
--------------------
==== Ether send ====
Type: Warning
Contract: Rubixi
Function name: collectAllFees()
PC address: 1940
In the function 'collectAllFees()' a non-zero amount of Ether is sent to an address taken from storage slot 5There is a check on storage index 5. This storage slot can be written to by calling the function 'DynamicPyramid()'.
There is a check on storage index 9. This storage slot can be written to by calling the function 'DynamicPyramid()'.
There is a check on storage index 10. This storage slot can be written to by calling the function 'fallback'.
--------------------
In file: <TEST_FILES>/rubixi.sol:75
creator.send(collectedFees)
--------------------
==== Exception state ====
Type: Informational
Contract: Rubixi
Function name: nextPayoutWhenPyramidBalanceTotalsApproximately()
PC address: 1653
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
--------------------
In file: <TEST_FILES>/rubixi.sol:131
participants[payoutOrder]
--------------------
==== Exception state ====
Type: Informational
Contract: Rubixi
Function name: participantDetails(uint256)
PC address: 2085
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
--------------------
In file: <TEST_FILES>/rubixi.sol:148
participants[orderInPyramid]
--------------------
==== Integer Underflow ====
Type: Warning
Contract: Rubixi
Function name: numberOfParticipantsWaitingForPayout()
PC address: 2743
A possible integer underflow exists in the function numberOfParticipantsWaitingForPayout().
The substraction may result in a value < 0.
--------------------
In file: <TEST_FILES>/rubixi.sol:143
participants.length - payoutOrder
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Rubixi
Function name: collectPercentOfFees(uint256)
PC address: 1599
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
In file: <TEST_FILES>/rubixi.sol:93
creator.send(feesToCollect)
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Rubixi
Function name: collectFeesInEther(uint256)
PC address: 1940
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
In file: <TEST_FILES>/rubixi.sol:75
creator.send(collectedFees)
--------------------
==== Unchecked CALL return value ====
Type: Informational
Contract: Rubixi
Function name: collectFeesInEther(uint256)
PC address: 2582
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
In file: <TEST_FILES>/rubixi.sol:85
creator.send(_amt)
--------------------

@ -0,0 +1 @@
{"success": true, "error": null, "issues": [{"title": "Unchecked SUICIDE", "description": "The function _function_0xcbf0b0c0 executes the SUICIDE instruction. The remaining Ether is sent to an address provided as a function argument.\n\nIt seems that this function can be called without restrictions.", "function": "_function_0xcbf0b0c0", "type": "Warning", "address": 146, "debug": "SOLVER OUTPUT:\ncalldata_Suicide_0: 0xcbf0b0c000000000000000000000000000000000000000000000000000000000\ncalldatasize_Suicide: 0x4\ncallvalue: 0x0\n", "filename": "<TEST_FILES>/suicide.sol", "lineno": 4, "code": "selfdestruct(addr)"}]}

@ -0,0 +1,17 @@
# Analysis Results
## Unchecked SUICIDE
- Type: Warning
- Contract: Suicide
- Function name: `_function_0xcbf0b0c0`
- PC address: 146
### Description
The function _function_0xcbf0b0c0 executes the SUICIDE instruction. The remaining Ether is sent to an address provided as a function argument.
It seems that this function can be called without restrictions.
In *<TEST_FILES>/suicide.sol:4*
```
selfdestruct(addr)
```

@ -0,0 +1,15 @@
==== Unchecked SUICIDE ====
Type: Warning
Contract: Suicide
Function name: _function_0xcbf0b0c0
PC address: 146
The function _function_0xcbf0b0c0 executes the SUICIDE instruction. The remaining Ether is sent to an address provided as a function argument.
It seems that this function can be called without restrictions.
--------------------
In file: <TEST_FILES>/suicide.sol:4
selfdestruct(addr)
--------------------

@ -0,0 +1 @@
{"success": true, "error": null, "issues": [{"title": "Integer Underflow", "description": "A possible integer underflow exists in the function sendeth(address,uint256).\nThe substraction may result in a value < 0.", "function": "sendeth(address,uint256)", "type": "Warning", "address": 649, "debug": "storage_keccac_1461501637330902918203684832716283019655932542975_&\n1461501637330902918203684832716283019655932542975_&\ncaller: 0x0\ncalldata_Under_32 + 4: 0x1\ncalldata_Under_0: 0xa3210e8700000000000000000000000000000000000000000000000000000000\ncalldatasize_Under: 0x4\ncallvalue: 0x0\n", "filename": "<TEST_FILES>/underflow.sol", "lineno": 12, "code": "balances[msg.sender] -= _value"}, {"title": "Integer Underflow", "description": "A possible integer underflow exists in the function sendeth(address,uint256).\nThe substraction may result in a value < 0.", "function": "sendeth(address,uint256)", "type": "Warning", "address": 567, "debug": "storage_keccac_1461501637330902918203684832716283019655932542975_&\n1461501637330902918203684832716283019655932542975_&\ncaller: 0x0\ncalldata_Under_32 + 4: 0x1\ncalldata_Under_0: 0xa3210e8700000000000000000000000000000000000000000000000000000000\ncalldatasize_Under: 0x4\ncallvalue: 0x0\n", "filename": "<TEST_FILES>/underflow.sol", "lineno": 11, "code": "balances[msg.sender] - _value"}]}

@ -0,0 +1,31 @@
# Analysis Results
## Integer Underflow
- Type: Warning
- Contract: Under
- Function name: `sendeth(address,uint256)`
- PC address: 649
### Description
A possible integer underflow exists in the function sendeth(address,uint256).
The substraction may result in a value < 0.
In *<TEST_FILES>/underflow.sol:12*
```
balances[msg.sender] -= _value
```
## Integer Underflow
- Type: Warning
- Contract: Under
- Function name: `sendeth(address,uint256)`
- PC address: 567
### Description
A possible integer underflow exists in the function sendeth(address,uint256).
The substraction may result in a value < 0.
In *<TEST_FILES>/underflow.sol:11*
```
balances[msg.sender] - _value
```

@ -0,0 +1,28 @@
==== Integer Underflow ====
Type: Warning
Contract: Under
Function name: sendeth(address,uint256)
PC address: 649
A possible integer underflow exists in the function sendeth(address,uint256).
The substraction may result in a value < 0.
--------------------
In file: <TEST_FILES>/underflow.sol:12
balances[msg.sender] -= _value
--------------------
==== Integer Underflow ====
Type: Warning
Contract: Under
Function name: sendeth(address,uint256)
PC address: 567
A possible integer underflow exists in the function sendeth(address,uint256).
The substraction may result in a value < 0.
--------------------
In file: <TEST_FILES>/underflow.sol:11
balances[msg.sender] - _value
--------------------

@ -0,0 +1 @@
{"success": true, "error": null, "issues": [{"title": "Dependence on predictable environment variable", "description": "In the function '_function_0xe9874106' the following predictable state variables are used to determine Ether recipient:\n- block.coinbase\n", "function": "_function_0xe9874106", "type": "Warning", "address": 1285, "debug": "", "filename": "<TEST_FILES>/weak_random.sol", "lineno": 47, "code": "winningAddress.transfer(prize)"}, {"title": "Ether send", "description": "In the function '_function_0xe9874106' a non-zero amount of Ether is sent to an address taken from storage slot 0There is a check on storage index 0. This storage slot can be written to by calling the function 'fallback'.\n\nThere is a check on storage index 10. This storage slot can be written to by calling the function 'fallback'.\nThere is a check on storage index 11. This storage slot can be written to by calling the function 'fallback'.", "function": "_function_0xe9874106", "type": "Warning", "address": 1285, "debug": "SOLVER OUTPUT:\ncallvalue: 0xb1a2bc2ec50000\ncalldata_WeakRandom_0: 0x6d3b4c700000000000000000000000000000000000000000000000000000000\ncalldatasize_WeakRandom: 0x4\nstorage_1: 0x32\n", "filename": "<TEST_FILES>/weak_random.sol", "lineno": 47, "code": "winningAddress.transfer(prize)"}, {"title": "Exception state", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking. ", "function": "fallback", "type": "Informational", "address": 356, "debug": "The exception is triggered under the following conditions:\n\ncallvalue: 0x215c4a82f200000\nstorage_1: 0x31\ncalldatasize_WeakRandom: 0x3\n", "filename": "<TEST_FILES>/weak_random.sol", "lineno": 11, "code": "prize / totalTickets"}, {"title": "Exception state", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking. ", "function": "_function_0xe9874106", "type": "Informational", "address": 146, "debug": "The exception is triggered under the following conditions:\n\ncallvalue: 0x2000000000000000000000000000000000000000000000068805cbe800000\nstorage_1: 0x31\ncalldata_WeakRandom_0: 0x600000000000000000000000000000000000000000000000000000000\ncalldatasize_WeakRandom: 0x4\n", "filename": "<TEST_FILES>/weak_random.sol", "lineno": 11, "code": "prize / totalTickets"}]}

@ -0,0 +1,62 @@
# Analysis Results
## Dependence on predictable environment variable
- Type: Warning
- Contract: WeakRandom
- Function name: `_function_0xe9874106`
- PC address: 1285
### Description
In the function '_function_0xe9874106' the following predictable state variables are used to determine Ether recipient:
- block.coinbase
In *<TEST_FILES>/weak_random.sol:47*
```
winningAddress.transfer(prize)
```
## Ether send
- Type: Warning
- Contract: WeakRandom
- Function name: `_function_0xe9874106`
- PC address: 1285
### Description
In the function '_function_0xe9874106' a non-zero amount of Ether is sent to an address taken from storage slot 0There is a check on storage index 0. This storage slot can be written to by calling the function 'fallback'.
There is a check on storage index 10. This storage slot can be written to by calling the function 'fallback'.
There is a check on storage index 11. This storage slot can be written to by calling the function 'fallback'.
In *<TEST_FILES>/weak_random.sol:47*
```
winningAddress.transfer(prize)
```
## Exception state
- Type: Informational
- Contract: WeakRandom
- Function name: `fallback`
- PC address: 356
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TEST_FILES>/weak_random.sol:11*
```
prize / totalTickets
```
## Exception state
- Type: Informational
- Contract: WeakRandom
- Function name: `_function_0xe9874106`
- PC address: 146
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TEST_FILES>/weak_random.sol:11*
```
prize / totalTickets
```

@ -0,0 +1,57 @@
==== Dependence on predictable environment variable ====
Type: Warning
Contract: WeakRandom
Function name: _function_0xe9874106
PC address: 1285
In the function '_function_0xe9874106' the following predictable state variables are used to determine Ether recipient:
- block.coinbase
--------------------
In file: <TEST_FILES>/weak_random.sol:47
winningAddress.transfer(prize)
--------------------
==== Ether send ====
Type: Warning
Contract: WeakRandom
Function name: _function_0xe9874106
PC address: 1285
In the function '_function_0xe9874106' a non-zero amount of Ether is sent to an address taken from storage slot 0There is a check on storage index 0. This storage slot can be written to by calling the function 'fallback'.
There is a check on storage index 10. This storage slot can be written to by calling the function 'fallback'.
There is a check on storage index 11. This storage slot can be written to by calling the function 'fallback'.
--------------------
In file: <TEST_FILES>/weak_random.sol:47
winningAddress.transfer(prize)
--------------------
==== Exception state ====
Type: Informational
Contract: WeakRandom
Function name: fallback
PC address: 356
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
--------------------
In file: <TEST_FILES>/weak_random.sol:11
prize / totalTickets
--------------------
==== Exception state ====
Type: Informational
Contract: WeakRandom
Function name: _function_0xe9874106
PC address: 146
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
--------------------
In file: <TEST_FILES>/weak_random.sol:11
prize / totalTickets
--------------------
Loading…
Cancel
Save