Merge pull request #629 from ConsenSys/enhancement/628

Change the issue description
pull/638/head
Bernhard Mueller 6 years ago committed by GitHub
commit 22954508f0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 8
      mythril/analysis/modules/ether_send.py
  2. 3
      mythril/analysis/modules/exceptions.py
  3. 12
      mythril/analysis/modules/integer.py
  4. 2
      mythril/analysis/modules/multiple_sends.py
  5. 5
      mythril/analysis/modules/suicide.py
  6. 6
      mythril/analysis/modules/transaction_order_dependence.py
  7. 3
      tests/cmd_line_test.py
  8. 10
      tests/testdata/outputs_expected/calls.sol.o.graph.html
  9. 2
      tests/testdata/outputs_expected/calls.sol.o.json
  10. 2
      tests/testdata/outputs_expected/calls.sol.o.markdown
  11. 2
      tests/testdata/outputs_expected/calls.sol.o.text
  12. 10
      tests/testdata/outputs_expected/environments.sol.o.graph.html
  13. 2
      tests/testdata/outputs_expected/environments.sol.o.json
  14. 9
      tests/testdata/outputs_expected/environments.sol.o.markdown
  15. 12
      tests/testdata/outputs_expected/environments.sol.o.text
  16. 10
      tests/testdata/outputs_expected/ether_send.sol.o.graph.html
  17. 2
      tests/testdata/outputs_expected/ether_send.sol.o.json
  18. 5
      tests/testdata/outputs_expected/ether_send.sol.o.markdown
  19. 6
      tests/testdata/outputs_expected/ether_send.sol.o.text
  20. 10
      tests/testdata/outputs_expected/exceptions.sol.o.graph.html
  21. 2
      tests/testdata/outputs_expected/exceptions.sol.o.json
  22. 8
      tests/testdata/outputs_expected/exceptions.sol.o.markdown
  23. 8
      tests/testdata/outputs_expected/exceptions.sol.o.text
  24. 10
      tests/testdata/outputs_expected/kinds_of_calls.sol.o.graph.html
  25. 10
      tests/testdata/outputs_expected/metacoin.sol.o.graph.html
  26. 10
      tests/testdata/outputs_expected/multi_contracts.sol.o.graph.html
  27. 2
      tests/testdata/outputs_expected/multi_contracts.sol.o.json
  28. 2
      tests/testdata/outputs_expected/multi_contracts.sol.o.markdown
  29. 2
      tests/testdata/outputs_expected/multi_contracts.sol.o.text
  30. 10
      tests/testdata/outputs_expected/nonascii.sol.o.graph.html
  31. 10
      tests/testdata/outputs_expected/origin.sol.o.graph.html
  32. 2
      tests/testdata/outputs_expected/origin.sol.o.json
  33. 400
      tests/testdata/outputs_expected/outputs_current/calls.sol.o.easm
  34. 62
      tests/testdata/outputs_expected/outputs_current/calls.sol.o.graph.html
  35. 1
      tests/testdata/outputs_expected/outputs_current/calls.sol.o.json
  36. 111
      tests/testdata/outputs_expected/outputs_current/calls.sol.o.markdown
  37. 90
      tests/testdata/outputs_expected/outputs_current/calls.sol.o.text
  38. 259
      tests/testdata/outputs_expected/outputs_current/environments.sol.o.easm
  39. 62
      tests/testdata/outputs_expected/outputs_current/environments.sol.o.graph.html
  40. 1
      tests/testdata/outputs_expected/outputs_current/environments.sol.o.json
  41. 34
      tests/testdata/outputs_expected/outputs_current/environments.sol.o.markdown
  42. 30
      tests/testdata/outputs_expected/outputs_current/environments.sol.o.text
  43. 420
      tests/testdata/outputs_expected/outputs_current/ether_send.sol.o.easm
  44. 62
      tests/testdata/outputs_expected/outputs_current/ether_send.sol.o.graph.html
  45. 1
      tests/testdata/outputs_expected/outputs_current/ether_send.sol.o.json
  46. 25
      tests/testdata/outputs_expected/outputs_current/ether_send.sol.o.markdown
  47. 21
      tests/testdata/outputs_expected/outputs_current/ether_send.sol.o.text
  48. 392
      tests/testdata/outputs_expected/outputs_current/exceptions.sol.o.easm
  49. 62
      tests/testdata/outputs_expected/outputs_current/exceptions.sol.o.graph.html
  50. 1
      tests/testdata/outputs_expected/outputs_current/exceptions.sol.o.json
  51. 45
      tests/testdata/outputs_expected/outputs_current/exceptions.sol.o.markdown
  52. 36
      tests/testdata/outputs_expected/outputs_current/exceptions.sol.o.text
  53. 435
      tests/testdata/outputs_expected/outputs_current/kinds_of_calls.sol.o.easm
  54. 62
      tests/testdata/outputs_expected/outputs_current/kinds_of_calls.sol.o.graph.html
  55. 1
      tests/testdata/outputs_expected/outputs_current/kinds_of_calls.sol.o.json
  56. 45
      tests/testdata/outputs_expected/outputs_current/kinds_of_calls.sol.o.markdown
  57. 36
      tests/testdata/outputs_expected/outputs_current/kinds_of_calls.sol.o.text
  58. 253
      tests/testdata/outputs_expected/outputs_current/metacoin.sol.o.easm
  59. 62
      tests/testdata/outputs_expected/outputs_current/metacoin.sol.o.graph.html
  60. 1
      tests/testdata/outputs_expected/outputs_current/metacoin.sol.o.json
  61. 3
      tests/testdata/outputs_expected/outputs_current/metacoin.sol.o.markdown
  62. 1
      tests/testdata/outputs_expected/outputs_current/metacoin.sol.o.text
  63. 77
      tests/testdata/outputs_expected/outputs_current/multi_contracts.sol.o.easm
  64. 62
      tests/testdata/outputs_expected/outputs_current/multi_contracts.sol.o.graph.html
  65. 1
      tests/testdata/outputs_expected/outputs_current/multi_contracts.sol.o.json
  66. 13
      tests/testdata/outputs_expected/outputs_current/multi_contracts.sol.o.markdown
  67. 10
      tests/testdata/outputs_expected/outputs_current/multi_contracts.sol.o.text
  68. 167
      tests/testdata/outputs_expected/outputs_current/nonascii.sol.o.easm
  69. 62
      tests/testdata/outputs_expected/outputs_current/nonascii.sol.o.graph.html
  70. 1
      tests/testdata/outputs_expected/outputs_current/nonascii.sol.o.json
  71. 3
      tests/testdata/outputs_expected/outputs_current/nonascii.sol.o.markdown
  72. 1
      tests/testdata/outputs_expected/outputs_current/nonascii.sol.o.text
  73. 168
      tests/testdata/outputs_expected/outputs_current/origin.sol.o.easm
  74. 62
      tests/testdata/outputs_expected/outputs_current/origin.sol.o.graph.html
  75. 1
      tests/testdata/outputs_expected/outputs_current/origin.sol.o.json
  76. 13
      tests/testdata/outputs_expected/outputs_current/origin.sol.o.markdown
  77. 10
      tests/testdata/outputs_expected/outputs_current/origin.sol.o.text
  78. 388
      tests/testdata/outputs_expected/outputs_current/overflow.sol.o.easm
  79. 62
      tests/testdata/outputs_expected/outputs_current/overflow.sol.o.graph.html
  80. 1
      tests/testdata/outputs_expected/outputs_current/overflow.sol.o.json
  81. 34
      tests/testdata/outputs_expected/outputs_current/overflow.sol.o.markdown
  82. 30
      tests/testdata/outputs_expected/outputs_current/overflow.sol.o.text
  83. 129
      tests/testdata/outputs_expected/outputs_current/returnvalue.sol.o.easm
  84. 62
      tests/testdata/outputs_expected/outputs_current/returnvalue.sol.o.graph.html
  85. 1
      tests/testdata/outputs_expected/outputs_current/returnvalue.sol.o.json
  86. 34
      tests/testdata/outputs_expected/outputs_current/returnvalue.sol.o.markdown
  87. 27
      tests/testdata/outputs_expected/outputs_current/returnvalue.sol.o.text
  88. 58
      tests/testdata/outputs_expected/outputs_current/suicide.sol.o.easm
  89. 62
      tests/testdata/outputs_expected/outputs_current/suicide.sol.o.graph.html
  90. 1
      tests/testdata/outputs_expected/outputs_current/suicide.sol.o.json
  91. 12
      tests/testdata/outputs_expected/outputs_current/suicide.sol.o.markdown
  92. 10
      tests/testdata/outputs_expected/outputs_current/suicide.sol.o.text
  93. 365
      tests/testdata/outputs_expected/outputs_current/underflow.sol.o.easm
  94. 62
      tests/testdata/outputs_expected/outputs_current/underflow.sol.o.graph.html
  95. 1
      tests/testdata/outputs_expected/outputs_current/underflow.sol.o.json
  96. 34
      tests/testdata/outputs_expected/outputs_current/underflow.sol.o.markdown
  97. 30
      tests/testdata/outputs_expected/outputs_current/underflow.sol.o.text
  98. 10
      tests/testdata/outputs_expected/overflow.sol.o.graph.html
  99. 2
      tests/testdata/outputs_expected/overflow.sol.o.json
  100. 9
      tests/testdata/outputs_expected/overflow.sol.o.markdown
  101. Some files were not shown because too many files have changed in this diff Show More

@ -39,14 +39,14 @@ def execute(statespace):
interesting = False
description = "In the function `" + call.node.function_name + "` "
description = "A non-zero amount of Ether is sent to a user-supplied address."
if re.search(r"caller", str(call.to)):
description += "a non-zero amount of Ether is sent to msg.sender.\n"
description += " The target address is msg.sender.\n"
interesting = True
elif re.search(r"calldata", str(call.to)):
description += "a non-zero amount of Ether is sent to an address taken from function arguments.\n"
description += " The target address is taken from function arguments.\n"
interesting = True
else:
@ -56,7 +56,7 @@ def execute(statespace):
idx = m.group(1)
description += (
"a non-zero amount of Ether is sent to an address taken from storage slot "
" The target address is taken from storage slot "
+ str(idx)
+ ".\n"
)

@ -36,8 +36,7 @@ def execute(statespace):
"out-of-bounds array access, or assert violations. "
)
description += (
"This is acceptable in most situations. "
"Note however that `assert()` should only be used to check invariants. "
"Note that explicit `assert()` should only be used to check invariants. "
"Use `require()` for regular input checking. "
)

@ -99,12 +99,7 @@ def _check_integer_overflow(statespace, state, node):
_type="Warning",
)
issue.description = (
"A possible integer overflow exists in the function `{}`.\n"
"The addition or multiplication may result in a value higher than the maximum representable integer.".format(
node.function_name
)
)
issue.description = "The arithmetic operation can result in integer overflow.\n"
issue.debug = solver.pretty_print_model(model)
issues.append(issue)
@ -213,10 +208,7 @@ def _check_integer_underflow(statespace, state, node):
)
issue.description = (
"A possible integer underflow exists in the function `"
+ node.function_name
+ "`.\n"
"The subtraction may result in a value < 0."
"The substraction can result in an integer underflow.\n"
)
issue.debug = solver.pretty_print_model(model)

@ -33,7 +33,7 @@ def execute(statespace):
)
issue.description = (
"Multiple sends exist in one transaction. Try to isolate each external call into its own transaction,"
"Multiple sends are executed in a single transaction. Try to isolate each external call into its own transaction,"
" as external calls can fail accidentally or deliberately.\nConsecutive calls: \n"
)

@ -39,9 +39,8 @@ def _analyze_state(state, node):
to = state.mstate.stack[-1]
logging.debug("[UNCHECKED_SUICIDE] suicide in function " + node.function_name)
description = (
"The function `" + node.function_name + "` executes the SUICIDE instruction. "
)
description = "A reachable SUICIDE instruction was detected. "
if "caller" in str(to):
description += "The remaining Ether is sent to the caller's address.\n"

@ -43,10 +43,8 @@ def execute(statespace):
)
issue.description = (
"A possible transaction order dependence vulnerability exists in function {}. The value or "
"direction of the call statement is determined from a tainted storage location".format(
node.function_name
)
"Possible transaction order dependence vulnerability: The value or "
"direction of the call statement is determined from a tainted storage location"
)
issues.append(issue)

@ -26,7 +26,8 @@ class TruffleTestCase(BaseTestCase):
def test_analysis_truffle_project(self):
truffle_project_root = str(TESTS_DIR / "truffle_project")
command = "cd {}; truffle compile; python3 {} --truffle".format(truffle_project_root, MYTH)
self.assertIn("In the function `withdrawfunds()` a non-zero amount of Ether is sent to msg.sender.", output_of(command))
self.assertIn("A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender."
, output_of(command))
class InfuraTestCase(BaseTestCase):

File diff suppressed because one or more lines are too long

@ -1 +1 @@
{"error": null, "issues": [{"address": 661, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0x5a6814ec", "swc_id": "107", "title": "Message call to external contract", "type": "Informational"}, {"address": 666, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0x5a6814ec", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 779, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xd24b08cc", "swc_id": "107", "title": "Message call to external contract", "type": "Warning"}, {"address": 779, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible transaction order dependence vulnerability exists in function _function_0xd24b08cc. The value or direction of the call statement is determined from a tainted storage location", "function": "_function_0xd24b08cc", "swc_id": "114", "title": "Transaction order dependence", "type": "Warning"}, {"address": 784, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xd24b08cc", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 858, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0xe11f493e", "swc_id": "107", "title": "Message call to external contract", "type": "Informational"}, {"address": 869, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.", "function": "_function_0xe11f493e", "swc_id": "107", "title": "State change after external call", "type": "Warning"}, {"address": 871, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe11f493e", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 912, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xe1d10f79", "swc_id": "107", "title": "Message call to external contract", "type": "Warning"}, {"address": 918, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe1d10f79", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}], "success": true}
{"error": null, "issues": [{"address": 661, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0x5a6814ec", "swc_id": "107", "title": "Message call to external contract", "type": "Informational"}, {"address": 666, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0x5a6814ec", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 779, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xd24b08cc", "swc_id": "107", "title": "Message call to external contract", "type": "Warning"}, {"address": 779, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location", "function": "_function_0xd24b08cc", "swc_id": "114", "title": "Transaction order dependence", "type": "Warning"}, {"address": 784, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xd24b08cc", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 858, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0xe11f493e", "swc_id": "107", "title": "Message call to external contract", "type": "Informational"}, {"address": 869, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.", "function": "_function_0xe11f493e", "swc_id": "107", "title": "State change after external call", "type": "Warning"}, {"address": 871, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe11f493e", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 912, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xe1d10f79", "swc_id": "107", "title": "Message call to external contract", "type": "Warning"}, {"address": 918, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe1d10f79", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}], "success": true}

@ -42,7 +42,7 @@ This contract executes a message call to an address found at storage slot 1. Thi
### Description
A possible transaction order dependence vulnerability exists in function _function_0xd24b08cc. The value or direction of the call statement is determined from a tainted storage location
Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location
## Unchecked CALL return value
- SWC ID: 104

@ -31,7 +31,7 @@ Type: Warning
Contract: Unknown
Function name: _function_0xd24b08cc
PC address: 779
A possible transaction order dependence vulnerability exists in function _function_0xd24b08cc. The value or direction of the call statement is determined from a tainted storage location
Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location
--------------------
==== Unchecked CALL return value ====

File diff suppressed because one or more lines are too long

@ -1 +1 @@
{"error": null, "issues": [{"address": 158, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer overflow exists in the function `_function_0x83f12fec`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.", "function": "_function_0x83f12fec", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}, {"address": 278, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer overflow exists in the function `_function_0x83f12fec`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.", "function": "_function_0x83f12fec", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}, {"address": 378, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer underflow exists in the function `_function_0x83f12fec`.\nThe subtraction may result in a value < 0.", "function": "_function_0x83f12fec", "swc_id": "101", "title": "Integer Underflow", "type": "Warning"}], "success": true}
{"error": null, "issues": [{"address": 158, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The arithmetic operation can result in integer overflow.\n", "function": "_function_0x83f12fec", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}, {"address": 278, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The arithmetic operation can result in integer overflow.\n", "function": "_function_0x83f12fec", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}, {"address": 378, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The substraction can result in an integer underflow.\n", "function": "_function_0x83f12fec", "swc_id": "101", "title": "Integer Underflow", "type": "Warning"}], "success": true}

@ -9,8 +9,7 @@
### Description
A possible integer overflow exists in the function `_function_0x83f12fec`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The arithmetic operation can result in integer overflow.
## Integer Overflow
- SWC ID: 101
@ -21,8 +20,7 @@ The addition or multiplication may result in a value higher than the maximum rep
### Description
A possible integer overflow exists in the function `_function_0x83f12fec`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The arithmetic operation can result in integer overflow.
## Integer Underflow
- SWC ID: 101
@ -33,5 +31,4 @@ The addition or multiplication may result in a value higher than the maximum rep
### Description
A possible integer underflow exists in the function `_function_0x83f12fec`.
The subtraction may result in a value < 0.
The substraction can result in an integer underflow.

@ -4,8 +4,8 @@ Type: Warning
Contract: Unknown
Function name: _function_0x83f12fec
PC address: 158
A possible integer overflow exists in the function `_function_0x83f12fec`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The arithmetic operation can result in integer overflow.
--------------------
==== Integer Overflow ====
@ -14,8 +14,8 @@ Type: Warning
Contract: Unknown
Function name: _function_0x83f12fec
PC address: 278
A possible integer overflow exists in the function `_function_0x83f12fec`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The arithmetic operation can result in integer overflow.
--------------------
==== Integer Underflow ====
@ -24,7 +24,7 @@ Type: Warning
Contract: Unknown
Function name: _function_0x83f12fec
PC address: 378
A possible integer underflow exists in the function `_function_0x83f12fec`.
The subtraction may result in a value < 0.
The substraction can result in an integer underflow.
--------------------

File diff suppressed because one or more lines are too long

@ -1 +1 @@
{"error": null, "issues": [{"address": 722, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "In the function `withdrawfunds()` a non-zero amount of Ether is sent to msg.sender.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.", "function": "withdrawfunds()", "swc_id": "105", "title": "Ether send", "type": "Warning"}, {"address": 883, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer overflow exists in the function `invest()`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.", "function": "invest()", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}], "success": true}
{"error": null, "issues": [{"address": 722, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.", "function": "withdrawfunds()", "swc_id": "105", "title": "Ether send", "type": "Warning"}, {"address": 883, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The arithmetic operation can result in integer overflow.\n", "function": "invest()", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}], "success": true}

@ -9,7 +9,7 @@
### Description
In the function `withdrawfunds()` a non-zero amount of Ether is sent to msg.sender.
A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.
There is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.
@ -22,5 +22,4 @@ There is a check on storage index 1. This storage slot can be written to by call
### Description
A possible integer overflow exists in the function `invest()`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The arithmetic operation can result in integer overflow.

@ -4,7 +4,7 @@ Type: Warning
Contract: Unknown
Function name: withdrawfunds()
PC address: 722
In the function `withdrawfunds()` a non-zero amount of Ether is sent to msg.sender.
A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.
There is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.
--------------------
@ -15,7 +15,7 @@ Type: Warning
Contract: Unknown
Function name: invest()
PC address: 883
A possible integer overflow exists in the function `invest()`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The arithmetic operation can result in integer overflow.
--------------------

File diff suppressed because one or more lines are too long

@ -1 +1 @@
{"error": null, "issues": [{"address": 446, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0x546455b5", "swc_id": "110", "title": "Exception state", "type": "Informational"}, {"address": 484, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0x92dd38ea", "swc_id": "110", "title": "Exception state", "type": "Informational"}, {"address": 506, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0xa08299f1", "swc_id": "110", "title": "Exception state", "type": "Informational"}, {"address": 531, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0xb34c3610", "swc_id": "110", "title": "Exception state", "type": "Informational"}], "success": true}
{"error": null, "issues": [{"address": 446, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0x546455b5", "swc_id": "110", "title": "Exception state", "type": "Informational"}, {"address": 484, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0x92dd38ea", "swc_id": "110", "title": "Exception state", "type": "Informational"}, {"address": 506, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0xa08299f1", "swc_id": "110", "title": "Exception state", "type": "Informational"}, {"address": 531, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0xb34c3610", "swc_id": "110", "title": "Exception state", "type": "Informational"}], "success": true}

@ -9,7 +9,7 @@
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Exception state
- SWC ID: 110
@ -20,7 +20,7 @@ A reachable exception (opcode 0xfe) has been detected. This can be caused by typ
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Exception state
- SWC ID: 110
@ -31,7 +31,7 @@ A reachable exception (opcode 0xfe) has been detected. This can be caused by typ
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Exception state
- SWC ID: 110
@ -42,4 +42,4 @@ A reachable exception (opcode 0xfe) has been detected. This can be caused by typ
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.

@ -4,7 +4,7 @@ Type: Informational
Contract: Unknown
Function name: _function_0x546455b5
PC address: 446
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Exception state ====
@ -13,7 +13,7 @@ Type: Informational
Contract: Unknown
Function name: _function_0x92dd38ea
PC address: 484
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Exception state ====
@ -22,7 +22,7 @@ Type: Informational
Contract: Unknown
Function name: _function_0xa08299f1
PC address: 506
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Exception state ====
@ -31,6 +31,6 @@ Type: Informational
Contract: Unknown
Function name: _function_0xb34c3610
PC address: 531
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

@ -1 +1 @@
{"error": null, "issues": [{"address": 142, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "In the function `_function_0x8a4068dd` a non-zero amount of Ether is sent to msg.sender.\nIt seems that this function can be called without restrictions.", "function": "_function_0x8a4068dd", "swc_id": "105", "title": "Ether send", "type": "Warning"}], "success": true}
{"error": null, "issues": [{"address": 142, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.\nIt seems that this function can be called without restrictions.", "function": "_function_0x8a4068dd", "swc_id": "105", "title": "Ether send", "type": "Warning"}], "success": true}

@ -9,5 +9,5 @@
### Description
In the function `_function_0x8a4068dd` a non-zero amount of Ether is sent to msg.sender.
A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.
It seems that this function can be called without restrictions.

@ -4,7 +4,7 @@ Type: Warning
Contract: Unknown
Function name: _function_0x8a4068dd
PC address: 142
In the function `_function_0x8a4068dd` a non-zero amount of Ether is sent to msg.sender.
A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.
It seems that this function can be called without restrictions.
--------------------

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

@ -1 +1 @@
{"error": null, "issues": [{"address": 317, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The function `transferOwnership(address)` retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use msg.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin", "function": "transferOwnership(address)", "swc_id": "115", "title": "Use of tx.origin", "type": "Warning"}], "success": true}
{"error": null, "issues": [{"address": 317, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The function `transferOwnership(address)` retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use msg.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin", "function": "transferOwnership(address)", "swc_id": "115", "title": "Use of tx.origin", "type": "Warning"}], "success": true}

@ -0,0 +1,400 @@
0 PUSH1 0x60
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH2 0x0083
12 JUMPI
13 PUSH1 0x00
15 CALLDATALOAD
16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
46 SWAP1
47 DIV
48 PUSH4 0xffffffff
53 AND
54 DUP1
55 PUSH4 0x2776b163
60 EQ
61 PUSH2 0x0088
64 JUMPI
65 DUP1
66 PUSH4 0x379bf63c
71 EQ
72 PUSH2 0x00c1
75 JUMPI
76 DUP1
77 PUSH4 0x5a6814ec
82 EQ
83 PUSH2 0x0116
86 JUMPI
87 DUP1
88 PUSH4 0xb5d02c8a
93 EQ
94 PUSH2 0x012b
97 JUMPI
98 DUP1
99 PUSH4 0xd24b08cc
104 EQ
105 PUSH2 0x0180
108 JUMPI
109 DUP1
110 PUSH4 0xe11f493e
115 EQ
116 PUSH2 0x0195
119 JUMPI
120 DUP1
121 PUSH4 0xe1d10f79
126 EQ
127 PUSH2 0x01aa
130 JUMPI
131 JUMPDEST
132 PUSH1 0x00
134 DUP1
135 REVERT
136 JUMPDEST
137 CALLVALUE
138 ISZERO
139 PUSH2 0x0093
142 JUMPI
143 PUSH1 0x00
145 DUP1
146 REVERT
147 JUMPDEST
148 PUSH2 0x00bf
151 PUSH1 0x04
153 DUP1
154 DUP1
155 CALLDATALOAD
156 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
177 AND
178 SWAP1
179 PUSH1 0x20
181 ADD
182 SWAP1
183 SWAP2
184 SWAP1
185 POP
186 POP
187 PUSH2 0x01e3
190 JUMP
191 JUMPDEST
192 STOP
193 JUMPDEST
194 CALLVALUE
195 ISZERO
196 PUSH2 0x00cc
199 JUMPI
200 PUSH1 0x00
202 DUP1
203 REVERT
204 JUMPDEST
205 PUSH2 0x00d4
208 PUSH2 0x0227
211 JUMP
212 JUMPDEST
213 PUSH1 0x40
215 MLOAD
216 DUP1
217 DUP3
218 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
239 AND
240 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
261 AND
262 DUP2
263 MSTORE
264 PUSH1 0x20
266 ADD
267 SWAP2
268 POP
269 POP
270 PUSH1 0x40
272 MLOAD
273 DUP1
274 SWAP2
275 SUB
276 SWAP1
277 RETURN
278 JUMPDEST
279 CALLVALUE
280 ISZERO
281 PUSH2 0x0121
284 JUMPI
285 PUSH1 0x00
287 DUP1
288 REVERT
289 JUMPDEST
290 PUSH2 0x0129
293 PUSH2 0x024c
296 JUMP
297 JUMPDEST
298 STOP
299 JUMPDEST
300 CALLVALUE
301 ISZERO
302 PUSH2 0x0136
305 JUMPI
306 PUSH1 0x00
308 DUP1
309 REVERT
310 JUMPDEST
311 PUSH2 0x013e
314 PUSH2 0x029b
317 JUMP
318 JUMPDEST
319 PUSH1 0x40
321 MLOAD
322 DUP1
323 DUP3
324 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
345 AND
346 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
367 AND
368 DUP2
369 MSTORE
370 PUSH1 0x20
372 ADD
373 SWAP2
374 POP
375 POP
376 PUSH1 0x40
378 MLOAD
379 DUP1
380 SWAP2
381 SUB
382 SWAP1
383 RETURN
384 JUMPDEST
385 CALLVALUE
386 ISZERO
387 PUSH2 0x018b
390 JUMPI
391 PUSH1 0x00
393 DUP1
394 REVERT
395 JUMPDEST
396 PUSH2 0x0193
399 PUSH2 0x02c1
402 JUMP
403 JUMPDEST
404 STOP
405 JUMPDEST
406 CALLVALUE
407 ISZERO
408 PUSH2 0x01a0
411 JUMPI
412 PUSH1 0x00
414 DUP1
415 REVERT
416 JUMPDEST
417 PUSH2 0x01a8
420 PUSH2 0x0311
423 JUMP
424 JUMPDEST
425 STOP
426 JUMPDEST
427 CALLVALUE
428 ISZERO
429 PUSH2 0x01b5
432 JUMPI
433 PUSH1 0x00
435 DUP1
436 REVERT
437 JUMPDEST
438 PUSH2 0x01e1
441 PUSH1 0x04
443 DUP1
444 DUP1
445 CALLDATALOAD
446 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
467 AND
468 SWAP1
469 PUSH1 0x20
471 ADD
472 SWAP1
473 SWAP2
474 SWAP1
475 POP
476 POP
477 PUSH2 0x0368
480 JUMP
481 JUMPDEST
482 STOP
483 JUMPDEST
484 DUP1
485 PUSH1 0x01
487 PUSH1 0x00
489 PUSH2 0x0100
492 EXP
493 DUP2
494 SLOAD
495 DUP2
496 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
517 MUL
518 NOT
519 AND
520 SWAP1
521 DUP4
522 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
543 AND
544 MUL
545 OR
546 SWAP1
547 SSTORE
548 POP
549 POP
550 JUMP
551 JUMPDEST
552 PUSH1 0x00
554 DUP1
555 SWAP1
556 SLOAD
557 SWAP1
558 PUSH2 0x0100
561 EXP
562 SWAP1
563 DIV
564 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
585 AND
586 DUP2
587 JUMP
588 JUMPDEST
589 PUSH1 0x00
591 DUP1
592 SWAP1
593 SLOAD
594 SWAP1
595 PUSH2 0x0100
598 EXP
599 SWAP1
600 DIV
601 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
622 AND
623 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
644 AND
645 PUSH1 0x40
647 MLOAD
648 PUSH1 0x00
650 PUSH1 0x40
652 MLOAD
653 DUP1
654 DUP4
655 SUB
656 DUP2
657 PUSH1 0x00
659 DUP7
660 GAS
661 CALL
662 SWAP2
663 POP
664 POP
665 POP
666 JUMP
667 JUMPDEST
668 PUSH1 0x01
670 PUSH1 0x00
672 SWAP1
673 SLOAD
674 SWAP1
675 PUSH2 0x0100
678 EXP
679 SWAP1
680 DIV
681 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
702 AND
703 DUP2
704 JUMP
705 JUMPDEST
706 PUSH1 0x01
708 PUSH1 0x00
710 SWAP1
711 SLOAD
712 SWAP1
713 PUSH2 0x0100
716 EXP
717 SWAP1
718 DIV
719 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
740 AND
741 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
762 AND
763 PUSH1 0x40
765 MLOAD
766 PUSH1 0x00
768 PUSH1 0x40
770 MLOAD
771 DUP1
772 DUP4
773 SUB
774 DUP2
775 PUSH1 0x00
777 DUP7
778 GAS
779 CALL
780 SWAP2
781 POP
782 POP
783 POP
784 JUMP
785 JUMPDEST
786 PUSH1 0x00
788 DUP1
789 SWAP1
790 SLOAD
791 SWAP1
792 PUSH2 0x0100
795 EXP
796 SWAP1
797 DIV
798 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
819 AND
820 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
841 AND
842 PUSH1 0x40
844 MLOAD
845 PUSH1 0x00
847 PUSH1 0x40
849 MLOAD
850 DUP1
851 DUP4
852 SUB
853 DUP2
854 PUSH1 0x00
856 DUP7
857 GAS
858 CALL
859 SWAP2
860 POP
861 POP
862 POP
863 PUSH1 0x00
865 PUSH1 0x02
867 DUP2
868 SWAP1
869 SSTORE
870 POP
871 JUMP
872 JUMPDEST
873 DUP1
874 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
895 AND
896 PUSH1 0x40
898 MLOAD
899 PUSH1 0x00
901 PUSH1 0x40
903 MLOAD
904 DUP1
905 DUP4
906 SUB
907 DUP2
908 PUSH1 0x00
910 DUP7
911 GAS
912 CALL
913 SWAP2
914 POP
915 POP
916 POP
917 POP
918 JUMP
919 STOP

File diff suppressed because one or more lines are too long

@ -0,0 +1 @@
{"error": null, "issues": [{"address": 661, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0x5a6814ec", "swc_id": "107", "title": "Message call to external contract", "type": "Informational"}, {"address": 666, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0x5a6814ec", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 779, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xd24b08cc", "swc_id": "107", "title": "Message call to external contract", "type": "Warning"}, {"address": 779, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location", "function": "_function_0xd24b08cc", "swc_id": "114", "title": "Transaction order dependence", "type": "Warning"}, {"address": 784, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xd24b08cc", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 858, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0xe11f493e", "swc_id": "107", "title": "Message call to external contract", "type": "Informational"}, {"address": 869, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.", "function": "_function_0xe11f493e", "swc_id": "107", "title": "State change after external call", "type": "Warning"}, {"address": 871, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe11f493e", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 912, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xe1d10f79", "swc_id": "107", "title": "Message call to external contract", "type": "Warning"}, {"address": 918, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe1d10f79", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}], "success": true}

@ -0,0 +1,111 @@
# Analysis results for test-filename.sol
## Message call to external contract
- SWC ID: 107
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x5a6814ec`
- PC address: 661
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
## Unchecked CALL return value
- SWC ID: 104
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x5a6814ec`
- PC address: 666
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
## Message call to external contract
- SWC ID: 107
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xd24b08cc`
- PC address: 779
### Description
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
## Transaction order dependence
- SWC ID: 114
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xd24b08cc`
- PC address: 779
### Description
Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location
## Unchecked CALL return value
- SWC ID: 104
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xd24b08cc`
- PC address: 784
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
## Message call to external contract
- SWC ID: 107
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xe11f493e`
- PC address: 858
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
## State change after external call
- SWC ID: 107
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xe11f493e`
- PC address: 869
### Description
The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.
## Unchecked CALL return value
- SWC ID: 104
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xe11f493e`
- PC address: 871
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
## Message call to external contract
- SWC ID: 107
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xe1d10f79`
- PC address: 912
### Description
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
## Unchecked CALL return value
- SWC ID: 104
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xe1d10f79`
- PC address: 918
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.

@ -0,0 +1,90 @@
==== Message call to external contract ====
SWC ID: 107
Type: Informational
Contract: Unknown
Function name: _function_0x5a6814ec
PC address: 661
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
--------------------
==== Unchecked CALL return value ====
SWC ID: 104
Type: Informational
Contract: Unknown
Function name: _function_0x5a6814ec
PC address: 666
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
==== Message call to external contract ====
SWC ID: 107
Type: Warning
Contract: Unknown
Function name: _function_0xd24b08cc
PC address: 779
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
--------------------
==== Transaction order dependence ====
SWC ID: 114
Type: Warning
Contract: Unknown
Function name: _function_0xd24b08cc
PC address: 779
Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location
--------------------
==== Unchecked CALL return value ====
SWC ID: 104
Type: Informational
Contract: Unknown
Function name: _function_0xd24b08cc
PC address: 784
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
==== Message call to external contract ====
SWC ID: 107
Type: Informational
Contract: Unknown
Function name: _function_0xe11f493e
PC address: 858
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
--------------------
==== State change after external call ====
SWC ID: 107
Type: Warning
Contract: Unknown
Function name: _function_0xe11f493e
PC address: 869
The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.
--------------------
==== Unchecked CALL return value ====
SWC ID: 104
Type: Informational
Contract: Unknown
Function name: _function_0xe11f493e
PC address: 871
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
==== Message call to external contract ====
SWC ID: 107
Type: Warning
Contract: Unknown
Function name: _function_0xe1d10f79
PC address: 912
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
--------------------
==== Unchecked CALL return value ====
SWC ID: 104
Type: Informational
Contract: Unknown
Function name: _function_0xe1d10f79
PC address: 918
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------

@ -0,0 +1,259 @@
0 PUSH1 0x80
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH2 0x004c
12 JUMPI
13 PUSH1 0x00
15 CALLDATALOAD
16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
46 SWAP1
47 DIV
48 PUSH4 0xffffffff
53 AND
54 DUP1
55 PUSH4 0x06661abd
60 EQ
61 PUSH2 0x0051
64 JUMPI
65 DUP1
66 PUSH4 0x83f12fec
71 EQ
72 PUSH2 0x007c
75 JUMPI
76 JUMPDEST
77 PUSH1 0x00
79 DUP1
80 REVERT
81 JUMPDEST
82 CALLVALUE
83 DUP1
84 ISZERO
85 PUSH2 0x005d
88 JUMPI
89 PUSH1 0x00
91 DUP1
92 REVERT
93 JUMPDEST
94 POP
95 PUSH2 0x0066
98 PUSH2 0x0104
101 JUMP
102 JUMPDEST
103 PUSH1 0x40
105 MLOAD
106 DUP1
107 DUP3
108 DUP2
109 MSTORE
110 PUSH1 0x20
112 ADD
113 SWAP2
114 POP
115 POP
116 PUSH1 0x40
118 MLOAD
119 DUP1
120 SWAP2
121 SUB
122 SWAP1
123 RETURN
124 JUMPDEST
125 CALLVALUE
126 DUP1
127 ISZERO
128 PUSH2 0x0088
131 JUMPI
132 PUSH1 0x00
134 DUP1
135 REVERT
136 JUMPDEST
137 POP
138 PUSH2 0x00ea
141 PUSH1 0x04
143 DUP1
144 CALLDATASIZE
145 SUB
146 DUP2
147 ADD
148 SWAP1
149 DUP1
150 DUP1
151 CALLDATALOAD
152 SWAP1
153 PUSH1 0x20
155 ADD
156 SWAP1
157 DUP3
158 ADD
159 DUP1
160 CALLDATALOAD
161 SWAP1
162 PUSH1 0x20
164 ADD
165 SWAP1
166 DUP1
167 DUP1
168 PUSH1 0x20
170 MUL
171 PUSH1 0x20
173 ADD
174 PUSH1 0x40
176 MLOAD
177 SWAP1
178 DUP2
179 ADD
180 PUSH1 0x40
182 MSTORE
183 DUP1
184 SWAP4
185 SWAP3
186 SWAP2
187 SWAP1
188 DUP2
189 DUP2
190 MSTORE
191 PUSH1 0x20
193 ADD
194 DUP4
195 DUP4
196 PUSH1 0x20
198 MUL
199 DUP1
200 DUP3
201 DUP5
202 CALLDATACOPY
203 DUP3
204 ADD
205 SWAP2
206 POP
207 POP
208 POP
209 POP
210 POP
211 POP
212 SWAP2
213 SWAP3
214 SWAP2
215 SWAP3
216 SWAP1
217 DUP1
218 CALLDATALOAD
219 SWAP1
220 PUSH1 0x20
222 ADD
223 SWAP1
224 SWAP3
225 SWAP2
226 SWAP1
227 POP
228 POP
229 POP
230 PUSH2 0x010a
233 JUMP
234 JUMPDEST
235 PUSH1 0x40
237 MLOAD
238 DUP1
239 DUP3
240 ISZERO
241 ISZERO
242 ISZERO
243 ISZERO
244 DUP2
245 MSTORE
246 PUSH1 0x20
248 ADD
249 SWAP2
250 POP
251 POP
252 PUSH1 0x40
254 MLOAD
255 DUP1
256 SWAP2
257 SUB
258 SWAP1
259 RETURN
260 JUMPDEST
261 PUSH1 0x00
263 SLOAD
264 DUP2
265 JUMP
266 JUMPDEST
267 PUSH1 0x00
269 DUP1
270 PUSH1 0x00
272 DUP5
273 MLOAD
274 SWAP2
275 POP
276 DUP4
277 DUP3
278 MUL
279 SWAP1
280 POP
281 PUSH1 0x00
283 DUP3
284 GT
285 DUP1
286 ISZERO
287 PUSH2 0x0129
290 JUMPI
291 POP
292 PUSH1 0x14
294 DUP3
295 GT
296 ISZERO
297 JUMPDEST
298 ISZERO
299 ISZERO
300 PUSH2 0x0134
303 JUMPI
304 PUSH1 0x00
306 DUP1
307 REVERT
308 JUMPDEST
309 DUP1
310 PUSH1 0x01
312 PUSH1 0x00
314 CALLER
315 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
336 AND
337 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
358 AND
359 DUP2
360 MSTORE
361 PUSH1 0x20
363 ADD
364 SWAP1
365 DUP2
366 MSTORE
367 PUSH1 0x20
369 ADD
370 PUSH1 0x00
372 SHA3
373 PUSH1 0x00
375 DUP3
376 DUP3
377 SLOAD
378 SUB
379 SWAP3
380 POP
381 POP
382 DUP2
383 SWAP1
384 SSTORE
385 POP
386 PUSH1 0x01
388 SWAP3
389 POP
390 POP
391 POP
392 SWAP3
393 SWAP2
394 POP
395 POP
396 JUMP
397 STOP

File diff suppressed because one or more lines are too long

@ -0,0 +1 @@
{"error": null, "issues": [{"address": 158, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The arithmetic operation can result in integer overflow.\n", "function": "_function_0x83f12fec", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}, {"address": 278, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The arithmetic operation can result in integer overflow.\n", "function": "_function_0x83f12fec", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}, {"address": 378, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The substraction can result in an integer underflow.\n", "function": "_function_0x83f12fec", "swc_id": "101", "title": "Integer Underflow", "type": "Warning"}], "success": true}

@ -0,0 +1,34 @@
# Analysis results for test-filename.sol
## Integer Overflow
- SWC ID: 101
- Type: Warning
- Contract: Unknown
- Function name: `_function_0x83f12fec`
- PC address: 158
### Description
The arithmetic operation can result in integer overflow.
## Integer Overflow
- SWC ID: 101
- Type: Warning
- Contract: Unknown
- Function name: `_function_0x83f12fec`
- PC address: 278
### Description
The arithmetic operation can result in integer overflow.
## Integer Underflow
- SWC ID: 101
- Type: Warning
- Contract: Unknown
- Function name: `_function_0x83f12fec`
- PC address: 378
### Description
The substraction can result in an integer underflow.

@ -0,0 +1,30 @@
==== Integer Overflow ====
SWC ID: 101
Type: Warning
Contract: Unknown
Function name: _function_0x83f12fec
PC address: 158
The arithmetic operation can result in integer overflow.
--------------------
==== Integer Overflow ====
SWC ID: 101
Type: Warning
Contract: Unknown
Function name: _function_0x83f12fec
PC address: 278
The arithmetic operation can result in integer overflow.
--------------------
==== Integer Underflow ====
SWC ID: 101
Type: Warning
Contract: Unknown
Function name: _function_0x83f12fec
PC address: 378
The substraction can result in an integer underflow.
--------------------

@ -0,0 +1,420 @@
0 PUSH1 0x80
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH2 0x0078
12 JUMPI
13 PUSH1 0x00
15 CALLDATALOAD
16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
46 SWAP1
47 DIV
48 PUSH4 0xffffffff
53 AND
54 DUP1
55 PUSH4 0x12065fe0
60 EQ
61 PUSH2 0x007d
64 JUMPI
65 DUP1
66 PUSH4 0x27e235e3
71 EQ
72 PUSH2 0x00a8
75 JUMPI
76 DUP1
77 PUSH4 0x56885cd8
82 EQ
83 PUSH2 0x00ff
86 JUMPI
87 DUP1
88 PUSH4 0x6c343ffe
93 EQ
94 PUSH2 0x0116
97 JUMPI
98 DUP1
99 PUSH4 0x8da5cb5b
104 EQ
105 PUSH2 0x012d
108 JUMPI
109 DUP1
110 PUSH4 0xe8b5e51f
115 EQ
116 PUSH2 0x0184
119 JUMPI
120 JUMPDEST
121 PUSH1 0x00
123 DUP1
124 REVERT
125 JUMPDEST
126 CALLVALUE
127 DUP1
128 ISZERO
129 PUSH2 0x0089
132 JUMPI
133 PUSH1 0x00
135 DUP1
136 REVERT
137 JUMPDEST
138 POP
139 PUSH2 0x0092
142 PUSH2 0x018e
145 JUMP
146 JUMPDEST
147 PUSH1 0x40
149 MLOAD
150 DUP1
151 DUP3
152 DUP2
153 MSTORE
154 PUSH1 0x20
156 ADD
157 SWAP2
158 POP
159 POP
160 PUSH1 0x40
162 MLOAD
163 DUP1
164 SWAP2
165 SUB
166 SWAP1
167 RETURN
168 JUMPDEST
169 CALLVALUE
170 DUP1
171 ISZERO
172 PUSH2 0x00b4
175 JUMPI
176 PUSH1 0x00
178 DUP1
179 REVERT
180 JUMPDEST
181 POP
182 PUSH2 0x00e9
185 PUSH1 0x04
187 DUP1
188 CALLDATASIZE
189 SUB
190 DUP2
191 ADD
192 SWAP1
193 DUP1
194 DUP1
195 CALLDATALOAD
196 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
217 AND
218 SWAP1
219 PUSH1 0x20
221 ADD
222 SWAP1
223 SWAP3
224 SWAP2
225 SWAP1
226 POP
227 POP
228 POP
229 PUSH2 0x01d4
232 JUMP
233 JUMPDEST
234 PUSH1 0x40
236 MLOAD
237 DUP1
238 DUP3
239 DUP2
240 MSTORE
241 PUSH1 0x20
243 ADD
244 SWAP2
245 POP
246 POP
247 PUSH1 0x40
249 MLOAD
250 DUP1
251 SWAP2
252 SUB
253 SWAP1
254 RETURN
255 JUMPDEST
256 CALLVALUE
257 DUP1
258 ISZERO
259 PUSH2 0x010b
262 JUMPI
263 PUSH1 0x00
265 DUP1
266 REVERT
267 JUMPDEST
268 POP
269 PUSH2 0x0114
272 PUSH2 0x01ec
275 JUMP
276 JUMPDEST
277 STOP
278 JUMPDEST
279 CALLVALUE
280 DUP1
281 ISZERO
282 PUSH2 0x0122
285 JUMPI
286 PUSH1 0x00
288 DUP1
289 REVERT
290 JUMPDEST
291 POP
292 PUSH2 0x012b
295 PUSH2 0x022f
298 JUMP
299 JUMPDEST
300 STOP
301 JUMPDEST
302 CALLVALUE
303 DUP1
304 ISZERO
305 PUSH2 0x0139
308 JUMPI
309 PUSH1 0x00
311 DUP1
312 REVERT
313 JUMPDEST
314 POP
315 PUSH2 0x0142
318 PUSH2 0x02eb
321 JUMP
322 JUMPDEST
323 PUSH1 0x40
325 MLOAD
326 DUP1
327 DUP3
328 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
349 AND
350 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
371 AND
372 DUP2
373 MSTORE
374 PUSH1 0x20
376 ADD
377 SWAP2
378 POP
379 POP
380 PUSH1 0x40
382 MLOAD
383 DUP1
384 SWAP2
385 SUB
386 SWAP1
387 RETURN
388 JUMPDEST
389 PUSH2 0x018c
392 PUSH2 0x0311
395 JUMP
396 JUMPDEST
397 STOP
398 JUMPDEST
399 PUSH1 0x00
401 DUP1
402 PUSH1 0x00
404 CALLER
405 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
426 AND
427 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
448 AND
449 DUP2
450 MSTORE
451 PUSH1 0x20
453 ADD
454 SWAP1
455 DUP2
456 MSTORE
457 PUSH1 0x20
459 ADD
460 PUSH1 0x00
462 SHA3
463 SLOAD
464 SWAP1
465 POP
466 SWAP1
467 JUMP
468 JUMPDEST
469 PUSH1 0x00
471 PUSH1 0x20
473 MSTORE
474 DUP1
475 PUSH1 0x00
477 MSTORE
478 PUSH1 0x40
480 PUSH1 0x00
482 SHA3
483 PUSH1 0x00
485 SWAP2
486 POP
487 SWAP1
488 POP
489 SLOAD
490 DUP2
491 JUMP
492 JUMPDEST
493 CALLER
494 PUSH1 0x01
496 PUSH1 0x00
498 PUSH2 0x0100
501 EXP
502 DUP2
503 SLOAD
504 DUP2
505 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
526 MUL
527 NOT
528 AND
529 SWAP1
530 DUP4
531 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
552 AND
553 MUL
554 OR
555 SWAP1
556 SSTORE
557 POP
558 JUMP
559 JUMPDEST
560 PUSH1 0x01
562 PUSH1 0x00
564 SWAP1
565 SLOAD
566 SWAP1
567 PUSH2 0x0100
570 EXP
571 SWAP1
572 DIV
573 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
594 AND
595 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
616 AND
617 CALLER
618 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
639 AND
640 EQ
641 ISZERO
642 ISZERO
643 PUSH2 0x028b
646 JUMPI
647 PUSH1 0x00
649 DUP1
650 REVERT
651 JUMPDEST
652 CALLER
653 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
674 AND
675 PUSH2 0x08fc
678 ADDRESS
679 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
700 AND
701 BALANCE
702 SWAP1
703 DUP2
704 ISZERO
705 MUL
706 SWAP1
707 PUSH1 0x40
709 MLOAD
710 PUSH1 0x00
712 PUSH1 0x40
714 MLOAD
715 DUP1
716 DUP4
717 SUB
718 DUP2
719 DUP6
720 DUP9
721 DUP9
722 CALL
723 SWAP4
724 POP
725 POP
726 POP
727 POP
728 ISZERO
729 DUP1
730 ISZERO
731 PUSH2 0x02e8
734 JUMPI
735 RETURNDATASIZE
736 PUSH1 0x00
738 DUP1
739 RETURNDATACOPY
740 RETURNDATASIZE
741 PUSH1 0x00
743 REVERT
744 JUMPDEST
745 POP
746 JUMP
747 JUMPDEST
748 PUSH1 0x01
750 PUSH1 0x00
752 SWAP1
753 SLOAD
754 SWAP1
755 PUSH2 0x0100
758 EXP
759 SWAP1
760 DIV
761 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
782 AND
783 DUP2
784 JUMP
785 JUMPDEST
786 PUSH1 0x02
788 SLOAD
789 CALLVALUE
790 GT
791 DUP1
792 ISZERO
793 PUSH2 0x0323
796 JUMPI
797 POP
798 PUSH1 0x03
800 SLOAD
801 CALLVALUE
802 LT
803 JUMPDEST
804 ISZERO
805 ISZERO
806 PUSH2 0x032e
809 JUMPI
810 PUSH1 0x00
812 DUP1
813 REVERT
814 JUMPDEST
815 CALLVALUE
816 PUSH1 0x00
818 DUP1
819 CALLER
820 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
841 AND
842 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
863 AND
864 DUP2
865 MSTORE
866 PUSH1 0x20
868 ADD
869 SWAP1
870 DUP2
871 MSTORE
872 PUSH1 0x20
874 ADD
875 PUSH1 0x00
877 SHA3
878 PUSH1 0x00
880 DUP3
881 DUP3
882 SLOAD
883 ADD
884 SWAP3
885 POP
886 POP
887 DUP2
888 SWAP1
889 SSTORE
890 POP
891 JUMP
892 STOP

File diff suppressed because one or more lines are too long

@ -0,0 +1 @@
{"error": null, "issues": [{"address": 722, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.", "function": "withdrawfunds()", "swc_id": "105", "title": "Ether send", "type": "Warning"}, {"address": 883, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The arithmetic operation can result in integer overflow.\n", "function": "invest()", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}], "success": true}

@ -0,0 +1,25 @@
# Analysis results for test-filename.sol
## Ether send
- SWC ID: 105
- Type: Warning
- Contract: Unknown
- Function name: `withdrawfunds()`
- PC address: 722
### Description
A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.
There is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.
## Integer Overflow
- SWC ID: 101
- Type: Warning
- Contract: Unknown
- Function name: `invest()`
- PC address: 883
### Description
The arithmetic operation can result in integer overflow.

@ -0,0 +1,21 @@
==== Ether send ====
SWC ID: 105
Type: Warning
Contract: Unknown
Function name: withdrawfunds()
PC address: 722
A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.
There is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.
--------------------
==== Integer Overflow ====
SWC ID: 101
Type: Warning
Contract: Unknown
Function name: invest()
PC address: 883
The arithmetic operation can result in integer overflow.
--------------------

@ -0,0 +1,392 @@
0 PUSH1 0x60
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH2 0x008e
12 JUMPI
13 PUSH1 0x00
15 CALLDATALOAD
16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
46 SWAP1
47 DIV
48 PUSH4 0xffffffff
53 AND
54 DUP1
55 PUSH4 0x01d4277c
60 EQ
61 PUSH2 0x0093
64 JUMPI
65 DUP1
66 PUSH4 0x546455b5
71 EQ
72 PUSH2 0x00b6
75 JUMPI
76 DUP1
77 PUSH4 0x78375f14
82 EQ
83 PUSH2 0x00d9
86 JUMPI
87 DUP1
88 PUSH4 0x92dd38ea
93 EQ
94 PUSH2 0x00fc
97 JUMPI
98 DUP1
99 PUSH4 0xa08299f1
104 EQ
105 PUSH2 0x011f
108 JUMPI
109 DUP1
110 PUSH4 0xb34c3610
115 EQ
116 PUSH2 0x0142
119 JUMPI
120 DUP1
121 PUSH4 0xb630d706
126 EQ
127 PUSH2 0x0157
130 JUMPI
131 DUP1
132 PUSH4 0xf44f13d8
137 EQ
138 PUSH2 0x017a
141 JUMPI
142 JUMPDEST
143 PUSH1 0x00
145 DUP1
146 REVERT
147 JUMPDEST
148 CALLVALUE
149 ISZERO
150 PUSH2 0x009e
153 JUMPI
154 PUSH1 0x00
156 DUP1
157 REVERT
158 JUMPDEST
159 PUSH2 0x00b4
162 PUSH1 0x04
164 DUP1
165 DUP1
166 CALLDATALOAD
167 SWAP1
168 PUSH1 0x20
170 ADD
171 SWAP1
172 SWAP2
173 SWAP1
174 POP
175 POP
176 PUSH2 0x018f
179 JUMP
180 JUMPDEST
181 STOP
182 JUMPDEST
183 CALLVALUE
184 ISZERO
185 PUSH2 0x00c1
188 JUMPI
189 PUSH1 0x00
191 DUP1
192 REVERT
193 JUMPDEST
194 PUSH2 0x00d7
197 PUSH1 0x04
199 DUP1
200 DUP1
201 CALLDATALOAD
202 SWAP1
203 PUSH1 0x20
205 ADD
206 SWAP1
207 SWAP2
208 SWAP1
209 POP
210 POP
211 PUSH2 0x01b2
214 JUMP
215 JUMPDEST
216 STOP
217 JUMPDEST
218 CALLVALUE
219 ISZERO
220 PUSH2 0x00e4
223 JUMPI
224 PUSH1 0x00
226 DUP1
227 REVERT
228 JUMPDEST
229 PUSH2 0x00fa
232 PUSH1 0x04
234 DUP1
235 DUP1
236 CALLDATALOAD
237 SWAP1
238 PUSH1 0x20
240 ADD
241 SWAP1
242 SWAP2
243 SWAP1
244 POP
245 POP
246 PUSH2 0x01c2
249 JUMP
250 JUMPDEST
251 STOP
252 JUMPDEST
253 CALLVALUE
254 ISZERO
255 PUSH2 0x0107
258 JUMPI
259 PUSH1 0x00
261 DUP1
262 REVERT
263 JUMPDEST
264 PUSH2 0x011d
267 PUSH1 0x04
269 DUP1
270 DUP1
271 CALLDATALOAD
272 SWAP1
273 PUSH1 0x20
275 ADD
276 SWAP1
277 SWAP2
278 SWAP1
279 POP
280 POP
281 PUSH2 0x01d5
284 JUMP
285 JUMPDEST
286 STOP
287 JUMPDEST
288 CALLVALUE
289 ISZERO
290 PUSH2 0x012a
293 JUMPI
294 PUSH1 0x00
296 DUP1
297 REVERT
298 JUMPDEST
299 PUSH2 0x0140
302 PUSH1 0x04
304 DUP1
305 DUP1
306 CALLDATALOAD
307 SWAP1
308 PUSH1 0x20
310 ADD
311 SWAP1
312 SWAP2
313 SWAP1
314 POP
315 POP
316 PUSH2 0x01ed
319 JUMP
320 JUMPDEST
321 STOP
322 JUMPDEST
323 CALLVALUE
324 ISZERO
325 PUSH2 0x014d
328 JUMPI
329 PUSH1 0x00
331 DUP1
332 REVERT
333 JUMPDEST
334 PUSH2 0x0155
337 PUSH2 0x0202
340 JUMP
341 JUMPDEST
342 STOP
343 JUMPDEST
344 CALLVALUE
345 ISZERO
346 PUSH2 0x0162
349 JUMPI
350 PUSH1 0x00
352 DUP1
353 REVERT
354 JUMPDEST
355 PUSH2 0x0178
358 PUSH1 0x04
360 DUP1
361 DUP1
362 CALLDATALOAD
363 SWAP1
364 PUSH1 0x20
366 ADD
367 SWAP1
368 SWAP2
369 SWAP1
370 POP
371 POP
372 PUSH2 0x0217
375 JUMP
376 JUMPDEST
377 STOP
378 JUMPDEST
379 CALLVALUE
380 ISZERO
381 PUSH2 0x0185
384 JUMPI
385 PUSH1 0x00
387 DUP1
388 REVERT
389 JUMPDEST
390 PUSH2 0x018d
393 PUSH2 0x0235
396 JUMP
397 JUMPDEST
398 STOP
399 JUMPDEST
400 PUSH1 0x00
402 PUSH1 0x08
404 DUP3
405 LT
406 ISZERO
407 PUSH2 0x01ae
410 JUMPI
411 PUSH1 0x00
413 DUP3
414 PUSH1 0x08
416 DUP2
417 LT
418 ISZERO
419 ISZERO
420 PUSH2 0x01a9
423 JUMPI
424 ASSERT_FAIL
425 JUMPDEST
426 ADD
427 SLOAD
428 SWAP1
429 POP
430 JUMPDEST
431 POP
432 POP
433 JUMP
434 JUMPDEST
435 PUSH1 0x17
437 DUP2
438 EQ
439 ISZERO
440 ISZERO
441 ISZERO
442 PUSH2 0x01bf
445 JUMPI
446 ASSERT_FAIL
447 JUMPDEST
448 POP
449 JUMP
450 JUMPDEST
451 PUSH1 0x17
453 DUP2
454 EQ
455 ISZERO
456 ISZERO
457 ISZERO
458 PUSH2 0x01d2
461 JUMPI
462 PUSH1 0x00
464 DUP1
465 REVERT
466 JUMPDEST
467 POP
468 JUMP
469 JUMPDEST
470 PUSH1 0x00
472 DUP1
473 DUP3
474 PUSH1 0x08
476 DUP2
477 LT
478 ISZERO
479 ISZERO
480 PUSH2 0x01e5
483 JUMPI
484 ASSERT_FAIL
485 JUMPDEST
486 ADD
487 SLOAD
488 SWAP1
489 POP
490 POP
491 POP
492 JUMP
493 JUMPDEST
494 PUSH1 0x00
496 DUP2
497 PUSH1 0x01
499 DUP2
500 ISZERO
501 ISZERO
502 PUSH2 0x01fb
505 JUMPI
506 ASSERT_FAIL
507 JUMPDEST
508 DIV
509 SWAP1
510 POP
511 POP
512 POP
513 JUMP
514 JUMPDEST
515 PUSH1 0x00
517 PUSH1 0x01
519 SWAP1
520 POP
521 PUSH1 0x00
523 DUP2
524 EQ
525 ISZERO
526 ISZERO
527 PUSH2 0x0214
530 JUMPI
531 ASSERT_FAIL
532 JUMPDEST
533 POP
534 JUMP
535 JUMPDEST
536 PUSH1 0x00
538 DUP1
539 DUP3
540 GT
541 ISZERO
542 PUSH2 0x0231
545 JUMPI
546 DUP2
547 PUSH1 0x01
549 DUP2
550 ISZERO
551 ISZERO
552 PUSH2 0x022d
555 JUMPI
556 ASSERT_FAIL
557 JUMPDEST
558 DIV
559 SWAP1
560 POP
561 JUMPDEST
562 POP
563 POP
564 JUMP
565 JUMPDEST
566 PUSH1 0x00
568 PUSH1 0x01
570 SWAP1
571 POP
572 PUSH1 0x00
574 DUP2
575 GT
576 ISZERO
577 ISZERO
578 PUSH2 0x0247
581 JUMPI
582 ASSERT_FAIL
583 JUMPDEST
584 POP
585 JUMP
586 STOP

File diff suppressed because one or more lines are too long

@ -0,0 +1 @@
{"error": null, "issues": [{"address": 446, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0x546455b5", "swc_id": "110", "title": "Exception state", "type": "Informational"}, {"address": 484, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0x92dd38ea", "swc_id": "110", "title": "Exception state", "type": "Informational"}, {"address": 506, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0xa08299f1", "swc_id": "110", "title": "Exception state", "type": "Informational"}, {"address": 531, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. ", "function": "_function_0xb34c3610", "swc_id": "110", "title": "Exception state", "type": "Informational"}], "success": true}

@ -0,0 +1,45 @@
# Analysis results for test-filename.sol
## Exception state
- SWC ID: 110
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x546455b5`
- PC address: 446
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Exception state
- SWC ID: 110
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x92dd38ea`
- PC address: 484
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Exception state
- SWC ID: 110
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xa08299f1`
- PC address: 506
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Exception state
- SWC ID: 110
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xb34c3610`
- PC address: 531
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.

@ -0,0 +1,36 @@
==== Exception state ====
SWC ID: 110
Type: Informational
Contract: Unknown
Function name: _function_0x546455b5
PC address: 446
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Exception state ====
SWC ID: 110
Type: Informational
Contract: Unknown
Function name: _function_0x92dd38ea
PC address: 484
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Exception state ====
SWC ID: 110
Type: Informational
Contract: Unknown
Function name: _function_0xa08299f1
PC address: 506
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Exception state ====
SWC ID: 110
Type: Informational
Contract: Unknown
Function name: _function_0xb34c3610
PC address: 531
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------

@ -0,0 +1,435 @@
0 PUSH1 0x60
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH2 0x006d
12 JUMPI
13 PUSH1 0x00
15 CALLDATALOAD
16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
46 SWAP1
47 DIV
48 PUSH4 0xffffffff
53 AND
54 DUP1
55 PUSH4 0x141f32ff
60 EQ
61 PUSH2 0x0072
64 JUMPI
65 DUP1
66 PUSH4 0x2e52d606
71 EQ
72 PUSH2 0x00b4
75 JUMPI
76 DUP1
77 PUSH4 0x67e404ce
82 EQ
83 PUSH2 0x00dd
86 JUMPI
87 DUP1
88 PUSH4 0x9b58bc26
93 EQ
94 PUSH2 0x0132
97 JUMPI
98 DUP1
99 PUSH4 0xeea4c864
104 EQ
105 PUSH2 0x0174
108 JUMPI
109 JUMPDEST
110 PUSH1 0x00
112 DUP1
113 REVERT
114 JUMPDEST
115 CALLVALUE
116 ISZERO
117 PUSH2 0x007d
120 JUMPI
121 PUSH1 0x00
123 DUP1
124 REVERT
125 JUMPDEST
126 PUSH2 0x00b2
129 PUSH1 0x04
131 DUP1
132 DUP1
133 CALLDATALOAD
134 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
155 AND
156 SWAP1
157 PUSH1 0x20
159 ADD
160 SWAP1
161 SWAP2
162 SWAP1
163 DUP1
164 CALLDATALOAD
165 SWAP1
166 PUSH1 0x20
168 ADD
169 SWAP1
170 SWAP2
171 SWAP1
172 POP
173 POP
174 PUSH2 0x01b6
177 JUMP
178 JUMPDEST
179 STOP
180 JUMPDEST
181 CALLVALUE
182 ISZERO
183 PUSH2 0x00bf
186 JUMPI
187 PUSH1 0x00
189 DUP1
190 REVERT
191 JUMPDEST
192 PUSH2 0x00c7
195 PUSH2 0x0273
198 JUMP
199 JUMPDEST
200 PUSH1 0x40
202 MLOAD
203 DUP1
204 DUP3
205 DUP2
206 MSTORE
207 PUSH1 0x20
209 ADD
210 SWAP2
211 POP
212 POP
213 PUSH1 0x40
215 MLOAD
216 DUP1
217 SWAP2
218 SUB
219 SWAP1
220 RETURN
221 JUMPDEST
222 CALLVALUE
223 ISZERO
224 PUSH2 0x00e8
227 JUMPI
228 PUSH1 0x00
230 DUP1
231 REVERT
232 JUMPDEST
233 PUSH2 0x00f0
236 PUSH2 0x0279
239 JUMP
240 JUMPDEST
241 PUSH1 0x40
243 MLOAD
244 DUP1
245 DUP3
246 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
267 AND
268 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
289 AND
290 DUP2
291 MSTORE
292 PUSH1 0x20
294 ADD
295 SWAP2
296 POP
297 POP
298 PUSH1 0x40
300 MLOAD
301 DUP1
302 SWAP2
303 SUB
304 SWAP1
305 RETURN
306 JUMPDEST
307 CALLVALUE
308 ISZERO
309 PUSH2 0x013d
312 JUMPI
313 PUSH1 0x00
315 DUP1
316 REVERT
317 JUMPDEST
318 PUSH2 0x0172
321 PUSH1 0x04
323 DUP1
324 DUP1
325 CALLDATALOAD
326 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
347 AND
348 SWAP1
349 PUSH1 0x20
351 ADD
352 SWAP1
353 SWAP2
354 SWAP1
355 DUP1
356 CALLDATALOAD
357 SWAP1
358 PUSH1 0x20
360 ADD
361 SWAP1
362 SWAP2
363 SWAP1
364 POP
365 POP
366 PUSH2 0x029f
369 JUMP
370 JUMPDEST
371 STOP
372 JUMPDEST
373 CALLVALUE
374 ISZERO
375 PUSH2 0x017f
378 JUMPI
379 PUSH1 0x00
381 DUP1
382 REVERT
383 JUMPDEST
384 PUSH2 0x01b4
387 PUSH1 0x04
389 DUP1
390 DUP1
391 CALLDATALOAD
392 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
413 AND
414 SWAP1
415 PUSH1 0x20
417 ADD
418 SWAP1
419 SWAP2
420 SWAP1
421 DUP1
422 CALLDATALOAD
423 SWAP1
424 PUSH1 0x20
426 ADD
427 SWAP1
428 SWAP2
429 SWAP1
430 POP
431 POP
432 PUSH2 0x035a
435 JUMP
436 JUMPDEST
437 STOP
438 JUMPDEST
439 DUP2
440 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
461 AND
462 PUSH1 0x40
464 MLOAD
465 DUP1
466 DUP1
467 PUSH32 0x7365744e2875696e743235362900000000000000000000000000000000000000
500 DUP2
501 MSTORE
502 POP
503 PUSH1 0x0d
505 ADD
506 SWAP1
507 POP
508 PUSH1 0x40
510 MLOAD
511 DUP1
512 SWAP2
513 SUB
514 SWAP1
515 SHA3
516 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
546 SWAP1
547 DIV
548 DUP3
549 PUSH1 0x40
551 MLOAD
552 DUP3
553 PUSH4 0xffffffff
558 AND
559 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
589 MUL
590 DUP2
591 MSTORE
592 PUSH1 0x04
594 ADD
595 DUP1
596 DUP3
597 DUP2
598 MSTORE
599 PUSH1 0x20
601 ADD
602 SWAP2
603 POP
604 POP
605 PUSH1 0x00
607 PUSH1 0x40
609 MLOAD
610 DUP1
611 DUP4
612 SUB
613 DUP2
614 PUSH1 0x00
616 DUP8
617 GAS
618 CALLCODE
619 SWAP3
620 POP
621 POP
622 POP
623 POP
624 POP
625 POP
626 JUMP
627 JUMPDEST
628 PUSH1 0x00
630 SLOAD
631 DUP2
632 JUMP
633 JUMPDEST
634 PUSH1 0x01
636 PUSH1 0x00
638 SWAP1
639 SLOAD
640 SWAP1
641 PUSH2 0x0100
644 EXP
645 SWAP1
646 DIV
647 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
668 AND
669 DUP2
670 JUMP
671 JUMPDEST
672 DUP2
673 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
694 AND
695 PUSH1 0x40
697 MLOAD
698 DUP1
699 DUP1
700 PUSH32 0x7365744e2875696e743235362900000000000000000000000000000000000000
733 DUP2
734 MSTORE
735 POP
736 PUSH1 0x0d
738 ADD
739 SWAP1
740 POP
741 PUSH1 0x40
743 MLOAD
744 DUP1
745 SWAP2
746 SUB
747 SWAP1
748 SHA3
749 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
779 SWAP1
780 DIV
781 DUP3
782 PUSH1 0x40
784 MLOAD
785 DUP3
786 PUSH4 0xffffffff
791 AND
792 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
822 MUL
823 DUP2
824 MSTORE
825 PUSH1 0x04
827 ADD
828 DUP1
829 DUP3
830 DUP2
831 MSTORE
832 PUSH1 0x20
834 ADD
835 SWAP2
836 POP
837 POP
838 PUSH1 0x00
840 PUSH1 0x40
842 MLOAD
843 DUP1
844 DUP4
845 SUB
846 DUP2
847 DUP7
848 GAS
849 DELEGATECALL
850 SWAP3
851 POP
852 POP
853 POP
854 POP
855 POP
856 POP
857 JUMP
858 JUMPDEST
859 DUP2
860 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
881 AND
882 PUSH1 0x40
884 MLOAD
885 DUP1
886 DUP1
887 PUSH32 0x7365744e2875696e743235362900000000000000000000000000000000000000
920 DUP2
921 MSTORE
922 POP
923 PUSH1 0x0d
925 ADD
926 SWAP1
927 POP
928 PUSH1 0x40
930 MLOAD
931 DUP1
932 SWAP2
933 SUB
934 SWAP1
935 SHA3
936 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
966 SWAP1
967 DIV
968 DUP3
969 PUSH1 0x40
971 MLOAD
972 DUP3
973 PUSH4 0xffffffff
978 AND
979 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
1009 MUL
1010 DUP2
1011 MSTORE
1012 PUSH1 0x04
1014 ADD
1015 DUP1
1016 DUP3
1017 DUP2
1018 MSTORE
1019 PUSH1 0x20
1021 ADD
1022 SWAP2
1023 POP
1024 POP
1025 PUSH1 0x00
1027 PUSH1 0x40
1029 MLOAD
1030 DUP1
1031 DUP4
1032 SUB
1033 DUP2
1034 PUSH1 0x00
1036 DUP8
1037 GAS
1038 CALL
1039 SWAP3
1040 POP
1041 POP
1042 POP
1043 POP
1044 POP
1045 POP
1046 JUMP
1047 STOP

File diff suppressed because one or more lines are too long

@ -0,0 +1 @@
{"error": null, "issues": [{"address": 626, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0x141f32ff", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 857, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0x9b58bc26", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 1038, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xeea4c864", "swc_id": "107", "title": "Message call to external contract", "type": "Warning"}, {"address": 1046, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xeea4c864", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}], "success": true}

@ -0,0 +1,45 @@
# Analysis results for test-filename.sol
## Unchecked CALL return value
- SWC ID: 104
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x141f32ff`
- PC address: 626
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
## Unchecked CALL return value
- SWC ID: 104
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x9b58bc26`
- PC address: 857
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
## Message call to external contract
- SWC ID: 107
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xeea4c864`
- PC address: 1038
### Description
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
## Unchecked CALL return value
- SWC ID: 104
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xeea4c864`
- PC address: 1046
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.

@ -0,0 +1,36 @@
==== Unchecked CALL return value ====
SWC ID: 104
Type: Informational
Contract: Unknown
Function name: _function_0x141f32ff
PC address: 626
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
==== Unchecked CALL return value ====
SWC ID: 104
Type: Informational
Contract: Unknown
Function name: _function_0x9b58bc26
PC address: 857
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------
==== Message call to external contract ====
SWC ID: 107
Type: Warning
Contract: Unknown
Function name: _function_0xeea4c864
PC address: 1038
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
--------------------
==== Unchecked CALL return value ====
SWC ID: 104
Type: Informational
Contract: Unknown
Function name: _function_0xeea4c864
PC address: 1046
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------

@ -0,0 +1,253 @@
0 PUSH1 0x60
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH2 0x004c
12 JUMPI
13 PUSH1 0x00
15 CALLDATALOAD
16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
46 SWAP1
47 DIV
48 PUSH4 0xffffffff
53 AND
54 DUP1
55 PUSH4 0x27e235e3
60 EQ
61 PUSH2 0x0051
64 JUMPI
65 DUP1
66 PUSH4 0x412664ae
71 EQ
72 PUSH2 0x009e
75 JUMPI
76 JUMPDEST
77 PUSH1 0x00
79 DUP1
80 REVERT
81 JUMPDEST
82 CALLVALUE
83 ISZERO
84 PUSH2 0x005c
87 JUMPI
88 PUSH1 0x00
90 DUP1
91 REVERT
92 JUMPDEST
93 PUSH2 0x0088
96 PUSH1 0x04
98 DUP1
99 DUP1
100 CALLDATALOAD
101 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
122 AND
123 SWAP1
124 PUSH1 0x20
126 ADD
127 SWAP1
128 SWAP2
129 SWAP1
130 POP
131 POP
132 PUSH2 0x00f8
135 JUMP
136 JUMPDEST
137 PUSH1 0x40
139 MLOAD
140 DUP1
141 DUP3
142 DUP2
143 MSTORE
144 PUSH1 0x20
146 ADD
147 SWAP2
148 POP
149 POP
150 PUSH1 0x40
152 MLOAD
153 DUP1
154 SWAP2
155 SUB
156 SWAP1
157 RETURN
158 JUMPDEST
159 CALLVALUE
160 ISZERO
161 PUSH2 0x00a9
164 JUMPI
165 PUSH1 0x00
167 DUP1
168 REVERT
169 JUMPDEST
170 PUSH2 0x00de
173 PUSH1 0x04
175 DUP1
176 DUP1
177 CALLDATALOAD
178 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
199 AND
200 SWAP1
201 PUSH1 0x20
203 ADD
204 SWAP1
205 SWAP2
206 SWAP1
207 DUP1
208 CALLDATALOAD
209 SWAP1
210 PUSH1 0x20
212 ADD
213 SWAP1
214 SWAP2
215 SWAP1
216 POP
217 POP
218 PUSH2 0x0110
221 JUMP
222 JUMPDEST
223 PUSH1 0x40
225 MLOAD
226 DUP1
227 DUP3
228 ISZERO
229 ISZERO
230 ISZERO
231 ISZERO
232 DUP2
233 MSTORE
234 PUSH1 0x20
236 ADD
237 SWAP2
238 POP
239 POP
240 PUSH1 0x40
242 MLOAD
243 DUP1
244 SWAP2
245 SUB
246 SWAP1
247 RETURN
248 JUMPDEST
249 PUSH1 0x00
251 PUSH1 0x20
253 MSTORE
254 DUP1
255 PUSH1 0x00
257 MSTORE
258 PUSH1 0x40
260 PUSH1 0x00
262 SHA3
263 PUSH1 0x00
265 SWAP2
266 POP
267 SWAP1
268 POP
269 SLOAD
270 DUP2
271 JUMP
272 JUMPDEST
273 PUSH1 0x00
275 DUP2
276 PUSH1 0x00
278 DUP1
279 CALLER
280 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
301 AND
302 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
323 AND
324 DUP2
325 MSTORE
326 PUSH1 0x20
328 ADD
329 SWAP1
330 DUP2
331 MSTORE
332 PUSH1 0x20
334 ADD
335 PUSH1 0x00
337 SHA3
338 SLOAD
339 LT
340 ISZERO
341 PUSH2 0x0161
344 JUMPI
345 PUSH1 0x00
347 SWAP1
348 POP
349 PUSH2 0x01fe
352 JUMP
353 JUMPDEST
354 DUP2
355 PUSH1 0x00
357 DUP1
358 CALLER
359 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
380 AND
381 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
402 AND
403 DUP2
404 MSTORE
405 PUSH1 0x20
407 ADD
408 SWAP1
409 DUP2
410 MSTORE
411 PUSH1 0x20
413 ADD
414 PUSH1 0x00
416 SHA3
417 PUSH1 0x00
419 DUP3
420 DUP3
421 SLOAD
422 SUB
423 SWAP3
424 POP
425 POP
426 DUP2
427 SWAP1
428 SSTORE
429 POP
430 DUP2
431 PUSH1 0x00
433 DUP1
434 DUP6
435 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
456 AND
457 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
478 AND
479 DUP2
480 MSTORE
481 PUSH1 0x20
483 ADD
484 SWAP1
485 DUP2
486 MSTORE
487 PUSH1 0x20
489 ADD
490 PUSH1 0x00
492 SHA3
493 PUSH1 0x00
495 DUP3
496 DUP3
497 SLOAD
498 ADD
499 SWAP3
500 POP
501 POP
502 DUP2
503 SWAP1
504 SSTORE
505 POP
506 PUSH1 0x00
508 SWAP1
509 POP
510 JUMPDEST
511 SWAP3
512 SWAP2
513 POP
514 POP
515 JUMP
516 STOP

File diff suppressed because one or more lines are too long

@ -0,0 +1 @@
{"error": null, "issues": [], "success": true}

@ -0,0 +1,3 @@
# Analysis results for None
The analysis was completed successfully. No issues were detected.

@ -0,0 +1 @@
The analysis was completed successfully. No issues were detected.

@ -0,0 +1,77 @@
0 PUSH1 0x60
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH1 0x3f
11 JUMPI
12 PUSH1 0x00
14 CALLDATALOAD
15 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
45 SWAP1
46 DIV
47 PUSH4 0xffffffff
52 AND
53 DUP1
54 PUSH4 0x8a4068dd
59 EQ
60 PUSH1 0x44
62 JUMPI
63 JUMPDEST
64 PUSH1 0x00
66 DUP1
67 REVERT
68 JUMPDEST
69 CALLVALUE
70 ISZERO
71 PUSH1 0x4e
73 JUMPI
74 PUSH1 0x00
76 DUP1
77 REVERT
78 JUMPDEST
79 PUSH1 0x54
81 PUSH1 0x56
83 JUMP
84 JUMPDEST
85 STOP
86 JUMPDEST
87 CALLER
88 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
109 AND
110 PUSH2 0x08fc
113 PUSH8 0x1bc16d674ec80000
122 SWAP1
123 DUP2
124 ISZERO
125 MUL
126 SWAP1
127 PUSH1 0x40
129 MLOAD
130 PUSH1 0x00
132 PUSH1 0x40
134 MLOAD
135 DUP1
136 DUP4
137 SUB
138 DUP2
139 DUP6
140 DUP9
141 DUP9
142 CALL
143 SWAP4
144 POP
145 POP
146 POP
147 POP
148 ISZERO
149 ISZERO
150 PUSH1 0x9d
152 JUMPI
153 PUSH1 0x00
155 DUP1
156 REVERT
157 JUMPDEST
158 JUMP
159 STOP

File diff suppressed because one or more lines are too long

@ -0,0 +1 @@
{"error": null, "issues": [{"address": 142, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.\nIt seems that this function can be called without restrictions.", "function": "_function_0x8a4068dd", "swc_id": "105", "title": "Ether send", "type": "Warning"}], "success": true}

@ -0,0 +1,13 @@
# Analysis results for test-filename.sol
## Ether send
- SWC ID: 105
- Type: Warning
- Contract: Unknown
- Function name: `_function_0x8a4068dd`
- PC address: 142
### Description
A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.
It seems that this function can be called without restrictions.

@ -0,0 +1,10 @@
==== Ether send ====
SWC ID: 105
Type: Warning
Contract: Unknown
Function name: _function_0x8a4068dd
PC address: 142
A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.
It seems that this function can be called without restrictions.
--------------------

@ -0,0 +1,167 @@
0 PUSH1 0x80
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH2 0x0041
12 JUMPI
13 PUSH1 0x00
15 CALLDATALOAD
16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
46 SWAP1
47 DIV
48 PUSH4 0xffffffff
53 AND
54 DUP1
55 PUSH4 0x24ff38a2
60 EQ
61 PUSH2 0x0046
64 JUMPI
65 JUMPDEST
66 PUSH1 0x00
68 DUP1
69 REVERT
70 JUMPDEST
71 CALLVALUE
72 DUP1
73 ISZERO
74 PUSH2 0x0052
77 JUMPI
78 PUSH1 0x00
80 DUP1
81 REVERT
82 JUMPDEST
83 POP
84 PUSH2 0x005b
87 PUSH2 0x00d6
90 JUMP
91 JUMPDEST
92 PUSH1 0x40
94 MLOAD
95 DUP1
96 DUP1
97 PUSH1 0x20
99 ADD
100 DUP3
101 DUP2
102 SUB
103 DUP3
104 MSTORE
105 DUP4
106 DUP2
107 DUP2
108 MLOAD
109 DUP2
110 MSTORE
111 PUSH1 0x20
113 ADD
114 SWAP2
115 POP
116 DUP1
117 MLOAD
118 SWAP1
119 PUSH1 0x20
121 ADD
122 SWAP1
123 DUP1
124 DUP4
125 DUP4
126 PUSH1 0x00
128 JUMPDEST
129 DUP4
130 DUP2
131 LT
132 ISZERO
133 PUSH2 0x009b
136 JUMPI
137 DUP1
138 DUP3
139 ADD
140 MLOAD
141 DUP2
142 DUP5
143 ADD
144 MSTORE
145 PUSH1 0x20
147 DUP2
148 ADD
149 SWAP1
150 POP
151 PUSH2 0x0080
154 JUMP
155 JUMPDEST
156 POP
157 POP
158 POP
159 POP
160 SWAP1
161 POP
162 SWAP1
163 DUP2
164 ADD
165 SWAP1
166 PUSH1 0x1f
168 AND
169 DUP1
170 ISZERO
171 PUSH2 0x00c8
174 JUMPI
175 DUP1
176 DUP3
177 SUB
178 DUP1
179 MLOAD
180 PUSH1 0x01
182 DUP4
183 PUSH1 0x20
185 SUB
186 PUSH2 0x0100
189 EXP
190 SUB
191 NOT
192 AND
193 DUP2
194 MSTORE
195 PUSH1 0x20
197 ADD
198 SWAP2
199 POP
200 JUMPDEST
201 POP
202 SWAP3
203 POP
204 POP
205 POP
206 PUSH1 0x40
208 MLOAD
209 DUP1
210 SWAP2
211 SUB
212 SWAP1
213 RETURN
214 JUMPDEST
215 PUSH1 0x60
217 PUSH1 0x40
219 DUP1
220 MLOAD
221 SWAP1
222 DUP2
223 ADD
224 PUSH1 0x40
226 MSTORE
227 DUP1
228 PUSH1 0x17
230 DUP2
231 MSTORE
232 PUSH1 0x20
234 ADD
235 PUSH32 0xd0a5d18dd0bbd0bbd0bed18320d092d0bed180d0bbd0b4000000000000000000
268 DUP2
269 MSTORE
270 POP
271 SWAP1
272 POP
273 SWAP1
274 JUMP
275 STOP

File diff suppressed because one or more lines are too long

@ -0,0 +1 @@
{"error": null, "issues": [], "success": true}

@ -0,0 +1,3 @@
# Analysis results for None
The analysis was completed successfully. No issues were detected.

@ -0,0 +1 @@
The analysis was completed successfully. No issues were detected.

@ -0,0 +1,168 @@
0 PUSH1 0x60
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH2 0x004c
12 JUMPI
13 PUSH1 0x00
15 CALLDATALOAD
16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
46 SWAP1
47 DIV
48 PUSH4 0xffffffff
53 AND
54 DUP1
55 PUSH4 0x8da5cb5b
60 EQ
61 PUSH2 0x0051
64 JUMPI
65 DUP1
66 PUSH4 0xf2fde38b
71 EQ
72 PUSH2 0x00a6
75 JUMPI
76 JUMPDEST
77 PUSH1 0x00
79 DUP1
80 REVERT
81 JUMPDEST
82 CALLVALUE
83 ISZERO
84 PUSH2 0x005c
87 JUMPI
88 PUSH1 0x00
90 DUP1
91 REVERT
92 JUMPDEST
93 PUSH2 0x0064
96 PUSH2 0x00df
99 JUMP
100 JUMPDEST
101 PUSH1 0x40
103 MLOAD
104 DUP1
105 DUP3
106 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
127 AND
128 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
149 AND
150 DUP2
151 MSTORE
152 PUSH1 0x20
154 ADD
155 SWAP2
156 POP
157 POP
158 PUSH1 0x40
160 MLOAD
161 DUP1
162 SWAP2
163 SUB
164 SWAP1
165 RETURN
166 JUMPDEST
167 CALLVALUE
168 ISZERO
169 PUSH2 0x00b1
172 JUMPI
173 PUSH1 0x00
175 DUP1
176 REVERT
177 JUMPDEST
178 PUSH2 0x00dd
181 PUSH1 0x04
183 DUP1
184 DUP1
185 CALLDATALOAD
186 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
207 AND
208 SWAP1
209 PUSH1 0x20
211 ADD
212 SWAP1
213 SWAP2
214 SWAP1
215 POP
216 POP
217 PUSH2 0x0104
220 JUMP
221 JUMPDEST
222 STOP
223 JUMPDEST
224 PUSH1 0x00
226 DUP1
227 SWAP1
228 SLOAD
229 SWAP1
230 PUSH2 0x0100
233 EXP
234 SWAP1
235 DIV
236 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
257 AND
258 DUP2
259 JUMP
260 JUMPDEST
261 PUSH1 0x00
263 DUP1
264 SWAP1
265 SLOAD
266 SWAP1
267 PUSH2 0x0100
270 EXP
271 SWAP1
272 DIV
273 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
294 AND
295 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
316 AND
317 ORIGIN
318 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
339 AND
340 EQ
341 ISZERO
342 ISZERO
343 PUSH2 0x015f
346 JUMPI
347 PUSH1 0x00
349 DUP1
350 REVERT
351 JUMPDEST
352 PUSH1 0x00
354 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
375 AND
376 DUP2
377 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
398 AND
399 EQ
400 ISZERO
401 ISZERO
402 PUSH2 0x01d6
405 JUMPI
406 DUP1
407 PUSH1 0x00
409 DUP1
410 PUSH2 0x0100
413 EXP
414 DUP2
415 SLOAD
416 DUP2
417 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
438 MUL
439 NOT
440 AND
441 SWAP1
442 DUP4
443 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
464 AND
465 MUL
466 OR
467 SWAP1
468 SSTORE
469 POP
470 JUMPDEST
471 POP
472 JUMP
473 STOP

File diff suppressed because one or more lines are too long

@ -0,0 +1 @@
{"error": null, "issues": [{"address": 317, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The function `transferOwnership(address)` retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use msg.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin", "function": "transferOwnership(address)", "swc_id": "115", "title": "Use of tx.origin", "type": "Warning"}], "success": true}

@ -0,0 +1,13 @@
# Analysis results for test-filename.sol
## Use of tx.origin
- SWC ID: 115
- Type: Warning
- Contract: Unknown
- Function name: `transferOwnership(address)`
- PC address: 317
### Description
The function `transferOwnership(address)` retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use msg.sender instead.
See also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin

@ -0,0 +1,10 @@
==== Use of tx.origin ====
SWC ID: 115
Type: Warning
Contract: Unknown
Function name: transferOwnership(address)
PC address: 317
The function `transferOwnership(address)` retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use msg.sender instead.
See also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin
--------------------

@ -0,0 +1,388 @@
0 PUSH1 0x60
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH2 0x0062
12 JUMPI
13 PUSH1 0x00
15 CALLDATALOAD
16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
46 SWAP1
47 DIV
48 PUSH4 0xffffffff
53 AND
54 DUP1
55 PUSH4 0x18160ddd
60 EQ
61 PUSH2 0x0067
64 JUMPI
65 DUP1
66 PUSH4 0x6241bfd1
71 EQ
72 PUSH2 0x0090
75 JUMPI
76 DUP1
77 PUSH4 0x70a08231
82 EQ
83 PUSH2 0x00b3
86 JUMPI
87 DUP1
88 PUSH4 0xa3210e87
93 EQ
94 PUSH2 0x0100
97 JUMPI
98 JUMPDEST
99 PUSH1 0x00
101 DUP1
102 REVERT
103 JUMPDEST
104 CALLVALUE
105 ISZERO
106 PUSH2 0x0072
109 JUMPI
110 PUSH1 0x00
112 DUP1
113 REVERT
114 JUMPDEST
115 PUSH2 0x007a
118 PUSH2 0x015a
121 JUMP
122 JUMPDEST
123 PUSH1 0x40
125 MLOAD
126 DUP1
127 DUP3
128 DUP2
129 MSTORE
130 PUSH1 0x20
132 ADD
133 SWAP2
134 POP
135 POP
136 PUSH1 0x40
138 MLOAD
139 DUP1
140 SWAP2
141 SUB
142 SWAP1
143 RETURN
144 JUMPDEST
145 CALLVALUE
146 ISZERO
147 PUSH2 0x009b
150 JUMPI
151 PUSH1 0x00
153 DUP1
154 REVERT
155 JUMPDEST
156 PUSH2 0x00b1
159 PUSH1 0x04
161 DUP1
162 DUP1
163 CALLDATALOAD
164 SWAP1
165 PUSH1 0x20
167 ADD
168 SWAP1
169 SWAP2
170 SWAP1
171 POP
172 POP
173 PUSH2 0x0160
176 JUMP
177 JUMPDEST
178 STOP
179 JUMPDEST
180 CALLVALUE
181 ISZERO
182 PUSH2 0x00be
185 JUMPI
186 PUSH1 0x00
188 DUP1
189 REVERT
190 JUMPDEST
191 PUSH2 0x00ea
194 PUSH1 0x04
196 DUP1
197 DUP1
198 CALLDATALOAD
199 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
220 AND
221 SWAP1
222 PUSH1 0x20
224 ADD
225 SWAP1
226 SWAP2
227 SWAP1
228 POP
229 POP
230 PUSH2 0x01ab
233 JUMP
234 JUMPDEST
235 PUSH1 0x40
237 MLOAD
238 DUP1
239 DUP3
240 DUP2
241 MSTORE
242 PUSH1 0x20
244 ADD
245 SWAP2
246 POP
247 POP
248 PUSH1 0x40
250 MLOAD
251 DUP1
252 SWAP2
253 SUB
254 SWAP1
255 RETURN
256 JUMPDEST
257 CALLVALUE
258 ISZERO
259 PUSH2 0x010b
262 JUMPI
263 PUSH1 0x00
265 DUP1
266 REVERT
267 JUMPDEST
268 PUSH2 0x0140
271 PUSH1 0x04
273 DUP1
274 DUP1
275 CALLDATALOAD
276 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
297 AND
298 SWAP1
299 PUSH1 0x20
301 ADD
302 SWAP1
303 SWAP2
304 SWAP1
305 DUP1
306 CALLDATALOAD
307 SWAP1
308 PUSH1 0x20
310 ADD
311 SWAP1
312 SWAP2
313 SWAP1
314 POP
315 POP
316 PUSH2 0x01f3
319 JUMP
320 JUMPDEST
321 PUSH1 0x40
323 MLOAD
324 DUP1
325 DUP3
326 ISZERO
327 ISZERO
328 ISZERO
329 ISZERO
330 DUP2
331 MSTORE
332 PUSH1 0x20
334 ADD
335 SWAP2
336 POP
337 POP
338 PUSH1 0x40
340 MLOAD
341 DUP1
342 SWAP2
343 SUB
344 SWAP1
345 RETURN
346 JUMPDEST
347 PUSH1 0x01
349 SLOAD
350 DUP2
351 JUMP
352 JUMPDEST
353 DUP1
354 PUSH1 0x01
356 DUP2
357 SWAP1
358 SSTORE
359 PUSH1 0x00
361 DUP1
362 CALLER
363 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
384 AND
385 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
406 AND
407 DUP2
408 MSTORE
409 PUSH1 0x20
411 ADD
412 SWAP1
413 DUP2
414 MSTORE
415 PUSH1 0x20
417 ADD
418 PUSH1 0x00
420 SHA3
421 DUP2
422 SWAP1
423 SSTORE
424 POP
425 POP
426 JUMP
427 JUMPDEST
428 PUSH1 0x00
430 DUP1
431 PUSH1 0x00
433 DUP4
434 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
455 AND
456 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
477 AND
478 DUP2
479 MSTORE
480 PUSH1 0x20
482 ADD
483 SWAP1
484 DUP2
485 MSTORE
486 PUSH1 0x20
488 ADD
489 PUSH1 0x00
491 SHA3
492 SLOAD
493 SWAP1
494 POP
495 SWAP2
496 SWAP1
497 POP
498 JUMP
499 JUMPDEST
500 PUSH1 0x00
502 DUP1
503 DUP3
504 PUSH1 0x00
506 DUP1
507 CALLER
508 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
529 AND
530 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
551 AND
552 DUP2
553 MSTORE
554 PUSH1 0x20
556 ADD
557 SWAP1
558 DUP2
559 MSTORE
560 PUSH1 0x20
562 ADD
563 PUSH1 0x00
565 SHA3
566 SLOAD
567 SUB
568 LT
569 ISZERO
570 ISZERO
571 ISZERO
572 PUSH2 0x0244
575 JUMPI
576 PUSH1 0x00
578 DUP1
579 REVERT
580 JUMPDEST
581 DUP2
582 PUSH1 0x00
584 DUP1
585 CALLER
586 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
607 AND
608 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
629 AND
630 DUP2
631 MSTORE
632 PUSH1 0x20
634 ADD
635 SWAP1
636 DUP2
637 MSTORE
638 PUSH1 0x20
640 ADD
641 PUSH1 0x00
643 SHA3
644 PUSH1 0x00
646 DUP3
647 DUP3
648 SLOAD
649 SUB
650 SWAP3
651 POP
652 POP
653 DUP2
654 SWAP1
655 SSTORE
656 POP
657 DUP2
658 PUSH1 0x00
660 DUP1
661 DUP6
662 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
683 AND
684 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
705 AND
706 DUP2
707 MSTORE
708 PUSH1 0x20
710 ADD
711 SWAP1
712 DUP2
713 MSTORE
714 PUSH1 0x20
716 ADD
717 PUSH1 0x00
719 SHA3
720 PUSH1 0x00
722 DUP3
723 DUP3
724 SLOAD
725 ADD
726 SWAP3
727 POP
728 POP
729 DUP2
730 SWAP1
731 SSTORE
732 POP
733 PUSH1 0x02
735 PUSH1 0x00
737 DUP1
738 DUP6
739 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
760 AND
761 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
782 AND
783 DUP2
784 MSTORE
785 PUSH1 0x20
787 ADD
788 SWAP1
789 DUP2
790 MSTORE
791 PUSH1 0x20
793 ADD
794 PUSH1 0x00
796 SHA3
797 DUP2
798 SWAP1
799 SSTORE
800 POP
801 PUSH1 0x01
803 SWAP1
804 POP
805 SWAP3
806 SWAP2
807 POP
808 POP
809 JUMP
810 STOP

File diff suppressed because one or more lines are too long

@ -0,0 +1 @@
{"error": null, "issues": [{"address": 567, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The substraction can result in an integer underflow.\n", "function": "sendeth(address,uint256)", "swc_id": "101", "title": "Integer Underflow", "type": "Warning"}, {"address": 649, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The substraction can result in an integer underflow.\n", "function": "sendeth(address,uint256)", "swc_id": "101", "title": "Integer Underflow", "type": "Warning"}, {"address": 725, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The arithmetic operation can result in integer overflow.\n", "function": "sendeth(address,uint256)", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}], "success": true}

@ -0,0 +1,34 @@
# Analysis results for test-filename.sol
## Integer Underflow
- SWC ID: 101
- Type: Warning
- Contract: Unknown
- Function name: `sendeth(address,uint256)`
- PC address: 567
### Description
The substraction can result in an integer underflow.
## Integer Underflow
- SWC ID: 101
- Type: Warning
- Contract: Unknown
- Function name: `sendeth(address,uint256)`
- PC address: 649
### Description
The substraction can result in an integer underflow.
## Integer Overflow
- SWC ID: 101
- Type: Warning
- Contract: Unknown
- Function name: `sendeth(address,uint256)`
- PC address: 725
### Description
The arithmetic operation can result in integer overflow.

@ -0,0 +1,30 @@
==== Integer Underflow ====
SWC ID: 101
Type: Warning
Contract: Unknown
Function name: sendeth(address,uint256)
PC address: 567
The substraction can result in an integer underflow.
--------------------
==== Integer Underflow ====
SWC ID: 101
Type: Warning
Contract: Unknown
Function name: sendeth(address,uint256)
PC address: 649
The substraction can result in an integer underflow.
--------------------
==== Integer Overflow ====
SWC ID: 101
Type: Warning
Contract: Unknown
Function name: sendeth(address,uint256)
PC address: 725
The arithmetic operation can result in integer overflow.
--------------------

@ -0,0 +1,129 @@
0 PUSH1 0x60
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH2 0x004c
12 JUMPI
13 PUSH1 0x00
15 CALLDATALOAD
16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
46 SWAP1
47 DIV
48 PUSH4 0xffffffff
53 AND
54 DUP1
55 PUSH4 0x633ab5e0
60 EQ
61 PUSH2 0x0051
64 JUMPI
65 DUP1
66 PUSH4 0xe3bea282
71 EQ
72 PUSH2 0x0066
75 JUMPI
76 JUMPDEST
77 PUSH1 0x00
79 DUP1
80 REVERT
81 JUMPDEST
82 CALLVALUE
83 ISZERO
84 PUSH2 0x005c
87 JUMPI
88 PUSH1 0x00
90 DUP1
91 REVERT
92 JUMPDEST
93 PUSH2 0x0064
96 PUSH2 0x007b
99 JUMP
100 JUMPDEST
101 STOP
102 JUMPDEST
103 CALLVALUE
104 ISZERO
105 PUSH2 0x0071
108 JUMPI
109 PUSH1 0x00
111 DUP1
112 REVERT
113 JUMPDEST
114 PUSH2 0x0079
117 PUSH2 0x00d4
120 JUMP
121 JUMPDEST
122 STOP
123 JUMPDEST
124 PUSH1 0x00
126 DUP1
127 SWAP1
128 SLOAD
129 SWAP1
130 PUSH2 0x0100
133 EXP
134 SWAP1
135 DIV
136 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
157 AND
158 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
179 AND
180 PUSH1 0x40
182 MLOAD
183 PUSH1 0x00
185 PUSH1 0x40
187 MLOAD
188 DUP1
189 DUP4
190 SUB
191 DUP2
192 PUSH1 0x00
194 DUP7
195 GAS
196 CALL
197 SWAP2
198 POP
199 POP
200 ISZERO
201 ISZERO
202 PUSH2 0x00d2
205 JUMPI
206 PUSH1 0x00
208 DUP1
209 REVERT
210 JUMPDEST
211 JUMP
212 JUMPDEST
213 PUSH1 0x00
215 DUP1
216 SWAP1
217 SLOAD
218 SWAP1
219 PUSH2 0x0100
222 EXP
223 SWAP1
224 DIV
225 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
246 AND
247 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
268 AND
269 PUSH1 0x40
271 MLOAD
272 PUSH1 0x00
274 PUSH1 0x40
276 MLOAD
277 DUP1
278 DUP4
279 SUB
280 DUP2
281 PUSH1 0x00
283 DUP7
284 GAS
285 CALL
286 SWAP2
287 POP
288 POP
289 POP
290 JUMP
291 STOP

File diff suppressed because one or more lines are too long

@ -0,0 +1 @@
{"error": null, "issues": [{"address": 196, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0x633ab5e0", "swc_id": "107", "title": "Message call to external contract", "type": "Informational"}, {"address": 285, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0xe3bea282", "swc_id": "107", "title": "Message call to external contract", "type": "Informational"}, {"address": 290, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe3bea282", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}], "success": true}

@ -0,0 +1,34 @@
# Analysis results for test-filename.sol
## Message call to external contract
- SWC ID: 107
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x633ab5e0`
- PC address: 196
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
## Message call to external contract
- SWC ID: 107
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xe3bea282`
- PC address: 285
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
## Unchecked CALL return value
- SWC ID: 104
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xe3bea282`
- PC address: 290
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.

@ -0,0 +1,27 @@
==== Message call to external contract ====
SWC ID: 107
Type: Informational
Contract: Unknown
Function name: _function_0x633ab5e0
PC address: 196
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
--------------------
==== Message call to external contract ====
SWC ID: 107
Type: Informational
Contract: Unknown
Function name: _function_0xe3bea282
PC address: 285
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
--------------------
==== Unchecked CALL return value ====
SWC ID: 104
Type: Informational
Contract: Unknown
Function name: _function_0xe3bea282
PC address: 290
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
--------------------

@ -0,0 +1,58 @@
0 PUSH1 0x60
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH1 0x3f
11 JUMPI
12 PUSH1 0x00
14 CALLDATALOAD
15 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
45 SWAP1
46 DIV
47 PUSH4 0xffffffff
52 AND
53 DUP1
54 PUSH4 0xcbf0b0c0
59 EQ
60 PUSH1 0x44
62 JUMPI
63 JUMPDEST
64 PUSH1 0x00
66 DUP1
67 REVERT
68 JUMPDEST
69 CALLVALUE
70 ISZERO
71 PUSH1 0x4e
73 JUMPI
74 PUSH1 0x00
76 DUP1
77 REVERT
78 JUMPDEST
79 PUSH1 0x78
81 PUSH1 0x04
83 DUP1
84 DUP1
85 CALLDATALOAD
86 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
107 AND
108 SWAP1
109 PUSH1 0x20
111 ADD
112 SWAP1
113 SWAP2
114 SWAP1
115 POP
116 POP
117 PUSH1 0x7a
119 JUMP
120 JUMPDEST
121 STOP
122 JUMPDEST
123 DUP1
124 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
145 AND
146 SUICIDE
147 STOP

@ -0,0 +1,62 @@
<!DOCTYPE html>
<html>
<head>
<title>Call Graph</title>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.css" integrity="sha256-iq5ygGJ7021Pi7H5S+QAUXCPUfaBzfqeplbg/KlEssg=" crossorigin="anonymous" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/vis/4.21.0/vis.min.js" integrity="sha256-JuQeAGbk9rG/EoRMixuy5X8syzICcvB0dj3KindZkY0=" crossorigin="anonymous"></script>
<style type="text/css">
#mynetwork {
height: 100%;
background-color: #232625;
}
body {
background-color: #232625;
color: #ffffff;
font-size: 10px;
}
html, body {
height: 95%;
}
</style>
<script>
var options = {"autoResize": true, "edges": {"font": {"align": "horizontal", "background": "none", "color": "#FFFFFF", "face": "arial", "multi": false, "strokeColor": "#ffffff", "strokeWidth": 0, "vadjust": 0}}, "height": "100%", "layout": {"hierarchical": {"blockShifting": true, "direction": "LR", "edgeMinimization": true, "enabled": true, "levelSeparation": 450, "nodeSpacing": 200, "parentCentralization": false, "sortMethod": "directed", "treeSpacing": 100}, "improvedLayout": true}, "manipulation": false, "nodes": {"borderWidth": 1, "borderWidthSelected": 2, "chosen": true, "color": "#000000", "font": {"align": "left", "color": "#FFFFFF"}, "shape": "box"}, "physics": {"enabled": false}, "width": "100%"};
var nodes = [{"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n9 PUSH1 0x3f\n11 JUMPI", "id": "57", "isExpanded": false, "label": "0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)", "size": 150, "truncLabel": "0 PUSH1 0x60\n2 PUSH1 0x40\n4 MSTORE\n5 PUSH1 0x04\n7 CALLDATASIZE\n8 LT\n(click to expand +)"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "12 PUSH1 0x00\n14 CALLDATALOAD\n15 PUSH29 0x01000000(...)\n45 SWAP1\n46 DIV\n47 PUSH4 0xffffffff\n52 AND\n53 DUP1\n54 PUSH4 0xcbf0b0c0\n59 EQ\n60 PUSH1 0x44\n62 JUMPI", "id": "58", "isExpanded": false, "label": "12 PUSH1 0x00\n14 CALLDATALOAD\n15 PUSH29 0x01000000(...)\n45 SWAP1\n46 DIV\n47 PUSH4 0xffffffff\n(click to expand +)", "size": 150, "truncLabel": "12 PUSH1 0x00\n14 CALLDATALOAD\n15 PUSH29 0x01000000(...)\n45 SWAP1\n46 DIV\n47 PUSH4 0xffffffff\n(click to expand +)"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT", "id": "59", "isExpanded": false, "label": "63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT", "size": 150, "truncLabel": "63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT", "id": "60", "isExpanded": false, "label": "63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT", "size": 150, "truncLabel": "63 JUMPDEST\n64 PUSH1 0x00\n66 DUP1\n67 REVERT"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "68 JUMPDEST\n69 CALLVALUE\n70 ISZERO\n71 PUSH1 0x4e\n73 JUMPI", "id": "61", "isExpanded": false, "label": "68 JUMPDEST\n69 CALLVALUE\n70 ISZERO\n71 PUSH1 0x4e\n73 JUMPI", "size": 150, "truncLabel": "68 JUMPDEST\n69 CALLVALUE\n70 ISZERO\n71 PUSH1 0x4e\n73 JUMPI"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "74 PUSH1 0x00\n76 DUP1\n77 REVERT", "id": "62", "isExpanded": false, "label": "74 PUSH1 0x00\n76 DUP1\n77 REVERT", "size": 150, "truncLabel": "74 PUSH1 0x00\n76 DUP1\n77 REVERT"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "78 JUMPDEST\n79 PUSH1 0x78\n81 PUSH1 0x04\n83 DUP1\n84 DUP1\n85 CALLDATALOAD\n86 PUSH20 0xffffffff(...)\n107 AND\n108 SWAP1\n109 PUSH1 0x20\n111 ADD\n112 SWAP1\n113 SWAP2\n114 SWAP1\n115 POP\n116 POP\n117 PUSH1 0x7a\n119 JUMP", "id": "63", "isExpanded": false, "label": "78 JUMPDEST\n79 PUSH1 0x78\n81 PUSH1 0x04\n83 DUP1\n84 DUP1\n85 CALLDATALOAD\n(click to expand +)", "size": 150, "truncLabel": "78 JUMPDEST\n79 PUSH1 0x78\n81 PUSH1 0x04\n83 DUP1\n84 DUP1\n85 CALLDATALOAD\n(click to expand +)"}, {"color": {"background": "#2f7e5b", "border": "#26996f", "highlight": {"background": "#28a16f", "border": "#26996f"}}, "fullLabel": "122 JUMPDEST\n123 DUP1\n124 PUSH20 0xffffffff(...)\n145 AND\n146 SUICIDE", "id": "64", "isExpanded": false, "label": "122 JUMPDEST\n123 DUP1\n124 PUSH20 0xffffffff(...)\n145 AND\n146 SUICIDE", "size": 150, "truncLabel": "122 JUMPDEST\n123 DUP1\n124 PUSH20 0xffffffff(...)\n145 AND\n146 SUICIDE"}];
var edges = [{"arrows": "to", "from": "57", "label": "ULE(4, 3_calldatasize_Unknown)", "smooth": {"type": "cubicBezier"}, "to": "58"}, {"arrows": "to", "from": "57", "label": "Not(ULE(4, 3_calldatasize_Unknown))", "smooth": {"type": "cubicBezier"}, "to": "59"}, {"arrows": "to", "from": "58", "label": "Not(Extract(0xff, 0xe0, 3_calldata_Unknown[0]) == 0xcbf0b0c0)", "smooth": {"type": "cubicBezier"}, "to": "60"}, {"arrows": "to", "from": "58", "label": "Extract(0xff, 0xe0, 3_calldata_Unknown[0]) == 0xcbf0b0c0", "smooth": {"type": "cubicBezier"}, "to": "61"}, {"arrows": "to", "from": "61", "label": "Not(call_value3 == 0)", "smooth": {"type": "cubicBezier"}, "to": "62"}, {"arrows": "to", "from": "61", "label": "call_value3 == 0", "smooth": {"type": "cubicBezier"}, "to": "63"}, {"arrows": "to", "from": "63", "label": "", "smooth": {"type": "cubicBezier"}, "to": "64"}];
</script>
</head>
<body>
<p>Mythril / Ethereum LASER Symbolic VM</p>
<div id="mynetwork"></div>
<script type="text/javascript">
var container = document.getElementById('mynetwork');
var nodesSet = new vis.DataSet(nodes);
var edgesSet = new vis.DataSet(edges);
var data = {'nodes': nodesSet, 'edges': edgesSet}
var gph = new vis.Network(container, data, options);
gph.on("click", function (params) {
// parse node id
var nodeID = params['nodes']['0'];
if (nodeID) {
var clickedNode = nodesSet.get(nodeID);
if(clickedNode.isExpanded) {
clickedNode.label = clickedNode.truncLabel;
}
else {
clickedNode.label = clickedNode.fullLabel;
}
clickedNode.isExpanded = !clickedNode.isExpanded;
nodesSet.update(clickedNode);
}
});
</script>
</body>
</html>

@ -0,0 +1 @@
{"error": null, "issues": [{"address": 146, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable SUICIDE instruction was detected. The remaining Ether is sent to an address provided as a function argument.\n", "function": "_function_0xcbf0b0c0", "swc_id": "106", "title": "Unchecked SUICIDE", "type": "Warning"}], "success": true}

@ -0,0 +1,12 @@
# Analysis results for test-filename.sol
## Unchecked SUICIDE
- SWC ID: 106
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xcbf0b0c0`
- PC address: 146
### Description
A reachable SUICIDE instruction was detected. The remaining Ether is sent to an address provided as a function argument.

@ -0,0 +1,10 @@
==== Unchecked SUICIDE ====
SWC ID: 106
Type: Warning
Contract: Unknown
Function name: _function_0xcbf0b0c0
PC address: 146
A reachable SUICIDE instruction was detected. The remaining Ether is sent to an address provided as a function argument.
--------------------

@ -0,0 +1,365 @@
0 PUSH1 0x60
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0x04
7 CALLDATASIZE
8 LT
9 PUSH2 0x0062
12 JUMPI
13 PUSH1 0x00
15 CALLDATALOAD
16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000
46 SWAP1
47 DIV
48 PUSH4 0xffffffff
53 AND
54 DUP1
55 PUSH4 0x18160ddd
60 EQ
61 PUSH2 0x0067
64 JUMPI
65 DUP1
66 PUSH4 0x6241bfd1
71 EQ
72 PUSH2 0x0090
75 JUMPI
76 DUP1
77 PUSH4 0x70a08231
82 EQ
83 PUSH2 0x00b3
86 JUMPI
87 DUP1
88 PUSH4 0xa3210e87
93 EQ
94 PUSH2 0x0100
97 JUMPI
98 JUMPDEST
99 PUSH1 0x00
101 DUP1
102 REVERT
103 JUMPDEST
104 CALLVALUE
105 ISZERO
106 PUSH2 0x0072
109 JUMPI
110 PUSH1 0x00
112 DUP1
113 REVERT
114 JUMPDEST
115 PUSH2 0x007a
118 PUSH2 0x015a
121 JUMP
122 JUMPDEST
123 PUSH1 0x40
125 MLOAD
126 DUP1
127 DUP3
128 DUP2
129 MSTORE
130 PUSH1 0x20
132 ADD
133 SWAP2
134 POP
135 POP
136 PUSH1 0x40
138 MLOAD
139 DUP1
140 SWAP2
141 SUB
142 SWAP1
143 RETURN
144 JUMPDEST
145 CALLVALUE
146 ISZERO
147 PUSH2 0x009b
150 JUMPI
151 PUSH1 0x00
153 DUP1
154 REVERT
155 JUMPDEST
156 PUSH2 0x00b1
159 PUSH1 0x04
161 DUP1
162 DUP1
163 CALLDATALOAD
164 SWAP1
165 PUSH1 0x20
167 ADD
168 SWAP1
169 SWAP2
170 SWAP1
171 POP
172 POP
173 PUSH2 0x0160
176 JUMP
177 JUMPDEST
178 STOP
179 JUMPDEST
180 CALLVALUE
181 ISZERO
182 PUSH2 0x00be
185 JUMPI
186 PUSH1 0x00
188 DUP1
189 REVERT
190 JUMPDEST
191 PUSH2 0x00ea
194 PUSH1 0x04
196 DUP1
197 DUP1
198 CALLDATALOAD
199 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
220 AND
221 SWAP1
222 PUSH1 0x20
224 ADD
225 SWAP1
226 SWAP2
227 SWAP1
228 POP
229 POP
230 PUSH2 0x01ab
233 JUMP
234 JUMPDEST
235 PUSH1 0x40
237 MLOAD
238 DUP1
239 DUP3
240 DUP2
241 MSTORE
242 PUSH1 0x20
244 ADD
245 SWAP2
246 POP
247 POP
248 PUSH1 0x40
250 MLOAD
251 DUP1
252 SWAP2
253 SUB
254 SWAP1
255 RETURN
256 JUMPDEST
257 CALLVALUE
258 ISZERO
259 PUSH2 0x010b
262 JUMPI
263 PUSH1 0x00
265 DUP1
266 REVERT
267 JUMPDEST
268 PUSH2 0x0140
271 PUSH1 0x04
273 DUP1
274 DUP1
275 CALLDATALOAD
276 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
297 AND
298 SWAP1
299 PUSH1 0x20
301 ADD
302 SWAP1
303 SWAP2
304 SWAP1
305 DUP1
306 CALLDATALOAD
307 SWAP1
308 PUSH1 0x20
310 ADD
311 SWAP1
312 SWAP2
313 SWAP1
314 POP
315 POP
316 PUSH2 0x01f3
319 JUMP
320 JUMPDEST
321 PUSH1 0x40
323 MLOAD
324 DUP1
325 DUP3
326 ISZERO
327 ISZERO
328 ISZERO
329 ISZERO
330 DUP2
331 MSTORE
332 PUSH1 0x20
334 ADD
335 SWAP2
336 POP
337 POP
338 PUSH1 0x40
340 MLOAD
341 DUP1
342 SWAP2
343 SUB
344 SWAP1
345 RETURN
346 JUMPDEST
347 PUSH1 0x01
349 SLOAD
350 DUP2
351 JUMP
352 JUMPDEST
353 DUP1
354 PUSH1 0x01
356 DUP2
357 SWAP1
358 SSTORE
359 PUSH1 0x00
361 DUP1
362 CALLER
363 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
384 AND
385 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
406 AND
407 DUP2
408 MSTORE
409 PUSH1 0x20
411 ADD
412 SWAP1
413 DUP2
414 MSTORE
415 PUSH1 0x20
417 ADD
418 PUSH1 0x00
420 SHA3
421 DUP2
422 SWAP1
423 SSTORE
424 POP
425 POP
426 JUMP
427 JUMPDEST
428 PUSH1 0x00
430 DUP1
431 PUSH1 0x00
433 DUP4
434 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
455 AND
456 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
477 AND
478 DUP2
479 MSTORE
480 PUSH1 0x20
482 ADD
483 SWAP1
484 DUP2
485 MSTORE
486 PUSH1 0x20
488 ADD
489 PUSH1 0x00
491 SHA3
492 SLOAD
493 SWAP1
494 POP
495 SWAP2
496 SWAP1
497 POP
498 JUMP
499 JUMPDEST
500 PUSH1 0x00
502 DUP1
503 DUP3
504 PUSH1 0x00
506 DUP1
507 CALLER
508 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
529 AND
530 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
551 AND
552 DUP2
553 MSTORE
554 PUSH1 0x20
556 ADD
557 SWAP1
558 DUP2
559 MSTORE
560 PUSH1 0x20
562 ADD
563 PUSH1 0x00
565 SHA3
566 SLOAD
567 SUB
568 LT
569 ISZERO
570 ISZERO
571 ISZERO
572 PUSH2 0x0244
575 JUMPI
576 PUSH1 0x00
578 DUP1
579 REVERT
580 JUMPDEST
581 DUP2
582 PUSH1 0x00
584 DUP1
585 CALLER
586 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
607 AND
608 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
629 AND
630 DUP2
631 MSTORE
632 PUSH1 0x20
634 ADD
635 SWAP1
636 DUP2
637 MSTORE
638 PUSH1 0x20
640 ADD
641 PUSH1 0x00
643 SHA3
644 PUSH1 0x00
646 DUP3
647 DUP3
648 SLOAD
649 SUB
650 SWAP3
651 POP
652 POP
653 DUP2
654 SWAP1
655 SSTORE
656 POP
657 DUP2
658 PUSH1 0x00
660 DUP1
661 DUP6
662 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
683 AND
684 PUSH20 0xffffffffffffffffffffffffffffffffffffffff
705 AND
706 DUP2
707 MSTORE
708 PUSH1 0x20
710 ADD
711 SWAP1
712 DUP2
713 MSTORE
714 PUSH1 0x20
716 ADD
717 PUSH1 0x00
719 SHA3
720 PUSH1 0x00
722 DUP3
723 DUP3
724 SLOAD
725 ADD
726 SWAP3
727 POP
728 POP
729 DUP2
730 SWAP1
731 SSTORE
732 POP
733 PUSH1 0x01
735 SWAP1
736 POP
737 SWAP3
738 SWAP2
739 POP
740 POP
741 JUMP
742 STOP

File diff suppressed because one or more lines are too long

@ -0,0 +1 @@
{"error": null, "issues": [{"address": 567, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The substraction can result in an integer underflow.\n", "function": "sendeth(address,uint256)", "swc_id": "101", "title": "Integer Underflow", "type": "Warning"}, {"address": 649, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The substraction can result in an integer underflow.\n", "function": "sendeth(address,uint256)", "swc_id": "101", "title": "Integer Underflow", "type": "Warning"}, {"address": 725, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The arithmetic operation can result in integer overflow.\n", "function": "sendeth(address,uint256)", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}], "success": true}

@ -0,0 +1,34 @@
# Analysis results for test-filename.sol
## Integer Underflow
- SWC ID: 101
- Type: Warning
- Contract: Unknown
- Function name: `sendeth(address,uint256)`
- PC address: 567
### Description
The substraction can result in an integer underflow.
## Integer Underflow
- SWC ID: 101
- Type: Warning
- Contract: Unknown
- Function name: `sendeth(address,uint256)`
- PC address: 649
### Description
The substraction can result in an integer underflow.
## Integer Overflow
- SWC ID: 101
- Type: Warning
- Contract: Unknown
- Function name: `sendeth(address,uint256)`
- PC address: 725
### Description
The arithmetic operation can result in integer overflow.

@ -0,0 +1,30 @@
==== Integer Underflow ====
SWC ID: 101
Type: Warning
Contract: Unknown
Function name: sendeth(address,uint256)
PC address: 567
The substraction can result in an integer underflow.
--------------------
==== Integer Underflow ====
SWC ID: 101
Type: Warning
Contract: Unknown
Function name: sendeth(address,uint256)
PC address: 649
The substraction can result in an integer underflow.
--------------------
==== Integer Overflow ====
SWC ID: 101
Type: Warning
Contract: Unknown
Function name: sendeth(address,uint256)
PC address: 725
The arithmetic operation can result in integer overflow.
--------------------

File diff suppressed because one or more lines are too long

@ -1 +1 @@
{"error": null, "issues": [{"address": 567, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.", "function": "sendeth(address,uint256)", "swc_id": "101", "title": "Integer Underflow", "type": "Warning"}, {"address": 649, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer underflow exists in the function `sendeth(address,uint256)`.\nThe subtraction may result in a value < 0.", "function": "sendeth(address,uint256)", "swc_id": "101", "title": "Integer Underflow", "type": "Warning"}, {"address": 725, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A possible integer overflow exists in the function `sendeth(address,uint256)`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.", "function": "sendeth(address,uint256)", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}], "success": true}
{"error": null, "issues": [{"address": 567, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The substraction can result in an integer underflow.\n", "function": "sendeth(address,uint256)", "swc_id": "101", "title": "Integer Underflow", "type": "Warning"}, {"address": 649, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The substraction can result in an integer underflow.\n", "function": "sendeth(address,uint256)", "swc_id": "101", "title": "Integer Underflow", "type": "Warning"}, {"address": 725, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The arithmetic operation can result in integer overflow.\n", "function": "sendeth(address,uint256)", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}], "success": true}

@ -9,8 +9,7 @@
### Description
A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
The substraction can result in an integer underflow.
## Integer Underflow
- SWC ID: 101
@ -21,8 +20,7 @@ The subtraction may result in a value < 0.
### Description
A possible integer underflow exists in the function `sendeth(address,uint256)`.
The subtraction may result in a value < 0.
The substraction can result in an integer underflow.
## Integer Overflow
- SWC ID: 101
@ -33,5 +31,4 @@ The subtraction may result in a value < 0.
### Description
A possible integer overflow exists in the function `sendeth(address,uint256)`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The arithmetic operation can result in integer overflow.

Some files were not shown because too many files have changed in this diff Show More

Loading…
Cancel
Save