From 2d676fb7cd9ee4aa20b86697214d17a0c845960e Mon Sep 17 00:00:00 2001 From: Joran Honig Date: Tue, 24 Jul 2018 14:20:03 +0200 Subject: [PATCH] add environment overflow tests --- .../testdata/input_contracts/environments.sol | 19 ++ tests/testdata/inputs/environments.sol.o | 1 + .../outputs_expected/environments.sol.o.easm | 259 ++++++++++++++++++ .../environments.sol.o.graph.html | 56 ++++ .../outputs_expected/environments.sol.o.json | 1 + .../environments.sol.o.markdown | 37 +++ .../outputs_expected/environments.sol.o.text | 27 ++ 7 files changed, 400 insertions(+) create mode 100644 tests/testdata/input_contracts/environments.sol create mode 100644 tests/testdata/inputs/environments.sol.o create mode 100644 tests/testdata/outputs_expected/environments.sol.o.easm create mode 100644 tests/testdata/outputs_expected/environments.sol.o.graph.html create mode 100644 tests/testdata/outputs_expected/environments.sol.o.json create mode 100644 tests/testdata/outputs_expected/environments.sol.o.markdown create mode 100644 tests/testdata/outputs_expected/environments.sol.o.text diff --git a/tests/testdata/input_contracts/environments.sol b/tests/testdata/input_contracts/environments.sol new file mode 100644 index 00000000..d79b63f3 --- /dev/null +++ b/tests/testdata/input_contracts/environments.sol @@ -0,0 +1,19 @@ +pragma solidity ^0.4.16; + + +contract IntegerOverflow2 { + uint256 public count = 7; + mapping(address => uint256) balances; + + function batchTransfer(address[] _receivers, uint256 _value) public returns(bool){ + uint cnt = _receivers.length; + uint256 amount = uint256(cnt) * _value; + + require(cnt > 0 && cnt <= 20); + + balances[msg.sender] -=amount; + + return true; + } + +} diff --git a/tests/testdata/inputs/environments.sol.o b/tests/testdata/inputs/environments.sol.o new file mode 100644 index 00000000..4c8f1d49 --- /dev/null +++ b/tests/testdata/inputs/environments.sol.o @@ -0,0 +1 @@ +60806040526004361061004c576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff16806306661abd1461005157806383f12fec1461007c575b600080fd5b34801561005d57600080fd5b50610066610104565b6040518082815260200191505060405180910390f35b34801561008857600080fd5b506100ea600480360381019080803590602001908201803590602001908080602002602001604051908101604052809392919081815260200183836020028082843782019150505050505091929192908035906020019092919050505061010a565b604051808215151515815260200191505060405180910390f35b60005481565b6000806000845191508382029050600082118015610129575060148211155b151561013457600080fd5b80600160003373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060008282540392505081905550600192505050929150505600a165627a7a7230582016b81221eb990028632ba9b34d3c01599d24acdb5b81dd6789845696f5db257c0029 \ No newline at end of file diff --git a/tests/testdata/outputs_expected/environments.sol.o.easm b/tests/testdata/outputs_expected/environments.sol.o.easm new file mode 100644 index 00000000..7a5b2043 --- /dev/null +++ b/tests/testdata/outputs_expected/environments.sol.o.easm @@ -0,0 +1,259 @@ +0 PUSH1 0x80 +2 PUSH1 0x40 +4 MSTORE +5 PUSH1 0x04 +7 CALLDATASIZE +8 LT +9 PUSH2 0x004c +12 JUMPI +13 PUSH1 0x00 +15 CALLDATALOAD +16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000 +46 SWAP1 +47 DIV +48 PUSH4 0xffffffff +53 AND +54 DUP1 +55 PUSH4 0x06661abd +60 EQ +61 PUSH2 0x0051 +64 JUMPI +65 DUP1 +66 PUSH4 0x83f12fec +71 EQ +72 PUSH2 0x007c +75 JUMPI +76 JUMPDEST +77 PUSH1 0x00 +79 DUP1 +80 REVERT +81 JUMPDEST +82 CALLVALUE +83 DUP1 +84 ISZERO +85 PUSH2 0x005d +88 JUMPI +89 PUSH1 0x00 +91 DUP1 +92 REVERT +93 JUMPDEST +94 POP +95 PUSH2 0x0066 +98 PUSH2 0x0104 +101 JUMP +102 JUMPDEST +103 PUSH1 0x40 +105 MLOAD +106 DUP1 +107 DUP3 +108 DUP2 +109 MSTORE +110 PUSH1 0x20 +112 ADD +113 SWAP2 +114 POP +115 POP +116 PUSH1 0x40 +118 MLOAD +119 DUP1 +120 SWAP2 +121 SUB +122 SWAP1 +123 RETURN +124 JUMPDEST +125 CALLVALUE +126 DUP1 +127 ISZERO +128 PUSH2 0x0088 +131 JUMPI +132 PUSH1 0x00 +134 DUP1 +135 REVERT +136 JUMPDEST +137 POP +138 PUSH2 0x00ea +141 PUSH1 0x04 +143 DUP1 +144 CALLDATASIZE +145 SUB +146 DUP2 +147 ADD +148 SWAP1 +149 DUP1 +150 DUP1 +151 CALLDATALOAD +152 SWAP1 +153 PUSH1 0x20 +155 ADD +156 SWAP1 +157 DUP3 +158 ADD +159 DUP1 +160 CALLDATALOAD +161 SWAP1 +162 PUSH1 0x20 +164 ADD +165 SWAP1 +166 DUP1 +167 DUP1 +168 PUSH1 0x20 +170 MUL +171 PUSH1 0x20 +173 ADD +174 PUSH1 0x40 +176 MLOAD +177 SWAP1 +178 DUP2 +179 ADD +180 PUSH1 0x40 +182 MSTORE +183 DUP1 +184 SWAP4 +185 SWAP3 +186 SWAP2 +187 SWAP1 +188 DUP2 +189 DUP2 +190 MSTORE +191 PUSH1 0x20 +193 ADD +194 DUP4 +195 DUP4 +196 PUSH1 0x20 +198 MUL +199 DUP1 +200 DUP3 +201 DUP5 +202 CALLDATACOPY +203 DUP3 +204 ADD +205 SWAP2 +206 POP +207 POP +208 POP +209 POP +210 POP +211 POP +212 SWAP2 +213 SWAP3 +214 SWAP2 +215 SWAP3 +216 SWAP1 +217 DUP1 +218 CALLDATALOAD +219 SWAP1 +220 PUSH1 0x20 +222 ADD +223 SWAP1 +224 SWAP3 +225 SWAP2 +226 SWAP1 +227 POP +228 POP +229 POP +230 PUSH2 0x010a +233 JUMP +234 JUMPDEST +235 PUSH1 0x40 +237 MLOAD +238 DUP1 +239 DUP3 +240 ISZERO +241 ISZERO +242 ISZERO +243 ISZERO +244 DUP2 +245 MSTORE +246 PUSH1 0x20 +248 ADD +249 SWAP2 +250 POP +251 POP +252 PUSH1 0x40 +254 MLOAD +255 DUP1 +256 SWAP2 +257 SUB +258 SWAP1 +259 RETURN +260 JUMPDEST +261 PUSH1 0x00 +263 SLOAD +264 DUP2 +265 JUMP +266 JUMPDEST +267 PUSH1 0x00 +269 DUP1 +270 PUSH1 0x00 +272 DUP5 +273 MLOAD +274 SWAP2 +275 POP +276 DUP4 +277 DUP3 +278 MUL +279 SWAP1 +280 POP +281 PUSH1 0x00 +283 DUP3 +284 GT +285 DUP1 +286 ISZERO +287 PUSH2 0x0129 +290 JUMPI +291 POP +292 PUSH1 0x14 +294 DUP3 +295 GT +296 ISZERO +297 JUMPDEST +298 ISZERO +299 ISZERO +300 PUSH2 0x0134 +303 JUMPI +304 PUSH1 0x00 +306 DUP1 +307 REVERT +308 JUMPDEST +309 DUP1 +310 PUSH1 0x01 +312 PUSH1 0x00 +314 CALLER +315 PUSH20 0xffffffffffffffffffffffffffffffffffffffff +336 AND +337 PUSH20 0xffffffffffffffffffffffffffffffffffffffff +358 AND +359 DUP2 +360 MSTORE +361 PUSH1 0x20 +363 ADD +364 SWAP1 +365 DUP2 +366 MSTORE +367 PUSH1 0x20 +369 ADD +370 PUSH1 0x00 +372 SHA3 +373 PUSH1 0x00 +375 DUP3 +376 DUP3 +377 SLOAD +378 SUB +379 SWAP3 +380 POP +381 POP +382 DUP2 +383 SWAP1 +384 SSTORE +385 POP +386 PUSH1 0x01 +388 SWAP3 +389 POP +390 POP +391 POP +392 SWAP3 +393 SWAP2 +394 POP +395 POP +396 JUMP +397 STOP diff --git a/tests/testdata/outputs_expected/environments.sol.o.graph.html b/tests/testdata/outputs_expected/environments.sol.o.graph.html new file mode 100644 index 00000000..7db4e682 --- /dev/null +++ b/tests/testdata/outputs_expected/environments.sol.o.graph.html @@ -0,0 +1,56 @@ + + + + + + + + + + + + +

Mythril / Ethereum LASER Symbolic VM

+


+ + + \ No newline at end of file diff --git a/tests/testdata/outputs_expected/environments.sol.o.json b/tests/testdata/outputs_expected/environments.sol.o.json new file mode 100644 index 00000000..0fc351aa --- /dev/null +++ b/tests/testdata/outputs_expected/environments.sol.o.json @@ -0,0 +1 @@ +{"error": null, "issues": [{"address": 158, "contract": "Unknown", "debug": "", "description": "A possible integer overflow exists in the function `**ambiguous** b`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.", "function": "**ambiguous** b", "title": "Integer Overflow", "type": "Warning"}, {"address": 278, "contract": "Unknown", "debug": "", "description": "A possible integer overflow exists in the function `**ambiguous** b`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.", "function": "**ambiguous** b", "title": "Integer Overflow", "type": "Warning"}, {"address": 378, "contract": "Unknown", "debug": "", "description": "A possible integer underflow exists in the function `**ambiguous** b`.\nThe subtraction may result in a value < 0.", "function": "**ambiguous** b", "title": "Integer Underflow", "type": "Warning"}], "success": true} \ No newline at end of file diff --git a/tests/testdata/outputs_expected/environments.sol.o.markdown b/tests/testdata/outputs_expected/environments.sol.o.markdown new file mode 100644 index 00000000..3fc6bcf8 --- /dev/null +++ b/tests/testdata/outputs_expected/environments.sol.o.markdown @@ -0,0 +1,37 @@ +# Analysis results for test-filename.sol + +## Integer Overflow + +- Type: Warning +- Contract: Unknown +- Function name: `**ambiguous** b` +- PC address: 158 + +### Description + +A possible integer overflow exists in the function `**ambiguous** b`. +The addition or multiplication may result in a value higher than the maximum representable integer. + +## Integer Overflow + +- Type: Warning +- Contract: Unknown +- Function name: `**ambiguous** b` +- PC address: 278 + +### Description + +A possible integer overflow exists in the function `**ambiguous** b`. +The addition or multiplication may result in a value higher than the maximum representable integer. + +## Integer Underflow + +- Type: Warning +- Contract: Unknown +- Function name: `**ambiguous** b` +- PC address: 378 + +### Description + +A possible integer underflow exists in the function `**ambiguous** b`. +The subtraction may result in a value < 0. diff --git a/tests/testdata/outputs_expected/environments.sol.o.text b/tests/testdata/outputs_expected/environments.sol.o.text new file mode 100644 index 00000000..abb4f643 --- /dev/null +++ b/tests/testdata/outputs_expected/environments.sol.o.text @@ -0,0 +1,27 @@ +==== Integer Overflow ==== +Type: Warning +Contract: Unknown +Function name: **ambiguous** b +PC address: 158 +A possible integer overflow exists in the function `**ambiguous** b`. +The addition or multiplication may result in a value higher than the maximum representable integer. +-------------------- + +==== Integer Overflow ==== +Type: Warning +Contract: Unknown +Function name: **ambiguous** b +PC address: 278 +A possible integer overflow exists in the function `**ambiguous** b`. +The addition or multiplication may result in a value higher than the maximum representable integer. +-------------------- + +==== Integer Underflow ==== +Type: Warning +Contract: Unknown +Function name: **ambiguous** b +PC address: 378 +A possible integer underflow exists in the function `**ambiguous** b`. +The subtraction may result in a value < 0. +-------------------- +