This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
In *<TESTDATA>/inputs/calls.sol:16*
@ -13,13 +18,19 @@ In *<TESTDATA>/inputs/calls.sol:16*
```
fixed_address.call()
```
## Message call to external contract
- Type: Warning
- Contract: Caller
- Function name: `_function_0xd24b08cc`
- PC address: 779
### Description
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function '_function_0x2776b163'. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
In *<TESTDATA>/inputs/calls.sol:29*
@ -27,13 +38,19 @@ In *<TESTDATA>/inputs/calls.sol:29*
```
stored_address.call()
```
## Message call to external contract
- Type: Informational
- Contract: Caller
- Function name: `_function_0xe11f493e`
- PC address: 858
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
In *<TESTDATA>/inputs/calls.sol:20*
@ -41,13 +58,19 @@ In *<TESTDATA>/inputs/calls.sol:20*
```
fixed_address.call()
```
## State change after external call
- Type: Warning
- Contract: Caller
- Function name: `_function_0xe11f493e`
- PC address: 869
### Description
The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.
In *<TESTDATA>/inputs/calls.sol:21*
@ -55,13 +78,19 @@ In *<TESTDATA>/inputs/calls.sol:21*
```
statevar = 0
```
## Message call to external contract
- Type: Warning
- Contract: Caller
- Function name: `_function_0xe1d10f79`
- PC address: 912
### Description
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
In *<TESTDATA>/inputs/calls.sol:25*
@ -69,13 +98,19 @@ In *<TESTDATA>/inputs/calls.sol:25*
```
addr.call()
```
## Unchecked CALL return value
- Type: Informational
- Contract: Caller
- Function name: `_function_0x5a6814ec`
- PC address: 661
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/calls.sol:16*
@ -83,13 +118,19 @@ In *<TESTDATA>/inputs/calls.sol:16*
```
fixed_address.call()
```
## Unchecked CALL return value
- Type: Informational
- Contract: Caller
- Function name: `_function_0xd24b08cc`
- PC address: 779
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/calls.sol:29*
@ -97,13 +138,19 @@ In *<TESTDATA>/inputs/calls.sol:29*
```
stored_address.call()
```
## Unchecked CALL return value
- Type: Informational
- Contract: Caller
- Function name: `_function_0xe11f493e`
- PC address: 858
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/calls.sol:20*
@ -111,13 +158,19 @@ In *<TESTDATA>/inputs/calls.sol:20*
```
fixed_address.call()
```
## Unchecked CALL return value
- Type: Informational
- Contract: Caller
- Function name: `_function_0xe1d10f79`
- PC address: 912
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TESTDATA>/inputs/exceptions.sol:16*
@ -13,13 +18,19 @@ In *<TESTDATA>/inputs/exceptions.sol:16*
```
assert(input != 23)
```
## Exception state
- Type: Informational
- Contract: Exceptions
- Function name: `_function_0x92dd38ea`
- PC address: 484
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TESTDATA>/inputs/exceptions.sol:34*
@ -27,13 +38,19 @@ In *<TESTDATA>/inputs/exceptions.sol:34*
```
myarray[index]
```
## Exception state
- Type: Informational
- Contract: Exceptions
- Function name: `_function_0xa08299f1`
- PC address: 506
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TESTDATA>/inputs/exceptions.sol:24*
@ -41,13 +58,19 @@ In *<TESTDATA>/inputs/exceptions.sol:24*
```
1/input
```
## Exception state
- Type: Informational
- Contract: Exceptions
- Function name: `_function_0xb34c3610`
- PC address: 531
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
In *<TESTDATA>/inputs/kinds_of_calls.sol:6*
@ -13,13 +18,19 @@ In *<TESTDATA>/inputs/kinds_of_calls.sol:6*
```
_e.call(bytes4(sha3("setN(uint256)")), _n)
```
## Unchecked CALL return value
- Type: Informational
- Contract: D
- Function name: `_function_0xeea4c864`
- PC address: 1038
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In the function `'_function_0x4229616d'` a non-zero amount of Ether is sent to an address taken from storage slot 5.
There is a check on storage index 5. This storage slot can be written to by calling the function '_function_0x67f809e9'.
@ -17,13 +22,19 @@ In *<TESTDATA>/inputs/rubixi.sol:93*
```
creator.send(feesToCollect)
```
## Ether send
- Type: Warning
- Contract: Rubixi
- Function name: `_function_0x686f2c90`
- PC address: 1940
### Description
In the function `'_function_0x686f2c90'` a non-zero amount of Ether is sent to an address taken from storage slot 5.
There is a check on storage index 5. This storage slot can be written to by calling the function '_function_0x67f809e9'.
@ -35,13 +46,19 @@ In *<TESTDATA>/inputs/rubixi.sol:75*
```
creator.send(collectedFees)
```
## Exception state
- Type: Informational
- Contract: Rubixi
- Function name: `_function_0x57d4021b`
- PC address: 1653
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TESTDATA>/inputs/rubixi.sol:131*
@ -49,13 +66,19 @@ In *<TESTDATA>/inputs/rubixi.sol:131*
```
participants[payoutOrder]
```
## Exception state
- Type: Informational
- Contract: Rubixi
- Function name: `_function_0x9dbc4f9b`
- PC address: 2085
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TESTDATA>/inputs/rubixi.sol:148*
@ -63,13 +86,19 @@ In *<TESTDATA>/inputs/rubixi.sol:148*
```
participants[orderInPyramid]
```
## Integer Overflow
- Type: Warning
- Contract: Rubixi
- Function name: `_function_0xfae14192`
- PC address: 1223
### Description
A possible integer overflow exists in the function `_function_0xfae14192`.
The addition may result in a value higher than the maximum representable integer.
@ -78,13 +107,19 @@ In *<TESTDATA>/inputs/rubixi.sol:37*
```
collectedFees += msg.value
```
## Integer Underflow
- Type: Warning
- Contract: Rubixi
- Function name: `_function_0xd11f13df`
- PC address: 2743
### Description
A possible integer underflow exists in the function `_function_0xd11f13df`.
The subtraction may result in a value <0.
@ -93,13 +128,19 @@ In *<TESTDATA>/inputs/rubixi.sol:143*
```
participants.length - payoutOrder
```
## Unchecked CALL return value
- Type: Informational
- Contract: Rubixi
- Function name: `_function_0x4229616d`
- PC address: 1599
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/rubixi.sol:93*
@ -107,13 +148,19 @@ In *<TESTDATA>/inputs/rubixi.sol:93*
```
creator.send(feesToCollect)
```
## Unchecked CALL return value
- Type: Informational
- Contract: Rubixi
- Function name: `_function_0xb4022950`
- PC address: 1940
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/rubixi.sol:75*
@ -121,13 +168,19 @@ In *<TESTDATA>/inputs/rubixi.sol:75*
```
creator.send(collectedFees)
```
## Unchecked CALL return value
- Type: Informational
- Contract: Rubixi
- Function name: `_function_0xb4022950`
- PC address: 2582
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In the function `'_function_0xe9874106'` the following predictable state variables are used to determine Ether recipient:
- block.coinbase
@ -15,13 +20,19 @@ In *<TESTDATA>/inputs/weak_random.sol:47*
```
winningAddress.transfer(prize)
```
## Ether send
- Type: Warning
- Contract: WeakRandom
- Function name: `_function_0xe9874106`
- PC address: 1285
### Description
In the function `'_function_0xe9874106'` a non-zero amount of Ether is sent to an address taken from storage slot 0.
There is a check on storage index 0. This storage slot can be written to by calling the function 'fallback'.
@ -33,13 +44,19 @@ In *<TESTDATA>/inputs/weak_random.sol:47*
```
winningAddress.transfer(prize)
```
## Exception state
- Type: Informational
- Contract: WeakRandom
- Function name: `fallback`
- PC address: 356
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TESTDATA>/inputs/weak_random.sol:11*
@ -47,13 +64,19 @@ In *<TESTDATA>/inputs/weak_random.sol:11*
```
prize / totalTickets
```
## Exception state
- Type: Informational
- Contract: WeakRandom
- Function name: `_function_0xe9874106`
- PC address: 146
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking.
In *<TESTDATA>/inputs/weak_random.sol:11*
@ -61,13 +84,19 @@ In *<TESTDATA>/inputs/weak_random.sol:11*
```
prize / totalTickets
```
## Integer Overflow
- Type: Warning
- Contract: WeakRandom
- Function name: `_function_0xe9874106`
- PC address: 1216
### Description
A possible integer overflow exists in the function `_function_0xe9874106`.
The addition may result in a value higher than the maximum representable integer.
@ -76,13 +105,19 @@ In *<TESTDATA>/inputs/weak_random.sol:45*
```
gameId++
```
## Integer Overflow
- Type: Warning
- Contract: WeakRandom
- Function name: `_function_0xe9874106`
- PC address: 262
### Description
A possible integer overflow exists in the function `_function_0xe9874106`.
The addition may result in a value higher than the maximum representable integer.
Bernhard Mueller
7 years ago