From 4d16e8f7fb986e5ec75850fb50878edca7ced3af Mon Sep 17 00:00:00 2001 From: Nikhil Parasaram Date: Tue, 11 Jun 2019 15:20:27 +0530 Subject: [PATCH] Fix suicide module by constraining to attacker (#1071) --- mythril/analysis/modules/suicide.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/mythril/analysis/modules/suicide.py b/mythril/analysis/modules/suicide.py index abe38ac9..57c593e2 100644 --- a/mythril/analysis/modules/suicide.py +++ b/mythril/analysis/modules/suicide.py @@ -4,6 +4,7 @@ from mythril.analysis.swc_data import UNPROTECTED_SELFDESTRUCT from mythril.exceptions import UnsatError from mythril.analysis.modules.base import DetectionModule from mythril.laser.ethereum.state.global_state import GlobalState +from mythril.laser.ethereum.transaction.symbolic import ATTACKER_ADDRESS import logging import json @@ -57,13 +58,16 @@ class SuicideModule(DetectionModule): ) description_head = "The contract can be killed by anyone." - + caller = state.current_transaction.caller try: try: transaction_sequence = solver.get_transaction_sequence( state, state.mstate.constraints - + [to == 0xDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF], + + [ + to == 0xDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF, + caller == ATTACKER_ADDRESS, + ], ) description_tail = ( "Anyone can kill this contract and withdraw its balance to an arbitrary " @@ -71,7 +75,7 @@ class SuicideModule(DetectionModule): ) except UnsatError: transaction_sequence = solver.get_transaction_sequence( - state, state.mstate.constraints + state, state.mstate.constraints + [caller == ATTACKER_ADDRESS] ) description_tail = "Arbitrary senders can kill this contract."