Check versions before using integer module (#1613)

mythril/analysis/module/loader.py

@@ -1,5 +1,6 @@
 from mythril.analysis.module.base import DetectionModule, EntryPoint
 from mythril.support.support_utils import Singleton
+from mythril.support.support_args import args
 
 from mythril.analysis.module.modules.arbitrary_jump import ArbitraryJump
 from mythril.analysis.module.modules.arbitrary_write import ArbitraryStorage
@@ -75,7 +76,12 @@ class ModuleLoader(object, metaclass=Singleton):
             result = [
                 module for module in result if type(module).__name__ in white_list
             ]
-
+        if args.use_integer_module is False:
+            result = [
+                module
+                for module in result
+                if type(module).__name__ != "IntegerArithmetics"
+            ]
         if entry_point:
             result = [module for module in result if module.entry_point == entry_point]
 

mythril/ethereum/util.py

@@ -13,9 +13,11 @@ from subprocess import PIPE, Popen
 from typing import Optional
 
 from json.decoder import JSONDecodeError
-from mythril.exceptions import CompilerError
 from semantic_version import Version, NpmSpec
 
+from mythril.exceptions import CompilerError
+from mythril.support.support_args import args
+
 import solcx
 
 log = logging.getLogger(__name__)
@@ -158,6 +160,9 @@ def extract_version(file: str) -> Optional[str]:
 def extract_binary(file: str) -> str:
     with open(file) as f:
         version = extract_version(f.read())
+    if version and NpmSpec("^0.8.0").match(Version(version)):
+        args.use_integer_module = False
+
     if version is None:
         return os.environ.get("SOLC") or "solc"
     return solc_exists(version)

mythril/mythril/mythril_disassembler.py

@@ -4,13 +4,16 @@ import solc
 import sys
 import os
 
-from mythril.support.support_utils import sha3, zpad
+from semantic_version import Version, NpmSpec
 from typing import List, Tuple, Optional
+
+from mythril.support.support_utils import sha3, zpad
 from mythril.ethereum import util
 from mythril.ethereum.interface.rpc.client import EthJsonRpc
 from mythril.exceptions import CriticalError, CompilerError, NoContractFoundError
 from mythril.support import signatures
 from mythril.support.support_utils import rzpad
+from mythril.support.support_args import args
 from mythril.ethereum.evmcontract import EVMContract
 from mythril.ethereum.interface.rpc.exceptions import ConnectionError
 from mythril.solidity.soliditycontract import SolidityContract, get_contracts_from_file
@@ -62,7 +65,8 @@ class MythrilDisassembler:
 
         if version.startswith("v"):
             version = version[1:]
-
+        if version and NpmSpec("^0.8.0").match(Version(version)):
+            args.use_integer_module = False
         if version == main_version_number:
             log.info("Given version matches installed version")
             solc_binary = os.environ.get("SOLC") or "solc"

mythril/support/support_args.py

@@ -13,6 +13,7 @@ class Args:
         self.iprof = True
         self.solver_log = None
         self.transaction_sequences: List[List[str]] = None
+        self.use_integer_module = True
 
 
 args = Args()

tests/integration_tests/version_test.py

@@ -0,0 +1,31 @@
+import pytest
+import json
+import sys
+
+from subprocess import check_output
+from tests import PROJECT_DIR, TESTDATA
+
+MYTH = str(PROJECT_DIR / "myth")
+test_data = (
+    ("version_contract.sol", "v0.7.0", True),
+    ("version_contract.sol", "v0.8.0", False),
+    ("version_contract_0.8.0.sol", None, False),
+    ("version_contract_0.7.0.sol", None, True),
+)
+
+
+@pytest.mark.parametrize("file_name, version, has_overflow", test_data)
+def test_analysis(file_name, version, has_overflow):
+    file = str(TESTDATA / "input_contracts" / file_name)
+    if version:
+        command = f"python3 {MYTH} analyze {file} --solv {version}"
+    else:
+        command = f"python3 {MYTH} analyze {file}"
+    output = check_output(command, shell=True).decode("UTF-8")
+    if has_overflow:
+        assert f"SWC ID: 101" in output
+    else:
+        assert (
+            "The analysis was completed successfully. No issues were detected."
+            in output
+        )

tests/testdata/input_contracts/version_contract.sol

@@ -0,0 +1,6 @@
+contract Test {
+    uint256 input;
+    function add(uint256 a, uint256 b) public {
+        input = a + b;
+    }
+}

tests/testdata/input_contracts/version_contract_0.7.0.sol

@@ -0,0 +1,8 @@
+pragma solidity ^0.7.0;
+
+contract Test {
+    uint256 input;
+    function add(uint256 a, uint256 b) public {
+        input = a + b;
+    }
+}

tests/testdata/input_contracts/version_contract_0.8.0.sol

@@ -0,0 +1,8 @@
+pragma solidity ^0.8.0;
+
+contract Test {
+    uint256 input;
+    function add(uint256 a, uint256 b) public {
+        input = a + b;
+    }
+}