Check versions before using integer module (#1613)

3 years ago · 50e1ded4ab
parent 042cc68025
commit 50e1ded4ab
8 changed files with 73 additions and 4 deletions
--- a/mythril/analysis/module/loader.py
+++ b/mythril/analysis/module/loader.py
@ -1,5 +1,6 @@
 from mythril.analysis.module.base import DetectionModule, EntryPoint
 from mythril.support.support_utils import Singleton
+from mythril.support.support_args import args

 from mythril.analysis.module.modules.arbitrary_jump import ArbitraryJump
 from mythril.analysis.module.modules.arbitrary_write import ArbitraryStorage
@ -75,7 +76,12 @@ class ModuleLoader(object, metaclass=Singleton):
            result = [
                module for module in result if type(module).__name__ in white_list
            ]
-
+        if args.use_integer_module is False:
+            result = [
+                module
+                for module in result
+                if type(module).__name__ != "IntegerArithmetics"
+            ]
        if entry_point:
            result = [module for module in result if module.entry_point == entry_point]

--- a/mythril/ethereum/util.py
+++ b/mythril/ethereum/util.py
@ -13,9 +13,11 @@ from subprocess import PIPE, Popen
 from typing import Optional

 from json.decoder import JSONDecodeError
-from mythril.exceptions import CompilerError
 from semantic_version import Version, NpmSpec

+from mythril.exceptions import CompilerError
+from mythril.support.support_args import args
+
 import solcx

 log = logging.getLogger(__name__)
@ -158,6 +160,9 @@ def extract_version(file: str) -> Optional[str]:
 def extract_binary(file: str) -> str:
    with open(file) as f:
        version = extract_version(f.read())
+    if version and NpmSpec("^0.8.0").match(Version(version)):
+        args.use_integer_module = False
+
    if version is None:
        return os.environ.get("SOLC") or "solc"
    return solc_exists(version)
--- a/mythril/mythril/mythril_disassembler.py
+++ b/mythril/mythril/mythril_disassembler.py
@ -4,13 +4,16 @@ import solc
 import sys
 import os

-from mythril.support.support_utils import sha3, zpad
+from semantic_version import Version, NpmSpec
 from typing import List, Tuple, Optional
+
+from mythril.support.support_utils import sha3, zpad
 from mythril.ethereum import util
 from mythril.ethereum.interface.rpc.client import EthJsonRpc
 from mythril.exceptions import CriticalError, CompilerError, NoContractFoundError
 from mythril.support import signatures
 from mythril.support.support_utils import rzpad
+from mythril.support.support_args import args
 from mythril.ethereum.evmcontract import EVMContract
 from mythril.ethereum.interface.rpc.exceptions import ConnectionError
 from mythril.solidity.soliditycontract import SolidityContract, get_contracts_from_file
@ -62,7 +65,8 @@ class MythrilDisassembler:

        if version.startswith("v"):
            version = version[1:]
-
+        if version and NpmSpec("^0.8.0").match(Version(version)):
+            args.use_integer_module = False
        if version == main_version_number:
            log.info("Given version matches installed version")
            solc_binary = os.environ.get("SOLC") or "solc"
--- a/mythril/support/support_args.py
+++ b/mythril/support/support_args.py
@ -13,6 +13,7 @@ class Args:
        self.iprof = True
        self.solver_log = None
        self.transaction_sequences: List[List[str]] = None
+        self.use_integer_module = True


 args = Args()
--- a/tests/integration_tests/version_test.py
+++ b/tests/integration_tests/version_test.py
@ -0,0 +1,31 @@
+import pytest
+import json
+import sys
+
+from subprocess import check_output
+from tests import PROJECT_DIR, TESTDATA
+
+MYTH = str(PROJECT_DIR / "myth")
+test_data = (
+    ("version_contract.sol", "v0.7.0", True),
+    ("version_contract.sol", "v0.8.0", False),
+    ("version_contract_0.8.0.sol", None, False),
+    ("version_contract_0.7.0.sol", None, True),
+)
+
+
+@pytest.mark.parametrize("file_name, version, has_overflow", test_data)
+def test_analysis(file_name, version, has_overflow):
+    file = str(TESTDATA / "input_contracts" / file_name)
+    if version:
+        command = f"python3 {MYTH} analyze {file} --solv {version}"
+    else:
+        command = f"python3 {MYTH} analyze {file}"
+    output = check_output(command, shell=True).decode("UTF-8")
+    if has_overflow:
+        assert f"SWC ID: 101" in output
+    else:
+        assert (
+            "The analysis was completed successfully. No issues were detected."
+            in output
+        )
--- a/tests/testdata/input_contracts/version_contract.sol
+++ b/tests/testdata/input_contracts/version_contract.sol
@ -0,0 +1,6 @@
+contract Test {
+    uint256 input;
+    function add(uint256 a, uint256 b) public {
+        input = a + b;
+    }
+}
--- a/tests/testdata/input_contracts/version_contract_0.7.0.sol
+++ b/tests/testdata/input_contracts/version_contract_0.7.0.sol
@ -0,0 +1,8 @@
+pragma solidity ^0.7.0;
+
+contract Test {
+    uint256 input;
+    function add(uint256 a, uint256 b) public {
+        input = a + b;
+    }
+}
--- a/tests/testdata/input_contracts/version_contract_0.8.0.sol
+++ b/tests/testdata/input_contracts/version_contract_0.8.0.sol
@ -0,0 +1,8 @@
+pragma solidity ^0.8.0;
+
+contract Test {
+    uint256 input;
+    function add(uint256 a, uint256 b) public {
+        input = a + b;
+    }
+}