refactor analysis modules to work with smt abstraction

pull/813/head
Joran Honig 6 years ago
parent 4db5e25dc4
commit 66f7789fba
  1. 1
      mythril/analysis/modules/delegatecall.py
  2. 1
      mythril/analysis/modules/dependence_on_predictable_vars.py
  3. 4
      mythril/analysis/modules/ether_thief.py
  4. 4
      mythril/analysis/modules/external_calls.py
  5. 14
      mythril/analysis/modules/integer.py
  6. 1
      mythril/analysis/modules/suicide.py
  7. 1
      tests/testdata/input_contracts/suicide.sol

@ -3,7 +3,6 @@ from mythril.analysis.swc_data import DELEGATECALL_TO_UNTRUSTED_CONTRACT
from mythril.analysis.ops import get_variable, VarType
from mythril.analysis.report import Issue
from mythril.analysis.modules.base import DetectionModule
import logging
class DelegateCallModule(DetectionModule):

@ -1,5 +1,4 @@
import re
from z3 import *
from mythril.analysis.ops import VarType
from mythril.analysis import solver
from mythril.analysis.report import Issue

@ -5,7 +5,7 @@ from mythril.analysis.swc_data import UNPROTECTED_ETHER_WITHDRAWAL
from mythril.analysis.modules.base import DetectionModule
from mythril.laser.ethereum.state.global_state import GlobalState
from mythril.exceptions import UnsatError
from z3 import BitVecVal, UGT, Sum
from mythril.laser.smt import symbol_factory, UGT, Sum, BVAddNoOverflow
import logging
from copy import copy
@ -33,7 +33,7 @@ def _analyze_state(state):
call_value = state.mstate.stack[-3]
target = state.mstate.stack[-2]
eth_sent_total = BitVecVal(0, 256)
eth_sent_total = symbol_factory.BitVecVal(0, 256)
constraints = copy(node.constraints)

@ -1,8 +1,8 @@
from z3 import *
from mythril.analysis.report import Issue
from mythril.analysis import solver
from mythril.analysis.swc_data import REENTRANCY
from mythril.analysis.modules.base import DetectionModule
from mythril.laser.smt import UGT, symbol_factory
from mythril.laser.ethereum.state.global_state import GlobalState
from mythril.exceptions import UnsatError
import logging
@ -27,7 +27,7 @@ def _analyze_state(state):
try:
constraints = node.constraints
transaction_sequence = solver.get_transaction_sequence(
state, constraints + [UGT(gas, BitVecVal(2300, 256))]
state, constraints + [UGT(gas, symbol_factory.BitVecVal(2300, 256))]
)
# Check whether we can also set the callee address

@ -1,12 +1,12 @@
from z3 import *
from mythril.analysis import solver
from mythril.analysis.ops import *
from mythril.analysis.report import Issue
from mythril.analysis.swc_data import INTEGER_OVERFLOW_AND_UNDERFLOW
from mythril.exceptions import UnsatError
from mythril.laser.ethereum.taint_analysis import TaintRunner
from mythril.analysis.modules.base import DetectionModule
import re
from mythril.laser.smt import BVAddNoOverflow, BVSubNoUnderflow, BVMulNoOverflow, BitVec, symbol_factory, Not
import copy
import logging
@ -64,15 +64,15 @@ class IntegerOverflowUnderflowModule(DetectionModule):
# An integer overflow is possible if op0 + op1 or op0 * op1 > MAX_UINT
# Do a type check
allowed_types = [int, BitVecRef, BitVecNumRef]
allowed_types = [int, BitVec]
if not (type(op0) in allowed_types and type(op1) in allowed_types):
return issues
# Change ints to BitVec
if type(op0) is int:
op0 = BitVecVal(op0, 256)
op0 = symbol_factory.BitVecVal(op0, 256)
if type(op1) is int:
op1 = BitVecVal(op1, 256)
op1 = symbol_factory.BitVecVal(op1, 256)
# Formulate expression
# FIXME: handle exponentiation
@ -176,7 +176,7 @@ class IntegerOverflowUnderflowModule(DetectionModule):
)
)
allowed_types = [int, BitVecRef, BitVecNumRef]
allowed_types = [int, BitVec]
if type(op0) in allowed_types and type(op1) in allowed_types:
constraints.append(Not(BVSubNoUnderflow(op0, op1, signed=False)))

@ -1,5 +1,4 @@
from mythril.analysis import solver
from mythril.analysis.ops import *
from mythril.analysis.report import Issue
from mythril.analysis.swc_data import UNPROTECTED_SELFDESTRUCT
from mythril.exceptions import UnsatError

@ -1,4 +1,3 @@
pragma solidity 0.5.0;
contract Suicide {

Loading…
Cancel
Save