pull/375/head^2
Joran Honig 6 years ago
parent c34f75a5dd
commit 9485ee4587
  1. 2
      mythril/analysis/modules/exceptions.py
  2. 4
      mythril/analysis/modules/integer.py
  3. 4
      mythril/analysis/solver.py
  4. 7
      mythril/laser/ethereum/instructions.py
  5. 7
      mythril/laser/ethereum/state.py
  6. 2
      mythril/laser/ethereum/svm.py

@ -24,9 +24,7 @@ def execute(statespace):
for state in node.states: for state in node.states:
instruction = state.get_current_instruction() instruction = state.get_current_instruction()
if(instruction['opcode'] == "ASSERT_FAIL"): if(instruction['opcode'] == "ASSERT_FAIL"):
try: try:
model = solver.get_model(node.constraints) model = solver.get_model(node.constraints)
address = state.get_current_instruction()['address'] address = state.get_current_instruction()['address']

@ -30,6 +30,7 @@ def execute(statespace):
node = statespace.nodes[k] node = statespace.nodes[k]
for state in node.states: for state in node.states:
# pass
issues += _check_integer_underflow(statespace, state, node) issues += _check_integer_underflow(statespace, state, node)
issues += _check_integer_overflow(statespace, state, node) issues += _check_integer_overflow(statespace, state, node)
@ -50,6 +51,8 @@ def _check_integer_overflow(statespace, state, node):
instruction = state.get_current_instruction() instruction = state.get_current_instruction()
if instruction['opcode'] not in ("ADD", "MUL"): if instruction['opcode'] not in ("ADD", "MUL"):
return issues return issues
if instruction['address'] != 755:
return issues
# Formulate overflow constraints # Formulate overflow constraints
stack = state.mstate.stack stack = state.mstate.stack
@ -108,7 +111,6 @@ def _verify_integer_overflow(statespace, node, expr, state, model, constraint, o
return _try_constraints(node.constraints, [Not(constraint)]) is not None return _try_constraints(node.constraints, [Not(constraint)]) is not None
def _try_constraints(constraints, new_constraints): def _try_constraints(constraints, new_constraints):
""" """
Tries new constraints Tries new constraints

@ -4,7 +4,7 @@ import logging
def get_model(constraints): def get_model(constraints):
s = Solver() s = Solver()
s.set("timeout", 10000) s.set("timeout", 100000)
for constraint in constraints: for constraint in constraints:
s.add(constraint) s.add(constraint)
@ -12,7 +12,7 @@ def get_model(constraints):
if result == sat: if result == sat:
return s.model() return s.model()
elif result == unknown: elif result == unknown:
logging.info("Timeout encountered while solving expression using z3") logging.error("Timeout encountered while solving expression using z3")
raise UnsatError raise UnsatError

@ -778,7 +778,7 @@ class Instruction:
new_state = copy(global_state) new_state = copy(global_state)
new_state.mstate.pc = index new_state.mstate.pc = index
new_state.mstate.depth += 1 new_state.mstate.depth += 1
new_state.mstate.constraints.append(condi) new_state.mstate.constraints.append(simplify(condi))
states.append(new_state) states.append(new_state)
else: else:
@ -786,12 +786,11 @@ class Instruction:
# False case # False case
negated = Not(condition) if type(condition) == BoolRef else condition == 0 negated = Not(condition) if type(condition) == BoolRef else condition == 0
sat = not is_false(simplify(negated)) if type(condi) == BoolRef else not negated
if sat: if (type(negated) == bool and negated) or (type(negated) == BoolRef and not is_false(simplify(negated))):
new_state = copy(global_state) new_state = copy(global_state)
new_state.mstate.depth += 1 new_state.mstate.depth += 1
new_state.mstate.constraints.append(negated) new_state.mstate.constraints.append(simplify(negated))
states.append(new_state) states.append(new_state)
else: else:
logging.debug("Pruned unreachable states.") logging.debug("Pruned unreachable states.")

@ -39,7 +39,12 @@ class Account:
self.balance += balance self.balance += balance
def get_storage(self, index): def get_storage(self, index):
return self.storage[index] if index in self.storage.keys() else BitVec("storage_" + str(index), 256) if index in self.storage.keys():
return self.storage[index]
else:
symbol = BitVec("storage_" + str(index), 256)
self.storage[index] = symbol
return symbol
@property @property
def as_dict(self): def as_dict(self):

@ -70,7 +70,7 @@ class LaserEVM:
try: try:
new_states, op_code = self.execute_state(global_state) new_states, op_code = self.execute_state(global_state)
except NotImplementedError: except NotImplementedError:
logging.debug("Encountered unimplemented instruction") logging.error("Encountered unimplemented instruction: {}".format(op_code))
continue continue
if len(new_states) == 0: if len(new_states) == 0:

Loading…
Cancel
Save