# Analysis results for <TESTDATA>/inputs/calls.sol
## Message call to external contract
## Message call to external contract
@ -7,19 +7,15 @@
- Function name: `_function_0x5a6814ec`
- Function name: `_function_0x5a6814ec`
- PC address: 661
- PC address: 661
### Description
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
In *<TESTDATA>/inputs/calls.sol:16*
In *<TESTDATA>/inputs/calls.sol:16*
```
```
fixed_address.call()
fixed_address.call()
```
```
## Message call to external contract
## Message call to external contract
- Type: Warning
- Type: Warning
@ -27,18 +23,15 @@ fixed_address.call()
- Function name: `_function_0xd24b08cc`
- Function name: `_function_0xd24b08cc`
- PC address: 779
- PC address: 779
### Description
### Description
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
In *<TESTDATA>/inputs/calls.sol:29*
In *<TESTDATA>/inputs/calls.sol:29*
```
```
stored_address.call()
stored_address.call()
```
```
## Message call to external contract
## Message call to external contract
- Type: Informational
- Type: Informational
@ -46,19 +39,15 @@ stored_address.call()
- Function name: `_function_0xe11f493e`
- Function name: `_function_0xe11f493e`
- PC address: 858
- PC address: 858
### Description
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
In *<TESTDATA>/inputs/calls.sol:20*
In *<TESTDATA>/inputs/calls.sol:20*
```
```
fixed_address.call()
fixed_address.call()
```
```
## State change after external call
## State change after external call
- Type: Warning
- Type: Warning
@ -66,19 +55,15 @@ fixed_address.call()
- Function name: `_function_0xe11f493e`
- Function name: `_function_0xe11f493e`
- PC address: 869
- PC address: 869
### Description
### Description
The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.
The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.
In *<TESTDATA>/inputs/calls.sol:21*
In *<TESTDATA>/inputs/calls.sol:21*
```
```
statevar = 0
statevar = 0
```
```
## Message call to external contract
## Message call to external contract
- Type: Warning
- Type: Warning
@ -86,19 +71,15 @@ statevar = 0
- Function name: `_function_0xe1d10f79`
- Function name: `_function_0xe1d10f79`
- PC address: 912
- PC address: 912
### Description
### Description
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
In *<TESTDATA>/inputs/calls.sol:25*
In *<TESTDATA>/inputs/calls.sol:25*
```
```
addr.call()
addr.call()
```
```
## Unchecked CALL return value
## Unchecked CALL return value
- Type: Informational
- Type: Informational
@ -106,19 +87,15 @@ addr.call()
- Function name: `_function_0x5a6814ec`
- Function name: `_function_0x5a6814ec`
- PC address: 661
- PC address: 661
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/calls.sol:16*
In *<TESTDATA>/inputs/calls.sol:16*
```
```
fixed_address.call()
fixed_address.call()
```
```
## Unchecked CALL return value
## Unchecked CALL return value
- Type: Informational
- Type: Informational
@ -126,19 +103,15 @@ fixed_address.call()
- Function name: `_function_0xd24b08cc`
- Function name: `_function_0xd24b08cc`
- PC address: 779
- PC address: 779
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/calls.sol:29*
In *<TESTDATA>/inputs/calls.sol:29*
```
```
stored_address.call()
stored_address.call()
```
```
## Unchecked CALL return value
## Unchecked CALL return value
- Type: Informational
- Type: Informational
@ -146,19 +119,15 @@ stored_address.call()
- Function name: `_function_0xe11f493e`
- Function name: `_function_0xe11f493e`
- PC address: 858
- PC address: 858
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/calls.sol:20*
In *<TESTDATA>/inputs/calls.sol:20*
```
```
fixed_address.call()
fixed_address.call()
```
```
## Unchecked CALL return value
## Unchecked CALL return value
- Type: Informational
- Type: Informational
@ -166,14 +135,11 @@ fixed_address.call()
- Function name: `_function_0xe1d10f79`
- Function name: `_function_0xe1d10f79`
- PC address: 912
- PC address: 912
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
# Analysis results for <TESTDATA>/inputs/exceptions.sol
## Exception state
## Exception state
@ -7,18 +7,15 @@
- Function name: `_function_0x546455b5`
- Function name: `_function_0x546455b5`
- PC address: 446
- PC address: 446
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/exceptions.sol:16*
In *<TESTDATA>/inputs/exceptions.sol:16*
```
```
assert(input != 23)
assert(input != 23)
```
```
## Exception state
## Exception state
- Type: Informational
- Type: Informational
@ -26,18 +23,15 @@ assert(input != 23)
- Function name: `_function_0x92dd38ea`
- Function name: `_function_0x92dd38ea`
- PC address: 484
- PC address: 484
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/exceptions.sol:34*
In *<TESTDATA>/inputs/exceptions.sol:34*
```
```
myarray[index]
myarray[index]
```
```
## Exception state
## Exception state
- Type: Informational
- Type: Informational
@ -45,18 +39,15 @@ myarray[index]
- Function name: `_function_0xa08299f1`
- Function name: `_function_0xa08299f1`
- PC address: 506
- PC address: 506
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/exceptions.sol:24*
In *<TESTDATA>/inputs/exceptions.sol:24*
```
```
1/input
1/input
```
```
## Exception state
## Exception state
- Type: Informational
- Type: Informational
@ -64,13 +55,11 @@ In *<TESTDATA>/inputs/exceptions.sol:24*
- Function name: `_function_0xb34c3610`
- Function name: `_function_0xb34c3610`
- PC address: 531
- PC address: 531
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
# Analysis results for <TESTDATA>/inputs/kinds_of_calls.sol
## Message call to external contract
## Message call to external contract
@ -7,19 +7,15 @@
- Function name: `_function_0xeea4c864`
- Function name: `_function_0xeea4c864`
- PC address: 1038
- PC address: 1038
### Description
### Description
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
# Analysis results for <TESTDATA>/inputs/rubixi.sol
## Ether send
## Ether send
@ -7,22 +7,19 @@
- Function name: `_function_0x4229616d`
- Function name: `_function_0x4229616d`
- PC address: 1599
- PC address: 1599
### Description
### Description
In the function `_function_0x4229616d` a non-zero amount of Ether is sent to an address taken from storage slot 5.
In the function `_function_0x4229616d` a non-zero amount of Ether is sent to an address taken from storage slot 5.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
In *<TESTDATA>/inputs/rubixi.sol:93*
In *<TESTDATA>/inputs/rubixi.sol:93*
```
```
creator.send(feesToCollect)
creator.send(feesToCollect)
```
```
## Ether send
## Ether send
- Type: Warning
- Type: Warning
@ -30,22 +27,19 @@ creator.send(feesToCollect)
- Function name: `_function_0x686f2c90`
- Function name: `_function_0x686f2c90`
- PC address: 1940
- PC address: 1940
### Description
### Description
In the function `_function_0x686f2c90` a non-zero amount of Ether is sent to an address taken from storage slot 5.
In the function `_function_0x686f2c90` a non-zero amount of Ether is sent to an address taken from storage slot 5.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
In *<TESTDATA>/inputs/rubixi.sol:75*
In *<TESTDATA>/inputs/rubixi.sol:75*
```
```
creator.send(collectedFees)
creator.send(collectedFees)
```
```
## Exception state
## Exception state
- Type: Informational
- Type: Informational
@ -53,18 +47,15 @@ creator.send(collectedFees)
- Function name: `_function_0x57d4021b`
- Function name: `_function_0x57d4021b`
- PC address: 1653
- PC address: 1653
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/rubixi.sol:131*
In *<TESTDATA>/inputs/rubixi.sol:131*
```
```
participants[payoutOrder]
participants[payoutOrder]
```
```
## Exception state
## Exception state
- Type: Informational
- Type: Informational
@ -72,18 +63,15 @@ participants[payoutOrder]
- Function name: `_function_0x9dbc4f9b`
- Function name: `_function_0x9dbc4f9b`
- PC address: 2085
- PC address: 2085
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/rubixi.sol:148*
In *<TESTDATA>/inputs/rubixi.sol:148*
```
```
participants[orderInPyramid]
participants[orderInPyramid]
```
```
## Integer Overflow
## Integer Overflow
- Type: Warning
- Type: Warning
@ -91,20 +79,16 @@ participants[orderInPyramid]
- Function name: `_function_0xfae14192`
- Function name: `_function_0xfae14192`
- PC address: 1223
- PC address: 1223
### Description
### Description
A possible integer overflow exists in the function `_function_0xfae14192`.
A possible integer overflow exists in the function `_function_0xfae14192`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The addition or multiplication may result in a value higher than the maximum representable integer.
In *<TESTDATA>/inputs/rubixi.sol:37*
In *<TESTDATA>/inputs/rubixi.sol:37*
```
```
collectedFees += msg.value
collectedFees += msg.value
```
```
## Unchecked CALL return value
## Unchecked CALL return value
- Type: Informational
- Type: Informational
@ -112,19 +96,15 @@ collectedFees += msg.value
- Function name: `_function_0x4229616d`
- Function name: `_function_0x4229616d`
- PC address: 1599
- PC address: 1599
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/rubixi.sol:93*
In *<TESTDATA>/inputs/rubixi.sol:93*
```
```
creator.send(feesToCollect)
creator.send(feesToCollect)
```
```
## Unchecked CALL return value
## Unchecked CALL return value
- Type: Informational
- Type: Informational
@ -132,19 +112,15 @@ creator.send(feesToCollect)
- Function name: `_function_0xb4022950`
- Function name: `_function_0xb4022950`
- PC address: 1940
- PC address: 1940
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/rubixi.sol:75*
In *<TESTDATA>/inputs/rubixi.sol:75*
```
```
creator.send(collectedFees)
creator.send(collectedFees)
```
```
## Unchecked CALL return value
## Unchecked CALL return value
- Type: Informational
- Type: Informational
@ -152,14 +128,11 @@ creator.send(collectedFees)
- Function name: `_function_0xb4022950`
- Function name: `_function_0xb4022950`
- PC address: 2582
- PC address: 2582
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
# Analysis results for <TESTDATA>/inputs/weak_random.sol
## Dependence on predictable environment variable
## Dependence on predictable environment variable
@ -7,20 +7,17 @@
- Function name: `_function_0xe9874106`
- Function name: `_function_0xe9874106`
- PC address: 1285
- PC address: 1285
### Description
### Description
In the function `_function_0xe9874106` the following predictable state variables are used to determine Ether recipient:
In the function `_function_0xe9874106` the following predictable state variables are used to determine Ether recipient:
- block.coinbase
- block.coinbase
In *<TESTDATA>/inputs/weak_random.sol:47*
In *<TESTDATA>/inputs/weak_random.sol:47*
```
```
winningAddress.transfer(prize)
winningAddress.transfer(prize)
```
```
## Ether send
## Ether send
- Type: Warning
- Type: Warning
@ -28,22 +25,19 @@ winningAddress.transfer(prize)
- Function name: `_function_0xe9874106`
- Function name: `_function_0xe9874106`
- PC address: 1285
- PC address: 1285
### Description
### Description
In the function `_function_0xe9874106` a non-zero amount of Ether is sent to an address taken from storage slot 0.
In the function `_function_0xe9874106` a non-zero amount of Ether is sent to an address taken from storage slot 0.
There is a check on storage index 0. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 0. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
In *<TESTDATA>/inputs/weak_random.sol:47*
In *<TESTDATA>/inputs/weak_random.sol:47*
```
```
winningAddress.transfer(prize)
winningAddress.transfer(prize)
```
```
## Exception state
## Exception state
- Type: Informational
- Type: Informational
@ -51,18 +45,15 @@ winningAddress.transfer(prize)
- Function name: `fallback`
- Function name: `fallback`
- PC address: 356
- PC address: 356
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/weak_random.sol:11*
In *<TESTDATA>/inputs/weak_random.sol:11*
```
```
prize / totalTickets
prize / totalTickets
```
```
## Exception state
## Exception state
- Type: Informational
- Type: Informational
@ -70,18 +61,15 @@ prize / totalTickets
- Function name: `_function_0xe9874106`
- Function name: `_function_0xe9874106`
- PC address: 146
- PC address: 146
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/weak_random.sol:11*
In *<TESTDATA>/inputs/weak_random.sol:11*
```
```
prize / totalTickets
prize / totalTickets
```
```
## Integer Overflow
## Integer Overflow
- Type: Warning
- Type: Warning
@ -89,20 +77,16 @@ prize / totalTickets
- Function name: `_function_0xe9874106`
- Function name: `_function_0xe9874106`
- PC address: 1216
- PC address: 1216
### Description
### Description
A possible integer overflow exists in the function `_function_0xe9874106`.
A possible integer overflow exists in the function `_function_0xe9874106`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The addition or multiplication may result in a value higher than the maximum representable integer.
In *<TESTDATA>/inputs/weak_random.sol:45*
In *<TESTDATA>/inputs/weak_random.sol:45*
```
```
gameId++
gameId++
```
```
## Integer Overflow
## Integer Overflow
- Type: Warning
- Type: Warning
@ -110,15 +94,12 @@ gameId++
- Function name: `_function_0xe9874106`
- Function name: `_function_0xe9874106`
- PC address: 262
- PC address: 262
### Description
### Description
A possible integer overflow exists in the function `_function_0xe9874106`.
A possible integer overflow exists in the function `_function_0xe9874106`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The addition or multiplication may result in a value higher than the maximum representable integer.
Dr. Sergey Pogodin
7 years ago