"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"function":"thisisfine()",
"function":"thisisfine()",
"max_gas_used":1254,
"max_gas_used":1254,
@ -12,12 +11,12 @@
"severity":"Medium",
"severity":"Medium",
"sourceMap":null,
"sourceMap":null,
"swc-id":"107",
"swc-id":"107",
"title":"External Call To User-Supplied Address"
"title":"External Call To User-Supplied Address",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":661,
"address":661,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"function":"thisisfine()",
"function":"thisisfine()",
"max_gas_used":35972,
"max_gas_used":35972,
@ -25,12 +24,12 @@
"severity":"Low",
"severity":"Low",
"sourceMap":null,
"sourceMap":null,
"swc-id":"104",
"swc-id":"104",
"title":"Unchecked Call Return Value"
"title":"Unchecked Call Return Value",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":779,
"address":779,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"function":"callstoredaddress()",
"function":"callstoredaddress()",
"max_gas_used":1298,
"max_gas_used":1298,
@ -38,12 +37,12 @@
"severity":"Medium",
"severity":"Medium",
"sourceMap":null,
"sourceMap":null,
"swc-id":"107",
"swc-id":"107",
"title":"External Call To User-Supplied Address"
"title":"External Call To User-Supplied Address",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":779,
"address":779,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"function":"callstoredaddress()",
"function":"callstoredaddress()",
"max_gas_used":36016,
"max_gas_used":36016,
@ -51,12 +50,12 @@
"severity":"Low",
"severity":"Low",
"sourceMap":null,
"sourceMap":null,
"swc-id":"104",
"swc-id":"104",
"title":"Unchecked Call Return Value"
"title":"Unchecked Call Return Value",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":858,
"address":858,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"function":"reentrancy()",
"function":"reentrancy()",
"max_gas_used":1320,
"max_gas_used":1320,
@ -64,12 +63,12 @@
"severity":"Medium",
"severity":"Medium",
"sourceMap":null,
"sourceMap":null,
"swc-id":"107",
"swc-id":"107",
"title":"External Call To User-Supplied Address"
"title":"External Call To User-Supplied Address",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":858,
"address":858,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"function":"reentrancy()",
"function":"reentrancy()",
"max_gas_used":61052,
"max_gas_used":61052,
@ -77,12 +76,12 @@
"severity":"Low",
"severity":"Low",
"sourceMap":null,
"sourceMap":null,
"swc-id":"104",
"swc-id":"104",
"title":"Unchecked Call Return Value"
"title":"Unchecked Call Return Value",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":869,
"address":869,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The contract account state is changed after an external call. \nConsider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.",
"description":"The contract account state is changed after an external call. \nConsider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.",
"function":"reentrancy()",
"function":"reentrancy()",
"max_gas_used":null,
"max_gas_used":null,
@ -90,12 +89,12 @@
"severity":"Medium",
"severity":"Medium",
"sourceMap":null,
"sourceMap":null,
"swc-id":"107",
"swc-id":"107",
"title":"State change after external call"
"title":"State change after external call",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":912,
"address":912,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"function":"calluseraddress(address)",
"function":"calluseraddress(address)",
"max_gas_used":616,
"max_gas_used":616,
@ -103,12 +102,12 @@
"severity":"Medium",
"severity":"Medium",
"sourceMap":null,
"sourceMap":null,
"swc-id":"107",
"swc-id":"107",
"title":"External Call To User-Supplied Address"
"title":"External Call To User-Supplied Address",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":912,
"address":912,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -24,7 +25,8 @@
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -41,7 +43,8 @@
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -58,7 +61,8 @@
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -75,7 +79,8 @@
"tail": "Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities."
"tail": "Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -92,7 +97,8 @@
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -109,7 +115,8 @@
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -126,7 +133,8 @@
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -143,7 +151,8 @@
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
"description":"Anyone can withdraw ETH from the contract account.\nArbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.",
"description":"Anyone can withdraw ETH from the contract account.\nArbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.",
"function":"withdrawfunds()",
"function":"withdrawfunds()",
"max_gas_used":1749,
"max_gas_used":1749,
@ -12,12 +11,12 @@
"severity":"High",
"severity":"High",
"sourceMap":null,
"sourceMap":null,
"swc-id":"105",
"swc-id":"105",
"title":"Unprotected Ether Withdrawal"
"title":"Unprotected Ether Withdrawal",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":883,
"address":883,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The binary addition can overflow.\nThe operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion.",
"description":"The binary addition can overflow.\nThe operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion.",
"tail": "Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability."
"tail": "Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -24,7 +25,8 @@
"tail": "The operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion."
"tail": "The operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion."
"description":"A reachable exception has been detected.\nIt is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"description":"A reachable exception has been detected.\nIt is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function":"assert3(uint256)",
"function":"assert3(uint256)",
"max_gas_used":301,
"max_gas_used":301,
@ -12,12 +11,12 @@
"severity":"Low",
"severity":"Low",
"sourceMap":null,
"sourceMap":null,
"swc-id":"110",
"swc-id":"110",
"title":"Exception State"
"title":"Exception State",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":484,
"address":484,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"A reachable exception has been detected.\nIt is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"description":"A reachable exception has been detected.\nIt is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function":"arrayaccess(uint256)",
"function":"arrayaccess(uint256)",
"max_gas_used":351,
"max_gas_used":351,
@ -25,12 +24,12 @@
"severity":"Low",
"severity":"Low",
"sourceMap":null,
"sourceMap":null,
"swc-id":"110",
"swc-id":"110",
"title":"Exception State"
"title":"Exception State",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":506,
"address":506,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"A reachable exception has been detected.\nIt is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"description":"A reachable exception has been detected.\nIt is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function":"divisionby0(uint256)",
"function":"divisionby0(uint256)",
"max_gas_used":367,
"max_gas_used":367,
@ -38,12 +37,12 @@
"severity":"Low",
"severity":"Low",
"sourceMap":null,
"sourceMap":null,
"swc-id":"110",
"swc-id":"110",
"title":"Exception State"
"title":"Exception State",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":531,
"address":531,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"A reachable exception has been detected.\nIt is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"description":"A reachable exception has been detected.\nIt is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"tail": "It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking."
"tail": "It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -24,7 +25,8 @@
"tail": "It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking."
"tail": "It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -41,7 +43,8 @@
"tail": "It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking."
"tail": "It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -58,7 +61,8 @@
"tail": "It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking."
"tail": "It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking."
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"function":"_function_0x141f32ff",
"function":"_function_0x141f32ff",
"max_gas_used":35865,
"max_gas_used":35865,
@ -12,12 +11,12 @@
"severity":"Low",
"severity":"Low",
"sourceMap":null,
"sourceMap":null,
"swc-id":"104",
"swc-id":"104",
"title":"Unchecked Call Return Value"
"title":"Unchecked Call Return Value",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":618,
"address":618,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"Use of callcode is deprecated.\nThe callcode method executes code of another contract in the context of the caller account. Due to a bug in the implementation it does not persist sender and value over the call. It was therefore deprecated and may be removed in the future. Use the delegatecall method instead.",
"description":"Use of callcode is deprecated.\nThe callcode method executes code of another contract in the context of the caller account. Due to a bug in the implementation it does not persist sender and value over the call. It was therefore deprecated and may be removed in the future. Use the delegatecall method instead.",
"function":"_function_0x141f32ff",
"function":"_function_0x141f32ff",
"max_gas_used":1141,
"max_gas_used":1141,
@ -25,12 +24,12 @@
"severity":"Medium",
"severity":"Medium",
"sourceMap":null,
"sourceMap":null,
"swc-id":"111",
"swc-id":"111",
"title":"Use of callcode"
"title":"Use of callcode",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":849,
"address":849,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The contract delegates execution to another contract with a user-supplied address.\nThe smart contract delegates execution to a user-supplied address. Note that callers can execute arbitrary contracts and that the callee contract can access the storage of the calling contract. ",
"description":"The contract delegates execution to another contract with a user-supplied address.\nThe smart contract delegates execution to a user-supplied address. Note that callers can execute arbitrary contracts and that the callee contract can access the storage of the calling contract. ",
"function":"_function_0x9b58bc26",
"function":"_function_0x9b58bc26",
"max_gas_used":35928,
"max_gas_used":35928,
@ -38,12 +37,12 @@
"severity":"Medium",
"severity":"Medium",
"sourceMap":null,
"sourceMap":null,
"swc-id":"112",
"swc-id":"112",
"title":"Delegatecall Proxy To User-Supplied Address"
"title":"Delegatecall Proxy To User-Supplied Address",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":849,
"address":849,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"function":"_function_0x9b58bc26",
"function":"_function_0x9b58bc26",
"max_gas_used":35928,
"max_gas_used":35928,
@ -51,12 +50,12 @@
"severity":"Low",
"severity":"Low",
"sourceMap":null,
"sourceMap":null,
"swc-id":"104",
"swc-id":"104",
"title":"Unchecked Call Return Value"
"title":"Unchecked Call Return Value",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":1038,
"address":1038,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"function":"_function_0xeea4c864",
"function":"_function_0xeea4c864",
"max_gas_used":1229,
"max_gas_used":1229,
@ -64,12 +63,12 @@
"severity":"Medium",
"severity":"Medium",
"sourceMap":null,
"sourceMap":null,
"swc-id":"107",
"swc-id":"107",
"title":"External Call To User-Supplied Address"
"title":"External Call To User-Supplied Address",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":1038,
"address":1038,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"tail": "The smart contract delegates execution to a user-supplied address. Note that callers can execute arbitrary contracts and that the callee contract can access the storage of the calling contract. "
"tail": "The smart contract delegates execution to a user-supplied address. Note that callers can execute arbitrary contracts and that the callee contract can access the storage of the calling contract. "
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -24,7 +25,8 @@
"tail": "The callcode method executes code of another contract in the context of the caller account. Due to a bug in the implementation it does not persist sender and value over the call. It was therefore deprecated and may be removed in the future. Use the delegatecall method instead."
"tail": "The callcode method executes code of another contract in the context of the caller account. Due to a bug in the implementation it does not persist sender and value over the call. It was therefore deprecated and may be removed in the future. Use the delegatecall method instead."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -41,7 +43,8 @@
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -58,7 +61,8 @@
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -75,7 +79,8 @@
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -92,7 +97,8 @@
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
"description":"The binary addition can overflow.\nThe operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion.",
"tail": "The operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion."
The analysis was completed successfully. No issues were detected.
- SWC ID: 101
- Severity: High
- Contract: Unknown
- Function name: `sendToken(address,uint256)`
- PC address: 498
- Estimated Gas Usage: 11860 - 52806
### Description
The binary addition can overflow.
The operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion.
The analysis was completed successfully. No issues were detected.
SWC ID: 101
Severity: High
Contract: Unknown
Function name: sendToken(address,uint256)
PC address: 498
Estimated Gas Usage: 11860 - 52806
The binary addition can overflow.
The operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion.
"description":"Anyone can withdraw ETH from the contract account.\nArbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.",
"description":"Anyone can withdraw ETH from the contract account.\nArbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.",
"tail": "Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability."
"tail": "Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability."
"description":"Use of tx.origin is deprecated.\nThe smart contract retrieves the transaction origin (tx.origin) using msg.origin. Use of msg.origin is deprecated and the instruction may be removed in the future. Use msg.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin",
"description":"Use of tx.origin is deprecated.\nThe smart contract retrieves the transaction origin (tx.origin) using msg.origin. Use of msg.origin is deprecated and the instruction may be removed in the future. Use msg.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin",
"tail": "The smart contract retrieves the transaction origin (tx.origin) using msg.origin. Use of msg.origin is deprecated and the instruction may be removed in the future. Use msg.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin"
"tail": "The smart contract retrieves the transaction origin (tx.origin) using msg.origin. Use of msg.origin is deprecated and the instruction may be removed in the future. Use msg.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin"
"description":"The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
"description":"The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
"function":"sendeth(address,uint256)",
"function":"sendeth(address,uint256)",
"max_gas_used":78155,
"max_gas_used":78155,
@ -12,12 +11,12 @@
"severity":"High",
"severity":"High",
"sourceMap":null,
"sourceMap":null,
"swc-id":"101",
"swc-id":"101",
"title":"Integer Underflow"
"title":"Integer Underflow",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":649,
"address":649,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
"description":"The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
"function":"sendeth(address,uint256)",
"function":"sendeth(address,uint256)",
"max_gas_used":78155,
"max_gas_used":78155,
@ -25,12 +24,12 @@
"severity":"High",
"severity":"High",
"sourceMap":null,
"sourceMap":null,
"swc-id":"101",
"swc-id":"101",
"title":"Integer Underflow"
"title":"Integer Underflow",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":725,
"address":725,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The binary addition can overflow.\nThe operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion.",
"description":"The binary addition can overflow.\nThe operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion.",
"tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
"tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -24,7 +25,8 @@
"tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
"tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -41,7 +43,8 @@
"tail": "The operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion."
"tail": "The operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion."
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"function":"callchecked()",
"function":"callchecked()",
"max_gas_used":1210,
"max_gas_used":1210,
@ -12,12 +11,12 @@
"severity":"Medium",
"severity":"Medium",
"sourceMap":null,
"sourceMap":null,
"swc-id":"107",
"swc-id":"107",
"title":"External Call To User-Supplied Address"
"title":"External Call To User-Supplied Address",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":285,
"address":285,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"description":"A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state.",
"function":"callnotchecked()",
"function":"callnotchecked()",
"max_gas_used":1232,
"max_gas_used":1232,
@ -25,12 +24,12 @@
"severity":"Medium",
"severity":"Medium",
"sourceMap":null,
"sourceMap":null,
"swc-id":"107",
"swc-id":"107",
"title":"External Call To User-Supplied Address"
"title":"External Call To User-Supplied Address",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":285,
"address":285,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"description":"The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.",
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -24,7 +25,8 @@
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -41,7 +43,8 @@
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
"tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
"description":"The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
"description":"The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
"function":"sendeth(address,uint256)",
"function":"sendeth(address,uint256)",
"max_gas_used":52861,
"max_gas_used":52861,
@ -12,12 +11,12 @@
"severity":"High",
"severity":"High",
"sourceMap":null,
"sourceMap":null,
"swc-id":"101",
"swc-id":"101",
"title":"Integer Underflow"
"title":"Integer Underflow",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":649,
"address":649,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
"description":"The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
"function":"sendeth(address,uint256)",
"function":"sendeth(address,uint256)",
"max_gas_used":52861,
"max_gas_used":52861,
@ -25,12 +24,12 @@
"severity":"High",
"severity":"High",
"sourceMap":null,
"sourceMap":null,
"swc-id":"101",
"swc-id":"101",
"title":"Integer Underflow"
"title":"Integer Underflow",
"tx_sequence":"<TX-DATA>"
},
},
{
{
"address":725,
"address":725,
"contract":"Unknown",
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The binary addition can overflow.\nThe operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion.",
"description":"The binary addition can overflow.\nThe operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion.",
"tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
"tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -24,7 +25,8 @@
"tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
"tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
},
},
"extra": {
"extra": {
"discoveryTime": "<DISCOVERY-TIME-DATA>"
"discoveryTime": "<DISCOVERY-TIME-DATA>",
"testCase": "<TEST-CASE>"
},
},
"locations": [
"locations": [
{
{
@ -41,7 +43,8 @@
"tail": "The operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion."
"tail": "The operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion."
Bernhard Mueller
6 years ago
committed by
GitHub