Merge branch 'more_documentation' of github.com:nbanmp/mythril into more_documentation

README.md

@@ -12,7 +12,7 @@
 [![Sonarcloud - Maintainability](https://sonarcloud.io/api/project_badges/measure?project=mythril&metric=sqale_rating)](https://sonarcloud.io/dashboard?id=mythril)
 [![Downloads](https://pepy.tech/badge/mythril)](https://pepy.tech/project/mythril)
 
-Mythril Classic is an open-source security analysis tool for Ethereum smart contracts. It uses concolic analysis, taint analysis and control flow checking to detect a variety of security vulnerabilities. 
+Mythril Classic is an open-source security analysis tool for Ethereum smart contracts. It uses symbolic analysis, taint analysis and control flow checking to detect a variety of security vulnerabilities. 
 
 If you a smart contract developer who wants convenience and comprehensive results, you should be using [MythX](https://mythx.io), our next-gen smart contract security API that [integrates with Truffle Framework](https://github.com/ConsenSys/truffle-security) and other development environments.
 

mythril/analysis/modules/deprecated_ops.py

@@ -1,6 +1,6 @@
 """This module contains the detection code for deprecated op codes."""
 from mythril.analysis.report import Issue
-from mythril.analysis.swc_data import DEPRICATED_FUNCTIONS_USAGE
+from mythril.analysis.swc_data import DEPRECATED_FUNCTIONS_USAGE
 from mythril.analysis.modules.base import DetectionModule
 from mythril.laser.ethereum.state.global_state import GlobalState
 import logging
@@ -33,7 +33,7 @@ def _analyze_state(state):
                 node.function_name
             )
         )
-        swc_id = DEPRICATED_FUNCTIONS_USAGE
+        swc_id = DEPRECATED_FUNCTIONS_USAGE
 
     elif instruction["opcode"] == "CALLCODE":
         log.debug("CALLCODE in function " + node.function_name)
@@ -44,7 +44,7 @@ def _analyze_state(state):
             "Due to a bug in the implementation it does not persist sender and value over the call. It was "
             "therefore deprecated and may be removed in the future. Use the delegatecall method instead."
         )
-        swc_id = DEPRICATED_FUNCTIONS_USAGE
+        swc_id = DEPRECATED_FUNCTIONS_USAGE
 
     issue = Issue(
         contract=node.contract_name,
@@ -68,7 +68,7 @@ class DeprecatedOperationsModule(DetectionModule):
         """"""
         super().__init__(
             name="Deprecated Operations",
-            swc_id=DEPRICATED_FUNCTIONS_USAGE,
+            swc_id=DEPRECATED_FUNCTIONS_USAGE,
             description=DESCRIPTION,
             entrypoint="callback",
             pre_hooks=["ORIGIN", "CALLCODE"],

mythril/analysis/swc_data.py

@@ -11,7 +11,7 @@ REENTRANCY = "107"
 DEFAULT_STATE_VARIABLE_VISIBILITY = "108"
 UNINITIALIZED_STORAGE_POINTER = "109"
 ASSERT_VIOLATION = "110"
-DEPRICATED_FUNCTIONS_USAGE = "111"
+DEPRECATED_FUNCTIONS_USAGE = "111"
 DELEGATECALL_TO_UNTRUSTED_CONTRACT = "112"
 MULTIPLE_SENDS = "113"
 TX_ORDER_DEPENDENCE = "114"

mythril/interfaces/cli.py

@@ -165,14 +165,14 @@ def main():
     options.add_argument(
         "--max-depth",
         type=int,
-        default=22,
+        default=50,
         help="Maximum recursion depth for symbolic execution",
     )
 
     options.add_argument(
         "--strategy",
         choices=["dfs", "bfs", "naive-random", "weighted-random"],
-        default="dfs",
+        default="bfs",
         help="Symbolic execution strategy",
     )
     options.add_argument(
@@ -280,7 +280,7 @@ def main():
             )
 
     if args.query_signature:
-        if sigs.ethereum_input_decoder == None:
+        if sigs.ethereum_input_decoder is None:
             exit_with_error(
                 args.outform,
                 "The --query-signature function requires the python package ethereum-input-decoder",

tests/testdata/outputs_expected/calls.sol.o.jsonv2

@@ -6,7 +6,9 @@
           "head": "The contract executes an external message call.",
           "tail": "An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "661:1:0"
@@ -21,7 +23,9 @@
           "head": "The contract executes an external message call.",
           "tail": "An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "779:1:0"
@@ -36,7 +40,9 @@
           "head": "The contract executes an external message call.",
           "tail": "An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "858:1:0"
@@ -51,7 +57,9 @@
           "head": "A call to a user-supplied address is executed.",
           "tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "912:1:0"
@@ -66,7 +74,9 @@
           "head": "The return value of a message call is not checked.",
           "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "661:1:0"
@@ -81,7 +91,9 @@
           "head": "The return value of a message call is not checked.",
           "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "779:1:0"
@@ -96,7 +108,9 @@
           "head": "The return value of a message call is not checked.",
           "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "858:1:0"
@@ -111,7 +125,9 @@
           "head": "The return value of a message call is not checked.",
           "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "912:1:0"
@@ -122,7 +138,9 @@
         "swcTitle": "Unchecked Call Return Value"
       }
     ],
-        "meta": {},
+    "meta": {
+
+    },
     "sourceFormat": "evm-byzantium-bytecode",
     "sourceList": [
       "0x7cbb77986c6b1bf6e945cd3fba06d3ea3d28cfc49cdfdc9571ec30703ac5862f"

tests/testdata/outputs_expected/kinds_of_calls.sol.o.jsonv2

@@ -6,7 +6,9 @@
           "head": "Use of callcode is deprecated.",
           "tail": "The callcode method executes code of another contract in the context of the caller account. Due to a bug in the implementation it does not persist sender and value over the call. It was therefore deprecated and may be removed in the future. Use the delegatecall method instead."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "618:1:0"
@@ -21,7 +23,9 @@
           "head": "A call to a user-supplied address is executed.",
           "tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "1038:1:0"
@@ -36,7 +40,9 @@
           "head": "The return value of a message call is not checked.",
           "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "618:1:0"
@@ -51,7 +57,9 @@
           "head": "The return value of a message call is not checked.",
           "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "849:1:0"
@@ -66,7 +74,9 @@
           "head": "The return value of a message call is not checked.",
           "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."
         },
-                "extra": {},
+        "extra": {
+
+        },
         "locations": [
           {
             "sourceMap": "1038:1:0"
@@ -77,7 +87,9 @@
         "swcTitle": "Unchecked Call Return Value"
       }
     ],
-        "meta": {},
+    "meta": {
+
+    },
     "sourceFormat": "evm-byzantium-bytecode",
     "sourceList": [
       "0x6daec61d05d8f1210661e7e7d1ed6d72bd6ade639398fac1e867aff50abfc1c1"