"description":"This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.",
"function":"_function_0x5a6814ec",
"function":"thisisfine()",
"swc-id":"107",
"min_gas_used":643,
"max_gas_used":1254,
@ -18,7 +18,7 @@
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function":"_function_0x5a6814ec",
"function":"thisisfine()",
"swc-id":"104",
"min_gas_used":1352,
"max_gas_used":35963,
@ -29,8 +29,8 @@
"address":779,
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.",
"function":"_function_0xd24b08cc",
"description":"This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `setstoredaddress(address)`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.",
"function":"callstoredaddress()",
"swc-id":"107",
"min_gas_used":687,
"max_gas_used":1298,
@ -41,8 +41,8 @@
"address":779,
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location",
"function":"_function_0xd24b08cc",
"description":"Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location.",
"function":"callstoredaddress()",
"swc-id":"114",
"min_gas_used":687,
"max_gas_used":1298,
@ -54,7 +54,7 @@
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function":"_function_0xd24b08cc",
"function":"callstoredaddress()",
"swc-id":"104",
"min_gas_used":1396,
"max_gas_used":36007,
@ -102,7 +102,7 @@
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.",
"function":"_function_0xe1d10f79",
"function":"calluseraddress(address)",
"swc-id":"107",
"min_gas_used":335,
"max_gas_used":616,
@ -114,7 +114,7 @@
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
@ -16,7 +16,7 @@ This contract executes a message call to to another contract. Make sure that the
- SWC ID: 104
- Type: Informational
- Contract: Unknown
- Function name: `_function_0x5a6814ec`
- Function name: `thisisfine()`
- PC address: 666
- Estimated Gas Usage: 1352 - 35963
@ -28,31 +28,31 @@ The return value of an external call is not checked. Note that execution continu
- SWC ID: 107
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xd24b08cc`
- Function name: `callstoredaddress()`
- PC address: 779
- Estimated Gas Usage: 687 - 1298
### Description
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `setstoredaddress(address)`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
## Transaction order dependence
- SWC ID: 114
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xd24b08cc`
- Function name: `callstoredaddress()`
- PC address: 779
- Estimated Gas Usage: 687 - 1298
### Description
Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location
Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location.
## Unchecked CALL return value
- SWC ID: 104
- Type: Informational
- Contract: Unknown
- Function name: `_function_0xd24b08cc`
- Function name: `callstoredaddress()`
- PC address: 784
- Estimated Gas Usage: 1396 - 36007
@ -100,7 +100,7 @@ The return value of an external call is not checked. Note that execution continu
- SWC ID: 107
- Type: Warning
- Contract: Unknown
- Function name: `_function_0xe1d10f79`
- Function name: `calluseraddress(address)`
- PC address: 912
- Estimated Gas Usage: 335 - 616
@ -112,7 +112,7 @@ This contract executes a message call to an address provided as a function argum
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
@ -12,7 +12,7 @@ This contract executes a message call to to another contract. Make sure that the
SWC ID: 104
Type: Informational
Contract: Unknown
Function name: _function_0x5a6814ec
Function name: thisisfine()
PC address: 666
Estimated Gas Usage: 1352 - 35963
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
@ -22,27 +22,27 @@ The return value of an external call is not checked. Note that execution continu
SWC ID: 107
Type: Warning
Contract: Unknown
Function name: _function_0xd24b08cc
Function name: callstoredaddress()
PC address: 779
Estimated Gas Usage: 687 - 1298
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `setstoredaddress(address)`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
--------------------
==== Transaction order dependence ====
SWC ID: 114
Type: Warning
Contract: Unknown
Function name: _function_0xd24b08cc
Function name: callstoredaddress()
PC address: 779
Estimated Gas Usage: 687 - 1298
Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location
Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location.
--------------------
==== Unchecked CALL return value ====
SWC ID: 104
Type: Informational
Contract: Unknown
Function name: _function_0xd24b08cc
Function name: callstoredaddress()
PC address: 784
Estimated Gas Usage: 1396 - 36007
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
@ -82,7 +82,7 @@ The return value of an external call is not checked. Note that execution continu
SWC ID: 107
Type: Warning
Contract: Unknown
Function name: _function_0xe1d10f79
Function name: calluseraddress(address)
PC address: 912
Estimated Gas Usage: 335 - 616
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
@ -92,7 +92,7 @@ This contract executes a message call to an address provided as a function argum
SWC ID: 104
Type: Informational
Contract: Unknown
Function name: _function_0xe1d10f79
Function name: calluseraddress(address)
PC address: 918
Estimated Gas Usage: 1046 - 35327
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
"description":"Users other than the contract creator can withdraw ETH from the contract account without previously having sent any ETH to it. This is likely to be vulnerability.",
"description":"Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.",
"function":"withdrawfunds()",
"swc-id":"105",
"min_gas_used":1138,
"max_gas_used":1749,
"min_gas_used":1138,
"swc-id":"105",
"title":"Ether thief",
"type":"Warning"
},
@ -19,9 +19,9 @@
"debug":"<DEBUG-DATA>",
"description":"This binary add operation can result in integer overflow.\n",
Users other than the contract creator can withdraw ETH from the contract account without previously having sent any ETH to it. This is likely to be vulnerability.
Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.
Users other than the contract creator can withdraw ETH from the contract account without previously having sent any ETH to it. This is likely to be vulnerability.
Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.
"description":"A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function":"_function_0x546455b5",
"description":"A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function":"assert3(uint256)",
"swc-id":"110",
"min_gas_used":206,
"max_gas_used":301,
@ -17,8 +17,8 @@
"address":484,
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function":"_function_0x92dd38ea",
"description":"A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function":"arrayaccess(uint256)",
"swc-id":"110",
"min_gas_used":256,
"max_gas_used":351,
@ -29,8 +29,8 @@
"address":506,
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function":"_function_0xa08299f1",
"description":"A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function":"divisionby0(uint256)",
"swc-id":"110",
"min_gas_used":272,
"max_gas_used":367,
@ -41,8 +41,8 @@
"address":531,
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function":"_function_0xb34c3610",
"description":"A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Exception state ====
SWC ID: 110
Type: Informational
Contract: Unknown
Function name: _function_0x92dd38ea
Function name: arrayaccess(uint256)
PC address: 484
Estimated Gas Usage: 256 - 351
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Exception state ====
SWC ID: 110
Type: Informational
Contract: Unknown
Function name: _function_0xa08299f1
Function name: divisionby0(uint256)
PC address: 506
Estimated Gas Usage: 272 - 367
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
--------------------
==== Exception state ====
SWC ID: 110
Type: Informational
Contract: Unknown
Function name: _function_0xb34c3610
Function name: assert1()
PC address: 531
Estimated Gas Usage: 268 - 363
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
"description":"Users other than the contract creator can withdraw ETH from the contract account without previously having sent any ETH to it. This is likely to be vulnerability.",
"function":"_function_0x8a4068dd",
"swc-id":"105",
"min_gas_used":186,
"description":"Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.",
Users other than the contract creator can withdraw ETH from the contract account without previously having sent any ETH to it. This is likely to be vulnerability.
Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.
Users other than the contract creator can withdraw ETH from the contract account without previously having sent any ETH to it. This is likely to be vulnerability.
Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.
"description":"This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.",
"function":"_function_0x633ab5e0",
"function":"callchecked()",
"swc-id":"107",
"min_gas_used":599,
"max_gas_used":1210,
@ -18,7 +18,7 @@
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.",
"function":"_function_0xe3bea282",
"function":"callnotchecked()",
"swc-id":"107",
"min_gas_used":621,
"max_gas_used":1232,
@ -30,7 +30,7 @@
"contract":"Unknown",
"debug":"<DEBUG-DATA>",
"description":"The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
Bernhard Mueller
6 years ago
committed by
GitHub