Improve integer module descriptions

mythril/analysis/modules/integer.py

@@ -80,7 +80,7 @@ class IntegerOverflowUnderflowModule(DetectionModule):
         if model is None:
             return
 
-        annotation = OverUnderflowAnnotation(state, "add", c)
+        annotation = OverUnderflowAnnotation(state, "addition", c)
         op0.annotate(annotation)
 
     def _handle_mul(self, state):
@@ -97,7 +97,7 @@ class IntegerOverflowUnderflowModule(DetectionModule):
         if model is None:
             return
 
-        annotation = OverUnderflowAnnotation(state, "multiply", c)
+        annotation = OverUnderflowAnnotation(state, "multiplication", c)
         op0.annotate(annotation)
 
     def _handle_sub(self, state):
@@ -139,10 +139,16 @@ class IntegerOverflowUnderflowModule(DetectionModule):
             ostate = annotation.overflowing_state
             node = ostate.node
 
-            description_tail = "The binary {} operation can result in an integer {}.\n".format(
+            description_head = "The binary {} can {}.".format(
                 annotation.operator, _type.lower()
             )
 
+            description_tail = "The operands of the {} operation are not sufficiently constrained. " \
+                "The {} could therefore result in an integer {}. Prevent the {} by checking inputs " \
+                "or ensure sure that the {} is caught by an assertion.".format(
+                annotation.operator, annotation.operator,  _type.lower(), _type.lower(), _type.lower()
+            )
+
             issue = Issue(
                 contract=node.contract_name,
                 function_name=node.function_name,
@@ -151,9 +157,7 @@ class IntegerOverflowUnderflowModule(DetectionModule):
                 bytecode=ostate.environment.code.bytecode,
                 title="Integer {}".format(_type),
                 severity="High",
-                description_head="The {} can {}.".format(
-                    annotation.operator, _type.lower()
-                ),
+                description_head=description_head,
                 description_tail=description_tail,
                 gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used),
             )

tests/testdata/outputs_expected/overflow.sol.o.json

@@ -1,29 +1,32 @@
 {
-	"error": null,
-	"issues": [{
-		"address": 567,
-		"contract": "Unknown",
-		"debug": "<DEBUG-DATA>",
-		"description": "The subtraction can underflow.\nThe binary subtraction operation can result in an integer underflow.\n",
-		"function": "sendeth(address,uint256)",
-		"max_gas_used": 1774,
-		"min_gas_used": 1299,
-		"severity": "High",
-		"sourceMap": null,
-		"swc-id": "101",
-		"title": "Integer Underflow"
-	}, {
-		"address": 649,
-		"contract": "Unknown",
-		"debug": "<DEBUG-DATA>",
-		"description": "The subtraction can underflow.\nThe binary subtraction operation can result in an integer underflow.\n",
-		"function": "sendeth(address,uint256)",
-		"max_gas_used": 1774,
-		"min_gas_used": 1299,
-		"severity": "High",
-		"sourceMap": null,
-		"swc-id": "101",
-		"title": "Integer Underflow"
-	}],
-	"success": true
-}
+    "error": null,
+    "issues": [
+        {
+            "address": 567,
+            "contract": "Unknown",
+            "debug": "<DEBUG-DATA>",
+            "description": "The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
+            "function": "sendeth(address,uint256)",
+            "max_gas_used": 1774,
+            "min_gas_used": 1299,
+            "severity": "High",
+            "sourceMap": null,
+            "swc-id": "101",
+            "title": "Integer Underflow"
+        },
+        {
+            "address": 649,
+            "contract": "Unknown",
+            "debug": "<DEBUG-DATA>",
+            "description": "The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
+            "function": "sendeth(address,uint256)",
+            "max_gas_used": 1774,
+            "min_gas_used": 1299,
+            "severity": "High",
+            "sourceMap": null,
+            "swc-id": "101",
+            "title": "Integer Underflow"
+        }
+    ],
+    "success": true
+}

tests/testdata/outputs_expected/overflow.sol.o.jsonv2

@@ -1,31 +1,40 @@
 {
-	"issues": [{
-		"description": {
-			"head": "The subtraction can underflow.",
-			"tail": "The binary subtraction operation can result in an integer underflow.\n"
-		},
-		"extra": {},
-		"locations": [{
-			"sourceMap": "567:1:0"
-		}],
-		"severity": "High",
-		"swcID": "SWC-101",
-		"swcTitle": "Integer Overflow and Underflow"
-	}, {
-		"description": {
-			"head": "The subtraction can underflow.",
-			"tail": "The binary subtraction operation can result in an integer underflow.\n"
-		},
-		"extra": {},
-		"locations": [{
-			"sourceMap": "649:1:0"
-		}],
-		"severity": "High",
-		"swcID": "SWC-101",
-		"swcTitle": "Integer Overflow and Underflow"
-	}],
-	"meta": {},
-	"sourceFormat": "evm-byzantium-bytecode",
-	"sourceList": ["0xf230bec502569e8b7e7737616d0ad0f200c436624e3c223e5398c0615cd2d6b9"],
-	"sourceType": "raw-bytecode"
-}
+    "issues": [
+        {
+            "description": {
+                "head": "The binary subtraction can underflow.",
+                "tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
+            },
+            "extra": {},
+            "locations": [
+                {
+                    "sourceMap": "567:1:0"
+                }
+            ],
+            "severity": "High",
+            "swcID": "SWC-101",
+            "swcTitle": "Integer Overflow and Underflow"
+        },
+        {
+            "description": {
+                "head": "The binary subtraction can underflow.",
+                "tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
+            },
+            "extra": {},
+            "locations": [
+                {
+                    "sourceMap": "649:1:0"
+                }
+            ],
+            "severity": "High",
+            "swcID": "SWC-101",
+            "swcTitle": "Integer Overflow and Underflow"
+        }
+    ],
+    "meta": {},
+    "sourceFormat": "evm-byzantium-bytecode",
+    "sourceList": [
+        "0xf230bec502569e8b7e7737616d0ad0f200c436624e3c223e5398c0615cd2d6b9"
+    ],
+    "sourceType": "raw-bytecode"
+}

tests/testdata/outputs_expected/overflow.sol.o.markdown

@@ -10,8 +10,8 @@
 
 ### Description
 
-The subtraction can underflow.
-The binary subtraction operation can result in an integer underflow.
+The binary subtraction can underflow.
+The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.
 
 ## Integer Underflow
 - SWC ID: 101
@@ -23,5 +23,5 @@ The binary subtraction operation can result in an integer underflow.
 
 ### Description
 
-The subtraction can underflow.
-The binary subtraction operation can result in an integer underflow.
+The binary subtraction can underflow.
+The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.

tests/testdata/outputs_expected/overflow.sol.o.text

@@ -5,9 +5,8 @@ Contract: Unknown
 Function name: sendeth(address,uint256)
 PC address: 567
 Estimated Gas Usage: 1299 - 1774
-The subtraction can underflow.
-The binary subtraction operation can result in an integer underflow.
-
+The binary subtraction can underflow.
+The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.
 --------------------
 
 ==== Integer Underflow ====
@@ -17,8 +16,7 @@ Contract: Unknown
 Function name: sendeth(address,uint256)
 PC address: 649
 Estimated Gas Usage: 1299 - 1774
-The subtraction can underflow.
-The binary subtraction operation can result in an integer underflow.
-
+The binary subtraction can underflow.
+The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.
 --------------------
 

tests/testdata/outputs_expected/underflow.sol.o.json

@@ -1,29 +1,32 @@
 {
-	"error": null,
-	"issues": [{
-		"address": 567,
-		"contract": "Unknown",
-		"debug": "<DEBUG-DATA>",
-		"description": "The subtraction can underflow.\nThe binary subtraction operation can result in an integer underflow.\n",
-		"function": "sendeth(address,uint256)",
-		"max_gas_used": 1774,
-		"min_gas_used": 1299,
-		"severity": "High",
-		"sourceMap": null,
-		"swc-id": "101",
-		"title": "Integer Underflow"
-	}, {
-		"address": 649,
-		"contract": "Unknown",
-		"debug": "<DEBUG-DATA>",
-		"description": "The subtraction can underflow.\nThe binary subtraction operation can result in an integer underflow.\n",
-		"function": "sendeth(address,uint256)",
-		"max_gas_used": 1774,
-		"min_gas_used": 1299,
-		"severity": "High",
-		"sourceMap": null,
-		"swc-id": "101",
-		"title": "Integer Underflow"
-	}],
-	"success": true
-}
+    "error": null,
+    "issues": [
+        {
+            "address": 567,
+            "contract": "Unknown",
+            "debug": "<DEBUG-DATA>",
+            "description": "The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
+            "function": "sendeth(address,uint256)",
+            "max_gas_used": 1774,
+            "min_gas_used": 1299,
+            "severity": "High",
+            "sourceMap": null,
+            "swc-id": "101",
+            "title": "Integer Underflow"
+        },
+        {
+            "address": 649,
+            "contract": "Unknown",
+            "debug": "<DEBUG-DATA>",
+            "description": "The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
+            "function": "sendeth(address,uint256)",
+            "max_gas_used": 1774,
+            "min_gas_used": 1299,
+            "severity": "High",
+            "sourceMap": null,
+            "swc-id": "101",
+            "title": "Integer Underflow"
+        }
+    ],
+    "success": true
+}

tests/testdata/outputs_expected/underflow.sol.o.jsonv2

@@ -1,31 +1,40 @@
 {
-	"issues": [{
-		"description": {
-			"head": ["The subtraction can underflow."],
-			"tail": ["The binary subtraction operation can result in an integer underflow.\n"]
-		},
-		"extra": {},
-		"locations": [{
-			"sourceMap": "567:1:0"
-		}],
-		"severity": "High",
-		"swcID": "101",
-		"swcTitle": "Integer Overflow and Underflow"
-	}, {
-		"description": {
-			"head": ["The subtraction can underflow."],
-			"tail": ["The binary subtraction operation can result in an integer underflow.\n"]
-		},
-		"extra": {},
-		"locations": [{
-			"sourceMap": "649:1:0"
-		}],
-		"severity": "High",
-		"swcID": "101",
-		"swcTitle": "Integer Overflow and Underflow"
-	}],
-	"meta": {},
-	"sourceFormat": "evm-byzantium-bytecode",
-	"sourceList": ["0xabef56740bf7795a9f8732e4781ebd27f2977f8a4997e3ff11cee79a4ba6c0ce"],
-	"sourceType": "raw-bytecode"
-}
+    "issues": [
+        {
+            "description": {
+                "head": "The binary subtraction can underflow.",
+                "tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
+            },
+            "extra": {},
+            "locations": [
+                {
+                    "sourceMap": "567:1:0"
+                }
+            ],
+            "severity": "High",
+            "swcID": "SWC-101",
+            "swcTitle": "Integer Overflow and Underflow"
+        },
+        {
+            "description": {
+                "head": "The binary subtraction can underflow.",
+                "tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
+            },
+            "extra": {},
+            "locations": [
+                {
+                    "sourceMap": "649:1:0"
+                }
+            ],
+            "severity": "High",
+            "swcID": "SWC-101",
+            "swcTitle": "Integer Overflow and Underflow"
+        }
+    ],
+    "meta": {},
+    "sourceFormat": "evm-byzantium-bytecode",
+    "sourceList": [
+        "0xabef56740bf7795a9f8732e4781ebd27f2977f8a4997e3ff11cee79a4ba6c0ce"
+    ],
+    "sourceType": "raw-bytecode"
+}

tests/testdata/outputs_expected/underflow.sol.o.markdown

@@ -10,8 +10,8 @@
 
 ### Description
 
-The subtraction can underflow.
-The binary subtraction operation can result in an integer underflow.
+The binary subtraction can underflow.
+The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.
 
 ## Integer Underflow
 - SWC ID: 101
@@ -23,5 +23,5 @@ The binary subtraction operation can result in an integer underflow.
 
 ### Description
 
-The subtraction can underflow.
-The binary subtraction operation can result in an integer underflow.
+The binary subtraction can underflow.
+The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.

tests/testdata/outputs_expected/underflow.sol.o.text

@@ -5,9 +5,8 @@ Contract: Unknown
 Function name: sendeth(address,uint256)
 PC address: 567
 Estimated Gas Usage: 1299 - 1774
-The subtraction can underflow.
-The binary subtraction operation can result in an integer underflow.
-
+The binary subtraction can underflow.
+The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.
 --------------------
 
 ==== Integer Underflow ====
@@ -17,8 +16,7 @@ Contract: Unknown
 Function name: sendeth(address,uint256)
 PC address: 649
 Estimated Gas Usage: 1299 - 1774
-The subtraction can underflow.
-The binary subtraction operation can result in an integer underflow.
-
+The binary subtraction can underflow.
+The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.
 --------------------