From dff15de6203f76160c2256269e928c6f101a70e3 Mon Sep 17 00:00:00 2001 From: Bernhard Mueller Date: Thu, 22 Feb 2018 22:11:23 +0000 Subject: [PATCH 1/5] Update README.md --- README.md | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 3dda5c27..4ef1bd57 100644 --- a/README.md +++ b/README.md @@ -49,19 +49,21 @@ Mythril detects a range of [security issues](security_checks.md), including inte In order to work with Solidity source code files, the [solc command line compiler](http://solidity.readthedocs.io/en/develop/using-the-compiler.html) needs to be installed and in path. You can then provide the source file(s) as positional arguments, e.g.: ```bash -$ myth -x myContract.sol -``` +$ myth -x underflow.sol +==== Integer Underflow ==== +Type: Warning +Contract: Under +Function name: sendeth(address,uint256) +PC address: 649 +A possible integer underflow exists in the function sendeth(address,uint256). +The SUB instruction at address 649 may result in a value < 0. +-------------------- +In file: underflow.sol -Alternatively, compile the code on [Remix](http://remix.ethereum.org) and pass the runtime binary code to Mythril: -```bash -$ myth -x -c "0x5060(...)" -``` +balances[msg.sender] -= _value -If you have multiple interdependent contracts, pass them to Mythril as separate input files. Mythril will map the first contract to address "0x0000(..)", the second one to "0x1111(...)", and so forth (make sure that contract addresses are set accordingly in the source). The contract passed as the first argument will be used as analysis entrypoint. -```bash -$ myth -x myContract.sol myLibrary.sol ``` #### Specifying Solc versions From c95e767ff2ed13dc7d052a5b1e6b1583d810ed1d Mon Sep 17 00:00:00 2001 From: Bernhard Mueller Date: Thu, 22 Feb 2018 22:11:55 +0000 Subject: [PATCH 2/5] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4ef1bd57..b71eaf7d 100644 --- a/README.md +++ b/README.md @@ -48,7 +48,7 @@ Mythril detects a range of [security issues](security_checks.md), including inte In order to work with Solidity source code files, the [solc command line compiler](http://solidity.readthedocs.io/en/develop/using-the-compiler.html) needs to be installed and in path. You can then provide the source file(s) as positional arguments, e.g.: -```bash +``` $ myth -x underflow.sol ==== Integer Underflow ==== Type: Warning From 17002bd4fc71a19e4c9708ca65195c28c03566d8 Mon Sep 17 00:00:00 2001 From: Bernhard Mueller Date: Thu, 22 Feb 2018 22:13:36 +0000 Subject: [PATCH 3/5] Update README.md --- README.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index b71eaf7d..4c80c481 100644 --- a/README.md +++ b/README.md @@ -22,18 +22,6 @@ $ python3 setup.py install Note that Mythril requires Python 3.5 to work. -### Function signatures - -Whenever you disassemble or analyze binary code, Mythril will try to resolve function names using its local signature database. The database must be provided at `~/.mythril/signatures.json`. You can start out with the [default file](signatures.json) as follows: - -``` -$ mkdir ~/.mythril -$ cd ~/.mythril -$ wget https://raw.githubusercontent.com/b-mueller/mythril/master/signatures.json -``` - -When you analyze Solidity code, new function signatures are added to the database automatically. - ## Security analysis Run `myth -x` with one of the input options described below to run the analysis. This will run the Python modules in the [/analysis/modules](https://github.com/b-mueller/mythril/tree/master/mythril/analysis/modules) directory. @@ -190,6 +178,18 @@ $ myth --hash "setOwner(address)" 0x13af4035 ``` +### Function signatures + +Whenever you disassemble or analyze binary code, Mythril will try to resolve function names using its local signature database. The database must be provided at `~/.mythril/signatures.json`. You can start out with the [default file](signatures.json) as follows: + +``` +$ mkdir ~/.mythril +$ cd ~/.mythril +$ wget https://raw.githubusercontent.com/b-mueller/mythril/master/signatures.json +``` + +When you analyze Solidity code, new function signatures are added to the database automatically. + ## Credit - JSON RPC library is adapted from [ethjsonrpc](https://github.com/ConsenSys/ethjsonrpc) (it doesn't seem to be maintained anymore, and I needed to make some changes to it). From 978906c95595d99e9f3b6f1902e68a5795e478dc Mon Sep 17 00:00:00 2001 From: Bernhard Mueller Date: Thu, 22 Feb 2018 22:14:06 +0000 Subject: [PATCH 4/5] Update README.md --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 4c80c481..49baadf3 100644 --- a/README.md +++ b/README.md @@ -28,10 +28,6 @@ Run `myth -x` with one of the input options described below to run the analysis. Mythril detects a range of [security issues](security_checks.md), including integer underflows, owner-overwrite-to-Ether-withdrawal, and others. However, the analysis will not detect business logic issues and is not equivalent to formal verification. -### Analyzing a Truffle project - -[Truffle Suite](http://truffleframework.com) is a popular development framework for Ethereum. To analyze the smart contracts in a Truffle project, change in the project root directory and make run `truffle compile` followed by `myth --truffle`. - ### Analyzing Solidity code In order to work with Solidity source code files, the [solc command line compiler](http://solidity.readthedocs.io/en/develop/using-the-compiler.html) needs to be installed and in path. You can then provide the source file(s) as positional arguments, e.g.: @@ -58,6 +54,10 @@ balances[msg.sender] -= _value You can specify a version of the solidity compiler to be used with `--solv `. Please be aware that this uses [py-solc](https://github.com/ethereum/py-solc) and will only work on Linux and OS X versions of Mavericks, Yosemite and El Capitan as of the time of this writing. It will check you locally installed compiler, if this is not what is specified, it will download binaries on Linux or try to compile from source on OS X. +### Analyzing a Truffle project + +[Truffle Suite](http://truffleframework.com) is a popular development framework for Ethereum. To analyze the smart contracts in a Truffle project, change in the project root directory and make run `truffle compile` followed by `myth --truffle`. + ### Working with contracts on the mainnet and testnets When analyzing contracts on the blockchain, Mythril will by default query a local node via IPC. If you want to analyze contracts on the live Ethereum network, you can also use the built-in [INFURA](https://infura.io) support. Alternatively, you can override the RPC settings with the `--rpc` argument. From 6626e6907fcda0ae7615727194a4a25ea6da7c70 Mon Sep 17 00:00:00 2001 From: Bernhard Mueller Date: Sun, 25 Feb 2018 01:16:33 +0300 Subject: [PATCH 5/5] Update security_checks.md --- security_checks.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/security_checks.md b/security_checks.md index 9dab8c10..614706e2 100644 --- a/security_checks.md +++ b/security_checks.md @@ -16,4 +16,6 @@ |Predictable RNG| | [weak_random](mythril/analysis/modules/weak_random.py) | | |Transaction order dependence| | | [Front Running](https://consensys.github.io/smart-contract-best-practices/known_attacks/#transaction-ordering-dependence-tod-front-running) | |Information exposure| | | | +|Complex fallback function (uses more than 2,300 gas) | A too complex fallback function will cause send() and transfer() from other contracts to fail. To implement this we first need to fully implement gas simulation. | | |Call depth attack| Deprecated! | | [EIP 150 Hard Fork](https://consensys.github.io/smart-contract-best-practices/known_attacks/#call-depth-attack-deprecated)| +