mirror of https://github.com/ConsenSys/mythril
commit
f85d24bcc1
@ -1,6 +1,6 @@ |
|||||||
# We use RsT document formatting in docstring. For example :param to mark parameters. |
# We use RsT document formatting in docstring. For example :param to mark parameters. |
||||||
# See PEP 287 |
# See PEP 287 |
||||||
__docformat__ = 'restructuredtext' |
__docformat__ = "restructuredtext" |
||||||
|
|
||||||
# Accept mythril.VERSION to get mythril's current version number |
# Accept mythril.VERSION to get mythril's current version number |
||||||
from .version import VERSION # NOQA |
from .version import VERSION # NOQA |
||||||
|
@ -1,25 +1,27 @@ |
|||||||
DEFAULT_FUNCTION_VISIBILITY = '100' |
DEFAULT_FUNCTION_VISIBILITY = "100" |
||||||
INTEGER_OVERFLOW_AND_UNDERFLOW = '101' |
INTEGER_OVERFLOW_AND_UNDERFLOW = "101" |
||||||
OUTDATED_COMPILER_VERSION = '102' |
OUTDATED_COMPILER_VERSION = "102" |
||||||
FLOATING_PRAGMA = '103' |
FLOATING_PRAGMA = "103" |
||||||
UNCHECKED_RET_VAL = '104' |
UNCHECKED_RET_VAL = "104" |
||||||
UNPROTECTED_ETHER_WITHDRAWAL = '105' |
UNPROTECTED_ETHER_WITHDRAWAL = "105" |
||||||
UNPROTECTED_SELFDESTRUCT = '106' |
UNPROTECTED_SELFDESTRUCT = "106" |
||||||
REENTRANCY = '107' |
REENTRANCY = "107" |
||||||
DEFAULT_STATE_VARIABLE_VISIBILITY = '108' |
DEFAULT_STATE_VARIABLE_VISIBILITY = "108" |
||||||
UNINITIALIZED_STORAGE_POINTER = '109' |
UNINITIALIZED_STORAGE_POINTER = "109" |
||||||
ASSERT_VIOLATION = '110' |
ASSERT_VIOLATION = "110" |
||||||
DEPRICATED_FUNCTIONS_USAGE = '111' |
DEPRICATED_FUNCTIONS_USAGE = "111" |
||||||
DELEGATECALL_TO_UNTRUSTED_CONTRACT = '112' |
DELEGATECALL_TO_UNTRUSTED_CONTRACT = "112" |
||||||
MULTIPLE_SENDS = '113' |
MULTIPLE_SENDS = "113" |
||||||
TX_ORDER_DEPENDENCE = '114' |
TX_ORDER_DEPENDENCE = "114" |
||||||
TX_ORIGIN_USAGE = '115' |
TX_ORIGIN_USAGE = "115" |
||||||
TIMESTAMP_DEPENDENCE = '116' |
TIMESTAMP_DEPENDENCE = "116" |
||||||
# TODO: SWC ID 116 is missing, Add it if it's added to the https://github.com/SmartContractSecurity/SWC-registry |
# TODO: SWC ID 116 is missing, Add it if it's added to the https://github.com/SmartContractSecurity/SWC-registry |
||||||
INCORRECT_CONSTRUCTOR_NAME = '118' |
INCORRECT_CONSTRUCTOR_NAME = "118" |
||||||
SHADOWING_STATE_VARIABLES = '119' |
SHADOWING_STATE_VARIABLES = "119" |
||||||
WEAK_RANDOMNESS = '120' |
WEAK_RANDOMNESS = "120" |
||||||
SIGNATURE_REPLAY = '121' |
SIGNATURE_REPLAY = "121" |
||||||
IMPROPER_VERIFICATION_BASED_ON_MSG_SENDER = '122' |
IMPROPER_VERIFICATION_BASED_ON_MSG_SENDER = "122" |
||||||
|
|
||||||
PREDICTABLE_VARS_DEPENDENCE = 'N/A' # TODO: Add the swc id when this is added to the SWC Registry |
PREDICTABLE_VARS_DEPENDENCE = ( |
||||||
|
"N/A" |
||||||
|
) # TODO: Add the swc id when this is added to the SWC Registry |
||||||
|
@ -1,8 +1,4 @@ |
|||||||
BLOCK_TAG_EARLIEST = 'earliest' |
BLOCK_TAG_EARLIEST = "earliest" |
||||||
BLOCK_TAG_LATEST = 'latest' |
BLOCK_TAG_LATEST = "latest" |
||||||
BLOCK_TAG_PENDING = 'pending' |
BLOCK_TAG_PENDING = "pending" |
||||||
BLOCK_TAGS = ( |
BLOCK_TAGS = (BLOCK_TAG_EARLIEST, BLOCK_TAG_LATEST, BLOCK_TAG_PENDING) |
||||||
BLOCK_TAG_EARLIEST, |
|
||||||
BLOCK_TAG_LATEST, |
|
||||||
BLOCK_TAG_PENDING, |
|
||||||
) |
|
||||||
|
@ -0,0 +1,249 @@ |
|||||||
|
#!/usr/bin/env python |
||||||
|
# |
||||||
|
# "THE BEER-WARE LICENSE" (Revision 43~maze) |
||||||
|
# |
||||||
|
# <maze@pyth0n.org> wrote these files. As long as you retain this notice you |
||||||
|
# can do whatever you want with this stuff. If we meet some day, and you think |
||||||
|
# this stuff is worth it, you can buy me a beer in return. |
||||||
|
|
||||||
|
# https://github.com/tehmaze/lolcat |
||||||
|
|
||||||
|
import atexit |
||||||
|
import math |
||||||
|
import os |
||||||
|
import random |
||||||
|
import re |
||||||
|
import sys |
||||||
|
import time |
||||||
|
|
||||||
|
PY3 = sys.version_info >= (3,) |
||||||
|
|
||||||
|
# Reset terminal colors at exit |
||||||
|
def reset(): |
||||||
|
sys.stdout.write("\x1b[0m") |
||||||
|
sys.stdout.flush() |
||||||
|
|
||||||
|
|
||||||
|
atexit.register(reset) |
||||||
|
|
||||||
|
|
||||||
|
STRIP_ANSI = re.compile(r"\x1b\[(\d+)(;\d+)?(;\d+)?[m|K]") |
||||||
|
COLOR_ANSI = ( |
||||||
|
(0x00, 0x00, 0x00), |
||||||
|
(0xCD, 0x00, 0x00), |
||||||
|
(0x00, 0xCD, 0x00), |
||||||
|
(0xCD, 0xCD, 0x00), |
||||||
|
(0x00, 0x00, 0xEE), |
||||||
|
(0xCD, 0x00, 0xCD), |
||||||
|
(0x00, 0xCD, 0xCD), |
||||||
|
(0xE5, 0xE5, 0xE5), |
||||||
|
(0x7F, 0x7F, 0x7F), |
||||||
|
(0xFF, 0x00, 0x00), |
||||||
|
(0x00, 0xFF, 0x00), |
||||||
|
(0xFF, 0xFF, 0x00), |
||||||
|
(0x5C, 0x5C, 0xFF), |
||||||
|
(0xFF, 0x00, 0xFF), |
||||||
|
(0x00, 0xFF, 0xFF), |
||||||
|
(0xFF, 0xFF, 0xFF), |
||||||
|
) |
||||||
|
|
||||||
|
|
||||||
|
class LolCat(object): |
||||||
|
def __init__(self, mode=256, output=sys.stdout): |
||||||
|
self.mode = mode |
||||||
|
self.output = output |
||||||
|
|
||||||
|
def _distance(self, rgb1, rgb2): |
||||||
|
return sum(map(lambda c: (c[0] - c[1]) ** 2, zip(rgb1, rgb2))) |
||||||
|
|
||||||
|
def ansi(self, rgb): |
||||||
|
r, g, b = rgb |
||||||
|
|
||||||
|
if self.mode in (8, 16): |
||||||
|
colors = COLOR_ANSI[: self.mode] |
||||||
|
matches = [ |
||||||
|
(self._distance(c, map(int, rgb)), i) for i, c in enumerate(colors) |
||||||
|
] |
||||||
|
matches.sort() |
||||||
|
color = matches[0][1] |
||||||
|
|
||||||
|
return "3%d" % (color,) |
||||||
|
else: |
||||||
|
gray_possible = True |
||||||
|
sep = 2.5 |
||||||
|
|
||||||
|
while gray_possible: |
||||||
|
if r < sep or g < sep or b < sep: |
||||||
|
gray = r < sep and g < sep and b < sep |
||||||
|
gray_possible = False |
||||||
|
|
||||||
|
sep += 42.5 |
||||||
|
|
||||||
|
if gray: |
||||||
|
color = 232 + int(float(sum(rgb) / 33.0)) |
||||||
|
else: |
||||||
|
color = sum( |
||||||
|
[16] |
||||||
|
+ [ |
||||||
|
int(6 * float(val) / 256) * mod |
||||||
|
for val, mod in zip(rgb, [36, 6, 1]) |
||||||
|
] |
||||||
|
) |
||||||
|
|
||||||
|
return "38;5;%d" % (color,) |
||||||
|
|
||||||
|
def wrap(self, *codes): |
||||||
|
return "\x1b[%sm" % ("".join(codes),) |
||||||
|
|
||||||
|
def rainbow(self, freq, i): |
||||||
|
r = math.sin(freq * i) * 127 + 128 |
||||||
|
g = math.sin(freq * i + 2 * math.pi / 3) * 127 + 128 |
||||||
|
b = math.sin(freq * i + 4 * math.pi / 3) * 127 + 128 |
||||||
|
return [r, g, b] |
||||||
|
|
||||||
|
def cat(self, fd, options): |
||||||
|
if options.animate: |
||||||
|
self.output.write("\x1b[?25l") |
||||||
|
|
||||||
|
for line in fd: |
||||||
|
options.os += 1 |
||||||
|
self.println(line, options) |
||||||
|
|
||||||
|
if options.animate: |
||||||
|
self.output.write("\x1b[?25h") |
||||||
|
|
||||||
|
def println(self, s, options): |
||||||
|
s = s.rstrip() |
||||||
|
if options.force or self.output.isatty(): |
||||||
|
s = STRIP_ANSI.sub("", s) |
||||||
|
|
||||||
|
if options.animate: |
||||||
|
self.println_ani(s, options) |
||||||
|
else: |
||||||
|
self.println_plain(s, options) |
||||||
|
|
||||||
|
self.output.write("\n") |
||||||
|
self.output.flush() |
||||||
|
|
||||||
|
def println_ani(self, s, options): |
||||||
|
if not s: |
||||||
|
return |
||||||
|
|
||||||
|
for i in range(1, options.duration): |
||||||
|
self.output.write("\x1b[%dD" % (len(s),)) |
||||||
|
self.output.flush() |
||||||
|
options.os += options.spread |
||||||
|
self.println_plain(s, options) |
||||||
|
time.sleep(1.0 / options.speed) |
||||||
|
|
||||||
|
def println_plain(self, s, options): |
||||||
|
for i, c in enumerate(s if PY3 else s.decode(options.charset_py2, "replace")): |
||||||
|
rgb = self.rainbow(options.freq, options.os + i / options.spread) |
||||||
|
self.output.write( |
||||||
|
"".join( |
||||||
|
[ |
||||||
|
self.wrap(self.ansi(rgb)), |
||||||
|
c if PY3 else c.encode(options.charset_py2, "replace"), |
||||||
|
] |
||||||
|
) |
||||||
|
) |
||||||
|
|
||||||
|
|
||||||
|
def detect_mode(term_hint="xterm-256color"): |
||||||
|
""" |
||||||
|
Poor-mans color mode detection. |
||||||
|
""" |
||||||
|
if "ANSICON" in os.environ: |
||||||
|
return 16 |
||||||
|
elif os.environ.get("ConEmuANSI", "OFF") == "ON": |
||||||
|
return 256 |
||||||
|
else: |
||||||
|
term = os.environ.get("TERM", term_hint) |
||||||
|
if term.endswith("-256color") or term in ("xterm", "screen"): |
||||||
|
return 256 |
||||||
|
elif term.endswith("-color") or term in ("rxvt",): |
||||||
|
return 16 |
||||||
|
else: |
||||||
|
return 256 # optimistic default |
||||||
|
|
||||||
|
|
||||||
|
def run(): |
||||||
|
"""Main entry point.""" |
||||||
|
import optparse |
||||||
|
|
||||||
|
parser = optparse.OptionParser(usage=r"%prog [<options>] [file ...]") |
||||||
|
parser.add_option( |
||||||
|
"-p", "--spread", type="float", default=3.0, help="Rainbow spread" |
||||||
|
) |
||||||
|
parser.add_option( |
||||||
|
"-F", "--freq", type="float", default=0.1, help="Rainbow frequency" |
||||||
|
) |
||||||
|
parser.add_option("-S", "--seed", type="int", default=0, help="Rainbow seed") |
||||||
|
parser.add_option( |
||||||
|
"-a", |
||||||
|
"--animate", |
||||||
|
action="store_true", |
||||||
|
default=False, |
||||||
|
help="Enable psychedelics", |
||||||
|
) |
||||||
|
parser.add_option( |
||||||
|
"-d", "--duration", type="int", default=12, help="Animation duration" |
||||||
|
) |
||||||
|
parser.add_option( |
||||||
|
"-s", "--speed", type="float", default=20.0, help="Animation speed" |
||||||
|
) |
||||||
|
parser.add_option( |
||||||
|
"-f", |
||||||
|
"--force", |
||||||
|
action="store_true", |
||||||
|
default=False, |
||||||
|
help="Force colour even when stdout is not a tty", |
||||||
|
) |
||||||
|
|
||||||
|
parser.add_option( |
||||||
|
"-3", action="store_const", dest="mode", const=8, help="Force 3 bit colour mode" |
||||||
|
) |
||||||
|
parser.add_option( |
||||||
|
"-4", |
||||||
|
action="store_const", |
||||||
|
dest="mode", |
||||||
|
const=16, |
||||||
|
help="Force 4 bit colour mode", |
||||||
|
) |
||||||
|
parser.add_option( |
||||||
|
"-8", |
||||||
|
action="store_const", |
||||||
|
dest="mode", |
||||||
|
const=256, |
||||||
|
help="Force 8 bit colour mode", |
||||||
|
) |
||||||
|
|
||||||
|
parser.add_option( |
||||||
|
"-c", |
||||||
|
"--charset-py2", |
||||||
|
default="utf-8", |
||||||
|
help="Manually set a charset to convert from, for python 2.7", |
||||||
|
) |
||||||
|
|
||||||
|
options, args = parser.parse_args() |
||||||
|
options.os = random.randint(0, 256) if options.seed == 0 else options.seed |
||||||
|
options.mode = options.mode or detect_mode() |
||||||
|
|
||||||
|
lolcat = LolCat(mode=options.mode) |
||||||
|
|
||||||
|
if not args: |
||||||
|
args = ["-"] |
||||||
|
|
||||||
|
for filename in args: |
||||||
|
if filename == "-": |
||||||
|
lolcat.cat(sys.stdin, options) |
||||||
|
else: |
||||||
|
try: |
||||||
|
with open(filename, "r") as handle: |
||||||
|
lolcat.cat(handle, options) |
||||||
|
except IOError as error: |
||||||
|
sys.stderr.write(str(error) + "\n") |
||||||
|
|
||||||
|
|
||||||
|
if __name__ == "__main__": |
||||||
|
sys.exit(run()) |
File diff suppressed because it is too large
Load Diff
@ -1,2 +1,5 @@ |
|||||||
from mythril.laser.ethereum.transaction.transaction_models import * |
from mythril.laser.ethereum.transaction.transaction_models import * |
||||||
from mythril.laser.ethereum.transaction.symbolic import execute_message_call, execute_contract_creation |
from mythril.laser.ethereum.transaction.symbolic import ( |
||||||
|
execute_message_call, |
||||||
|
execute_contract_creation, |
||||||
|
) |
||||||
|
@ -1,3 +1,3 @@ |
|||||||
# This file is suitable for sourcing inside POSIX shell, e.g. bash as |
# This file is suitable for sourcing inside POSIX shell, e.g. bash as |
||||||
# well as for importing into Python |
# well as for importing into Python |
||||||
VERSION="v0.18.13" # NOQA |
VERSION = "v0.18.13" # NOQA |
||||||
|
@ -0,0 +1,61 @@ |
|||||||
|
from mythril.disassembler.disassembly import * |
||||||
|
|
||||||
|
instruction_list = [ |
||||||
|
{"opcode": "PUSH4", "argument": "0x10203040"}, |
||||||
|
{"opcode": "EQ"}, |
||||||
|
{"opcode": "PUSH4", "argument": "0x40302010"}, |
||||||
|
{"opcode": "JUMPI"}, |
||||||
|
] |
||||||
|
|
||||||
|
|
||||||
|
def test_get_function_info(mocker): |
||||||
|
# Arrange |
||||||
|
global instruction_list |
||||||
|
|
||||||
|
signature_database_mock = SignatureDb() |
||||||
|
mocker.patch.object(signature_database_mock, "get") |
||||||
|
signature_database_mock.get.return_value = ["function_name"] |
||||||
|
|
||||||
|
# Act |
||||||
|
function_hash, entry_point, function_name = get_function_info( |
||||||
|
0, instruction_list, signature_database_mock |
||||||
|
) |
||||||
|
|
||||||
|
# Assert |
||||||
|
assert function_hash == "0x10203040" |
||||||
|
assert entry_point == 0x40302010 |
||||||
|
assert function_name == "function_name" |
||||||
|
|
||||||
|
|
||||||
|
def test_get_function_info_multiple_names(mocker): |
||||||
|
# Arrange |
||||||
|
global instruction_list |
||||||
|
|
||||||
|
signature_database_mock = SignatureDb() |
||||||
|
mocker.patch.object(signature_database_mock, "get") |
||||||
|
signature_database_mock.get.return_value = ["function_name", "another_name"] |
||||||
|
|
||||||
|
# Act |
||||||
|
function_hash, entry_point, function_name = get_function_info( |
||||||
|
0, instruction_list, signature_database_mock |
||||||
|
) |
||||||
|
|
||||||
|
# Assert |
||||||
|
assert function_name == "**ambiguous** function_name" |
||||||
|
|
||||||
|
|
||||||
|
def test_get_function_info_no_names(mocker): |
||||||
|
# Arrange |
||||||
|
global instruction_list |
||||||
|
|
||||||
|
signature_database_mock = SignatureDb() |
||||||
|
mocker.patch.object(signature_database_mock, "get") |
||||||
|
signature_database_mock.get.return_value = [] |
||||||
|
|
||||||
|
# Act |
||||||
|
function_hash, entry_point, function_name = get_function_info( |
||||||
|
0, instruction_list, signature_database_mock |
||||||
|
) |
||||||
|
|
||||||
|
# Assert |
||||||
|
assert function_name == "_function_0x10203040" |
File diff suppressed because one or more lines are too long
@ -0,0 +1,102 @@ |
|||||||
|
import pytest |
||||||
|
from mythril.laser.ethereum.state import Calldata |
||||||
|
from z3 import Solver, simplify |
||||||
|
from z3.z3types import Z3Exception |
||||||
|
|
||||||
|
|
||||||
|
uninitialized_test_data = [ |
||||||
|
([]), # Empty concrete calldata |
||||||
|
([1, 4, 5, 3, 4, 72, 230, 53]), # Concrete calldata |
||||||
|
] |
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize("starting_calldata", uninitialized_test_data) |
||||||
|
def test_concrete_calldata_uninitialized_index(starting_calldata): |
||||||
|
# Arrange |
||||||
|
calldata = Calldata(0, starting_calldata) |
||||||
|
solver = Solver() |
||||||
|
|
||||||
|
# Act |
||||||
|
value = calldata[100] |
||||||
|
value2 = calldata.get_word_at(200) |
||||||
|
|
||||||
|
solver.add(calldata.constraints) |
||||||
|
solver.check() |
||||||
|
model = solver.model() |
||||||
|
|
||||||
|
value = model.eval(value) |
||||||
|
value2 = model.eval(value2) |
||||||
|
|
||||||
|
# Assert |
||||||
|
assert value == 0 |
||||||
|
assert value2 == 0 |
||||||
|
|
||||||
|
|
||||||
|
def test_concrete_calldata_calldatasize(): |
||||||
|
# Arrange |
||||||
|
calldata = Calldata(0, [1, 4, 7, 3, 7, 2, 9]) |
||||||
|
solver = Solver() |
||||||
|
|
||||||
|
# Act |
||||||
|
solver.add(calldata.constraints) |
||||||
|
solver.check() |
||||||
|
model = solver.model() |
||||||
|
|
||||||
|
result = model.eval(calldata.calldatasize) |
||||||
|
|
||||||
|
# Assert |
||||||
|
assert result == 7 |
||||||
|
|
||||||
|
|
||||||
|
def test_symbolic_calldata_constrain_index(): |
||||||
|
# Arrange |
||||||
|
calldata = Calldata(0) |
||||||
|
solver = Solver() |
||||||
|
|
||||||
|
# Act |
||||||
|
constraint = calldata[100] == 50 |
||||||
|
|
||||||
|
value = calldata[100] |
||||||
|
|
||||||
|
solver.add(calldata.constraints + [constraint]) |
||||||
|
solver.check() |
||||||
|
model = solver.model() |
||||||
|
|
||||||
|
value = model.eval(value) |
||||||
|
calldatasize = model.eval(calldata.calldatasize) |
||||||
|
|
||||||
|
# Assert |
||||||
|
assert value == 50 |
||||||
|
assert simplify(calldatasize >= 100) |
||||||
|
|
||||||
|
|
||||||
|
def test_concrete_calldata_constrain_index(): |
||||||
|
# Arrange |
||||||
|
calldata = Calldata(0, [1, 4, 7, 3, 7, 2, 9]) |
||||||
|
solver = Solver() |
||||||
|
|
||||||
|
# Act |
||||||
|
constraint = calldata[2] == 3 |
||||||
|
|
||||||
|
solver.add(calldata.constraints + [constraint]) |
||||||
|
result = solver.check() |
||||||
|
|
||||||
|
# Assert |
||||||
|
assert str(result) == "unsat" |
||||||
|
|
||||||
|
|
||||||
|
def test_concrete_calldata_constrain_index(): |
||||||
|
# Arrange |
||||||
|
calldata = Calldata(0) |
||||||
|
solver = Solver() |
||||||
|
|
||||||
|
# Act |
||||||
|
constraints = [] |
||||||
|
constraints.append(calldata[51] == 1) |
||||||
|
constraints.append(calldata.calldatasize == 50) |
||||||
|
|
||||||
|
solver.add(calldata.constraints + constraints) |
||||||
|
result = solver.check() |
||||||
|
|
||||||
|
# Assert |
||||||
|
assert str(result) == "unsat" |
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -1 +1 @@ |
|||||||
{"error": null, "issues": [{"address": 722, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.", "function": "withdrawfunds()", "swc_id": "105", "title": "Ether send", "type": "Warning"}, {"address": 883, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The arithmetic operation can result in integer overflow.\n", "function": "invest()", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}], "success": true} |
{"error": null, "issues": [{"address": 722, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "It seems that an attacker is able to execute an call instruction, this can mean that the attacker is able to extract funds out of the contract.", "function": "withdrawfunds()", "swc_id": "105", "title": "Ether send", "type": "Warning"}, {"address": 883, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The arithmetic operation can result in integer overflow.\n", "function": "invest()", "swc_id": "101", "title": "Integer Overflow", "type": "Warning"}], "success": true} |
||||||
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -1 +1 @@ |
|||||||
{"error": null, "issues": [{"address": 142, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A non-zero amount of Ether is sent to a user-supplied address. The target address is msg.sender.\nIt seems that this function can be called without restrictions.", "function": "_function_0x8a4068dd", "swc_id": "105", "title": "Ether send", "type": "Warning"}], "success": true} |
{"error": null, "issues": [{"address": 142, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "It seems that an attacker is able to execute an call instruction, this can mean that the attacker is able to extract funds out of the contract.", "function": "_function_0x8a4068dd", "swc_id": "105", "title": "Ether send", "type": "Warning"}], "success": true} |
||||||
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -1,400 +0,0 @@ |
|||||||
0 PUSH1 0x60 |
|
||||||
2 PUSH1 0x40 |
|
||||||
4 MSTORE |
|
||||||
5 PUSH1 0x04 |
|
||||||
7 CALLDATASIZE |
|
||||||
8 LT |
|
||||||
9 PUSH2 0x0083 |
|
||||||
12 JUMPI |
|
||||||
13 PUSH1 0x00 |
|
||||||
15 CALLDATALOAD |
|
||||||
16 PUSH29 0x0100000000000000000000000000000000000000000000000000000000 |
|
||||||
46 SWAP1 |
|
||||||
47 DIV |
|
||||||
48 PUSH4 0xffffffff |
|
||||||
53 AND |
|
||||||
54 DUP1 |
|
||||||
55 PUSH4 0x2776b163 |
|
||||||
60 EQ |
|
||||||
61 PUSH2 0x0088 |
|
||||||
64 JUMPI |
|
||||||
65 DUP1 |
|
||||||
66 PUSH4 0x379bf63c |
|
||||||
71 EQ |
|
||||||
72 PUSH2 0x00c1 |
|
||||||
75 JUMPI |
|
||||||
76 DUP1 |
|
||||||
77 PUSH4 0x5a6814ec |
|
||||||
82 EQ |
|
||||||
83 PUSH2 0x0116 |
|
||||||
86 JUMPI |
|
||||||
87 DUP1 |
|
||||||
88 PUSH4 0xb5d02c8a |
|
||||||
93 EQ |
|
||||||
94 PUSH2 0x012b |
|
||||||
97 JUMPI |
|
||||||
98 DUP1 |
|
||||||
99 PUSH4 0xd24b08cc |
|
||||||
104 EQ |
|
||||||
105 PUSH2 0x0180 |
|
||||||
108 JUMPI |
|
||||||
109 DUP1 |
|
||||||
110 PUSH4 0xe11f493e |
|
||||||
115 EQ |
|
||||||
116 PUSH2 0x0195 |
|
||||||
119 JUMPI |
|
||||||
120 DUP1 |
|
||||||
121 PUSH4 0xe1d10f79 |
|
||||||
126 EQ |
|
||||||
127 PUSH2 0x01aa |
|
||||||
130 JUMPI |
|
||||||
131 JUMPDEST |
|
||||||
132 PUSH1 0x00 |
|
||||||
134 DUP1 |
|
||||||
135 REVERT |
|
||||||
136 JUMPDEST |
|
||||||
137 CALLVALUE |
|
||||||
138 ISZERO |
|
||||||
139 PUSH2 0x0093 |
|
||||||
142 JUMPI |
|
||||||
143 PUSH1 0x00 |
|
||||||
145 DUP1 |
|
||||||
146 REVERT |
|
||||||
147 JUMPDEST |
|
||||||
148 PUSH2 0x00bf |
|
||||||
151 PUSH1 0x04 |
|
||||||
153 DUP1 |
|
||||||
154 DUP1 |
|
||||||
155 CALLDATALOAD |
|
||||||
156 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
177 AND |
|
||||||
178 SWAP1 |
|
||||||
179 PUSH1 0x20 |
|
||||||
181 ADD |
|
||||||
182 SWAP1 |
|
||||||
183 SWAP2 |
|
||||||
184 SWAP1 |
|
||||||
185 POP |
|
||||||
186 POP |
|
||||||
187 PUSH2 0x01e3 |
|
||||||
190 JUMP |
|
||||||
191 JUMPDEST |
|
||||||
192 STOP |
|
||||||
193 JUMPDEST |
|
||||||
194 CALLVALUE |
|
||||||
195 ISZERO |
|
||||||
196 PUSH2 0x00cc |
|
||||||
199 JUMPI |
|
||||||
200 PUSH1 0x00 |
|
||||||
202 DUP1 |
|
||||||
203 REVERT |
|
||||||
204 JUMPDEST |
|
||||||
205 PUSH2 0x00d4 |
|
||||||
208 PUSH2 0x0227 |
|
||||||
211 JUMP |
|
||||||
212 JUMPDEST |
|
||||||
213 PUSH1 0x40 |
|
||||||
215 MLOAD |
|
||||||
216 DUP1 |
|
||||||
217 DUP3 |
|
||||||
218 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
239 AND |
|
||||||
240 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
261 AND |
|
||||||
262 DUP2 |
|
||||||
263 MSTORE |
|
||||||
264 PUSH1 0x20 |
|
||||||
266 ADD |
|
||||||
267 SWAP2 |
|
||||||
268 POP |
|
||||||
269 POP |
|
||||||
270 PUSH1 0x40 |
|
||||||
272 MLOAD |
|
||||||
273 DUP1 |
|
||||||
274 SWAP2 |
|
||||||
275 SUB |
|
||||||
276 SWAP1 |
|
||||||
277 RETURN |
|
||||||
278 JUMPDEST |
|
||||||
279 CALLVALUE |
|
||||||
280 ISZERO |
|
||||||
281 PUSH2 0x0121 |
|
||||||
284 JUMPI |
|
||||||
285 PUSH1 0x00 |
|
||||||
287 DUP1 |
|
||||||
288 REVERT |
|
||||||
289 JUMPDEST |
|
||||||
290 PUSH2 0x0129 |
|
||||||
293 PUSH2 0x024c |
|
||||||
296 JUMP |
|
||||||
297 JUMPDEST |
|
||||||
298 STOP |
|
||||||
299 JUMPDEST |
|
||||||
300 CALLVALUE |
|
||||||
301 ISZERO |
|
||||||
302 PUSH2 0x0136 |
|
||||||
305 JUMPI |
|
||||||
306 PUSH1 0x00 |
|
||||||
308 DUP1 |
|
||||||
309 REVERT |
|
||||||
310 JUMPDEST |
|
||||||
311 PUSH2 0x013e |
|
||||||
314 PUSH2 0x029b |
|
||||||
317 JUMP |
|
||||||
318 JUMPDEST |
|
||||||
319 PUSH1 0x40 |
|
||||||
321 MLOAD |
|
||||||
322 DUP1 |
|
||||||
323 DUP3 |
|
||||||
324 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
345 AND |
|
||||||
346 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
367 AND |
|
||||||
368 DUP2 |
|
||||||
369 MSTORE |
|
||||||
370 PUSH1 0x20 |
|
||||||
372 ADD |
|
||||||
373 SWAP2 |
|
||||||
374 POP |
|
||||||
375 POP |
|
||||||
376 PUSH1 0x40 |
|
||||||
378 MLOAD |
|
||||||
379 DUP1 |
|
||||||
380 SWAP2 |
|
||||||
381 SUB |
|
||||||
382 SWAP1 |
|
||||||
383 RETURN |
|
||||||
384 JUMPDEST |
|
||||||
385 CALLVALUE |
|
||||||
386 ISZERO |
|
||||||
387 PUSH2 0x018b |
|
||||||
390 JUMPI |
|
||||||
391 PUSH1 0x00 |
|
||||||
393 DUP1 |
|
||||||
394 REVERT |
|
||||||
395 JUMPDEST |
|
||||||
396 PUSH2 0x0193 |
|
||||||
399 PUSH2 0x02c1 |
|
||||||
402 JUMP |
|
||||||
403 JUMPDEST |
|
||||||
404 STOP |
|
||||||
405 JUMPDEST |
|
||||||
406 CALLVALUE |
|
||||||
407 ISZERO |
|
||||||
408 PUSH2 0x01a0 |
|
||||||
411 JUMPI |
|
||||||
412 PUSH1 0x00 |
|
||||||
414 DUP1 |
|
||||||
415 REVERT |
|
||||||
416 JUMPDEST |
|
||||||
417 PUSH2 0x01a8 |
|
||||||
420 PUSH2 0x0311 |
|
||||||
423 JUMP |
|
||||||
424 JUMPDEST |
|
||||||
425 STOP |
|
||||||
426 JUMPDEST |
|
||||||
427 CALLVALUE |
|
||||||
428 ISZERO |
|
||||||
429 PUSH2 0x01b5 |
|
||||||
432 JUMPI |
|
||||||
433 PUSH1 0x00 |
|
||||||
435 DUP1 |
|
||||||
436 REVERT |
|
||||||
437 JUMPDEST |
|
||||||
438 PUSH2 0x01e1 |
|
||||||
441 PUSH1 0x04 |
|
||||||
443 DUP1 |
|
||||||
444 DUP1 |
|
||||||
445 CALLDATALOAD |
|
||||||
446 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
467 AND |
|
||||||
468 SWAP1 |
|
||||||
469 PUSH1 0x20 |
|
||||||
471 ADD |
|
||||||
472 SWAP1 |
|
||||||
473 SWAP2 |
|
||||||
474 SWAP1 |
|
||||||
475 POP |
|
||||||
476 POP |
|
||||||
477 PUSH2 0x0368 |
|
||||||
480 JUMP |
|
||||||
481 JUMPDEST |
|
||||||
482 STOP |
|
||||||
483 JUMPDEST |
|
||||||
484 DUP1 |
|
||||||
485 PUSH1 0x01 |
|
||||||
487 PUSH1 0x00 |
|
||||||
489 PUSH2 0x0100 |
|
||||||
492 EXP |
|
||||||
493 DUP2 |
|
||||||
494 SLOAD |
|
||||||
495 DUP2 |
|
||||||
496 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
517 MUL |
|
||||||
518 NOT |
|
||||||
519 AND |
|
||||||
520 SWAP1 |
|
||||||
521 DUP4 |
|
||||||
522 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
543 AND |
|
||||||
544 MUL |
|
||||||
545 OR |
|
||||||
546 SWAP1 |
|
||||||
547 SSTORE |
|
||||||
548 POP |
|
||||||
549 POP |
|
||||||
550 JUMP |
|
||||||
551 JUMPDEST |
|
||||||
552 PUSH1 0x00 |
|
||||||
554 DUP1 |
|
||||||
555 SWAP1 |
|
||||||
556 SLOAD |
|
||||||
557 SWAP1 |
|
||||||
558 PUSH2 0x0100 |
|
||||||
561 EXP |
|
||||||
562 SWAP1 |
|
||||||
563 DIV |
|
||||||
564 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
585 AND |
|
||||||
586 DUP2 |
|
||||||
587 JUMP |
|
||||||
588 JUMPDEST |
|
||||||
589 PUSH1 0x00 |
|
||||||
591 DUP1 |
|
||||||
592 SWAP1 |
|
||||||
593 SLOAD |
|
||||||
594 SWAP1 |
|
||||||
595 PUSH2 0x0100 |
|
||||||
598 EXP |
|
||||||
599 SWAP1 |
|
||||||
600 DIV |
|
||||||
601 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
622 AND |
|
||||||
623 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
644 AND |
|
||||||
645 PUSH1 0x40 |
|
||||||
647 MLOAD |
|
||||||
648 PUSH1 0x00 |
|
||||||
650 PUSH1 0x40 |
|
||||||
652 MLOAD |
|
||||||
653 DUP1 |
|
||||||
654 DUP4 |
|
||||||
655 SUB |
|
||||||
656 DUP2 |
|
||||||
657 PUSH1 0x00 |
|
||||||
659 DUP7 |
|
||||||
660 GAS |
|
||||||
661 CALL |
|
||||||
662 SWAP2 |
|
||||||
663 POP |
|
||||||
664 POP |
|
||||||
665 POP |
|
||||||
666 JUMP |
|
||||||
667 JUMPDEST |
|
||||||
668 PUSH1 0x01 |
|
||||||
670 PUSH1 0x00 |
|
||||||
672 SWAP1 |
|
||||||
673 SLOAD |
|
||||||
674 SWAP1 |
|
||||||
675 PUSH2 0x0100 |
|
||||||
678 EXP |
|
||||||
679 SWAP1 |
|
||||||
680 DIV |
|
||||||
681 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
702 AND |
|
||||||
703 DUP2 |
|
||||||
704 JUMP |
|
||||||
705 JUMPDEST |
|
||||||
706 PUSH1 0x01 |
|
||||||
708 PUSH1 0x00 |
|
||||||
710 SWAP1 |
|
||||||
711 SLOAD |
|
||||||
712 SWAP1 |
|
||||||
713 PUSH2 0x0100 |
|
||||||
716 EXP |
|
||||||
717 SWAP1 |
|
||||||
718 DIV |
|
||||||
719 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
740 AND |
|
||||||
741 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
762 AND |
|
||||||
763 PUSH1 0x40 |
|
||||||
765 MLOAD |
|
||||||
766 PUSH1 0x00 |
|
||||||
768 PUSH1 0x40 |
|
||||||
770 MLOAD |
|
||||||
771 DUP1 |
|
||||||
772 DUP4 |
|
||||||
773 SUB |
|
||||||
774 DUP2 |
|
||||||
775 PUSH1 0x00 |
|
||||||
777 DUP7 |
|
||||||
778 GAS |
|
||||||
779 CALL |
|
||||||
780 SWAP2 |
|
||||||
781 POP |
|
||||||
782 POP |
|
||||||
783 POP |
|
||||||
784 JUMP |
|
||||||
785 JUMPDEST |
|
||||||
786 PUSH1 0x00 |
|
||||||
788 DUP1 |
|
||||||
789 SWAP1 |
|
||||||
790 SLOAD |
|
||||||
791 SWAP1 |
|
||||||
792 PUSH2 0x0100 |
|
||||||
795 EXP |
|
||||||
796 SWAP1 |
|
||||||
797 DIV |
|
||||||
798 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
819 AND |
|
||||||
820 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
841 AND |
|
||||||
842 PUSH1 0x40 |
|
||||||
844 MLOAD |
|
||||||
845 PUSH1 0x00 |
|
||||||
847 PUSH1 0x40 |
|
||||||
849 MLOAD |
|
||||||
850 DUP1 |
|
||||||
851 DUP4 |
|
||||||
852 SUB |
|
||||||
853 DUP2 |
|
||||||
854 PUSH1 0x00 |
|
||||||
856 DUP7 |
|
||||||
857 GAS |
|
||||||
858 CALL |
|
||||||
859 SWAP2 |
|
||||||
860 POP |
|
||||||
861 POP |
|
||||||
862 POP |
|
||||||
863 PUSH1 0x00 |
|
||||||
865 PUSH1 0x02 |
|
||||||
867 DUP2 |
|
||||||
868 SWAP1 |
|
||||||
869 SSTORE |
|
||||||
870 POP |
|
||||||
871 JUMP |
|
||||||
872 JUMPDEST |
|
||||||
873 DUP1 |
|
||||||
874 PUSH20 0xffffffffffffffffffffffffffffffffffffffff |
|
||||||
895 AND |
|
||||||
896 PUSH1 0x40 |
|
||||||
898 MLOAD |
|
||||||
899 PUSH1 0x00 |
|
||||||
901 PUSH1 0x40 |
|
||||||
903 MLOAD |
|
||||||
904 DUP1 |
|
||||||
905 DUP4 |
|
||||||
906 SUB |
|
||||||
907 DUP2 |
|
||||||
908 PUSH1 0x00 |
|
||||||
910 DUP7 |
|
||||||
911 GAS |
|
||||||
912 CALL |
|
||||||
913 SWAP2 |
|
||||||
914 POP |
|
||||||
915 POP |
|
||||||
916 POP |
|
||||||
917 POP |
|
||||||
918 JUMP |
|
||||||
919 STOP |
|
File diff suppressed because one or more lines are too long
@ -1 +0,0 @@ |
|||||||
{"error": null, "issues": [{"address": 661, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0x5a6814ec", "swc_id": "107", "title": "Message call to external contract", "type": "Informational"}, {"address": 666, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0x5a6814ec", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 779, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xd24b08cc", "swc_id": "107", "title": "Message call to external contract", "type": "Warning"}, {"address": 779, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "Possible transaction order dependence vulnerability: The value or direction of the call statement is determined from a tainted storage location", "function": "_function_0xd24b08cc", "swc_id": "114", "title": "Transaction order dependence", "type": "Warning"}, {"address": 784, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xd24b08cc", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 858, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.", "function": "_function_0xe11f493e", "swc_id": "107", "title": "Message call to external contract", "type": "Informational"}, {"address": 869, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.", "function": "_function_0xe11f493e", "swc_id": "107", "title": "State change after external call", "type": "Warning"}, {"address": 871, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe11f493e", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}, {"address": 912, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.", "function": "_function_0xe1d10f79", "swc_id": "107", "title": "Message call to external contract", "type": "Warning"}, {"address": 918, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.", "function": "_function_0xe1d10f79", "swc_id": "104", "title": "Unchecked CALL return value", "type": "Informational"}], "success": true} |
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue