# Analysis results for <TESTDATA>/inputs/calls.sol
# Analysis results for test-filename.sol
## Message call to external contract
## Message call to external contract
@ -7,16 +7,9 @@
- Function name: `_function_0x5a6814ec`
- Function name: `_function_0x5a6814ec`
- PC address: 661
- PC address: 661
### Description
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
In *<TESTDATA>/inputs/calls.sol:16*
```
fixed_address.call()
```
## Message call to external contract
## Message call to external contract
@ -25,16 +18,9 @@ fixed_address.call()
- Function name: `_function_0xd24b08cc`
- Function name: `_function_0xd24b08cc`
- PC address: 779
- PC address: 779
### Description
### Description
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
In *<TESTDATA>/inputs/calls.sol:29*
```
stored_address.call()
```
## Message call to external contract
## Message call to external contract
@ -43,16 +29,9 @@ stored_address.call()
- Function name: `_function_0xe11f493e`
- Function name: `_function_0xe11f493e`
- PC address: 858
- PC address: 858
### Description
### Description
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.
In *<TESTDATA>/inputs/calls.sol:20*
```
fixed_address.call()
```
## State change after external call
## State change after external call
@ -61,16 +40,9 @@ fixed_address.call()
- Function name: `_function_0xe11f493e`
- Function name: `_function_0xe11f493e`
- PC address: 869
- PC address: 869
### Description
### Description
The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.
The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.
In *<TESTDATA>/inputs/calls.sol:21*
```
statevar = 0
```
## Message call to external contract
## Message call to external contract
@ -79,16 +51,9 @@ statevar = 0
- Function name: `_function_0xe1d10f79`
- Function name: `_function_0xe1d10f79`
- PC address: 912
- PC address: 912
### Description
### Description
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
In *<TESTDATA>/inputs/calls.sol:25*
```
addr.call()
```
## Unchecked CALL return value
## Unchecked CALL return value
@ -97,16 +62,9 @@ addr.call()
- Function name: `_function_0x5a6814ec`
- Function name: `_function_0x5a6814ec`
- PC address: 661
- PC address: 661
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/calls.sol:16*
```
fixed_address.call()
```
## Unchecked CALL return value
## Unchecked CALL return value
@ -115,16 +73,9 @@ fixed_address.call()
- Function name: `_function_0xd24b08cc`
- Function name: `_function_0xd24b08cc`
- PC address: 779
- PC address: 779
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/calls.sol:29*
```
stored_address.call()
```
## Unchecked CALL return value
## Unchecked CALL return value
@ -133,16 +84,9 @@ stored_address.call()
- Function name: `_function_0xe11f493e`
- Function name: `_function_0xe11f493e`
- PC address: 858
- PC address: 858
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/calls.sol:20*
```
fixed_address.call()
```
## Unchecked CALL return value
## Unchecked CALL return value
@ -153,9 +97,4 @@ fixed_address.call()
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
"description":"In the function `'withdrawfunds()'` a non-zero amount of Ether is sent to msg.sender.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function 'crowdfunding()'.",
"description":"In the function `withdrawfunds()` a non-zero amount of Ether is sent to msg.sender.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function `crowdfunding()`.",
"function":"withdrawfunds()",
"function":"withdrawfunds()",
"type":"Warning",
"type":"Warning",
"address":816,
"address":816,
@ -12,7 +12,7 @@
},
},
{
{
"title":"Integer Overflow ",
"title":"Integer Overflow ",
"description":"A possible integer overflow exists in the function `invest()`.\nThe addition may result in a value higher than the maximum representable integer.",
"description":"A possible integer overflow exists in the function `invest()`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.",
# Analysis results for <TESTDATA>/inputs/exceptions.sol
# Analysis results for test-filename.sol
## Exception state
## Exception state
@ -7,16 +7,9 @@
- Function name: `_function_0x546455b5`
- Function name: `_function_0x546455b5`
- PC address: 446
- PC address: 446
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/exceptions.sol:16*
```
assert(input != 23)
```
## Exception state
## Exception state
@ -25,16 +18,9 @@ assert(input != 23)
- Function name: `_function_0x92dd38ea`
- Function name: `_function_0x92dd38ea`
- PC address: 484
- PC address: 484
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/exceptions.sol:34*
```
myarray[index]
```
## Exception state
## Exception state
@ -43,16 +29,9 @@ myarray[index]
- Function name: `_function_0xa08299f1`
- Function name: `_function_0xa08299f1`
- PC address: 506
- PC address: 506
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/exceptions.sol:24*
```
1/input
```
## Exception state
## Exception state
@ -63,9 +42,4 @@ In *<TESTDATA>/inputs/exceptions.sol:24*
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
# Analysis results for <TESTDATA>/inputs/kinds_of_calls.sol
# Analysis results for test-filename.sol
## Message call to external contract
## Message call to external contract
@ -7,16 +7,9 @@
- Function name: `_function_0xeea4c864`
- Function name: `_function_0xeea4c864`
- PC address: 1038
- PC address: 1038
### Description
### Description
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied adresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.
"description":"In the function `'_function_0x8a4068dd'` a non-zero amount of Ether is sent to msg.sender.\nIt seems that this function can be called without restrictions.",
"description":"In the function `_function_0x8a4068dd` a non-zero amount of Ether is sent to msg.sender.\nIt seems that this function can be called without restrictions.",
"description":"A possible integer overflow exists in the function `sendeth(address,uint256)`.\nThe addition may result in a value higher than the maximum representable integer.",
"description":"A possible integer overflow exists in the function `sendeth(address,uint256)`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.",
# Analysis results for <TESTDATA>/inputs/rubixi.sol
# Analysis results for test-filename.sol
## Ether send
## Ether send
@ -7,8 +7,6 @@
- Function name: `_function_0x4229616d`
- Function name: `_function_0x4229616d`
- PC address: 1599
- PC address: 1599
### Description
### Description
In the function `_function_0x4229616d` a non-zero amount of Ether is sent to an address taken from storage slot 5.
In the function `_function_0x4229616d` a non-zero amount of Ether is sent to an address taken from storage slot 5.
@ -16,16 +14,13 @@ There is a check on storage index 5. This storage slot can be written to by call
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
In *<TESTDATA>/inputs/rubixi.sol:93*
```
## Ether send
## Ether send
- Type: Warning
- Type: Warning
- Contract: Unknown
- Contract: Unknown
- Function name: `_function_0x686f2c90`
- Function name: `_function_0x686f2c90`
- PC address: 1940
### Description
### Description
@ -34,11 +29,6 @@ There is a check on storage index 5. This storage slot can be written to by call
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 5. This storage slot can be written to by calling the function `_function_0x67f809e9`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
In *<TESTDATA>/inputs/rubixi.sol:75*
```
creator.send(collectedFees)
```
## Exception state
## Exception state
@ -47,16 +37,9 @@ creator.send(collectedFees)
- Function name: `_function_0x57d4021b`
- Function name: `_function_0x57d4021b`
- PC address: 1653
- PC address: 1653
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/rubixi.sol:131*
```
participants[payoutOrder]
```
## Exception state
## Exception state
@ -65,16 +48,9 @@ participants[payoutOrder]
- Function name: `_function_0x9dbc4f9b`
- Function name: `_function_0x9dbc4f9b`
- PC address: 2085
- PC address: 2085
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/rubixi.sol:148*
```
participants[orderInPyramid]
```
## Integer Overflow
## Integer Overflow
@ -83,17 +59,10 @@ participants[orderInPyramid]
- Function name: `_function_0xfae14192`
- Function name: `_function_0xfae14192`
- PC address: 1223
- PC address: 1223
### Description
### Description
A possible integer overflow exists in the function `_function_0xfae14192`.
A possible integer overflow exists in the function `_function_0xfae14192`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The addition or multiplication may result in a value higher than the maximum representable integer.
In *<TESTDATA>/inputs/rubixi.sol:37*
```
collectedFees += msg.value
```
## Unchecked CALL return value
## Unchecked CALL return value
@ -102,16 +71,9 @@ collectedFees += msg.value
- Function name: `_function_0x4229616d`
- Function name: `_function_0x4229616d`
- PC address: 1599
- PC address: 1599
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/rubixi.sol:93*
```
creator.send(feesToCollect)
```
## Unchecked CALL return value
## Unchecked CALL return value
@ -120,16 +82,9 @@ creator.send(feesToCollect)
- Function name: `_function_0xb4022950`
- Function name: `_function_0xb4022950`
- PC address: 1940
- PC address: 1940
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
In *<TESTDATA>/inputs/rubixi.sol:75*
```
creator.send(collectedFees)
```
## Unchecked CALL return value
## Unchecked CALL return value
@ -140,9 +95,4 @@ creator.send(collectedFees)
### Description
### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
The return value of an external call is not checked. Note that execution continue even if the called contract throws.
"description":"A possible integer overflow exists in the function `sendeth(address,uint256)`.\nThe addition may result in a value higher than the maximum representable integer.",
"description":"A possible integer overflow exists in the function `sendeth(address,uint256)`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.",
"title":"Dependence on predictable environment variable",
"title":"Dependence on predictable environment variable",
"description":"In the function `'_function_0xe9874106'` the following predictable state variables are used to determine Ether recipient:\n- block.coinbase\n",
"description":"In the function `_function_0xe9874106` the following predictable state variables are used to determine Ether recipient:\n- block.coinbase\n",
"function":"_function_0xe9874106",
"function":"_function_0xe9874106",
"type":"Warning",
"type":"Warning",
"address":1285,
"address":1285,
@ -12,7 +12,7 @@
},
},
{
{
"title":"Ether send",
"title":"Ether send",
"description":"In the function `'_function_0xe9874106'` a non-zero amount of Ether is sent to an address taken from storage slot 0.\nThere is a check on storage index 0. This storage slot can be written to by calling the function 'fallback'.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function 'fallback'.\nThere is a check on storage index 1. This storage slot can be written to by calling the function 'fallback'.",
"description":"In the function `_function_0xe9874106` a non-zero amount of Ether is sent to an address taken from storage slot 0.\nThere is a check on storage index 0. This storage slot can be written to by calling the function `fallback`.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.\nThere is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.",
"function":"_function_0xe9874106",
"function":"_function_0xe9874106",
"type":"Warning",
"type":"Warning",
"address":1285,
"address":1285,
@ -20,7 +20,7 @@
},
},
{
{
"title":"Exception state",
"title":"Exception state",
"description":"A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking. ",
"description":"A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ",
"function":"fallback",
"function":"fallback",
"type":"Informational",
"type":"Informational",
"address":356,
"address":356,
@ -28,7 +28,7 @@
},
},
{
{
"title":"Exception state",
"title":"Exception state",
"description":"A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking. ",
"description":"A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking. ",
"function":"_function_0xe9874106",
"function":"_function_0xe9874106",
"type":"Informational",
"type":"Informational",
"address":146,
"address":146,
@ -36,7 +36,7 @@
},
},
{
{
"title":"Integer Overflow ",
"title":"Integer Overflow ",
"description":"A possible integer overflow exists in the function `_function_0xe9874106`.\nThe addition may result in a value higher than the maximum representable integer.",
"description":"A possible integer overflow exists in the function `_function_0xe9874106`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.",
"function":"_function_0xe9874106",
"function":"_function_0xe9874106",
"type":"Warning",
"type":"Warning",
"address":1216,
"address":1216,
@ -44,7 +44,7 @@
},
},
{
{
"title":"Integer Overflow ",
"title":"Integer Overflow ",
"description":"A possible integer overflow exists in the function `_function_0xe9874106`.\nThe addition may result in a value higher than the maximum representable integer.",
"description":"A possible integer overflow exists in the function `_function_0xe9874106`.\nThe addition or multiplication may result in a value higher than the maximum representable integer.",
# Analysis results for <TESTDATA>/inputs/weak_random.sol
# Analysis results for test-filename.sol
## Dependence on predictable environment variable
## Dependence on predictable environment variable
@ -7,18 +7,12 @@
- Function name: `_function_0xe9874106`
- Function name: `_function_0xe9874106`
- PC address: 1285
- PC address: 1285
### Description
### Description
In the function `_function_0xe9874106` the following predictable state variables are used to determine Ether recipient:
In the function `_function_0xe9874106` the following predictable state variables are used to determine Ether recipient:
- block.coinbase
- block.coinbase
```
winningAddress.transfer(prize)
```
## Ether send
## Ether send
- Type: Warning
- Type: Warning
@ -26,8 +20,6 @@ winningAddress.transfer(prize)
- Function name: `_function_0xe9874106`
- Function name: `_function_0xe9874106`
- PC address: 1285
- PC address: 1285
### Description
### Description
In the function `_function_0xe9874106` a non-zero amount of Ether is sent to an address taken from storage slot 0.
In the function `_function_0xe9874106` a non-zero amount of Ether is sent to an address taken from storage slot 0.
@ -35,11 +27,6 @@ There is a check on storage index 0. This storage slot can be written to by call
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
There is a check on storage index 1. This storage slot can be written to by calling the function `fallback`.
In *<TESTDATA>/inputs/weak_random.sol:47*
```
winningAddress.transfer(prize)
```
## Exception state
## Exception state
@ -48,16 +35,9 @@ winningAddress.transfer(prize)
- Function name: `fallback`
- Function name: `fallback`
- PC address: 356
- PC address: 356
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/weak_random.sol:11*
```
prize / totalTickets
```
## Exception state
## Exception state
@ -66,16 +46,9 @@ prize / totalTickets
- Function name: `_function_0xe9874106`
- Function name: `_function_0xe9874106`
- PC address: 146
- PC address: 146
### Description
### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that `assert()` should only be used to check invariants. Use `require()` for regular input checking.
In *<TESTDATA>/inputs/weak_random.sol:11*
```
prize / totalTickets
```
## Integer Overflow
## Integer Overflow
@ -84,17 +57,10 @@ prize / totalTickets
- Function name: `_function_0xe9874106`
- Function name: `_function_0xe9874106`
- PC address: 1216
- PC address: 1216
### Description
### Description
A possible integer overflow exists in the function `_function_0xe9874106`.
A possible integer overflow exists in the function `_function_0xe9874106`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The addition or multiplication may result in a value higher than the maximum representable integer.
In *<TESTDATA>/inputs/weak_random.sol:45*
```
gameId++
```
## Integer Overflow
## Integer Overflow
@ -106,9 +72,4 @@ gameId++
### Description
### Description
A possible integer overflow exists in the function `_function_0xe9874106`.
A possible integer overflow exists in the function `_function_0xe9874106`.
The addition or multiplication may result in a value higher than the maximum representable integer.
The addition or multiplication may result in a value higher than the maximum representable integer.