TheDude
/
mythril
mirror of https://github.com/ConsenSys/mythril
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1142 Commits
97 Branches
171 Tags
59 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 45a8c47a10
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '45a8c47a10'
${ noResults }
mythril/tests/testdata/outputs_expected/calls.sol.o.json

86 lines
4.3 KiB
Raw Blame History

{
"success": true,
"error": null,
"issues": [
{
"title": "Message call to external contract",
"description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.",
"function": "_function_0x5a6814ec",
"type": "Informational",
"address": 661,
"debug": "<DEBUG-DATA>"
},
{
"title": "Message call to external contract",
"description": "This contract executes a message call to an address found at storage slot 1. This storage slot can be written to by calling the function `_function_0x2776b163`. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.",
"function": "_function_0xd24b08cc",
"type": "Warning",
"address": 779,
"debug": "<DEBUG-DATA>"
},
{
"title": "Message call to external contract",
"description": "This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code.",
"function": "_function_0xe11f493e",
"type": "Informational",
"address": 858,
"debug": "<DEBUG-DATA>"
},
{
"title": "State change after external call",
"description": "The contract account state is changed after an external call. Consider that the called contract could re-enter the function before this state change takes place. This can lead to business logic vulnerabilities.",
"function": "_function_0xe11f493e",
"type": "Warning",
"address": 869,
"debug": "<DEBUG-DATA>"
},
{
"title": "Message call to external contract",
"description": "This contract executes a message call to an address provided as a function argument. Generally, it is not recommended to call user-supplied addresses using Solidity's call() construct. Note that attackers might leverage reentrancy attacks to exploit race conditions or manipulate this contract's state.",
"function": "_function_0xe1d10f79",
"type": "Warning",
"address": 912,
"debug": "<DEBUG-DATA>"
},
{
"title": "Transaction order dependence",
"description": "A possible transaction order independence vulnerability exists in function _function_0xd24b08cc. The value or direction of the call statement is determined from a tainted storage location",
"function": "_function_0xd24b08cc",
"type": "Warning",
"address": 779,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0x5a6814ec",
"type": "Informational",
"address": 661,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0xd24b08cc",
"type": "Informational",
"address": 779,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0xe11f493e",
"type": "Informational",
"address": 858,
"debug": "<DEBUG-DATA>"
},
{
"title": "Unchecked CALL return value",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0xe1d10f79",
"type": "Informational",
"address": 912,
"debug": "<DEBUG-DATA>"
}
]
}