TheDude
/
mythril
mirror of https://github.com/ConsenSys/mythril
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4684 Commits
97 Branches
171 Tags
59 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 8718a4501f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8718a4501f'
${ noResults }
mythril/static/sample_report.md

2.7 KiB
Raw Blame History

Analysis Results

Ether send

  • Type: Warning
  • Contract: Crowdfunding
  • Function name: withdrawfunds()
  • PC address: 816

Description

In the function withdrawfunds() a non-zero amount of Ether is sent to msg.sender. Call value is balance_at_1461501637330902918203684832716283019655932542975 & address.

There is a check on storage index 7. This storage slot can be written to by calling the function crowdfunding().

In ether_send.sol:

msg.sender.transfer(this.balance)

Use of tx.origin

  • Type: Warning
  • Contract: Origin
  • Function name: transferOwnership(address)
  • PC address: 317

Description

Function transferOwnership(address) retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use tx.sender instead. See also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin

In origin.sol:

tx.origin

CALL with gas to dynamic address

  • Type: Warning
  • Contract: Reentrancy
  • Function name: withdraw(uint256)
  • PC address: 552

Description

The function withdraw(uint256) contains a function call to the address of the transaction sender. The available gas is forwarded to the called contract. Make sure that the logic of the calling contract is not adversely affected if the called contract misbehaves (e.g. reentrancy).

In reentrancy.sol:

msg.sender.call.value(_amount)()

Unchecked CALL return value

  • Type: Informational
  • Contract: Reentrancy
  • Function name: withdraw(uint256)
  • PC address: 552

Description

The function withdraw(uint256) contains a call to msg.sender. The return value of this call is not checked. Note that the function will continue to execute with a return value of '0' if the called contract throws.

In reentrancy.sol:

msg.sender.call.value(_amount)()

Integer Underflow

  • Type: Warning
  • Contract: Under
  • Function name: sendeth(address,uint256)
  • PC address: 649

Description

A possible integer underflow exists in the function sendeth(address,uint256). The SUB instruction at address 649 may result in a value < 0.

In underflow.sol:

balances[msg.sender] -= _value

Integer Underflow

  • Type: Warning
  • Contract: Under
  • Function name: sendeth(address,uint256)
  • PC address: 567

Description

A possible integer underflow exists in the function sendeth(address,uint256). The SUB instruction at address 567 may result in a value < 0.

In underflow.sol:

balances[msg.sender] - _value

Weak random

  • Type: Warning
  • Contract: WeakRandom
  • Function name: _function_0xe9874106
  • PC address: 1285

Description

In the function _function_0xe9874106 the following predictable state variables are used to determine Ether recipient:

  • block.coinbase

In weak_random.sol:

winningAddress.transfer(prize)