mirror of https://github.com/ConsenSys/mythril
blockchainethereumsmart-contractssoliditysecurityprogram-analysissecurity-analysissymbolic-execution
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
72 lines
3.7 KiB
72 lines
3.7 KiB
{
|
|
"success": true,
|
|
"error": null,
|
|
"issues": [
|
|
{
|
|
"title": "Dependence on predictable environment variable",
|
|
"description": "In the function '_function_0xe9874106' the following predictable state variables are used to determine Ether recipient:\n- block.coinbase\n",
|
|
"function": "_function_0xe9874106",
|
|
"type": "Warning",
|
|
"address": 1285,
|
|
"debug": "<DEBUG-DATA>",
|
|
"filename": "<TESTDATA>/inputs/weak_random.sol",
|
|
"lineno": 47,
|
|
"code": "winningAddress.transfer(prize)"
|
|
},
|
|
{
|
|
"title": "Ether send",
|
|
"description": "In the function '_function_0xe9874106' a non-zero amount of Ether is sent to an address taken from storage slot 0.\nThere is a check on storage index 0. This storage slot can be written to by calling the function 'fallback'.\n\nThere is a check on storage index 1. This storage slot can be written to by calling the function 'fallback'.\nThere is a check on storage index 1. This storage slot can be written to by calling the function 'fallback'.",
|
|
"function": "_function_0xe9874106",
|
|
"type": "Warning",
|
|
"address": 1285,
|
|
"debug": "<DEBUG-DATA>",
|
|
"filename": "<TESTDATA>/inputs/weak_random.sol",
|
|
"lineno": 47,
|
|
"code": "winningAddress.transfer(prize)"
|
|
},
|
|
{
|
|
"title": "Exception state",
|
|
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking. ",
|
|
"function": "fallback",
|
|
"type": "Informational",
|
|
"address": 356,
|
|
"debug": "<DEBUG-DATA>",
|
|
"filename": "<TESTDATA>/inputs/weak_random.sol",
|
|
"lineno": 11,
|
|
"code": "prize / totalTickets"
|
|
},
|
|
{
|
|
"title": "Exception state",
|
|
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking. ",
|
|
"function": "_function_0xe9874106",
|
|
"type": "Informational",
|
|
"address": 146,
|
|
"debug": "<DEBUG-DATA>",
|
|
"filename": "<TESTDATA>/inputs/weak_random.sol",
|
|
"lineno": 11,
|
|
"code": "prize / totalTickets"
|
|
},
|
|
{
|
|
"title": "Integer Overflow ",
|
|
"description": "A possible integer overflow exists in the function _function_0xe9874106.\n Addition may result in a lower value.",
|
|
"function": "_function_0xe9874106",
|
|
"type": "Warning",
|
|
"address": 1216,
|
|
"debug": "<DEBUG-DATA>",
|
|
"filename": "<TESTDATA>/inputs/weak_random.sol",
|
|
"lineno": 45,
|
|
"code": "gameId++"
|
|
},
|
|
{
|
|
"title": "Integer Overflow ",
|
|
"description": "A possible integer overflow exists in the function _function_0xe9874106.\n Addition may result in a lower value.",
|
|
"function": "_function_0xe9874106",
|
|
"type": "Warning",
|
|
"address": 262,
|
|
"debug": "<DEBUG-DATA>",
|
|
"filename": "<TESTDATA>/inputs/weak_random.sol",
|
|
"lineno": 22,
|
|
"code": "contestants[currTicket] = Contestant(msg.sender, gameId)"
|
|
}
|
|
]
|
|
} |