slither/slither/detectors/abstract_detector.py

import abc
import re

from slither.utils.colors import green, yellow, red

from collections import OrderedDict

class IncorrectDetectorInitialization(Exception):
    pass


class DetectorClassification:
    HIGH = 0
    MEDIUM = 1
    LOW = 2
    INFORMATIONAL = 3


classification_colors = {
    DetectorClassification.INFORMATIONAL: green,
    DetectorClassification.LOW: green,
    DetectorClassification.MEDIUM: yellow,
    DetectorClassification.HIGH: red,
}

classification_txt = {
    DetectorClassification.INFORMATIONAL: 'Informational',
    DetectorClassification.LOW: 'Low',
    DetectorClassification.MEDIUM: 'Medium',
    DetectorClassification.HIGH: 'High',
}

class AbstractDetector(metaclass=abc.ABCMeta):
    ARGUMENT = ''  # run the detector with slither.py --ARGUMENT
    HELP = ''  # help information
    IMPACT = None
    CONFIDENCE = None

    WIKI = ''

    WIKI_TITLE = ''
    WIKI_DESCRIPTION = ''
    WIKI_EXPLOIT_SCENARIO = ''
    WIKI_RECOMMENDATION = ''


    def __init__(self, slither, logger):
        self.slither = slither
        self.contracts = slither.contracts
        self.filename = slither.filename
        self.logger = logger

        if not self.HELP:
            raise IncorrectDetectorInitialization('HELP is not initialized {}'.format(self.__class__.__name__))

        if not self.ARGUMENT:
            raise IncorrectDetectorInitialization('ARGUMENT is not initialized {}'.format(self.__class__.__name__))

        if not self.WIKI:
            raise IncorrectDetectorInitialization('WIKI is not initialized {}'.format(self.__class__.__name__))

        if not self.WIKI_TITLE:
            raise IncorrectDetectorInitialization('WIKI_TITLE is not initialized {}'.format(self.__class__.__name__))

        if not self.WIKI_DESCRIPTION:
            raise IncorrectDetectorInitialization('WIKI_DESCRIPTION is not initialized {}'.format(self.__class__.__name__))

        if not self.WIKI_EXPLOIT_SCENARIO and self.IMPACT != DetectorClassification.INFORMATIONAL:
            raise IncorrectDetectorInitialization('WIKI_EXPLOIT_SCENARIO is not initialized {}'.format(self.__class__.__name__))

        if not self.WIKI_RECOMMENDATION:
            raise IncorrectDetectorInitialization('WIKI_RECOMMENDATION is not initialized {}'.format(self.__class__.__name__))

        if re.match('^[a-zA-Z0-9_-]*$', self.ARGUMENT) is None:
            raise IncorrectDetectorInitialization('ARGUMENT has illegal character {}'.format(self.__class__.__name__))

        if self.IMPACT not in [DetectorClassification.LOW,
                                       DetectorClassification.MEDIUM,
                                       DetectorClassification.HIGH,
                                       DetectorClassification.INFORMATIONAL]:
            raise IncorrectDetectorInitialization('IMPACT is not initialized {}'.format(self.__class__.__name__))

        if self.CONFIDENCE not in [DetectorClassification.LOW,
                                       DetectorClassification.MEDIUM,
                                       DetectorClassification.HIGH,
                                       DetectorClassification.INFORMATIONAL]:
            raise IncorrectDetectorInitialization('CONFIDENCE is not initialized {}'.format(self.__class__.__name__))

#    def log(self, info):
#        if self.logger:
#            info = "\n"+info
#            if self.WIKI != '':
#                info += 'Reference: {}'.format(self.WIKI)
#            self.logger.info(self.color(info))

    def _log(self, info):
        self.logger.info(self.color(info))

    @abc.abstractmethod
    def _detect(self):
        """TODO Documentation"""
        return

    def detect(self):
        results = self._detect()
        results = [r for r in results if self.slither.valid_result(r)]
        if results:
            if self.logger:
                info = '\n'
                for idx, result in enumerate(results):
                    if self.slither.interactive_mode:
                        info += '{}: '.format(idx)
                    info += result['description']
                info += 'Reference: {}'.format(self.WIKI)
                self._log(info)
        if results and self.slither.interactive_mode:
            not_well_formed = True
            while not_well_formed:
                indexes = input('Results to hide "0,1,..." or "All" (enter to not hide results): '.format(len(results)))
                if indexes == 'All':
                    self.slither.save_results_to_hide(results)
                    return []
                if indexes == '':
                    return results
                indexes = [int(i) for i in indexes.split(',')]
                self.slither.save_results_to_hide([r for (idx, r) in enumerate(results) if idx in indexes])
                return [r for (idx, r) in enumerate(results) if idx not in indexes]
        return results


    @property
    def color(self):
        return classification_colors[self.IMPACT]

    def generate_json_result(self, info):
        d = OrderedDict()
        d['check'] = self.ARGUMENT
        d['impact'] = classification_txt[self.IMPACT]
        d['confidence'] = classification_txt[self.CONFIDENCE]
        d['description'] = info
        d['elements'] = []
        return d

    @staticmethod
    def add_variable_to_json(variable, d):
        d['elements'].append({'type': 'variable',
                              'name': variable.name,
                              'source_mapping': variable.source_mapping})

    @staticmethod
    def add_variables_to_json(variables, d):
        for variable in sorted(variables, key=lambda x:x.name):
            AbstractDetector.add_variable_to_json(variable, d)

    @staticmethod
    def add_contract_to_json(contract, d):
        d['elements'].append({'type': 'contract',
                              'name': contract.name,
                              'source_mapping': contract.source_mapping})

    @staticmethod
    def add_function_to_json(function, d):
        contract = {'elements':[]}
        AbstractDetector.add_contract_to_json(function.contract, contract)
        d['elements'].append({'type': 'function',
                              'name': function.name,
                              'source_mapping': function.source_mapping,
                              'contract': contract['elements'][0]})

    @staticmethod
    def add_functions_to_json(functions, d):
        for function in sorted(functions, key=lambda x: x.name):
            AbstractDetector.add_function_to_json(function, d)

    @staticmethod
    def add_nodes_to_json(nodes, d):
        for node in sorted(nodes, key=lambda x: x.node_id):
            d['elements'].append({'type': 'expression',
                                  'expression': str(node.expression),
                                  'source_mapping': node.source_mapping})
Initial public commit 6 years ago			`import abc`
			`import re`
Make detectors and printers registrable Thx to this PR Slither users will be able to plug-in their own detectors and printers. 6 years ago
			`from slither.utils.colors import green, yellow, red`

Use deepdiff library to compare json output instead of custom script 6 years ago			`from collections import OrderedDict`
Initial public commit 6 years ago
			`class IncorrectDetectorInitialization(Exception):`
			`pass`

Make detectors and printers registrable Thx to this PR Slither users will be able to plug-in their own detectors and printers. 6 years ago
			`class DetectorClassification:`
AbstractDetector: - Replace Classification by Impact - Add Confidence - Replace CODEQUALITY by Informational Add hidden option to automatically generate markdown list of detectors Update Readme 6 years ago			`HIGH = 0`
Make detectors and printers registrable Thx to this PR Slither users will be able to plug-in their own detectors and printers. 6 years ago			`MEDIUM = 1`
AbstractDetector: - Replace Classification by Impact - Add Confidence - Replace CODEQUALITY by Informational Add hidden option to automatically generate markdown list of detectors Update Readme 6 years ago			`LOW = 2`
			`INFORMATIONAL = 3`
Make detectors and printers registrable Thx to this PR Slither users will be able to plug-in their own detectors and printers. 6 years ago

			`classification_colors = {`
AbstractDetector: - Replace Classification by Impact - Add Confidence - Replace CODEQUALITY by Informational Add hidden option to automatically generate markdown list of detectors Update Readme 6 years ago			`DetectorClassification.INFORMATIONAL: green,`
Make detectors and printers registrable Thx to this PR Slither users will be able to plug-in their own detectors and printers. 6 years ago			`DetectorClassification.LOW: green,`
			`DetectorClassification.MEDIUM: yellow,`
			`DetectorClassification.HIGH: red,`
			`}`

AbstractDetector: - Replace Classification by Impact - Add Confidence - Replace CODEQUALITY by Informational Add hidden option to automatically generate markdown list of detectors Update Readme 6 years ago			`classification_txt = {`
			`DetectorClassification.INFORMATIONAL: 'Informational',`
			`DetectorClassification.LOW: 'Low',`
			`DetectorClassification.MEDIUM: 'Medium',`
			`DetectorClassification.HIGH: 'High',`
			`}`
Make detectors and printers registrable Thx to this PR Slither users will be able to plug-in their own detectors and printers. 6 years ago
			`class AbstractDetector(metaclass=abc.ABCMeta):`
			`ARGUMENT = '' # run the detector with slither.py --ARGUMENT`
			`HELP = '' # help information`
AbstractDetector: - Replace Classification by Impact - Add Confidence - Replace CODEQUALITY by Informational Add hidden option to automatically generate markdown list of detectors Update Readme 6 years ago			`IMPACT = None`
			`CONFIDENCE = None`
Initial public commit 6 years ago
Improve output format Group info of informational issues into one log action per detector Add WIKI information 6 years ago			`WIKI = ''`

Add wiki information to all detectors 6 years ago			`WIKI_TITLE = ''`
			`WIKI_DESCRIPTION = ''`
			`WIKI_EXPLOIT_SCENARIO = ''`
			`WIKI_RECOMMENDATION = ''`


Initial public commit 6 years ago			`def __init__(self, slither, logger):`
			`self.slither = slither`
			`self.contracts = slither.contracts`
			`self.filename = slither.filename`
			`self.logger = logger`
Make detectors and printers registrable Thx to this PR Slither users will be able to plug-in their own detectors and printers. 6 years ago
			`if not self.HELP:`
Improve error reporting for incorrect detector config 6 years ago			`raise IncorrectDetectorInitialization('HELP is not initialized {}'.format(self.__class__.__name__))`
Make detectors and printers registrable Thx to this PR Slither users will be able to plug-in their own detectors and printers. 6 years ago
			`if not self.ARGUMENT:`
Improve error reporting for incorrect detector config 6 years ago			`raise IncorrectDetectorInitialization('ARGUMENT is not initialized {}'.format(self.__class__.__name__))`
Make detectors and printers registrable Thx to this PR Slither users will be able to plug-in their own detectors and printers. 6 years ago
Add WIKI to Detector mandatory fields 6 years ago			`if not self.WIKI:`
			`raise IncorrectDetectorInitialization('WIKI is not initialized {}'.format(self.__class__.__name__))`

Add wiki information to all detectors 6 years ago			`if not self.WIKI_TITLE:`
			`raise IncorrectDetectorInitialization('WIKI_TITLE is not initialized {}'.format(self.__class__.__name__))`

			`if not self.WIKI_DESCRIPTION:`
			`raise IncorrectDetectorInitialization('WIKI_DESCRIPTION is not initialized {}'.format(self.__class__.__name__))`

			`if not self.WIKI_EXPLOIT_SCENARIO and self.IMPACT != DetectorClassification.INFORMATIONAL:`
			`raise IncorrectDetectorInitialization('WIKI_EXPLOIT_SCENARIO is not initialized {}'.format(self.__class__.__name__))`

			`if not self.WIKI_RECOMMENDATION:`
			`raise IncorrectDetectorInitialization('WIKI_RECOMMENDATION is not initialized {}'.format(self.__class__.__name__))`

Initial public commit 6 years ago			`if re.match('^[a-zA-Z0-9_-]*$', self.ARGUMENT) is None:`
Improve error reporting for incorrect detector config 6 years ago			`raise IncorrectDetectorInitialization('ARGUMENT has illegal character {}'.format(self.__class__.__name__))`
Make detectors and printers registrable Thx to this PR Slither users will be able to plug-in their own detectors and printers. 6 years ago
AbstractDetector: - Replace Classification by Impact - Add Confidence - Replace CODEQUALITY by Informational Add hidden option to automatically generate markdown list of detectors Update Readme 6 years ago			`if self.IMPACT not in [DetectorClassification.LOW,`
			`DetectorClassification.MEDIUM,`
			`DetectorClassification.HIGH,`
			`DetectorClassification.INFORMATIONAL]:`
Improve error reporting for incorrect detector config 6 years ago			`raise IncorrectDetectorInitialization('IMPACT is not initialized {}'.format(self.__class__.__name__))`
AbstractDetector: - Replace Classification by Impact - Add Confidence - Replace CODEQUALITY by Informational Add hidden option to automatically generate markdown list of detectors Update Readme 6 years ago
			`if self.CONFIDENCE not in [DetectorClassification.LOW,`
Initial public commit 6 years ago			`DetectorClassification.MEDIUM,`
Parse ImportDirective and PragmaDirective Add CODE_QUALITY detector type Add detector to check that the same version of solidity is always used 6 years ago			`DetectorClassification.HIGH,`
AbstractDetector: - Replace Classification by Impact - Add Confidence - Replace CODEQUALITY by Informational Add hidden option to automatically generate markdown list of detectors Update Readme 6 years ago			`DetectorClassification.INFORMATIONAL]:`
Improve error reporting for incorrect detector config 6 years ago			`raise IncorrectDetectorInitialization('CONFIDENCE is not initialized {}'.format(self.__class__.__name__))`
Initial public commit 6 years ago
WIP database 6 years ago			`# def log(self, info):`
			`# if self.logger:`
			`# info = "\n"+info`
			`# if self.WIKI != '':`
			`# info += 'Reference: {}'.format(self.WIKI)`
			`# self.logger.info(self.color(info))`

			`def _log(self, info):`
			`self.logger.info(self.color(info))`
Initial public commit 6 years ago
			`@abc.abstractmethod`
WIP database 6 years ago			`def _detect(self):`
Initial public commit 6 years ago			`"""TODO Documentation"""`
			`return`

WIP database 6 years ago			`def detect(self):`
			`results = self._detect()`
			`results = [r for r in results if self.slither.valid_result(r)]`
			`if results:`
			`if self.logger:`
Add basic interactive mode support 6 years ago			`info = '\n'`
			`for idx, result in enumerate(results):`
			`if self.slither.interactive_mode:`
			`info += '{}: '.format(idx)`
Add new command lines: - --ignore-truffle-compile: do not run truffle compile - --filter-paths: ignore the results for which all the paths contains one of the string provided 6 years ago			`info += result['description']`
WIP database 6 years ago			`info += 'Reference: {}'.format(self.WIKI)`
			`self._log(info)`
Add basic interactive mode support 6 years ago			`if results and self.slither.interactive_mode:`
			`not_well_formed = True`
			`while not_well_formed:`
			`indexes = input('Results to hide "0,1,..." or "All" (enter to not hide results): '.format(len(results)))`
			`if indexes == 'All':`
			`self.slither.save_results_to_hide(results)`
			`return []`
			`if indexes == '':`
			`return results`
			`indexes = [int(i) for i in indexes.split(',')]`
			`self.slither.save_results_to_hide([r for (idx, r) in enumerate(results) if idx in indexes])`
			`return [r for (idx, r) in enumerate(results) if idx not in indexes]`
WIP database 6 years ago			`return results`


Initial public commit 6 years ago			`@property`
			`def color(self):`
AbstractDetector: - Replace Classification by Impact - Add Confidence - Replace CODEQUALITY by Informational Add hidden option to automatically generate markdown list of detectors Update Readme 6 years ago			`return classification_colors[self.IMPACT]`
JSON output: add helpers to unifiy and simplify export 6 years ago
Json: - Add 'description' field for each report - Add contract information to function field Close #91 6 years ago			`def generate_json_result(self, info):`
Use deepdiff library to compare json output instead of custom script 6 years ago			`d = OrderedDict()`
			`d['check'] = self.ARGUMENT`
Add impact and confidence fields 6 years ago			`d['impact'] = classification_txt[self.IMPACT]`
			`d['confidence'] = classification_txt[self.CONFIDENCE]`
Json: - Add 'description' field for each report - Add contract information to function field Close #91 6 years ago			`d['description'] = info`
Refactor JSON output 6 years ago			`d['elements'] = []`
Use deepdiff library to compare json output instead of custom script 6 years ago			`return d`
JSON output: add helpers to unifiy and simplify export 6 years ago
			`@staticmethod`
			`def add_variable_to_json(variable, d):`
Refactor JSON output 6 years ago			`d['elements'].append({'type': 'variable',`
			`'name': variable.name,`
			`'source_mapping': variable.source_mapping})`
JSON output: add helpers to unifiy and simplify export 6 years ago
			`@staticmethod`
			`def add_variables_to_json(variables, d):`
Refactor JSON output 6 years ago			`for variable in sorted(variables, key=lambda x:x.name):`
			`AbstractDetector.add_variable_to_json(variable, d)`
JSON output: add helpers to unifiy and simplify export 6 years ago
Add new json helper 6 years ago			`@staticmethod`
			`def add_contract_to_json(contract, d):`
Refactor JSON output 6 years ago			`d['elements'].append({'type': 'contract',`
			`'name': contract.name,`
			`'source_mapping': contract.source_mapping})`
Add new json helper 6 years ago
JSON output: add helpers to unifiy and simplify export 6 years ago			`@staticmethod`
			`def add_function_to_json(function, d):`
Refactor JSON output 6 years ago			`contract = {'elements':[]}`
Json: - Add 'description' field for each report - Add contract information to function field Close #91 6 years ago			`AbstractDetector.add_contract_to_json(function.contract, contract)`
Refactor JSON output 6 years ago			`d['elements'].append({'type': 'function',`
			`'name': function.name,`
			`'source_mapping': function.source_mapping,`
			`'contract': contract['elements'][0]})`
JSON output: add helpers to unifiy and simplify export 6 years ago
			`@staticmethod`
			`def add_functions_to_json(functions, d):`
Make json result more deterministic Remove check on description field for unit test (allow undeterministic print) 6 years ago			`for function in sorted(functions, key=lambda x: x.name):`
Refactor JSON output 6 years ago			`AbstractDetector.add_function_to_json(function, d)`
JSON output: add helpers to unifiy and simplify export 6 years ago
			`@staticmethod`
			`def add_nodes_to_json(nodes, d):`
Refactor JSON output 6 years ago			`for node in sorted(nodes, key=lambda x: x.node_id):`
			`d['elements'].append({'type': 'expression',`
			`'expression': str(node.expression),`
			`'source_mapping': node.source_mapping})`