mirror of https://github.com/crytic/slither
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
453 lines
23 KiB
453 lines
23 KiB
4 years ago
|
[
|
||
|
[
|
||
|
{
|
||
|
"elements": [
|
||
|
{
|
||
|
"type": "function",
|
||
|
"name": "withdraw",
|
||
|
"source_mapping": {
|
||
|
"start": 639,
|
||
|
"length": 278,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
22,
|
||
|
23,
|
||
|
24,
|
||
|
25,
|
||
|
26,
|
||
|
27,
|
||
|
28,
|
||
|
29
|
||
|
],
|
||
|
"starting_column": 5,
|
||
|
"ending_column": 6
|
||
|
},
|
||
|
"type_specific_fields": {
|
||
|
"parent": {
|
||
|
"type": "contract",
|
||
|
"name": "Reentrancy",
|
||
|
"source_mapping": {
|
||
|
"start": 185,
|
||
|
"length": 735,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
8,
|
||
|
9,
|
||
|
10,
|
||
|
11,
|
||
|
12,
|
||
|
13,
|
||
|
14,
|
||
|
15,
|
||
|
16,
|
||
|
17,
|
||
|
18,
|
||
|
19,
|
||
|
20,
|
||
|
21,
|
||
|
22,
|
||
|
23,
|
||
|
24,
|
||
|
25,
|
||
|
26,
|
||
|
27,
|
||
|
28,
|
||
|
29,
|
||
|
30,
|
||
|
31
|
||
|
],
|
||
|
"starting_column": 1,
|
||
|
"ending_column": 2
|
||
|
}
|
||
|
},
|
||
|
"signature": "withdraw(address)"
|
||
|
}
|
||
|
},
|
||
|
{
|
||
|
"type": "node",
|
||
|
"name": "require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender]))",
|
||
|
"source_mapping": {
|
||
|
"start": 742,
|
||
|
"length": 76,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
24
|
||
|
],
|
||
|
"starting_column": 9,
|
||
|
"ending_column": 85
|
||
|
},
|
||
|
"type_specific_fields": {
|
||
|
"parent": {
|
||
|
"type": "function",
|
||
|
"name": "withdraw",
|
||
|
"source_mapping": {
|
||
|
"start": 639,
|
||
|
"length": 278,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
22,
|
||
|
23,
|
||
|
24,
|
||
|
25,
|
||
|
26,
|
||
|
27,
|
||
|
28,
|
||
|
29
|
||
|
],
|
||
|
"starting_column": 5,
|
||
|
"ending_column": 6
|
||
|
},
|
||
|
"type_specific_fields": {
|
||
|
"parent": {
|
||
|
"type": "contract",
|
||
|
"name": "Reentrancy",
|
||
|
"source_mapping": {
|
||
|
"start": 185,
|
||
|
"length": 735,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
8,
|
||
|
9,
|
||
|
10,
|
||
|
11,
|
||
|
12,
|
||
|
13,
|
||
|
14,
|
||
|
15,
|
||
|
16,
|
||
|
17,
|
||
|
18,
|
||
|
19,
|
||
|
20,
|
||
|
21,
|
||
|
22,
|
||
|
23,
|
||
|
24,
|
||
|
25,
|
||
|
26,
|
||
|
27,
|
||
|
28,
|
||
|
29,
|
||
|
30,
|
||
|
31
|
||
|
],
|
||
|
"starting_column": 1,
|
||
|
"ending_column": 2
|
||
|
}
|
||
|
},
|
||
|
"signature": "withdraw(address)"
|
||
|
}
|
||
|
}
|
||
|
},
|
||
|
"additional_fields": {
|
||
|
"underlying_type": "external_calls"
|
||
|
}
|
||
|
},
|
||
|
{
|
||
|
"type": "node",
|
||
|
"name": "msg.sender.transfer(eth_deposed[token][msg.sender])",
|
||
|
"source_mapping": {
|
||
|
"start": 681,
|
||
|
"length": 51,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
23
|
||
|
],
|
||
|
"starting_column": 9,
|
||
|
"ending_column": 60
|
||
|
},
|
||
|
"type_specific_fields": {
|
||
|
"parent": {
|
||
|
"type": "function",
|
||
|
"name": "withdraw",
|
||
|
"source_mapping": {
|
||
|
"start": 639,
|
||
|
"length": 278,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
22,
|
||
|
23,
|
||
|
24,
|
||
|
25,
|
||
|
26,
|
||
|
27,
|
||
|
28,
|
||
|
29
|
||
|
],
|
||
|
"starting_column": 5,
|
||
|
"ending_column": 6
|
||
|
},
|
||
|
"type_specific_fields": {
|
||
|
"parent": {
|
||
|
"type": "contract",
|
||
|
"name": "Reentrancy",
|
||
|
"source_mapping": {
|
||
|
"start": 185,
|
||
|
"length": 735,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
8,
|
||
|
9,
|
||
|
10,
|
||
|
11,
|
||
|
12,
|
||
|
13,
|
||
|
14,
|
||
|
15,
|
||
|
16,
|
||
|
17,
|
||
|
18,
|
||
|
19,
|
||
|
20,
|
||
|
21,
|
||
|
22,
|
||
|
23,
|
||
|
24,
|
||
|
25,
|
||
|
26,
|
||
|
27,
|
||
|
28,
|
||
|
29,
|
||
|
30,
|
||
|
31
|
||
|
],
|
||
|
"starting_column": 1,
|
||
|
"ending_column": 2
|
||
|
}
|
||
|
},
|
||
|
"signature": "withdraw(address)"
|
||
|
}
|
||
|
}
|
||
|
},
|
||
|
"additional_fields": {
|
||
|
"underlying_type": "external_calls_sending_eth"
|
||
|
}
|
||
|
},
|
||
|
{
|
||
|
"type": "node",
|
||
|
"name": "eth_deposed[token][msg.sender] = 0",
|
||
|
"source_mapping": {
|
||
|
"start": 829,
|
||
|
"length": 34,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
26
|
||
|
],
|
||
|
"starting_column": 9,
|
||
|
"ending_column": 43
|
||
|
},
|
||
|
"type_specific_fields": {
|
||
|
"parent": {
|
||
|
"type": "function",
|
||
|
"name": "withdraw",
|
||
|
"source_mapping": {
|
||
|
"start": 639,
|
||
|
"length": 278,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
22,
|
||
|
23,
|
||
|
24,
|
||
|
25,
|
||
|
26,
|
||
|
27,
|
||
|
28,
|
||
|
29
|
||
|
],
|
||
|
"starting_column": 5,
|
||
|
"ending_column": 6
|
||
|
},
|
||
|
"type_specific_fields": {
|
||
|
"parent": {
|
||
|
"type": "contract",
|
||
|
"name": "Reentrancy",
|
||
|
"source_mapping": {
|
||
|
"start": 185,
|
||
|
"length": 735,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
8,
|
||
|
9,
|
||
|
10,
|
||
|
11,
|
||
|
12,
|
||
|
13,
|
||
|
14,
|
||
|
15,
|
||
|
16,
|
||
|
17,
|
||
|
18,
|
||
|
19,
|
||
|
20,
|
||
|
21,
|
||
|
22,
|
||
|
23,
|
||
|
24,
|
||
|
25,
|
||
|
26,
|
||
|
27,
|
||
|
28,
|
||
|
29,
|
||
|
30,
|
||
|
31
|
||
|
],
|
||
|
"starting_column": 1,
|
||
|
"ending_column": 2
|
||
|
}
|
||
|
},
|
||
|
"signature": "withdraw(address)"
|
||
|
}
|
||
|
}
|
||
|
},
|
||
|
"additional_fields": {
|
||
|
"underlying_type": "variables_written",
|
||
|
"variable_name": "eth_deposed"
|
||
|
}
|
||
|
},
|
||
|
{
|
||
|
"type": "node",
|
||
|
"name": "token_deposed[token][msg.sender] = 0",
|
||
|
"source_mapping": {
|
||
|
"start": 873,
|
||
|
"length": 36,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
27
|
||
|
],
|
||
|
"starting_column": 9,
|
||
|
"ending_column": 45
|
||
|
},
|
||
|
"type_specific_fields": {
|
||
|
"parent": {
|
||
|
"type": "function",
|
||
|
"name": "withdraw",
|
||
|
"source_mapping": {
|
||
|
"start": 639,
|
||
|
"length": 278,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
22,
|
||
|
23,
|
||
|
24,
|
||
|
25,
|
||
|
26,
|
||
|
27,
|
||
|
28,
|
||
|
29
|
||
|
],
|
||
|
"starting_column": 5,
|
||
|
"ending_column": 6
|
||
|
},
|
||
|
"type_specific_fields": {
|
||
|
"parent": {
|
||
|
"type": "contract",
|
||
|
"name": "Reentrancy",
|
||
|
"source_mapping": {
|
||
|
"start": 185,
|
||
|
"length": 735,
|
||
|
"filename_used": "/GENERIC_PATH",
|
||
|
"filename_relative": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"filename_absolute": "/GENERIC_PATH",
|
||
|
"filename_short": "tests/detectors/reentrancy-eth/reentrancy_indirect.sol",
|
||
|
"is_dependency": false,
|
||
|
"lines": [
|
||
|
8,
|
||
|
9,
|
||
|
10,
|
||
|
11,
|
||
|
12,
|
||
|
13,
|
||
|
14,
|
||
|
15,
|
||
|
16,
|
||
|
17,
|
||
|
18,
|
||
|
19,
|
||
|
20,
|
||
|
21,
|
||
|
22,
|
||
|
23,
|
||
|
24,
|
||
|
25,
|
||
|
26,
|
||
|
27,
|
||
|
28,
|
||
|
29,
|
||
|
30,
|
||
|
31
|
||
|
],
|
||
|
"starting_column": 1,
|
||
|
"ending_column": 2
|
||
|
}
|
||
|
},
|
||
|
"signature": "withdraw(address)"
|
||
|
}
|
||
|
}
|
||
|
},
|
||
|
"additional_fields": {
|
||
|
"underlying_type": "variables_written",
|
||
|
"variable_name": "token_deposed"
|
||
|
}
|
||
|
}
|
||
|
],
|
||
|
"description": "Reentrancy in Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/reentrancy_indirect.sol#22-29):\n\tExternal calls:\n\t- require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender])) (tests/detectors/reentrancy-eth/reentrancy_indirect.sol#24)\n\tExternal calls sending eth:\n\t- msg.sender.transfer(eth_deposed[token][msg.sender]) (tests/detectors/reentrancy-eth/reentrancy_indirect.sol#23)\n\tState variables written after the call(s):\n\t- eth_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/reentrancy_indirect.sol#26)\n\t- token_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/reentrancy_indirect.sol#27)\n",
|
||
|
"markdown": "Reentrancy in [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/reentrancy_indirect.sol#L22-L29):\n\tExternal calls:\n\t- [require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender]))](tests/detectors/reentrancy-eth/reentrancy_indirect.sol#L24)\n\tExternal calls sending eth:\n\t- [msg.sender.transfer(eth_deposed[token][msg.sender])](tests/detectors/reentrancy-eth/reentrancy_indirect.sol#L23)\n\tState variables written after the call(s):\n\t- [eth_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/reentrancy_indirect.sol#L26)\n\t- [token_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/reentrancy_indirect.sol#L27)\n",
|
||
|
"id": "6e23805ff4c3ce23f8f3ae167941b4a67257de1c0708934494dd826c2e62a5b3",
|
||
|
"check": "reentrancy-eth",
|
||
|
"impact": "High",
|
||
|
"confidence": "Medium"
|
||
|
}
|
||
|
]
|
||
|
]
|