|
|
|
[
|
|
|
|
[
|
|
|
|
{
|
|
|
|
"elements": [
|
|
|
|
{
|
|
|
|
"type": "contract",
|
|
|
|
"name": "ArrayLengthAssignment",
|
|
|
|
"source_mapping": {
|
|
|
|
"start": 0,
|
|
|
|
"length": 1055,
|
|
|
|
"filename_used": "/GENERIC_PATH",
|
|
|
|
"filename_relative": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"filename_absolute": "/GENERIC_PATH",
|
|
|
|
"filename_short": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"is_dependency": false,
|
|
|
|
"lines": [
|
|
|
|
1,
|
|
|
|
2,
|
|
|
|
3,
|
|
|
|
4,
|
|
|
|
5,
|
|
|
|
6,
|
|
|
|
7,
|
|
|
|
8,
|
|
|
|
9,
|
|
|
|
10,
|
|
|
|
11,
|
|
|
|
12,
|
|
|
|
13,
|
|
|
|
14,
|
|
|
|
15,
|
|
|
|
16,
|
|
|
|
17,
|
|
|
|
18,
|
|
|
|
19,
|
|
|
|
20,
|
|
|
|
21,
|
|
|
|
22,
|
|
|
|
23,
|
|
|
|
24,
|
|
|
|
25,
|
|
|
|
26,
|
|
|
|
27,
|
|
|
|
28,
|
|
|
|
29,
|
|
|
|
30,
|
|
|
|
31,
|
|
|
|
32,
|
|
|
|
33,
|
|
|
|
34,
|
|
|
|
35,
|
|
|
|
36,
|
|
|
|
37,
|
|
|
|
38,
|
|
|
|
39,
|
|
|
|
40,
|
|
|
|
41,
|
|
|
|
42,
|
|
|
|
43,
|
|
|
|
44,
|
|
|
|
45,
|
|
|
|
46
|
|
|
|
],
|
|
|
|
"starting_column": 1,
|
|
|
|
"ending_column": 2
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "node",
|
|
|
|
"name": "arr.length = param",
|
|
|
|
"source_mapping": {
|
|
|
|
"start": 527,
|
|
|
|
"length": 18,
|
|
|
|
"filename_used": "/GENERIC_PATH",
|
|
|
|
"filename_relative": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"filename_absolute": "/GENERIC_PATH",
|
|
|
|
"filename_short": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"is_dependency": false,
|
|
|
|
"lines": [
|
|
|
|
26
|
|
|
|
],
|
|
|
|
"starting_column": 13,
|
|
|
|
"ending_column": 31
|
|
|
|
},
|
|
|
|
"type_specific_fields": {
|
|
|
|
"parent": {
|
|
|
|
"type": "function",
|
|
|
|
"name": "f",
|
|
|
|
"source_mapping": {
|
|
|
|
"start": 406,
|
|
|
|
"length": 647,
|
|
|
|
"filename_used": "/GENERIC_PATH",
|
|
|
|
"filename_relative": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"filename_absolute": "/GENERIC_PATH",
|
|
|
|
"filename_short": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"is_dependency": false,
|
|
|
|
"lines": [
|
|
|
|
22,
|
|
|
|
23,
|
|
|
|
24,
|
|
|
|
25,
|
|
|
|
26,
|
|
|
|
27,
|
|
|
|
28,
|
|
|
|
29,
|
|
|
|
30,
|
|
|
|
31,
|
|
|
|
32,
|
|
|
|
33,
|
|
|
|
34,
|
|
|
|
35,
|
|
|
|
36,
|
|
|
|
37,
|
|
|
|
38,
|
|
|
|
39,
|
|
|
|
40,
|
|
|
|
41,
|
|
|
|
42,
|
|
|
|
43,
|
|
|
|
44,
|
|
|
|
45
|
|
|
|
],
|
|
|
|
"starting_column": 5,
|
|
|
|
"ending_column": 6
|
|
|
|
},
|
|
|
|
"type_specific_fields": {
|
|
|
|
"parent": {
|
|
|
|
"type": "contract",
|
|
|
|
"name": "ArrayLengthAssignment",
|
|
|
|
"source_mapping": {
|
|
|
|
"start": 0,
|
|
|
|
"length": 1055,
|
|
|
|
"filename_used": "/GENERIC_PATH",
|
|
|
|
"filename_relative": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"filename_absolute": "/GENERIC_PATH",
|
|
|
|
"filename_short": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"is_dependency": false,
|
|
|
|
"lines": [
|
|
|
|
1,
|
|
|
|
2,
|
|
|
|
3,
|
|
|
|
4,
|
|
|
|
5,
|
|
|
|
6,
|
|
|
|
7,
|
|
|
|
8,
|
|
|
|
9,
|
|
|
|
10,
|
|
|
|
11,
|
|
|
|
12,
|
|
|
|
13,
|
|
|
|
14,
|
|
|
|
15,
|
|
|
|
16,
|
|
|
|
17,
|
|
|
|
18,
|
|
|
|
19,
|
|
|
|
20,
|
|
|
|
21,
|
|
|
|
22,
|
|
|
|
23,
|
|
|
|
24,
|
|
|
|
25,
|
|
|
|
26,
|
|
|
|
27,
|
|
|
|
28,
|
|
|
|
29,
|
|
|
|
30,
|
|
|
|
31,
|
|
|
|
32,
|
|
|
|
33,
|
|
|
|
34,
|
|
|
|
35,
|
|
|
|
36,
|
|
|
|
37,
|
|
|
|
38,
|
|
|
|
39,
|
|
|
|
40,
|
|
|
|
41,
|
|
|
|
42,
|
|
|
|
43,
|
|
|
|
44,
|
|
|
|
45,
|
|
|
|
46
|
|
|
|
],
|
|
|
|
"starting_column": 1,
|
|
|
|
"ending_column": 2
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"signature": "f(uint256,uint256)"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"description": "ArrayLengthAssignment (tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol#1-46) contract sets array length with a user-controlled value:\n\t- arr.length = param (tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol#26)\n",
|
|
|
|
"markdown": "[ArrayLengthAssignment](tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol#L1-L46) contract sets array length with a user-controlled value:\n\t- [arr.length = param](tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol#L26)\n",
|
|
|
|
"id": "5120add82e5b674971638ddcd430301e4fd0ff0abc12b425d78bb09baa519dd0",
|
|
|
|
"check": "controlled-array-length",
|
|
|
|
"impact": "High",
|
|
|
|
"confidence": "Medium"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"elements": [
|
|
|
|
{
|
|
|
|
"type": "contract",
|
|
|
|
"name": "ArrayLengthAssignment",
|
|
|
|
"source_mapping": {
|
|
|
|
"start": 0,
|
|
|
|
"length": 1055,
|
|
|
|
"filename_used": "/GENERIC_PATH",
|
|
|
|
"filename_relative": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"filename_absolute": "/GENERIC_PATH",
|
|
|
|
"filename_short": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"is_dependency": false,
|
|
|
|
"lines": [
|
|
|
|
1,
|
|
|
|
2,
|
|
|
|
3,
|
|
|
|
4,
|
|
|
|
5,
|
|
|
|
6,
|
|
|
|
7,
|
|
|
|
8,
|
|
|
|
9,
|
|
|
|
10,
|
|
|
|
11,
|
|
|
|
12,
|
|
|
|
13,
|
|
|
|
14,
|
|
|
|
15,
|
|
|
|
16,
|
|
|
|
17,
|
|
|
|
18,
|
|
|
|
19,
|
|
|
|
20,
|
|
|
|
21,
|
|
|
|
22,
|
|
|
|
23,
|
|
|
|
24,
|
|
|
|
25,
|
|
|
|
26,
|
|
|
|
27,
|
|
|
|
28,
|
|
|
|
29,
|
|
|
|
30,
|
|
|
|
31,
|
|
|
|
32,
|
|
|
|
33,
|
|
|
|
34,
|
|
|
|
35,
|
|
|
|
36,
|
|
|
|
37,
|
|
|
|
38,
|
|
|
|
39,
|
|
|
|
40,
|
|
|
|
41,
|
|
|
|
42,
|
|
|
|
43,
|
|
|
|
44,
|
|
|
|
45,
|
|
|
|
46
|
|
|
|
],
|
|
|
|
"starting_column": 1,
|
|
|
|
"ending_column": 2
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "node",
|
|
|
|
"name": "b.subStruct.x.length = param + 1",
|
|
|
|
"source_mapping": {
|
|
|
|
"start": 964,
|
|
|
|
"length": 32,
|
|
|
|
"filename_used": "/GENERIC_PATH",
|
|
|
|
"filename_relative": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"filename_absolute": "/GENERIC_PATH",
|
|
|
|
"filename_short": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"is_dependency": false,
|
|
|
|
"lines": [
|
|
|
|
41
|
|
|
|
],
|
|
|
|
"starting_column": 9,
|
|
|
|
"ending_column": 41
|
|
|
|
},
|
|
|
|
"type_specific_fields": {
|
|
|
|
"parent": {
|
|
|
|
"type": "function",
|
|
|
|
"name": "f",
|
|
|
|
"source_mapping": {
|
|
|
|
"start": 406,
|
|
|
|
"length": 647,
|
|
|
|
"filename_used": "/GENERIC_PATH",
|
|
|
|
"filename_relative": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"filename_absolute": "/GENERIC_PATH",
|
|
|
|
"filename_short": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"is_dependency": false,
|
|
|
|
"lines": [
|
|
|
|
22,
|
|
|
|
23,
|
|
|
|
24,
|
|
|
|
25,
|
|
|
|
26,
|
|
|
|
27,
|
|
|
|
28,
|
|
|
|
29,
|
|
|
|
30,
|
|
|
|
31,
|
|
|
|
32,
|
|
|
|
33,
|
|
|
|
34,
|
|
|
|
35,
|
|
|
|
36,
|
|
|
|
37,
|
|
|
|
38,
|
|
|
|
39,
|
|
|
|
40,
|
|
|
|
41,
|
|
|
|
42,
|
|
|
|
43,
|
|
|
|
44,
|
|
|
|
45
|
|
|
|
],
|
|
|
|
"starting_column": 5,
|
|
|
|
"ending_column": 6
|
|
|
|
},
|
|
|
|
"type_specific_fields": {
|
|
|
|
"parent": {
|
|
|
|
"type": "contract",
|
|
|
|
"name": "ArrayLengthAssignment",
|
|
|
|
"source_mapping": {
|
|
|
|
"start": 0,
|
|
|
|
"length": 1055,
|
|
|
|
"filename_used": "/GENERIC_PATH",
|
|
|
|
"filename_relative": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"filename_absolute": "/GENERIC_PATH",
|
|
|
|
"filename_short": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"is_dependency": false,
|
|
|
|
"lines": [
|
|
|
|
1,
|
|
|
|
2,
|
|
|
|
3,
|
|
|
|
4,
|
|
|
|
5,
|
|
|
|
6,
|
|
|
|
7,
|
|
|
|
8,
|
|
|
|
9,
|
|
|
|
10,
|
|
|
|
11,
|
|
|
|
12,
|
|
|
|
13,
|
|
|
|
14,
|
|
|
|
15,
|
|
|
|
16,
|
|
|
|
17,
|
|
|
|
18,
|
|
|
|
19,
|
|
|
|
20,
|
|
|
|
21,
|
|
|
|
22,
|
|
|
|
23,
|
|
|
|
24,
|
|
|
|
25,
|
|
|
|
26,
|
|
|
|
27,
|
|
|
|
28,
|
|
|
|
29,
|
|
|
|
30,
|
|
|
|
31,
|
|
|
|
32,
|
|
|
|
33,
|
|
|
|
34,
|
|
|
|
35,
|
|
|
|
36,
|
|
|
|
37,
|
|
|
|
38,
|
|
|
|
39,
|
|
|
|
40,
|
|
|
|
41,
|
|
|
|
42,
|
|
|
|
43,
|
|
|
|
44,
|
|
|
|
45,
|
|
|
|
46
|
|
|
|
],
|
|
|
|
"starting_column": 1,
|
|
|
|
"ending_column": 2
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"signature": "f(uint256,uint256)"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"description": "ArrayLengthAssignment (tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol#1-46) contract sets array length with a user-controlled value:\n\t- b.subStruct.x.length = param + 1 (tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol#41)\n",
|
|
|
|
"markdown": "[ArrayLengthAssignment](tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol#L1-L46) contract sets array length with a user-controlled value:\n\t- [b.subStruct.x.length = param + 1](tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol#L41)\n",
|
|
|
|
"id": "ba005d0d2665bc40c7c33b2a6a32bf426b4a5ccea38e75a6265976a20c9b7ae3",
|
|
|
|
"check": "controlled-array-length",
|
|
|
|
"impact": "High",
|
|
|
|
"confidence": "Medium"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"elements": [
|
|
|
|
{
|
|
|
|
"type": "contract",
|
|
|
|
"name": "ArrayLengthAssignment",
|
|
|
|
"source_mapping": {
|
|
|
|
"start": 0,
|
|
|
|
"length": 1055,
|
|
|
|
"filename_used": "/GENERIC_PATH",
|
|
|
|
"filename_relative": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"filename_absolute": "/GENERIC_PATH",
|
|
|
|
"filename_short": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"is_dependency": false,
|
|
|
|
"lines": [
|
|
|
|
1,
|
|
|
|
2,
|
|
|
|
3,
|
|
|
|
4,
|
|
|
|
5,
|
|
|
|
6,
|
|
|
|
7,
|
|
|
|
8,
|
|
|
|
9,
|
|
|
|
10,
|
|
|
|
11,
|
|
|
|
12,
|
|
|
|
13,
|
|
|
|
14,
|
|
|
|
15,
|
|
|
|
16,
|
|
|
|
17,
|
|
|
|
18,
|
|
|
|
19,
|
|
|
|
20,
|
|
|
|
21,
|
|
|
|
22,
|
|
|
|
23,
|
|
|
|
24,
|
|
|
|
25,
|
|
|
|
26,
|
|
|
|
27,
|
|
|
|
28,
|
|
|
|
29,
|
|
|
|
30,
|
|
|
|
31,
|
|
|
|
32,
|
|
|
|
33,
|
|
|
|
34,
|
|
|
|
35,
|
|
|
|
36,
|
|
|
|
37,
|
|
|
|
38,
|
|
|
|
39,
|
|
|
|
40,
|
|
|
|
41,
|
|
|
|
42,
|
|
|
|
43,
|
|
|
|
44,
|
|
|
|
45,
|
|
|
|
46
|
|
|
|
],
|
|
|
|
"starting_column": 1,
|
|
|
|
"ending_column": 2
|
|
|
|
}
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "node",
|
|
|
|
"name": "a.x.length = param",
|
|
|
|
"source_mapping": {
|
|
|
|
"start": 818,
|
|
|
|
"length": 18,
|
|
|
|
"filename_used": "/GENERIC_PATH",
|
|
|
|
"filename_relative": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"filename_absolute": "/GENERIC_PATH",
|
|
|
|
"filename_short": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"is_dependency": false,
|
|
|
|
"lines": [
|
|
|
|
36
|
|
|
|
],
|
|
|
|
"starting_column": 9,
|
|
|
|
"ending_column": 27
|
|
|
|
},
|
|
|
|
"type_specific_fields": {
|
|
|
|
"parent": {
|
|
|
|
"type": "function",
|
|
|
|
"name": "f",
|
|
|
|
"source_mapping": {
|
|
|
|
"start": 406,
|
|
|
|
"length": 647,
|
|
|
|
"filename_used": "/GENERIC_PATH",
|
|
|
|
"filename_relative": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"filename_absolute": "/GENERIC_PATH",
|
|
|
|
"filename_short": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"is_dependency": false,
|
|
|
|
"lines": [
|
|
|
|
22,
|
|
|
|
23,
|
|
|
|
24,
|
|
|
|
25,
|
|
|
|
26,
|
|
|
|
27,
|
|
|
|
28,
|
|
|
|
29,
|
|
|
|
30,
|
|
|
|
31,
|
|
|
|
32,
|
|
|
|
33,
|
|
|
|
34,
|
|
|
|
35,
|
|
|
|
36,
|
|
|
|
37,
|
|
|
|
38,
|
|
|
|
39,
|
|
|
|
40,
|
|
|
|
41,
|
|
|
|
42,
|
|
|
|
43,
|
|
|
|
44,
|
|
|
|
45
|
|
|
|
],
|
|
|
|
"starting_column": 5,
|
|
|
|
"ending_column": 6
|
|
|
|
},
|
|
|
|
"type_specific_fields": {
|
|
|
|
"parent": {
|
|
|
|
"type": "contract",
|
|
|
|
"name": "ArrayLengthAssignment",
|
|
|
|
"source_mapping": {
|
|
|
|
"start": 0,
|
|
|
|
"length": 1055,
|
|
|
|
"filename_used": "/GENERIC_PATH",
|
|
|
|
"filename_relative": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"filename_absolute": "/GENERIC_PATH",
|
|
|
|
"filename_short": "tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol",
|
|
|
|
"is_dependency": false,
|
|
|
|
"lines": [
|
|
|
|
1,
|
|
|
|
2,
|
|
|
|
3,
|
|
|
|
4,
|
|
|
|
5,
|
|
|
|
6,
|
|
|
|
7,
|
|
|
|
8,
|
|
|
|
9,
|
|
|
|
10,
|
|
|
|
11,
|
|
|
|
12,
|
|
|
|
13,
|
|
|
|
14,
|
|
|
|
15,
|
|
|
|
16,
|
|
|
|
17,
|
|
|
|
18,
|
|
|
|
19,
|
|
|
|
20,
|
|
|
|
21,
|
|
|
|
22,
|
|
|
|
23,
|
|
|
|
24,
|
|
|
|
25,
|
|
|
|
26,
|
|
|
|
27,
|
|
|
|
28,
|
|
|
|
29,
|
|
|
|
30,
|
|
|
|
31,
|
|
|
|
32,
|
|
|
|
33,
|
|
|
|
34,
|
|
|
|
35,
|
|
|
|
36,
|
|
|
|
37,
|
|
|
|
38,
|
|
|
|
39,
|
|
|
|
40,
|
|
|
|
41,
|
|
|
|
42,
|
|
|
|
43,
|
|
|
|
44,
|
|
|
|
45,
|
|
|
|
46
|
|
|
|
],
|
|
|
|
"starting_column": 1,
|
|
|
|
"ending_column": 2
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"signature": "f(uint256,uint256)"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"description": "ArrayLengthAssignment (tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol#1-46) contract sets array length with a user-controlled value:\n\t- a.x.length = param (tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol#36)\n",
|
|
|
|
"markdown": "[ArrayLengthAssignment](tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol#L1-L46) contract sets array length with a user-controlled value:\n\t- [a.x.length = param](tests/detectors/controlled-array-length/0.5.16/array_length_assignment.sol#L36)\n",
|
|
|
|
"id": "3ee7c4c1f07506f88bcd3b42a86641b32b24a3978768cbcb99301bd8a1fcb975",
|
|
|
|
"check": "controlled-array-length",
|
|
|
|
"impact": "High",
|
|
|
|
"confidence": "Medium"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
]
|