TheDude
/
slither
mirror of https://github.com/crytic/slither
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Static Analyzer for Solidity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3156 Commits
76 Branches
41 Tags
110 MiB
Tag: Branch: Tree: b6d6294148
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b6d6294148'
${ noResults }
slither/tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol.0....

688 lines
33 KiB
Raw Normal View History Unescape

feat: add arbitrary-send-erc20 and arbitrary-send-erc20-permit detectors (#1025) Add arbitrary-send-erc20 and arbitrary-send-erc20-permit detectors
3 years ago
[
[
{
"elements": [
{
"type": "function",
"name": "bad1",
"source_mapping": {
"start": 780,
"length": 97,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
35,
36,
37
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 394,
"length": 1717,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad1(address,uint256)"
}
},
{
"type": "node",
"name": "erc20.transferFrom(notsend,to,am)",
"source_mapping": {
"start": 835,
"length": 35,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
36
],
"starting_column": 9,
"ending_column": 44
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad1",
"source_mapping": {
"start": 780,
"length": 97,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
35,
36,
37
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 394,
"length": 1717,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad1(address,uint256)"
}
}
}
}
],
"description": "C.bad1(address,uint256) (tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#35-37) uses arbitrary from in transferFrom: erc20.transferFrom(notsend,to,am) (tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#36)\n",
"markdown": "[C.bad1(address,uint256)](tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#L35-L37) uses arbitrary from in transferFrom: [erc20.transferFrom(notsend,to,am)](tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#L36)\n",
"first_markdown_element": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#L35-L37",
"id": "430afa4e7855d25b1262162894fa21d58eea2571578d45de5399baf3eb438038",
"check": "arbitrary-send-erc20",
"impact": "High",
"confidence": "High"
},
{
"elements": [
{
"type": "function",
"name": "bad4",
"source_mapping": {
"start": 1702,
"length": 133,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
65,
66,
67
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 394,
"length": 1717,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad4(address,address,uint256)"
}
},
{
"type": "node",
"name": "SafeERC20.safeTransferFrom(erc20,from,to,amount)",
"source_mapping": {
"start": 1777,
"length": 51,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
66
],
"starting_column": 9,
"ending_column": 60
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad4",
"source_mapping": {
"start": 1702,
"length": 133,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
65,
66,
67
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 394,
"length": 1717,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad4(address,address,uint256)"
}
}
}
}
],
"description": "C.bad4(address,address,uint256) (tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#65-67) uses arbitrary from in transferFrom: SafeERC20.safeTransferFrom(erc20,from,to,amount) (tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#66)\n",
"markdown": "[C.bad4(address,address,uint256)](tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#L65-L67) uses arbitrary from in transferFrom: [SafeERC20.safeTransferFrom(erc20,from,to,amount)](tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#L66)\n",
"first_markdown_element": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#L65-L67",
"id": "b2557d6385585034271b9873559de9cde4972e3207c43f260663f3d0e2a4d4a0",
"check": "arbitrary-send-erc20",
"impact": "High",
"confidence": "High"
},
{
"elements": [
{
"type": "function",
"name": "bad3",
"source_mapping": {
"start": 1434,
"length": 122,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
57,
58,
59
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 394,
"length": 1717,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad3(address,address,uint256)"
}
},
{
"type": "node",
"name": "erc20.safeTransferFrom(from,to,amount)",
"source_mapping": {
"start": 1509,
"length": 40,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
58
],
"starting_column": 9,
"ending_column": 49
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad3",
"source_mapping": {
"start": 1434,
"length": 122,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
57,
58,
59
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 394,
"length": 1717,
"filename_relative": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol",
"is_dependency": false,
"lines": [
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad3(address,address,uint256)"
}
}
}
}
],
"description": "C.bad3(address,address,uint256) (tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#57-59) uses arbitrary from in transferFrom: erc20.safeTransferFrom(from,to,amount) (tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#58)\n",
"markdown": "[C.bad3(address,address,uint256)](tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#L57-L59) uses arbitrary from in transferFrom: [erc20.safeTransferFrom(from,to,amount)](tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#L58)\n",
"first_markdown_element": "tests/detectors/arbitrary-send-erc20/0.4.25/arbitrary_send_erc20.sol#L57-L59",
"id": "e7271d3fa958d20a025419c070ea1010431487e98e30fa2db65db9bf54a13665",
"check": "arbitrary-send-erc20",
"impact": "High",
"confidence": "High"
}
]
]