TheDude
/
slither
mirror of https://github.com/crytic/slither
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Static Analyzer for Solidity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3025 Commits
76 Branches
41 Tags
110 MiB
Tag: Branch: Tree: cbc3077a65
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'cbc3077a65'
${ noResults }
slither/tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit...

748 lines
38 KiB
Raw Normal View History Unescape

feat: add arbitrary-send-erc20 and arbitrary-send-erc20-permit detectors (#1025) Add arbitrary-send-erc20 and arbitrary-send-erc20-permit detectors
3 years ago
[
[
{
"elements": [
{
"type": "function",
"name": "bad4",
"source_mapping": {
"start": 1794,
"length": 249,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
52,
53,
54,
55
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 613,
"length": 1433,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad4(address,uint256,uint256,uint8,bytes32,bytes32,address)"
}
},
{
"type": "node",
"name": "SafeERC20.safeTransferFrom(erc20,from,to,value)",
"source_mapping": {
"start": 1986,
"length": 50,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
54
],
"starting_column": 9,
"ending_column": 59
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad4",
"source_mapping": {
"start": 1794,
"length": 249,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
52,
53,
54,
55
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 613,
"length": 1433,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad4(address,uint256,uint256,uint8,bytes32,bytes32,address)"
}
}
}
}
],
"description": "C.bad4(address,uint256,uint256,uint8,bytes32,bytes32,address) (tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#52-55) uses arbitrary from in transferFrom in combination with permit: SafeERC20.safeTransferFrom(erc20,from,to,value) (tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#54)\n",
"markdown": "[C.bad4(address,uint256,uint256,uint8,bytes32,bytes32,address)](tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#L52-L55) uses arbitrary from in transferFrom in combination with permit: [SafeERC20.safeTransferFrom(erc20,from,to,value)](tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#L54)\n",
"first_markdown_element": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#L52-L55",
"id": "57068db07fd7e67d0b63035936fad5a373fcb8f84bb6a58aa463278143db43fa",
"check": "arbitrary-send-erc20-permit",
"impact": "High",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad1",
"source_mapping": {
"start": 843,
"length": 232,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
32,
33,
34,
35
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 613,
"length": 1433,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad1(address,uint256,uint256,uint8,bytes32,bytes32,address)"
}
},
{
"type": "node",
"name": "erc20.transferFrom(from,to,value)",
"source_mapping": {
"start": 1033,
"length": 35,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
34
],
"starting_column": 9,
"ending_column": 44
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad1",
"source_mapping": {
"start": 843,
"length": 232,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
32,
33,
34,
35
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 613,
"length": 1433,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad1(address,uint256,uint256,uint8,bytes32,bytes32,address)"
}
}
}
}
],
"description": "C.bad1(address,uint256,uint256,uint8,bytes32,bytes32,address) (tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#32-35) uses arbitrary from in transferFrom in combination with permit: erc20.transferFrom(from,to,value) (tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#34)\n",
"markdown": "[C.bad1(address,uint256,uint256,uint8,bytes32,bytes32,address)](tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#L32-L35) uses arbitrary from in transferFrom in combination with permit: [erc20.transferFrom(from,to,value)](tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#L34)\n",
"first_markdown_element": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#L32-L35",
"id": "5983458eee02cf7d5484a82e17422dcdbd7b990305579e17d1252c0bb31e1cac",
"check": "arbitrary-send-erc20-permit",
"impact": "High",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad3",
"source_mapping": {
"start": 1546,
"length": 238,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
47,
48,
49,
50
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 613,
"length": 1433,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad3(address,uint256,uint256,uint8,bytes32,bytes32,address)"
}
},
{
"type": "node",
"name": "erc20.safeTransferFrom(from,to,value)",
"source_mapping": {
"start": 1738,
"length": 39,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
49
],
"starting_column": 9,
"ending_column": 48
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad3",
"source_mapping": {
"start": 1546,
"length": 238,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
47,
48,
49,
50
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 613,
"length": 1433,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad3(address,uint256,uint256,uint8,bytes32,bytes32,address)"
}
}
}
}
],
"description": "C.bad3(address,uint256,uint256,uint8,bytes32,bytes32,address) (tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#47-50) uses arbitrary from in transferFrom in combination with permit: erc20.safeTransferFrom(from,to,value) (tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#49)\n",
"markdown": "[C.bad3(address,uint256,uint256,uint8,bytes32,bytes32,address)](tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#L47-L50) uses arbitrary from in transferFrom in combination with permit: [erc20.safeTransferFrom(from,to,value)](tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#L49)\n",
"first_markdown_element": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#L47-L50",
"id": "a8f319ba65d6c81726b72d7593eb089ce9819d22856387250e009a43a98cf1c3",
"check": "arbitrary-send-erc20-permit",
"impact": "High",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "int_transferFrom",
"source_mapping": {
"start": 1294,
"length": 246,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
42,
43,
44,
45
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 613,
"length": 1433,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "int_transferFrom(address,uint256,uint256,uint8,bytes32,bytes32,address)"
}
},
{
"type": "node",
"name": "erc20.transferFrom(from,to,value)",
"source_mapping": {
"start": 1498,
"length": 35,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
44
],
"starting_column": 9,
"ending_column": 44
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "int_transferFrom",
"source_mapping": {
"start": 1294,
"length": 246,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
42,
43,
44,
45
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 613,
"length": 1433,
"filename_relative": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol",
"is_dependency": false,
"lines": [
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "int_transferFrom(address,uint256,uint256,uint8,bytes32,bytes32,address)"
}
}
}
}
],
"description": "C.int_transferFrom(address,uint256,uint256,uint8,bytes32,bytes32,address) (tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#42-45) uses arbitrary from in transferFrom in combination with permit: erc20.transferFrom(from,to,value) (tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#44)\n",
"markdown": "[C.int_transferFrom(address,uint256,uint256,uint8,bytes32,bytes32,address)](tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#L42-L45) uses arbitrary from in transferFrom in combination with permit: [erc20.transferFrom(from,to,value)](tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#L44)\n",
"first_markdown_element": "tests/detectors/arbitrary-send-erc20-permit/0.5.16/arbitrary_send_erc20_permit.sol#L42-L45",
"id": "e3ed372c52b219322ca290ecfa79be96d7ea1b019af329a515c6c10b7a1cf03b",
"check": "arbitrary-send-erc20-permit",
"impact": "High",
"confidence": "Medium"
}
]
]