[
[
{
"elements" : [
{
"type" : "function" ,
"name" : "bad_delegate_call2" ,
"source_mapping" : {
"start" : 337 ,
"length" : 118 ,
"filename_used" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_relative" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_absolute" : "/GENERIC_PATH" ,
"filename_short" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"is_dependency" : false ,
"lines" : [
18 ,
19 ,
20
] ,
"starting_column" : 5 ,
"ending_column" : 6
} ,
"type_specific_fields" : {
"parent" : {
"type" : "contract" ,
"name" : "C" ,
"source_mapping" : {
"start" : 0 ,
"length" : 585 ,
"filename_used" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_relative" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_absolute" : "/GENERIC_PATH" ,
"filename_short" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"is_dependency" : false ,
"lines" : [
1 ,
2 ,
3 ,
4 ,
5 ,
6 ,
7 ,
8 ,
9 ,
10 ,
11 ,
12 ,
13 ,
14 ,
15 ,
16 ,
17 ,
18 ,
19 ,
20 ,
21 ,
22 ,
23 ,
24 ,
25
] ,
"starting_column" : 1 ,
"ending_column" : 2
}
} ,
"signature" : "bad_delegate_call2(bytes)"
}
} ,
{
"type" : "node" ,
"name" : "addr_bad.delegatecall(abi.encode(func_id,data))" ,
"source_mapping" : {
"start" : 400 ,
"length" : 48 ,
"filename_used" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_relative" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_absolute" : "/GENERIC_PATH" ,
"filename_short" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"is_dependency" : false ,
"lines" : [
19
] ,
"starting_column" : 9 ,
"ending_column" : 57
} ,
"type_specific_fields" : {
"parent" : {
"type" : "function" ,
"name" : "bad_delegate_call2" ,
"source_mapping" : {
"start" : 337 ,
"length" : 118 ,
"filename_used" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_relative" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_absolute" : "/GENERIC_PATH" ,
"filename_short" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"is_dependency" : false ,
"lines" : [
18 ,
19 ,
20
] ,
"starting_column" : 5 ,
"ending_column" : 6
} ,
"type_specific_fields" : {
"parent" : {
"type" : "contract" ,
"name" : "C" ,
"source_mapping" : {
"start" : 0 ,
"length" : 585 ,
"filename_used" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_relative" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_absolute" : "/GENERIC_PATH" ,
"filename_short" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"is_dependency" : false ,
"lines" : [
1 ,
2 ,
3 ,
4 ,
5 ,
6 ,
7 ,
8 ,
9 ,
10 ,
11 ,
12 ,
13 ,
14 ,
15 ,
16 ,
17 ,
18 ,
19 ,
20 ,
21 ,
22 ,
23 ,
24 ,
25
] ,
"starting_column" : 1 ,
"ending_column" : 2
}
} ,
"signature" : "bad_delegate_call2(bytes)"
}
}
}
}
] ,
"description" : "C.bad_delegate_call2(bytes) (tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id\n\t- addr_bad.delegatecall(abi.encode(func_id,data)) (tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol#19)\n" ,
"markdown" : "[C.bad_delegate_call2(bytes)](tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol#L18-L20) uses delegatecall to a input-controlled function id\n\t- [addr_bad.delegatecall(abi.encode(func_id,data))](tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol#L19)\n" ,
"first_markdown_element" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol#L18-L20" ,
"id" : "12d6ba2d0139326b442352b37028ff77dfbdc625870a5ae858e6107cfa89cfbb" ,
"check" : "controlled-delegatecall" ,
"impact" : "High" ,
"confidence" : "Medium"
} ,
{
"elements" : [
{
"type" : "function" ,
"name" : "bad_delegate_call" ,
"source_mapping" : {
"start" : 101 ,
"length" : 134 ,
"filename_used" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_relative" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_absolute" : "/GENERIC_PATH" ,
"filename_short" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"is_dependency" : false ,
"lines" : [
8 ,
9 ,
10 ,
11
] ,
"starting_column" : 5 ,
"ending_column" : 6
} ,
"type_specific_fields" : {
"parent" : {
"type" : "contract" ,
"name" : "C" ,
"source_mapping" : {
"start" : 0 ,
"length" : 585 ,
"filename_used" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_relative" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_absolute" : "/GENERIC_PATH" ,
"filename_short" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"is_dependency" : false ,
"lines" : [
1 ,
2 ,
3 ,
4 ,
5 ,
6 ,
7 ,
8 ,
9 ,
10 ,
11 ,
12 ,
13 ,
14 ,
15 ,
16 ,
17 ,
18 ,
19 ,
20 ,
21 ,
22 ,
23 ,
24 ,
25
] ,
"starting_column" : 1 ,
"ending_column" : 2
}
} ,
"signature" : "bad_delegate_call(bytes)"
}
} ,
{
"type" : "node" ,
"name" : "addr_bad.delegatecall(data)" ,
"source_mapping" : {
"start" : 201 ,
"length" : 27 ,
"filename_used" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_relative" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_absolute" : "/GENERIC_PATH" ,
"filename_short" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"is_dependency" : false ,
"lines" : [
10
] ,
"starting_column" : 9 ,
"ending_column" : 36
} ,
"type_specific_fields" : {
"parent" : {
"type" : "function" ,
"name" : "bad_delegate_call" ,
"source_mapping" : {
"start" : 101 ,
"length" : 134 ,
"filename_used" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_relative" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_absolute" : "/GENERIC_PATH" ,
"filename_short" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"is_dependency" : false ,
"lines" : [
8 ,
9 ,
10 ,
11
] ,
"starting_column" : 5 ,
"ending_column" : 6
} ,
"type_specific_fields" : {
"parent" : {
"type" : "contract" ,
"name" : "C" ,
"source_mapping" : {
"start" : 0 ,
"length" : 585 ,
"filename_used" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_relative" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"filename_absolute" : "/GENERIC_PATH" ,
"filename_short" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol" ,
"is_dependency" : false ,
"lines" : [
1 ,
2 ,
3 ,
4 ,
5 ,
6 ,
7 ,
8 ,
9 ,
10 ,
11 ,
12 ,
13 ,
14 ,
15 ,
16 ,
17 ,
18 ,
19 ,
20 ,
21 ,
22 ,
23 ,
24 ,
25
] ,
"starting_column" : 1 ,
"ending_column" : 2
}
} ,
"signature" : "bad_delegate_call(bytes)"
}
}
}
}
] ,
"description" : "C.bad_delegate_call(bytes) (tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id\n\t- addr_bad.delegatecall(data) (tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol#10)\n" ,
"markdown" : "[C.bad_delegate_call(bytes)](tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol#L8-L11) uses delegatecall to a input-controlled function id\n\t- [addr_bad.delegatecall(data)](tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol#L10)\n" ,
"first_markdown_element" : "tests/detectors/controlled-delegatecall/0.4.25/controlled_delegatecall.sol#L8-L11" ,
"id" : "90d4f387ca3c669975a3ed4d7a5b09665b786a1078e16ced61adf1c3f9f6efb8" ,
"check" : "controlled-delegatecall" ,
"impact" : "High" ,
"confidence" : "Medium"
}
]
]