TheDude
/
slither
mirror of https://github.com/crytic/slither
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of ssh://github.com/trailofbits/slither into dev-simil

Browse Source
pull/202/head
ggrieco-tob 6 years ago
parent 1eb8478595 f0cb66dd2b
commit 0158705616
135 changed files with 9676 additions and 335 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      .travis.yml
  2. 3
      README.md
  3. 5
      scripts/fix_travis_relative_paths.sh
  4. 12
      scripts/tests_generate_expected_json_4.sh
  5. 11
      scripts/tests_generate_expected_json_5.sh
  6. 3
      scripts/travis_install.sh
  7. 9
      scripts/travis_test_4.sh
  8. 12
      scripts/travis_test_5.sh
  9. 24
      scripts/travis_test_cli.sh
  10. 23
      scripts/travis_test_dapp.sh
  11. 23
      scripts/travis_test_etherlime.sh
  12. 26
      scripts/travis_test_etherscan.sh
  13. 11
      scripts/travis_test_printers.sh
  14. 11
      scripts/travis_test_slither_config.sh
  15. 4
      setup.py
  16. 119
      slither/__main__.py
  17. 48
      slither/core/declarations/contract.py
  18. 3
      slither/core/declarations/function.py
  19. 9
      slither/core/declarations/structure.py
  20. 7
      slither/core/expressions/literal.py
  21. 23
      slither/core/slither_core.py
  22. 4
      slither/core/solidity_types/array_type.py
  23. 87
      slither/core/source_mapping/source_mapping.py
  24. 1
      slither/core/variables/state_variable.py
  25. 6
      slither/detectors/all_detectors.py
  26. 4
      slither/detectors/attributes/const_functions.py
  27. 0
      slither/detectors/erc/__init__.py
  28. 27
      slither/detectors/erc/incorrect_erc20_interface.py
  29. 96
      slither/detectors/erc/incorrect_erc721_interface.py
  30. 0
      slither/detectors/erc/unindexed_event_parameters.py
  31. 80
      slither/detectors/statements/too_many_digits.py
  32. 3
      slither/printers/call/call_graph.py
  33. 15
      slither/printers/summary/function_ids.py
  34. 183
      slither/slither.py
  35. 74
      slither/slithir/convert.py
  36. 48
      slither/slithir/variables/constant.py
  37. 2
      slither/solc_parsing/declarations/structure.py
  38. 16
      slither/solc_parsing/expressions/expression_parsing.py
  39. 12
      slither/solc_parsing/slitherSolc.py
  40. 4
      slither/solc_parsing/solidity_types/type_parsing.py
  41. 31
      slither/utils/type.py
  42. 8
      slither/visitors/expression/constants_folding.py
  43. 3
      slither/visitors/slithir/expression_to_slithir.py
  44. 6
      tests/config/slither.config.json
  45. 205
      tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.json
  46. 9
      tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.txt
  47. 205
      tests/expected_json/arbitrary_send.arbitrary-send.json
  48. 9
      tests/expected_json/arbitrary_send.arbitrary-send.txt
  49. 53
      tests/expected_json/backdoor.backdoor.json
  50. 5
      tests/expected_json/backdoor.backdoor.txt
  51. 53
      tests/expected_json/backdoor.suicidal.json
  52. 5
      tests/expected_json/backdoor.suicidal.txt
  53. 113
      tests/expected_json/const_state_variables.constable-states.json
  54. 9
      tests/expected_json/const_state_variables.constable-states.txt
  55. 68
      tests/expected_json/constant-0.5.1.constant-function.json
  56. 4
      tests/expected_json/constant-0.5.1.constant-function.txt
  57. 253
      tests/expected_json/constant.constant-function.json
  58. 8
      tests/expected_json/constant.constant-function.txt
  59. 174
      tests/expected_json/controlled_delegatecall.controlled-delegatecall.json
  60. 7
      tests/expected_json/controlled_delegatecall.controlled-delegatecall.txt
  61. 181
      tests/expected_json/deprecated_calls.deprecated-standards.json
  62. 17
      tests/expected_json/deprecated_calls.deprecated-standards.txt
  63. 183
      tests/expected_json/erc20_indexed.erc20-indexed.json
  64. 8
      tests/expected_json/erc20_indexed.erc20-indexed.txt
  65. 247
      tests/expected_json/external_function.external-function.json
  66. 7
      tests/expected_json/external_function.external-function.txt
  67. 1
      tests/expected_json/external_function_2.external-function.txt
  68. 1367
      tests/expected_json/incorrect_equality.incorrect-equality.json
  69. 77
      tests/expected_json/incorrect_equality.incorrect-equality.txt
  70. 257
      tests/expected_json/incorrect_erc20_interface.erc20-interface.json
  71. 10
      tests/expected_json/incorrect_erc20_interface.erc20-interface.txt
  72. 442
      tests/expected_json/incorrect_erc721_interface.erc721-interface.json
  73. 14
      tests/expected_json/incorrect_erc721_interface.erc721-interface.txt
  74. 105
      tests/expected_json/inline_assembly_contract-0.5.1.assembly.json
  75. 5
      tests/expected_json/inline_assembly_contract-0.5.1.assembly.txt
  76. 105
      tests/expected_json/inline_assembly_contract.assembly.json
  77. 5
      tests/expected_json/inline_assembly_contract.assembly.txt
  78. 259
      tests/expected_json/inline_assembly_library-0.5.1.assembly.json
  79. 7
      tests/expected_json/inline_assembly_library-0.5.1.assembly.txt
  80. 259
      tests/expected_json/inline_assembly_library.assembly.json
  81. 7
      tests/expected_json/inline_assembly_library.assembly.txt
  82. 70
      tests/expected_json/locked_ether-0.5.1.locked-ether.json
  83. 7
      tests/expected_json/locked_ether-0.5.1.locked-ether.txt
  84. 70
      tests/expected_json/locked_ether.locked-ether.json
  85. 7
      tests/expected_json/locked_ether.locked-ether.txt
  86. 68
      tests/expected_json/low_level_calls.low-level-calls.json
  87. 5
      tests/expected_json/low_level_calls.low-level-calls.txt
  88. 80
      tests/expected_json/multiple_calls_in_loop.calls-loop.json
  89. 5
      tests/expected_json/multiple_calls_in_loop.calls-loop.txt
  90. 367
      tests/expected_json/naming_convention.naming-convention.json
  91. 15
      tests/expected_json/naming_convention.naming-convention.txt
  92. 26
      tests/expected_json/old_solc.sol.json.solc-version.json
  93. 6
      tests/expected_json/old_solc.sol.json.solc-version.txt
  94. 45
      tests/expected_json/pragma.0.4.24.pragma.json
  95. 8
      tests/expected_json/pragma.0.4.24.pragma.txt
  96. 276
      tests/expected_json/reentrancy-0.5.1.reentrancy-eth.json
  97. 13
      tests/expected_json/reentrancy-0.5.1.reentrancy-eth.txt
  98. 10
      tests/expected_json/reentrancy-0.5.1.reentrancy.txt
  99. 310
      tests/expected_json/reentrancy.reentrancy-eth.json
  100. 13
      tests/expected_json/reentrancy.reentrancy-eth.txt
  101. Some files were not shown because too many files have changed in this diff Show More

6
.travis.yml
Unescape View File

@ -12,6 +12,12 @@ env:
- TEST_SUITE=scripts/travis_test_find_paths.sh
- TEST_SUITE=scripts/travis_test_truffle.sh
- TEST_SUITE=scripts/travis_test_embark.sh
- TEST_SUITE=scripts/travis_test_etherscan.sh
- TEST_SUITE=scripts/travis_test_dapp.sh
- TEST_SUITE=scripts/travis_test_etherlime.sh
- TEST_SUITE=scripts/travis_test_cli.sh
- TEST_SUITE=scripts/travis_test_printers.sh
- TEST_SUITE=scripts/travis_test_slither_config.sh
branches:
only:
- master

3
README.md
Unescape View File

@ -21,7 +21,7 @@ Slither is a Solidity static analysis framework written in Python 3. It runs a s
## Usage
Run Slither on a Truffle application:
Run Slither on a Truffle/Embark/Dapp/Etherlime application:
```
slither .
```
@ -71,6 +71,7 @@ Num | Detector | What it Detects | Impact | Confidence
30 | `pragma` | [If different pragma directives are used](https://github.com/crytic/slither/wiki/Detector-Documentation#different-pragma-directives-are-used) | Informational | High
31 | `solc-version` | [Incorrect Solidity version (< 0.4.24 or complex pragma)](https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-version-of-solidity) | Informational | High
32 | `unused-state` | [Unused state variables](https://github.com/crytic/slither/wiki/Detector-Documentation#unused-state-variables) | Informational | High
33 | `too-many-digits` | [Conformance to numeric notation best practices](https://github.com/crytic/slither/wiki/Detector-Documentation#too-many-digits) | Informational | Medium
[Contact us](https://www.trailofbits.com/contact/) to get access to additional detectors.

5
scripts/fix_travis_relative_paths.sh
Unescape View File

@ -0,0 +1,5 @@
CURRENT_PATH=$(pwd)
TRAVIS_PATH='/home/travis/build/crytic/slither'
for f in tests/expected_json/*json; do
sed "s|$CURRENT_PATH|$TRAVIS_PATH|g" "$f" -i
done

12
scripts/tests_generate_expected_json_4.sh
Unescape View File

@ -1,23 +1,29 @@
#!/usr/bin/env bash
DIR="$(cd "$(dirname "$0")" && pwd)"
CURRENT_PATH=$(pwd)
TRAVIS_PATH='/home/travis/build/crytic/slither'
# generate_expected_json file.sol detectors
generate_expected_json(){
# generate output filename
# e.g. file: uninitialized.sol detector: uninitialized-state
# ---> uninitialized.uninitialized-state.json
output_filename="$(basename $1 .sol).$2.json"
output_filename="$DIR/../tests/expected_json/$(basename $1 .sol).$2.json"
output_filename_txt="$DIR/../tests/expected_json/$(basename $1 .sol).$2.txt"
# run slither detector on input file and save output as json
slither "$1" --disable-solc-warnings --detect "$2" --json "$DIR/../tests/expected_json/$output_filename" --solc solc-0.4.25
slither "$1" --solc-disable-warnings --detect "$2" --json "$output_filename" --solc solc-0.4.25 > $output_filename_txt 2>&1
sed "s|$CURRENT_PATH|$TRAVIS_PATH|g" "$output_filename" -i
}
#generate_expected_json tests/deprecated_calls.sol "deprecated-standards"
#generate_expected_json tests/erc20_indexed.sol "erc20-indexed"
#generate_expected_json tests/incorrect_erc20_interface.sol "erc20-interface"
#generate_expected_json tests/incorrect_erc721_interface.sol "erc721-interface"
#generate_expected_json tests/uninitialized.sol "uninitialized-state"
#generate_expected_json tests/backdoor.sol "backdoor"
#generate_expected_json tests/backdoor.sol "suicidal"
@ -47,4 +53,4 @@ generate_expected_json(){
#generate_expected_json tests/shadowing_builtin_symbols.sol "shadowing-builtin"
#generate_expected_json tests/shadowing_local_variable.sol "shadowing-local"
#generate_expected_json tests/solc_version_incorrect.sol "solc-version"
generate_expected_json tests/right_to_left_override.sol "rtlo"
#generate_expected_json tests/right_to_left_override.sol "rtlo"

11
scripts/tests_generate_expected_json_5.sh
Unescape View File

@ -1,17 +1,22 @@
#!/usr/bin/env bash
DIR="$(cd "$(dirname "$0")" && pwd)"
CURRENT_PATH=$(pwd)
TRAVIS_PATH='/home/travis/build/crytic/slither'
# generate_expected_json file.sol detectors
generate_expected_json(){
# generate output filename
# e.g. file: uninitialized.sol detector: uninitialized-state
# ---> uninitialized.uninitialized-state.json
output_filename="$(basename $1 .sol).$2.json"
output_filename="$DIR/../tests/expected_json/$(basename $1 .sol).$2.json"
output_filename_txt="$DIR/../tests/expected_json/$(basename $1 .sol).$2.txt"
# run slither detector on input file and save output as json
slither "$1" --disable-solc-warnings --detect "$2" --json "$DIR/../tests/expected_json/$output_filename" --solc solc-0.5.1
slither "$1" --solc-disable-warnings --detect "$2" --json "$output_filename" --solc solc-0.5.1 > $output_filename_txt 2>&1
sed "s|$CURRENT_PATH|$TRAVIS_PATH|g" "$output_filename" -i
}
#generate_expected_json tests/uninitialized-0.5.1.sol "uninitialized-state"
@ -29,3 +34,5 @@ generate_expected_json(){
#generate_expected_json tests/inline_assembly_library-0.5.1.sol "assembly"
#generate_expected_json tests/constant-0.5.1.sol "constant-function"
#generate_expected_json tests/incorrect_equality.sol "incorrect-equality"
#generate_expected_json tests/too_many_digits.sol "too-many-digits"

3
scripts/travis_install.sh
Unescape View File

@ -15,3 +15,6 @@ function install_solc {
}
install_solc

9
scripts/travis_test_4.sh
Unescape View File

@ -4,13 +4,15 @@
DIR="$(cd "$(dirname "$0")" && pwd)"
CURRENT_PATH=$(pwd)
TRAVIS_PATH='/home/travis/build/crytic/slither'
# test_slither file.sol detectors
test_slither(){
expected="$DIR/../tests/expected_json/$(basename $1 .sol).$2.json"
# run slither detector on input file and save output as json
slither "$1" --disable-solc-warnings --detect "$2" --json "$DIR/tmp-test.json" --solc solc-0.4.25
slither "$1" --solc-disable-warnings --detect "$2" --json "$DIR/tmp-test.json" --solc solc-0.4.25
if [ $? -eq 255 ]
then
echo "Slither crashed"
@ -24,6 +26,7 @@ test_slither(){
exit 1
fi
sed "s|$CURRENT_PATH|$TRAVIS_PATH|g" "$DIR/tmp-test.json" -i
result=$(python "$DIR/json_diff.py" "$expected" "$DIR/tmp-test.json")
rm "$DIR/tmp-test.json"
@ -37,7 +40,7 @@ test_slither(){
fi
# run slither detector on input file and save output as json
slither "$1" --disable-solc-warnings --detect "$2" --legacy-ast --json "$DIR/tmp-test.json" --solc solc-0.4.25
slither "$1" --solc-disable-warnings --detect "$2" --legacy-ast --json "$DIR/tmp-test.json" --solc solc-0.4.25
if [ $? -eq 255 ]
then
echo "Slither crashed"
@ -51,6 +54,7 @@ test_slither(){
exit 1
fi
sed "s|$CURRENT_PATH|$TRAVIS_PATH|g" "$DIR/tmp-test.json" -i
result=$(python "$DIR/json_diff.py" "$expected" "$DIR/tmp-test.json")
rm "$DIR/tmp-test.json"
@ -68,6 +72,7 @@ test_slither(){
test_slither tests/deprecated_calls.sol "deprecated-standards"
test_slither tests/erc20_indexed.sol "erc20-indexed"
test_slither tests/incorrect_erc20_interface.sol "erc20-interface"
test_slither tests/incorrect_erc721_interface.sol "erc721-interface"
test_slither tests/uninitialized.sol "uninitialized-state"
test_slither tests/backdoor.sol "backdoor"
test_slither tests/backdoor.sol "suicidal"

12
scripts/travis_test_5.sh
Unescape View File

@ -4,13 +4,16 @@
DIR="$(cd "$(dirname "$0")" && pwd)"
CURRENT_PATH=$(pwd)
TRAVIS_PATH='/home/travis/build/crytic/slither'
# test_slither file.sol detectors
test_slither(){
expected="$DIR/../tests/expected_json/$(basename $1 .sol).$2.json"
# run slither detector on input file and save output as json
slither "$1" --disable-solc-warnings --detect "$2" --json "$DIR/tmp-test.json" --solc solc-0.5.1
slither "$1" --solc-disable-warnings --detect "$2" --json "$DIR/tmp-test.json" --solc solc-0.5.1
if [ $? -eq 255 ]
then
echo "Slither crashed"
@ -23,7 +26,7 @@ test_slither(){
echo ""
exit 1
fi
sed "s|$CURRENT_PATH|$TRAVIS_PATH|g" "$DIR/tmp-test.json" -i
result=$(python "$DIR/json_diff.py" "$expected" "$DIR/tmp-test.json")
rm "$DIR/tmp-test.json"
@ -37,7 +40,7 @@ test_slither(){
fi
# run slither detector on input file and save output as json
slither "$1" --disable-solc-warnings --detect "$2" --legacy-ast --json "$DIR/tmp-test.json" --solc solc-0.5.1
slither "$1" --solc-disable-warnings --detect "$2" --legacy-ast --json "$DIR/tmp-test.json" --solc solc-0.5.1
if [ $? -eq 255 ]
then
echo "Slither crashed"
@ -51,6 +54,7 @@ test_slither(){
exit 1
fi
sed "s|$CURRENT_PATH|$TRAVIS_PATH|g" "$DIR/tmp-test.json" -i
result=$(python "$DIR/json_diff.py" "$expected" "$DIR/tmp-test.json")
rm "$DIR/tmp-test.json"
@ -87,6 +91,8 @@ test_slither tests/constant-0.5.1.sol "constant-function"
test_slither tests/unused_return.sol "unused-return"
test_slither tests/timestamp.sol "timestamp"
test_slither tests/incorrect_equality.sol "incorrect-equality"
test_slither tests/too_many_digits.sol "too-many-digits"
### Test scripts

24
scripts/travis_test_cli.sh
Unescape View File

@ -0,0 +1,24 @@
#!/usr/bin/env bash
### Test
slither "tests/*.json" --solc-ast --ignore-return-value
if [ $? -ne 0 ]; then
echo "--solc-ast failed"
exit 1
fi
slither "tests/*0.5*.sol" --solc-disable-warnings --ignore-return-value
if [ $? -ne 0 ]; then
echo "--solc-disable-warnings failed"
exit 1
fi
slither "tests/*0.5*.sol" --disable-color --ignore-return-value
if [ $? -ne 0 ]; then
echo "--disable-color failed"
exit 1
fi

23
scripts/travis_test_dapp.sh
Unescape View File

@ -0,0 +1,23 @@
#!/usr/bin/env bash
### Test Dapp integration
mkdir test_dapp
cd test_dapp
curl https://nixos.org/nix/install | sh
. "$HOME/.nix-profile/etc/profile.d/nix.sh"
git clone --recursive https://github.com/dapphub/dapptools $HOME/.dapp/dapptools
nix-env -f $HOME/.dapp/dapptools -iA dapp seth solc hevm ethsign
dapp init
slither .
if [ $? -eq 21 ]
then
exit 0
fi
echo "Truffle test failed"
exit -1

23
scripts/travis_test_etherlime.sh
Unescape View File

@ -0,0 +1,23 @@
#!/usr/bin/env bash
### Test etherlime integration
mkdir test_etherlime
cd test_etherlime
curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.34.0/install.sh | bash
source ~/.nvm/nvm.sh
nvm install --lts
nvm use --lts
npm i -g etherlime
etherlime init
slither .
if [ $? -eq 6 ]
then
exit 0
fi
echo "Etherlime test failed"
exit -1

26
scripts/travis_test_etherscan.sh
Unescape View File

@ -0,0 +1,26 @@
#!/usr/bin/env bash
### Test etherscan integration
mkdir etherscan
cd etherscan
wget -O solc-0.4.25 https://github.com/ethereum/solidity/releases/download/v0.4.25/solc-static-linux
chmod +x solc-0.4.25
slither 0x7F37f78cBD74481E593F9C737776F7113d76B315 --solc "./solc-0.4.25"
if [ $? -ne 5 ]
then
echo "Etherscan test failed"
exit -1
fi
slither rinkeby:0xFe05820C5A92D9bc906D4A46F662dbeba794d3b7 --solc "./solc-0.4.25"
if [ $? -ne 68 ]
then
echo "Etherscan test failed"
exit -1
fi

11
scripts/travis_test_printers.sh
Unescape View File

@ -0,0 +1,11 @@
#!/usr/bin/env bash
### Test printer
slither "tests/*.json" --print all
if [ $? -ne 0 ]; then
echo "Printer tests failed"
exit 1
fi

11
scripts/travis_test_slither_config.sh
Unescape View File

@ -0,0 +1,11 @@
#!/usr/bin/env bash
### Test
slither "tests/*.json" --config "tests/config/slither.config.json"
if [ $? -ne 0 ]; then
echo "Config failed"
exit 1
fi

4
setup.py
Unescape View File

@ -5,10 +5,10 @@ setup(
description='Slither is a Solidity static analysis framework written in Python 3.',
url='https://github.com/crytic/slither',
author='Trail of Bits',
version='0.6.2',
version='0.6.3',
packages=find_packages(),
python_requires='>=3.6',
install_requires=['prettytable>=0.7.2', 'pysha3>=1.0.2'],
install_requires=['prettytable>=0.7.2', 'pysha3>=1.0.2', 'crytic-compile>=0.1.0'],
license='AGPL-3.0',
long_description=open('README.md').read(),
entry_points={

119
slither/__main__.py
Unescape View File

@ -11,6 +11,7 @@ import sys
import traceback
from pkg_resources import iter_entry_points, require
from crytic_compile import cryticparser
from slither.detectors import all_detectors
from slither.detectors.abstract_detector import (AbstractDetector,
@ -22,6 +23,7 @@ from slither.utils.colors import red, yellow, set_colorization_enabled
from slither.utils.command_line import (output_detectors, output_results_to_markdown,
output_detectors_json, output_printers,
output_to_markdown, output_wiki)
from crytic_compile import is_supported
logging.basicConfig()
logger = logging.getLogger("Slither")
@ -43,18 +45,10 @@ def process(filename, args, detector_classes, printer_classes):
ast = '--ast-compact-json'
if args.legacy_ast:
ast = '--ast-json'
args.filter_paths = parse_filter_paths(args)
slither = Slither(filename,
solc=args.solc,
disable_solc_warnings=args.disable_solc_warnings,
solc_arguments=args.solc_args,
ast_format=ast,
truffle_build_directory=args.truffle_build_directory,
truffle_ignore_compile=args.truffle_ignore_compile,
truffle_version=args.truffle_version,
embark_ignore_compile=args.embark_ignore_compile,
embark_overwrite_config=args.embark_overwrite_config,
filter_paths=parse_filter_paths(args),
triage_mode=args.triage_mode)
**vars(args))
return _process(slither, detector_classes, printer_classes)
@ -110,7 +104,7 @@ def output_json(results, filename):
logger.info(yellow(f'{filename} exists already, the overwrite is prevented'))
else:
with open(filename, 'w', encoding='utf8') as f:
json.dump(results, f)
json.dump(results, f, indent=2)
# endregion
###################################################################################
@ -211,6 +205,9 @@ def choose_printers(args, all_printer_classes):
if args.printers_to_run is None:
return []
if args.printers_to_run == 'all':
return all_printer_classes
printers = {p.ARGUMENT: p for p in all_printer_classes}
for p in args.printers_to_run.split(','):
if p in printers:
@ -251,7 +248,9 @@ defaults_flag_in_config = {
'truffle_build_directory': 'build/contracts',
'embark_ignore_compile': False,
'embark_overwrite_config': False,
'legacy_ast': False
# debug command
'legacy_ast': False,
'ignore_return_value': False
}
def parse_args(detector_classes, printer_classes):
@ -261,6 +260,8 @@ def parse_args(detector_classes, printer_classes):
parser.add_argument('filename',
help='contract.sol')
cryticparser.init(parser)
parser.add_argument('--version',
help='displays the current version',
version=require('slither-analyzer')[0].version,
@ -268,9 +269,6 @@ def parse_args(detector_classes, printer_classes):
group_detector = parser.add_argument_group('Detectors')
group_printer = parser.add_argument_group('Printers')
group_solc = parser.add_argument_group('Solc options')
group_truffle = parser.add_argument_group('Truffle options')
group_embark = parser.add_argument_group('Embark options')
group_misc = parser.add_argument_group('Additional option')
group_detector.add_argument('--detect',
@ -327,53 +325,6 @@ def parse_args(detector_classes, printer_classes):
action='store_true',
default=defaults_flag_in_config['exclude_high'])
group_solc.add_argument('--solc',
help='solc path',
action='store',
default=defaults_flag_in_config['solc'])
group_solc.add_argument('--solc-args',
help='Add custom solc arguments. Example: --solc-args "--allow-path /tmp --evm-version byzantium".',
action='store',
default=defaults_flag_in_config['solc_args'])
group_solc.add_argument('--disable-solc-warnings',
help='Disable solc warnings',
action='store_true',
default=defaults_flag_in_config['disable_solc_warnings'])
group_solc.add_argument('--solc-ast',
help='Provide the ast solc file',
action='store_true',
default=False)
group_truffle.add_argument('--truffle-ignore-compile',
help='Do not run truffle compile',
action='store_true',
dest='truffle_ignore_compile',
default=defaults_flag_in_config['truffle_ignore_compile'])
group_truffle.add_argument('--truffle-build-directory',
help='Use an alternative truffle build directory',
action='store',
dest='truffle_build_directory',
default=defaults_flag_in_config['truffle_build_directory'])
group_truffle.add_argument('--truffle-version',
help='Use a local Truffle version (with npx)',
action='store',
default=defaults_flag_in_config['truffle_version'])
group_embark.add_argument('--embark-ignore-compile',
help='Do not run embark build',
action='store_true',
dest='embark_ignore_compile',
default=defaults_flag_in_config['embark_ignore_compile'])
group_embark.add_argument('--embark-overwrite-config',
help='Install @trailofbits/embark-contract-export and add it to embark.json',
action='store_true',
default=defaults_flag_in_config['embark_overwrite_config'])
group_misc.add_argument('--json',
help='Export results as JSON',
@ -404,6 +355,11 @@ def parse_args(detector_classes, printer_classes):
dest='config_file',
default='slither.config.json')
group_misc.add_argument('--solc-ast',
help='Provide the contract as a json AST',
action='store_true',
default=False)
# debugger command
parser.add_argument('--debug',
help=argparse.SUPPRESS,
@ -440,7 +396,7 @@ def parse_args(detector_classes, printer_classes):
parser.add_argument('--ignore-return-value',
help=argparse.SUPPRESS,
action='store_true',
default=False)
default=defaults_flag_in_config['ignore_return_value'])
# if the json is splitted in different files
parser.add_argument('--splitted',
@ -538,19 +494,28 @@ def main_impl(all_detector_classes, all_printer_classes):
('ExpressionParsing', default_log),
('TypeParsing', default_log),
('SSA_Conversion', default_log),
('Printers', default_log)]:
('Printers', default_log),
#('CryticCompile', default_log)
]:
l = logging.getLogger(l_name)
l.setLevel(l_level)
console_handler = logging.StreamHandler()
console_handler.setLevel(logging.INFO)
console_handler.setFormatter(FormatterCryticCompile())
crytic_compile_error = logging.getLogger(('CryticCompile'))
crytic_compile_error.addHandler(console_handler)
crytic_compile_error.propagate = False
crytic_compile_error.setLevel(logging.INFO)
try:
filename = args.filename
globbed_filenames = glob.glob(filename, recursive=True)
if os.path.isfile(filename) or\
os.path.isfile(os.path.join(filename, 'truffle.js')) or\
os.path.isfile(os.path.join(filename, 'truffle-config.js')) or\
os.path.isfile(os.path.join(filename, 'embark.json')):
if os.path.isfile(filename) or is_supported(filename):
(results, number_contracts) = process(filename, args, detector_classes, printer_classes)
elif os.path.isdir(filename) or len(globbed_filenames) > 0:
@ -598,3 +563,21 @@ if __name__ == '__main__':
# endregion
###################################################################################
###################################################################################
# region CustomFormatter
###################################################################################
###################################################################################
class FormatterCryticCompile(logging.Formatter):
def format(self, record):
#for i, msg in enumerate(record.msg):
if record.msg.startswith('Compilation warnings/errors on '):
txt = record.args[1]
txt = txt.split('\n')
txt = [red(x) if 'Error' in x else x for x in txt]
txt = '\n'.join(txt)
record.args = (record.args[0], txt)
return super().format(record)
# endregion

48
slither/core/declarations/contract.py
Unescape View File

@ -527,6 +527,14 @@ class Contract(ChildSlither, SourceMapping):
"""
return all((not f.is_implemented) for f in self.functions)
# endregion
###################################################################################
###################################################################################
# region ERC conformance
###################################################################################
###################################################################################
def is_erc20(self):
"""
Check if the contract is an erc20 token
@ -535,11 +543,49 @@ class Contract(ChildSlither, SourceMapping):
Returns:
bool
"""
full_names = [f.full_name for f in self.functions]
full_names = set([f.full_name for f in self.functions])
return 'transfer(address,uint256)' in full_names and\
'transferFrom(address,address,uint256)' in full_names and\
'approve(address,uint256)' in full_names
def is_erc721(self):
full_names = set([f.full_name for f in self.functions])
return self.is_erc20() and\
'ownerOf(uint256)' in full_names and\
'safeTransferFrom(address,address,uint256,bytes)' in full_names and\
'safeTransferFrom(address,address,uint256)' in full_names and\
'setApprovalForAll(address,bool)' in full_names and\
'getApproved(uint256)' in full_names and\
'isApprovedForAll(address,address)' in full_names
def has_an_erc20_function(self):
"""
Checks if the provided contract could be attempting to implement ERC20 standards.
:param contract: The contract to check for token compatibility.
:return: Returns a boolean indicating if the provided contract met the token standard.
"""
full_names = set([f.full_name for f in self.functions])
return 'transfer(address,uint256)' in full_names or \
'transferFrom(address,address,uint256)' in full_names or \
'approve(address,uint256)' in full_names
def has_an_erc721_function(self):
"""
Checks if the provided contract could be attempting to implement ERC721 standards.
:param contract: The contract to check for token compatibility.
:return: Returns a boolean indicating if the provided contract met the token standard.
"""
full_names = set([f.full_name for f in self.functions])
return self.has_an_erc20_function() and \
('ownerOf(uint256)' in full_names or
'safeTransferFrom(address,address,uint256,bytes)' in full_names or
'safeTransferFrom(address,address,uint256)' in full_names or
'setApprovalForAll(address,bool)' in full_names or
'getApproved(uint256)' in full_names or
'isApprovedForAll(address,address)' in full_names)
# endregion
###################################################################################
###################################################################################

3
slither/core/declarations/function.py
Unescape View File

@ -86,6 +86,7 @@ class Function(ChildContract, SourceMapping):
self._reachable_from_nodes = set()
self._reachable_from_functions = set()
###################################################################################
###################################################################################
# region General properties
@ -1070,4 +1071,4 @@ class Function(ChildContract, SourceMapping):
def __str__(self):
return self._name
# endregion
# endregion

9
slither/core/declarations/structure.py
Unescape View File

@ -10,6 +10,8 @@ class Structure(ChildContract, SourceMapping):
self._name = None
self._canonical_name = None
self._elems = None
# Name of the elements in the order of declaration
self._elems_ordered = None
@property
def canonical_name(self):
@ -23,5 +25,12 @@ class Structure(ChildContract, SourceMapping):
def elems(self):
return self._elems
@property
def elems_ordered(self):
ret = []
for e in self._elems_ordered:
ret.append(self._elems[e])
return ret
def __str__(self):
return self.name

7
slither/core/expressions/literal.py
Unescape View File

@ -2,14 +2,19 @@ from slither.core.expressions.expression import Expression
class Literal(Expression):
def __init__(self, value):
def __init__(self, value, type):
super(Literal, self).__init__()
self._value = value
self._type = type
@property
def value(self):
return self._value
@property
def type(self):
return self._type
def __str__(self):
# be sure to handle any character
return str(self._value)

23
slither/core/slither_core.py
Unescape View File

@ -33,6 +33,8 @@ class Slither(Context):
self._previous_results = []
self._paths_to_filter = set()
self._crytic_compile = None
###################################################################################
###################################################################################
@ -54,6 +56,14 @@ class Slither(Context):
"""str: Filename."""
return self._filename
def _add_source_code(self, path):
"""
:param path:
:return:
"""
with open(path, encoding='utf8', newline='') as f:
self.source_code[path] = f.read()
# endregion
###################################################################################
###################################################################################
@ -172,7 +182,8 @@ class Slither(Context):
- All its source paths belong to the source path filtered
- Or a similar result was reported and saved during a previous run
'''
if r['elements'] and all((any(path in elem['source_mapping']['filename'] for path in self._paths_to_filter if 'source_mapping' in elem) for elem in r['elements'])):
source_mapping_elements = [elem['source_mapping']['filename_absolute'] for elem in r['elements'] if 'source_mapping' in elem]
if r['elements'] and all((any(path in src_mapping for path in self._paths_to_filter) for src_mapping in source_mapping_elements)):
return False
return not r['description'] in [pr['description'] for pr in self._previous_results]
@ -204,3 +215,13 @@ class Slither(Context):
self._paths_to_filter.add(path)
# endregion
###################################################################################
###################################################################################
# region Crytic compile
###################################################################################
###################################################################################
@property
def crytic_compile(self):
return self._crytic_compile
# endregion

4
slither/core/solidity_types/array_type.py
Unescape View File

@ -10,7 +10,7 @@ class ArrayType(Type):
assert isinstance(t, Type)
if length:
if isinstance(length, int):
length = Literal(length)
length = Literal(length, 'uint256')
assert isinstance(length, Expression)
super(ArrayType, self).__init__()
self._type = t
@ -18,7 +18,7 @@ class ArrayType(Type):
if length:
if not isinstance(length, Literal):
cf = ConstantFolding(length)
cf = ConstantFolding(length, "uint256")
length = cf.result()
self._length_value = length
else:

87
slither/core/source_mapping/source_mapping.py
Unescape View File

@ -15,7 +15,9 @@ class SourceMapping(Context):
@staticmethod
def _compute_line(source_code, start, length):
"""
Compute line(s) number from a start/end offset
Compute line(s) numbers and starting/ending columns
from a start/end offset. All numbers start from 1.
Not done in an efficient way
"""
total_length = len(source_code)
@ -23,14 +25,29 @@ class SourceMapping(Context):
counter = 0
i = 0
lines = []
starting_column = None
ending_column = None
while counter < total_length:
counter += len(source_code[i])
i = i+1
# Determine the length of the line, and advance the line number
lineLength = len(source_code[i])
i = i + 1
# Determine our column numbers.
if starting_column is None and counter + lineLength > start:
starting_column = (start - counter) + 1
if starting_column is not None and ending_column is None and counter + lineLength > start + length:
ending_column = ((start + length) - counter) + 1
# Advance the current position counter, and determine line numbers.
counter += lineLength
if counter > start:
lines.append(i)
if counter > start+length:
# If our advanced position for the next line is out of range, stop.
if counter > start + length:
break
return lines
return (lines, starting_column, ending_column)
@staticmethod
def _convert_source_mapping(offset, slither):
@ -53,14 +70,50 @@ class SourceMapping(Context):
if f not in sourceUnits:
return {'start':s, 'length':l}
filename = sourceUnits[f]
filename_used = sourceUnits[f]
filename_absolute = None
filename_relative = None
filename_short = None
lines = []
# If possible, convert the filename to its absolute/relative version
if slither.crytic_compile:
filenames = slither.crytic_compile.filename_lookup(filename_used)
filename_absolute = filenames.absolute
filename_relative = filenames.relative
filename_short = filenames.short
if filename_absolute in slither.source_code:
filename = filename_absolute
elif filename_relative in slither.source_code:
filename = filename_relative
elif filename_short in slither.source_code:
filename = filename_short
else:#
filename = filename_used.used
else:
filename = filename_used
if filename in slither.source_code:
lines = SourceMapping._compute_line(slither.source_code[filename], s, l)
source_code = slither.source_code[filename]
(lines, starting_column, ending_column) = SourceMapping._compute_line(source_code,
s,
l)
else:
(lines, starting_column, ending_column) = ([], None, None)
return {'start':s, 'length':l, 'filename': filename, 'lines' : lines }
return {'start':s,
'length':l,
'filename_used': filename_used,
'filename_relative': filename_relative,
'filename_absolute': filename_absolute,
'filename_short': filename_short,
'lines' : lines,
'starting_column': starting_column,
'ending_column': ending_column
}
def set_offset(self, offset, slither):
if isinstance(offset, dict):
@ -72,14 +125,14 @@ class SourceMapping(Context):
@property
def source_mapping_str(self):
def relative_path(path):
# Remove absolute path for printing
# Truffle returns absolutePath
splited_path = path.split(os.sep)
if 'contracts' in splited_path:
idx = splited_path.index('contracts')
return os.sep.join(splited_path[idx-1:])
return path
# def relative_path(path):
# # Remove absolute path for printing
# # Truffle returns absolutePath
# splited_path = path.split(os.sep)
# if 'contracts' in splited_path:
# idx = splited_path.index('contracts')
# return os.sep.join(splited_path[idx-1:])
# return path
lines = self.source_mapping['lines']
if not lines:
@ -88,5 +141,5 @@ class SourceMapping(Context):
lines = '#{}'.format(lines[0])
else:
lines = '#{}-{}'.format(lines[0], lines[-1])
return '{}{}'.format(relative_path(self.source_mapping['filename']), lines)
return '{}{}'.format(self.source_mapping['filename_short'], lines)

1
slither/core/variables/state_variable.py
Unescape View File

@ -3,7 +3,6 @@ from slither.core.children.child_contract import ChildContract
class StateVariable(ChildContract, Variable):
@property
def canonical_name(self):
return '{}:{}'.format(self.contract.name, self.name)

6
slither/detectors/all_detectors.py
Unescape View File

@ -28,9 +28,11 @@ from .shadowing.builtin_symbols import BuiltinSymbolShadowing
from .operations.block_timestamp import Timestamp
from .statements.calls_in_loop import MultipleCallsInLoop
from .statements.incorrect_strict_equality import IncorrectStrictEquality
from .erc20.incorrect_interface import IncorrectERC20InterfaceDetection
from .erc20.unindexed_event_parameters import UnindexedERC20EventParameters
from .erc.incorrect_erc20_interface import IncorrectERC20InterfaceDetection
from .erc.incorrect_erc721_interface import IncorrectERC721InterfaceDetection
from .erc.unindexed_event_parameters import UnindexedERC20EventParameters
from .statements.deprecated_calls import DeprecatedStandards
from .source.rtlo import RightToLeftOverride
from .statements.too_many_digits import TooManyDigits
#
#

4
slither/detectors/attributes/const_functions.py
Unescape View File

@ -60,8 +60,8 @@ All the calls to `get` revert, breaking Bob's smart contract execution.'''
info = info.format(f.contract.name, f.name, f.source_mapping_str, attr)
json = self.generate_json_result(info)
self.add_function_to_json(f, json)
json['elements'] = [{'type': 'info',
'contains_assembly' : True}]
json['elements'].append({'type': 'info',
'contains_assembly' : True})
results.append(json)
variables_written = f.all_state_variables_written()

0
slither/detectors/erc20/__init__.py → slither/detectors/erc/__init__.py
Unescape View File

27
slither/detectors/erc20/incorrect_interface.py → slither/detectors/erc/incorrect_erc20_interface.py
Unescape View File

@ -18,7 +18,7 @@ class IncorrectERC20InterfaceDetection(AbstractDetector):
WIKI = 'https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc20-interface'
WIKI_TITLE = 'Incorrect erc20 interface'
WIKI_DESCRIPTION = 'Lack of return value for the ERC20 `approve`/`transfer`/`transferFrom` functions. A contract compiled with solidity > 0.4.22 interacting with these functions will fail to execute them, as the return value is missing.'
WIKI_DESCRIPTION = 'Incorrect return values for ERC20 functions. A contract compiled with solidity > 0.4.22 interacting with these functions will fail to execute them, as the return value is missing.'
WIKI_EXPLOIT_SCENARIO = '''
```solidity
contract Token{
@ -28,7 +28,7 @@ contract Token{
```
`Token.transfer` does not return a boolean. Bob deploys the token. Alice creates a contract that interacts with it but assumes a correct ERC20 interface implementation. Alice's contract is unable to interact with Bob's contract.'''
WIKI_RECOMMENDATION = 'Return a boolean for the `approve`/`transfer`/`transferFrom` functions.'
WIKI_RECOMMENDATION = 'Set the appropriate return values and value-types for the defined ERC20 functions.'
@staticmethod
def incorrect_erc20_interface(signature):
@ -43,6 +43,15 @@ contract Token{
if name == 'approve' and parameters == ['address', 'uint256'] and returnVars != ['bool']:
return True
if name == 'allowance' and parameters == ['address', 'address'] and returnVars != ['uint256']:
return True
if name == 'balanceOf' and parameters == ['address'] and returnVars != ['uint256']:
return True
if name == 'totalSupply' and parameters == [] and returnVars != ['uint256']:
return True
return False
@staticmethod
@ -52,15 +61,23 @@ contract Token{
Returns:
list(str) : list of incorrect function signatures
"""
functions = [f for f in contract.functions if f.contract == contract and \
IncorrectERC20InterfaceDetection.incorrect_erc20_interface(f.signature)]
# Verify this is an ERC20 contract.
if not contract.has_an_erc20_function():
return []
# If this contract implements a function from ERC721, we can assume it is an ERC721 token. These tokens
# offer functions which are similar to ERC20, but are not compatible.
if contract.has_an_erc721_function():
return []
functions = [f for f in contract.functions if IncorrectERC20InterfaceDetection.incorrect_erc20_interface(f.signature)]
return functions
def _detect(self):
""" Detect incorrect erc20 interface
Returns:
dict: [contrat name] = set(str) events
dict: [contract name] = set(str) events
"""
results = []
for c in self.contracts:

96
slither/detectors/erc/incorrect_erc721_interface.py
Unescape View File

@ -0,0 +1,96 @@
"""
Detect incorrect erc721 interface.
"""
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
class IncorrectERC721InterfaceDetection(AbstractDetector):
"""
Incorrect ERC721 Interface
"""
ARGUMENT = 'erc721-interface'
HELP = 'Incorrect ERC721 interfaces'
IMPACT = DetectorClassification.MEDIUM
CONFIDENCE = DetectorClassification.HIGH
WIKI = 'https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc721-interface'
WIKI_TITLE = 'Incorrect erc721 interface'
WIKI_DESCRIPTION = 'Incorrect return values for ERC721 functions. A contract compiled with solidity > 0.4.22 interacting with these functions will fail to execute them, as the return value is missing.'
WIKI_EXPLOIT_SCENARIO = '''
```solidity
contract Token{
function ownerOf(uint256 _tokenId) external view returns (bool);
//...
}
```
`Token.ownerOf` does not return an address as ERC721 expects. Bob deploys the token. Alice creates a contract that interacts with it but assumes a correct ERC721 interface implementation. Alice's contract is unable to interact with Bob's contract.'''
WIKI_RECOMMENDATION = 'Set the appropriate return values and value-types for the defined ERC721 functions.'
@staticmethod
def incorrect_erc721_interface(signature):
(name, parameters, returnVars) = signature
# ERC721
if name == 'balanceOf' and parameters == ['address'] and returnVars != ['uint256']:
return True
if name == 'ownerOf' and parameters == ['uint256'] and returnVars != ['address']:
return True
if name == 'safeTransferFrom' and parameters == ['address', 'address', 'uint256', 'bytes'] and returnVars != []:
return True
if name == 'safeTransferFrom' and parameters == ['address', 'address', 'uint256'] and returnVars != []:
return True
if name == 'transferFrom' and parameters == ['address', 'address', 'uint256'] and returnVars != []:
return True
if name == 'approve' and parameters == ['address', 'uint256'] and returnVars != []:
return True
if name == 'setApprovalForAll' and parameters == ['address', 'bool'] and returnVars != []:
return True
if name == 'getApproved' and parameters == ['uint256'] and returnVars != ['address']:
return True
if name == 'isApprovedForAll' and parameters == ['address', 'address'] and returnVars != ['bool']:
return True
# ERC165 (dependency)
if name == 'supportsInterface' and parameters == ['bytes4'] and returnVars != ['bool']:
return True
return False
@staticmethod
def detect_incorrect_erc721_interface(contract):
""" Detect incorrect ERC721 interface
Returns:
list(str) : list of incorrect function signatures
"""
# Verify this is an ERC721 contract.
if not contract.has_an_erc721_function() or not contract.has_an_erc20_function():
return []
functions = [f for f in contract.functions if IncorrectERC721InterfaceDetection.incorrect_erc721_interface(f.signature)]
return functions
def _detect(self):
""" Detect incorrect erc721 interface
Returns:
dict: [contract name] = set(str) events
"""
results = []
for c in self.contracts:
functions = IncorrectERC721InterfaceDetection.detect_incorrect_erc721_interface(c)
if functions:
info = "{} ({}) has incorrect ERC721 function interface(s):\n"
info = info.format(c.name,
c.source_mapping_str)
for function in functions:
info += "\t-{} ({})\n".format(function.name, function.source_mapping_str)
json = self.generate_json_result(info)
self.add_functions_to_json(functions, json)
results.append(json)
return results

0
slither/detectors/erc20/unindexed_event_parameters.py → slither/detectors/erc/unindexed_event_parameters.py
Unescape View File

80
slither/detectors/statements/too_many_digits.py
Unescape View File

@ -0,0 +1,80 @@
"""
Module detecting numbers with too many digits.
"""
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.slithir.variables import Constant
class TooManyDigits(AbstractDetector):
"""
Detect numbers with too many digits
"""
ARGUMENT = 'too-many-digits'
HELP = 'Conformance to numeric notation best practices'
IMPACT = DetectorClassification.INFORMATIONAL
CONFIDENCE = DetectorClassification.MEDIUM
WIKI = 'https://github.com/crytic/slither/wiki/Detector-Documentation#too-many-digits'
WIKI_TITLE = 'Too many digits'
WIKI_DESCRIPTION = '''
Literals with many digits are difficult to read and review.
'''
WIKI_EXPLOIT_SCENARIO = '''
```solidity
contract MyContract{
uint 1_ether = 10000000000000000000;
}
```
While `1_ether` looks like `1 ether`, it is `10 ether`. As a result, its usage is likely to be incorrect.
'''
WIKI_RECOMMENDATION = '''
Use:
- [Ether suffix](https://solidity.readthedocs.io/en/latest/units-and-global-variables.html#ether-units)
- [Time suffix](https://solidity.readthedocs.io/en/latest/units-and-global-variables.html#time-units), or
- [The scientific notation](https://solidity.readthedocs.io/en/latest/types.html#rational-and-integer-literals)
'''
@staticmethod
def _detect_too_many_digits(f):
ret = []
for node in f.nodes:
# each node contains a list of IR instruction
for ir in node.irs:
# iterate over all the variables read by the IR
for read in ir.read:
# if the variable is a constant
if isinstance(read, Constant):
# read.value can return an int or a str. Convert it to str
value_as_str = read.original_value
line_of_code = str(node.expression)
if '00000' in value_as_str:
# Info to be printed
ret.append(node)
return ret
def _detect(self):
results = []
# iterate over all contracts
for contract in self.slither.contracts_derived:
# iterate over all functions
for f in contract.functions:
# iterate over all the nodes
ret = self._detect_too_many_digits(f)
if ret:
info = '{}.{} ({}) uses literals with too many digits:'.format(f.contract.name,
f.name,
f.source_mapping_str)
for node in ret:
info += '\n\t- {}'.format(node.expression)
info += '\n\tUse the proper denomination (ether-unit, time-unit,'
info += 'or the scientific notation\n'
# Add the result in result
json = self.generate_json_result(info)
self.add_nodes_to_json(ret, json)
results.append(json)
return results

3
slither/printers/call/call_graph.py
Unescape View File

@ -71,7 +71,7 @@ class PrinterCallGraph(AbstractPrinter):
for contract in all_contracts:
render_internal_calls += self._render_internal_calls(contract, contract_functions, contract_calls)
render_solidity_calls = '' #self._render_solidity_calls(solidity_functions, solidity_calls)
render_solidity_calls = self._render_solidity_calls(solidity_functions, solidity_calls)
render_external_calls = self._render_external_calls(external_calls)
@ -110,7 +110,6 @@ class PrinterCallGraph(AbstractPrinter):
# add variable as node to respective contract
if isinstance(external_function, (Variable)):
return
contract_functions[external_contract].add(_node(
_function_node(external_contract, external_function),
external_function.name

15
slither/printers/summary/function_ids.py
Unescape View File

@ -3,6 +3,8 @@
"""
import collections
from prettytable import PrettyTable
from slither.core.solidity_types import ArrayType, MappingType
from slither.printers.abstract_printer import AbstractPrinter
from slither.utils.colors import blue, green, magenta
from slither.utils.function import get_function_id
@ -30,7 +32,18 @@ class FunctionIds(AbstractPrinter):
table.add_row([function.full_name, hex(get_function_id(function.full_name))])
for variable in contract.state_variables:
if variable.visibility in ['public']:
table.add_row([variable.name+'()', hex(get_function_id(variable.name+'()'))])
variable_getter_args = ""
if type(variable.type) is ArrayType:
length = 0
v = variable
while type(v.type) is ArrayType:
length += 1
v = v.type
variable_getter_args = ','.join(["uint256"]*length)
elif type(variable.type) is MappingType:
variable_getter_args = variable.type.type_from
table.add_row([f"{variable.name}({variable_getter_args})", hex(get_function_id(f"{variable.name}({variable_getter_args})"))])
txt += str(table) + '\n'
self.info(txt)

183
slither/slither.py
Unescape View File

@ -6,6 +6,8 @@ import glob
import json
import platform
from crytic_compile import CryticCompile, InvalidCompilation
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.printers.abstract_printer import AbstractPrinter
from .solc_parsing.slitherSolc import SlitherSolc
@ -49,21 +51,21 @@ class Slither(SlitherSolc):
# list of files provided (see --splitted option)
if isinstance(contract, list):
self._init_from_list(contract)
# truffle directory
elif not truffle_ignore and (os.path.isfile(os.path.join(contract, 'truffle.js')) or
os.path.isfile(os.path.join(contract, 'truffle-config.js'))):
self._init_from_truffle(contract,
kwargs.get('truffle_build_directory', 'build/contracts'),
kwargs.get('truffle_ignore_compile', False),
kwargs.get('truffle_version', None))
# embark directory
elif not embark_ignore and os.path.isfile(os.path.join(contract, 'embark.json')):
self._init_from_embark(contract,
kwargs.get('embark_ignore_compile', False),
kwargs.get('embark_overwrite_config', False))
# .json or .sol provided
elif contract.endswith('.json'):
self._init_from_raw_json(contract)
else:
self._init_from_solc(contract, **kwargs)
super(Slither, self).__init__('')
try:
cryticCompile = CryticCompile(contract, **kwargs)
self._crytic_compile = cryticCompile
except InvalidCompilation as e:
logger.error('Invalid compilation')
logger.error(e)
exit(-1)
for path, ast in cryticCompile.asts.items():
self._parse_contracts_from_loaded_json(ast, path)
self._add_source_code(path)
self._detectors = []
self._printers = []
@ -77,104 +79,19 @@ class Slither(SlitherSolc):
self._analyze_contracts()
def _init_from_embark(self, contract, embark_ignore_compile, embark_overwrite_config):
super(Slither, self).__init__('')
plugin_name = '@trailofbits/embark-contract-info'
with open('embark.json') as f:
embark_json = json.load(f)
if embark_overwrite_config:
write_embark_json = False
if (not 'plugins' in embark_json):
embark_json['plugins'] = {plugin_name:{'flags':""}}
write_embark_json = True
elif (not plugin_name in embark_json['plugins']):
embark_json['plugins'][plugin_name] = {'flags':""}
write_embark_json = True
if write_embark_json:
process = subprocess.Popen(['npm','install', plugin_name])
_, stderr = process.communicate()
with open('embark.json', 'w') as outfile:
json.dump(embark_json, outfile, indent=2)
else:
if (not 'plugins' in embark_json) or (not plugin_name in embark_json['plugins']):
logger.error(red('embark-contract-info plugin was found in embark.json. Please install the plugin (see https://github.com/crytic/slither/wiki/Usage#embark), or use --embark-overwrite-config.'))
def _init_from_raw_json(self, filename):
if not os.path.isfile(filename):
logger.error('{} does not exist (are you in the correct directory?)'.format(filename))
exit(-1)
assert filename.endswith('json')
with open(filename, encoding='utf8') as astFile:
stdout = astFile.read()
if not stdout:
logger.info('Empty AST file: %s', filename)
sys.exit(-1)
contracts_json = stdout.split('\n=')
if not embark_ignore_compile:
process = subprocess.Popen(['embark','build','--contracts'],stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = process.communicate()
logger.info("%s\n"%stdout.decode())
if stderr:
# Embark might return information to stderr, but compile without issue
logger.error("%s"%stderr.decode())
infile = os.path.join(contract, 'crytic-export', 'contracts.json')
if not os.path.isfile(infile):
logger.error(red('Embark did not generate the AST file. Is Embark installed (npm install -g embark)? Is embark-contract-info installed? (npm install -g embark).'))
sys.exit(-1)
with open(infile, 'r') as f:
contracts_loaded = json.load(f)
contracts_loaded = contracts_loaded['asts']
for contract_loaded in contracts_loaded:
self._parse_contracts_from_loaded_json(contract_loaded,
contract_loaded['absolutePath'])
def _init_from_truffle(self, contract, build_directory, truffle_ignore_compile, truffle_version):
# Truffle on windows has naming conflicts where it will invoke truffle.js directly instead
# of truffle.cmd (unless in powershell or git bash). The cleanest solution is to explicitly call
# truffle.cmd. Reference:
# https://truffleframework.com/docs/truffle/reference/configuration#resolving-naming-conflicts-on-windows
if not truffle_ignore_compile:
truffle_base_command = "truffle" if platform.system() != 'Windows' else "truffle.cmd"
cmd = [truffle_base_command, 'compile']
if truffle_version:
cmd = ['npx', truffle_version, 'compile']
elif os.path.isfile('package.json'):
with open('package.json') as f:
package = json.load(f)
if 'devDependencies' in package:
if 'truffle' in package['devDependencies']:
version = package['devDependencies']['truffle']
if version.startswith('^'):
version = version[1:]
truffle_version = 'truffle@{}'.format(version)
cmd = ['npx', truffle_version, 'compile']
logger.info("'{}' running (use --truffle-version truffle@x.x.x to use specific version)".format(' '.join(cmd)))
process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = process.communicate()
stdout, stderr = stdout.decode(), stderr.decode()# convert bytestrings to unicode strings
logger.info(stdout)
if stderr:
logger.error(stderr)
if not os.path.isdir(os.path.join(contract, build_directory)):
logger.info(red('No truffle build directory found, did you run `truffle compile`?'))
sys.exit(-1)
super(Slither, self).__init__('')
filenames = glob.glob(os.path.join(contract, build_directory, '*.json'))
for filename in filenames:
with open(filename, encoding='utf8') as f:
contract_loaded = json.load(f)
contract_loaded = contract_loaded['ast']
if 'absolutePath' in contract_loaded:
path = contract_loaded['absolutePath']
else:
path = contract_loaded['attributes']['absolutePath']
self._parse_contracts_from_loaded_json(contract_loaded, path)
def _init_from_solc(self, contract, **kwargs):
solc = kwargs.get('solc', 'solc')
disable_solc_warnings = kwargs.get('disable_solc_warnings', False)
solc_arguments = kwargs.get('solc_arguments', '')
ast_format = kwargs.get('ast_format', '--ast-compact-json')
contracts_json = self._run_solc(contract,
solc,
disable_solc_warnings,
solc_arguments,
ast_format)
super(Slither, self).__init__(contract)
super(Slither, self).__init__(filename)
for c in contracts_json:
self._parse_contracts_from_json(c)
@ -261,46 +178,12 @@ class Slither(SlitherSolc):
if not os.path.isfile(filename):
logger.error('{} does not exist (are you in the correct directory?)'.format(filename))
exit(-1)
is_ast_file = False
if filename.endswith('json'):
is_ast_file = True
elif not filename.endswith('.sol'):
raise Exception('Incorrect file format')
if is_ast_file:
with open(filename, encoding='utf8') as astFile:
stdout = astFile.read()
if not stdout:
logger.info('Empty AST file: %s', filename)
sys.exit(-1)
else:
cmd = [solc, filename, ast_format]
if solc_arguments:
# To parse, we first split the string on each '--'
solc_args = solc_arguments.split('--')
# Split each argument on the first space found
# One solc option may have multiple argument sepparated with ' '
# For example: --allow-paths /tmp .
# split() removes the delimiter, so we add it again
solc_args = [('--' + x).split(' ', 1) for x in solc_args if x]
# Flat the list of list
solc_args = [item for sublist in solc_args for item in sublist]
cmd += solc_args
# Add . as default allowed path
if '--allow-paths' not in cmd:
cmd += ['--allow-paths', '.']
process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = process.communicate()
stdout, stderr = stdout.decode(), stderr.decode() # convert bytestrings to unicode strings
if stderr and (not disable_solc_warnings):
stderr = stderr.split('\n')
stderr = [x if 'Error' not in x else red(x) for x in stderr]
stderr = '\n'.join(stderr)
logger.info('Compilation warnings/errors on %s:\n%s', filename, stderr)
assert filename.endswith('json')
with open(filename, encoding='utf8') as astFile:
stdout = astFile.read()
if not stdout:
logger.info('Empty AST file: %s', filename)
sys.exit(-1)
stdout = stdout.split('\n=')
return stdout

74
slither/slithir/convert.py
Unescape View File

@ -7,7 +7,9 @@ from slither.core.expressions import Identifier, Literal
from slither.core.solidity_types import (ArrayType, ElementaryType,
FunctionType, MappingType,
UserDefinedType)
from slither.core.solidity_types.elementary_type import Int as ElementaryTypeInt
from slither.core.variables.variable import Variable
from slither.core.variables.state_variable import StateVariable
from slither.slithir.operations import (Assignment, Balance, Binary,
BinaryType, Call, Condition, Delete,
EventCall, HighLevelCall, Index,
@ -30,6 +32,7 @@ from slither.slithir.variables import (Constant, ReferenceVariable,
TemporaryVariable)
from slither.visitors.slithir.expression_to_slithir import ExpressionToSlithIR
from slither.utils.function import get_function_id
from slither.utils.type import export_nested_types_from_variable
logger = logging.getLogger('ConvertToIR')
@ -39,7 +42,8 @@ def convert_expression(expression, node):
from slither.core.cfg.node import NodeType
if isinstance(expression, Literal) and node.type in [NodeType.IF, NodeType.IFLOOP]:
result = [Condition(Constant(expression.value))]
cst = Constant(expression.value, expression.type)
result = [Condition(cst)]
return result
if isinstance(expression, Identifier) and node.type in [NodeType.IF, NodeType.IFLOOP]:
result = [Condition(expression.value)]
@ -599,7 +603,7 @@ def convert_to_push(ir, node):
ir = Push(ir.destination, val)
length = Literal(len(operation.init_values))
length = Literal(len(operation.init_values), 'uint256')
t = operation.init_values[0].type
ir.lvalue.set_type(ArrayType(t, length))
@ -822,6 +826,71 @@ def remove_unused(result):
result = [i for i in result if not i in to_remove]
return result
# endregion
###################################################################################
###################################################################################
# region Constant type conversioh
###################################################################################
###################################################################################
def convert_constant_types(irs):
"""
late conversion of uint -> type for constant (Literal)
:param irs:
:return:
"""
# TODO: implement instances lookup for events, NewContract
was_changed = True
while was_changed:
was_changed = False
for ir in irs:
if isinstance(ir, Assignment):
if isinstance(ir.lvalue.type, ElementaryType):
if ir.lvalue.type.type in ElementaryTypeInt:
if ir.rvalue.type.type != 'int256':
ir.rvalue.set_type(ElementaryType('int256'))
was_changed = True
if isinstance(ir, Binary):
if isinstance(ir.lvalue.type, ElementaryType):
if ir.lvalue.type.type in ElementaryTypeInt:
for r in ir.read:
if r.type.type != 'int256':
r.set_type(ElementaryType('int256'))
was_changed = True
if isinstance(ir, (HighLevelCall, InternalCall)):
func = ir.function
if isinstance(func, StateVariable):
types = export_nested_types_from_variable(func)
else:
types = [p.type for p in func.parameters]
for idx, arg in enumerate(ir.arguments):
t = types[idx]
if isinstance(t, ElementaryType):
if t.type in ElementaryTypeInt:
if arg.type.type != 'int256':
arg.set_type(ElementaryType('int256'))
was_changed = True
if isinstance(ir, NewStructure):
st = ir.structure
for idx, arg in enumerate(ir.arguments):
e = st.elems_ordered[idx]
if isinstance(e.type, ElementaryType):
if e.type.type in ElementaryTypeInt:
if arg.type.type != 'int256':
arg.set_type(ElementaryType('int256'))
was_changed = True
if isinstance(ir, InitArray):
if isinstance(ir.lvalue.type, ArrayType):
if isinstance(ir.lvalue.type.type, ElementaryType):
if ir.lvalue.type.type.type in ElementaryTypeInt:
for r in ir.read:
if r.type.type != 'int256':
r.set_type(ElementaryType('int256'))
was_changed = True
# endregion
###################################################################################
###################################################################################
@ -839,6 +908,7 @@ def apply_ir_heuristics(irs, node):
irs = propagate_type_and_convert_call(irs, node)
irs = remove_unused(irs)
find_references_origin(irs)
convert_constant_types(irs)
return irs

48
slither/slithir/variables/constant.py
Unescape View File

@ -1,17 +1,41 @@
from .variable import SlithIRVariable
from slither.core.solidity_types.elementary_type import ElementaryType
from slither.core.solidity_types.elementary_type import ElementaryType, Int, Uint
class Constant(SlithIRVariable):
def __init__(self, val):
def __init__(self, val, type=None):
super(Constant, self).__init__()
assert isinstance(val, str)
if val.isdigit():
self._type = ElementaryType('uint256')
self._val = int(val)
self._original_value = val
if type:
assert isinstance(type, ElementaryType)
self._type = type
if type.type in Int + Uint:
if val.startswith('0x'):
self._val = int(val, 16)
else:
if 'e' in val:
base, expo = val.split('e')
self._val = int(float(base)* (10 ** int(expo)))
elif 'E' in val:
base, expo = val.split('E')
self._val = int(float(base) * (10 ** int(expo)))
else:
self._val = int(val)
elif type.type == 'bool':
self._val = val == 'true'
else:
self._val = val
else:
self._type = ElementaryType('string')
self._val = val
if val.isdigit():
self._type = ElementaryType('uint256')
self._val = int(val)
else:
self._type = ElementaryType('string')
self._val = val
@property
def value(self):
@ -20,10 +44,18 @@ class Constant(SlithIRVariable):
If the expression was an hexadecimal delcared as hex'...'
return a str
Returns:
(str, int)
(str | int | bool)
'''
return self._val
@property
def original_value(self):
'''
Return the string representation of the value
:return: str
'''
return self._original_value
def __str__(self):
return str(self.value)

2
slither/solc_parsing/declarations/structure.py
Unescape View File

@ -16,6 +16,7 @@ class StructureSolc(Structure):
self._name = name
self._canonical_name = canonicalName
self._elems = {}
self._elems_ordered = []
self._elemsNotParsed = elems
@ -28,5 +29,6 @@ class StructureSolc(Structure):
elem.analyze(self.contract)
self._elems[elem.name] = elem
self._elems_ordered.append(elem.name)
self._elemsNotParsed = []

16
slither/solc_parsing/expressions/expression_parsing.py
Unescape View File

@ -479,6 +479,12 @@ def parse_expression(expression, caller_context):
value = str(convert_subdenomination(value, expression['subdenomination']))
elif not value and value != "":
value = '0x'+expression['hexValue']
type = expression['typeDescriptions']['typeString']
# Length declaration for array was None until solc 0.5.5
if type is None:
if expression['kind'] == 'number':
type = 'int_const'
else:
value = expression['attributes']['value']
if value:
@ -489,7 +495,15 @@ def parse_expression(expression, caller_context):
# see https://solidity.readthedocs.io/en/v0.4.25/types.html?highlight=hex#hexadecimal-literals
assert 'hexvalue' in expression['attributes']
value = '0x'+expression['attributes']['hexvalue']
literal = Literal(value)
type = expression['attributes']['type']
if type.startswith('int_const '):
type = ElementaryType('uint256')
elif type.startswith('bool'):
type = ElementaryType('bool')
else:
type = ElementaryType('string')
literal = Literal(value, type)
return literal
elif name == 'Identifier':

12
slither/solc_parsing/slitherSolc.py
Unescape View File

@ -89,9 +89,7 @@ class SlitherSolc(Slither):
if 'sourcePaths' in data_loaded:
for sourcePath in data_loaded['sourcePaths']:
if os.path.isfile(sourcePath):
with open(sourcePath, encoding='utf8', newline='') as f:
source_code = f.read()
self.source_code[sourcePath] = source_code
self._add_source_code(sourcePath)
if data_loaded[self.get_key()] == 'root':
self._solc_version = '0.3'
@ -152,15 +150,11 @@ class SlitherSolc(Slither):
self._source_units[sourceUnit] = name
if os.path.isfile(name) and not name in self.source_code:
with open(name, encoding='utf8', newline='') as f:
source_code = f.read()
self.source_code[name] = source_code
self._add_source_code(name)
else:
lib_name = os.path.join('node_modules', name)
if os.path.isfile(lib_name) and not name in self.source_code:
with open(lib_name, encoding='utf8', newline='') as f:
source_code = f.read()
self.source_code[name] = source_code
self._add_source_code(lib_name)
# endregion
###################################################################################

4
slither/solc_parsing/solidity_types/type_parsing.py
Unescape View File

@ -32,7 +32,7 @@ def _find_from_type_name(name, contract, contracts, structures, enums):
if name_elementary in ElementaryTypeName:
depth = name.count('[')
if depth:
return ArrayType(ElementaryType(name_elementary), Literal(depth))
return ArrayType(ElementaryType(name_elementary), Literal(depth, 'uint256'))
else:
return ElementaryType(name_elementary)
# We first look for contract
@ -78,7 +78,7 @@ def _find_from_type_name(name, contract, contracts, structures, enums):
depth+=1
var_type = next((st for st in all_structures if st.contract.name+"."+st.name == name_struct), None)
if var_type:
return ArrayType(UserDefinedType(var_type), Literal(depth))
return ArrayType(UserDefinedType(var_type), Literal(depth, 'uint256'))
if not var_type:
var_type = next((f for f in contract.functions if f.name == name), None)

31
slither/utils/type.py
Unescape View File

@ -0,0 +1,31 @@
from slither.core.solidity_types import (ArrayType, MappingType, ElementaryType)
def _add_mapping_parameter(t, l):
while isinstance(t, MappingType):
l.append(t.type_from)
t = t.type_to
_add_array_parameter(t, l)
def _add_array_parameter(t, l):
while isinstance(t, ArrayType):
l.append(ElementaryType('uint256'))
t = t.type
def export_nested_types_from_variable(variable):
"""
Export the list of nested types (mapping/array)
:param variable:
:return: list(Type)
"""
l = []
if isinstance(variable.type, MappingType):
t = variable.type
_add_mapping_parameter(t, l)
if isinstance(variable.type, ArrayType):
v = variable
_add_array_parameter(v.type, l)
return l

8
slither/visitors/expression/constants_folding.py
Unescape View File

@ -20,8 +20,12 @@ def set_val(expression, val):
class ConstantFolding(ExpressionVisitor):
def __init__(self, expression, type):
super(ConstantFolding, self).__init__(expression)
self._type = type
def result(self):
return Literal(int(get_val(self._expression)))
return Literal(int(get_val(self._expression)), self._type)
def _post_identifier(self, expression):
if not expression.value.is_constant:
@ -29,7 +33,7 @@ class ConstantFolding(ExpressionVisitor):
expr = expression.value.expression
# assumption that we won't have infinite loop
if not isinstance(expr, Literal):
cf = ConstantFolding(expr)
cf = ConstantFolding(expr, self._type)
expr = cf.result()
set_val(expression, int(expr.value))

3
slither/visitors/slithir/expression_to_slithir.py
Unescape View File

@ -173,7 +173,8 @@ class ExpressionToSlithIR(ExpressionVisitor):
set_val(expression, val)
def _post_literal(self, expression):
set_val(expression, Constant(expression.value))
cst = Constant(expression.value, expression.type)
set_val(expression, cst)
def _post_member_access(self, expression):
expr = get(expression.expression)

6
tests/config/slither.config.json
Unescape View File

@ -0,0 +1,6 @@
{
"detectors_to_run": "all",
"exclude_informational": true,
"exclude_low": true,
"ignore_return_value": true
}

205
tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.json
Unescape View File

@ -1 +1,204 @@
[{"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.direct (tests/arbitrary_send-0.5.1.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#12)\n", "elements": [{"type": "function", "name": "direct", "source_mapping": {"start": 162, "length": 79, "filename": "tests/arbitrary_send-0.5.1.sol", "lines": [11, 12, 13]}, "contract": {"type": "contract", "name": "Test", "source_mapping": {"start": 0, "length": 884, "filename": "tests/arbitrary_send-0.5.1.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, {"type": "expression", "expression": "msg.sender.send(address(this).balance)", "source_mapping": {"start": 196, "length": 38, "filename": "tests/arbitrary_send-0.5.1.sol", "lines": [12]}}]}, {"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.indirect (tests/arbitrary_send-0.5.1.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#20)\n", "elements": [{"type": "function", "name": "indirect", "source_mapping": {"start": 316, "length": 82, "filename": "tests/arbitrary_send-0.5.1.sol", "lines": [19, 20, 21]}, "contract": {"type": "contract", "name": "Test", "source_mapping": {"start": 0, "length": 884, "filename": "tests/arbitrary_send-0.5.1.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, {"type": "expression", "expression": "destination.send(address(this).balance)", "source_mapping": {"start": 352, "length": 39, "filename": "tests/arbitrary_send-0.5.1.sol", "lines": [20]}}]}]
[
{
"check": "arbitrary-send",
"impact": "High",
"confidence": "Medium",
"description": "Test.direct (tests/arbitrary_send-0.5.1.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#12)\n",
"elements": [
{
"type": "function",
"name": "direct",
"source_mapping": {
"start": 162,
"length": 79,
"filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol",
"filename_relative": "tests/arbitrary_send-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol",
"filename_short": "tests/arbitrary_send-0.5.1.sol",
"lines": [
11,
12,
13
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Test",
"source_mapping": {
"start": 0,
"length": 884,
"filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol",
"filename_relative": "tests/arbitrary_send-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol",
"filename_short": "tests/arbitrary_send-0.5.1.sol",
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "msg.sender.send(address(this).balance)",
"source_mapping": {
"start": 196,
"length": 38,
"filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol",
"filename_relative": "tests/arbitrary_send-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol",
"filename_short": "tests/arbitrary_send-0.5.1.sol",
"lines": [
12
],
"starting_column": 9,
"ending_column": 47
}
}
]
},
{
"check": "arbitrary-send",
"impact": "High",
"confidence": "Medium",
"description": "Test.indirect (tests/arbitrary_send-0.5.1.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#20)\n",
"elements": [
{
"type": "function",
"name": "indirect",
"source_mapping": {
"start": 316,
"length": 82,
"filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol",
"filename_relative": "tests/arbitrary_send-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol",
"filename_short": "tests/arbitrary_send-0.5.1.sol",
"lines": [
19,
20,
21
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Test",
"source_mapping": {
"start": 0,
"length": 884,
"filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol",
"filename_relative": "tests/arbitrary_send-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol",
"filename_short": "tests/arbitrary_send-0.5.1.sol",
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "destination.send(address(this).balance)",
"source_mapping": {
"start": 352,
"length": 39,
"filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol",
"filename_relative": "tests/arbitrary_send-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol",
"filename_short": "tests/arbitrary_send-0.5.1.sol",
"lines": [
20
],
"starting_column": 9,
"ending_column": 48
}
}
]
}
]

9
tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.txt
Unescape View File

@ -0,0 +1,9 @@
INFO:Detectors:
Test.direct (tests/arbitrary_send-0.5.1.sol#11-13) sends eth to arbitrary user
Dangerous calls:
- msg.sender.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#12)
Test.indirect (tests/arbitrary_send-0.5.1.sol#19-21) sends eth to arbitrary user
Dangerous calls:
- destination.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#20)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#functions-that-send-ether-to-arbitrary-destinations
INFO:Slither:tests/arbitrary_send-0.5.1.sol analyzed (1 contracts), 2 result(s) found

205
tests/expected_json/arbitrary_send.arbitrary-send.json
Unescape View File

@ -1 +1,204 @@
[{"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.direct (tests/arbitrary_send.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/arbitrary_send.sol#12)\n", "elements": [{"type": "function", "name": "direct", "source_mapping": {"start": 147, "length": 79, "filename": "tests/arbitrary_send.sol", "lines": [11, 12, 13]}, "contract": {"type": "contract", "name": "Test", "source_mapping": {"start": 0, "length": 869, "filename": "tests/arbitrary_send.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, {"type": "expression", "expression": "msg.sender.send(address(this).balance)", "source_mapping": {"start": 181, "length": 38, "filename": "tests/arbitrary_send.sol", "lines": [12]}}]}, {"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.indirect (tests/arbitrary_send.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/arbitrary_send.sol#20)\n", "elements": [{"type": "function", "name": "indirect", "source_mapping": {"start": 301, "length": 82, "filename": "tests/arbitrary_send.sol", "lines": [19, 20, 21]}, "contract": {"type": "contract", "name": "Test", "source_mapping": {"start": 0, "length": 869, "filename": "tests/arbitrary_send.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, {"type": "expression", "expression": "destination.send(address(this).balance)", "source_mapping": {"start": 337, "length": 39, "filename": "tests/arbitrary_send.sol", "lines": [20]}}]}]
[
{
"check": "arbitrary-send",
"impact": "High",
"confidence": "Medium",
"description": "Test.direct (tests/arbitrary_send.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/arbitrary_send.sol#12)\n",
"elements": [
{
"type": "function",
"name": "direct",
"source_mapping": {
"start": 147,
"length": 79,
"filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol",
"filename_relative": "tests/arbitrary_send.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol",
"filename_short": "tests/arbitrary_send.sol",
"lines": [
11,
12,
13
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Test",
"source_mapping": {
"start": 0,
"length": 869,
"filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol",
"filename_relative": "tests/arbitrary_send.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol",
"filename_short": "tests/arbitrary_send.sol",
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "msg.sender.send(address(this).balance)",
"source_mapping": {
"start": 181,
"length": 38,
"filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol",
"filename_relative": "tests/arbitrary_send.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol",
"filename_short": "tests/arbitrary_send.sol",
"lines": [
12
],
"starting_column": 9,
"ending_column": 47
}
}
]
},
{
"check": "arbitrary-send",
"impact": "High",
"confidence": "Medium",
"description": "Test.indirect (tests/arbitrary_send.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/arbitrary_send.sol#20)\n",
"elements": [
{
"type": "function",
"name": "indirect",
"source_mapping": {
"start": 301,
"length": 82,
"filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol",
"filename_relative": "tests/arbitrary_send.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol",
"filename_short": "tests/arbitrary_send.sol",
"lines": [
19,
20,
21
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Test",
"source_mapping": {
"start": 0,
"length": 869,
"filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol",
"filename_relative": "tests/arbitrary_send.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol",
"filename_short": "tests/arbitrary_send.sol",
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "destination.send(address(this).balance)",
"source_mapping": {
"start": 337,
"length": 39,
"filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol",
"filename_relative": "tests/arbitrary_send.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol",
"filename_short": "tests/arbitrary_send.sol",
"lines": [
20
],
"starting_column": 9,
"ending_column": 48
}
}
]
}
]

9
tests/expected_json/arbitrary_send.arbitrary-send.txt
Unescape View File

@ -0,0 +1,9 @@
INFO:Detectors:
Test.direct (tests/arbitrary_send.sol#11-13) sends eth to arbitrary user
Dangerous calls:
- msg.sender.send(address(this).balance) (tests/arbitrary_send.sol#12)
Test.indirect (tests/arbitrary_send.sol#19-21) sends eth to arbitrary user
Dangerous calls:
- destination.send(address(this).balance) (tests/arbitrary_send.sol#20)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#functions-that-send-ether-to-arbitrary-destinations
INFO:Slither:tests/arbitrary_send.sol analyzed (1 contracts), 2 result(s) found

53
tests/expected_json/backdoor.backdoor.json
Unescape View File

@ -1 +1,52 @@
[{"check": "backdoor", "impact": "High", "confidence": "High", "description": "Backdoor function found in C.i_am_a_backdoor (tests/backdoor.sol#4-6)\n", "elements": [{"type": "function", "name": "i_am_a_backdoor", "source_mapping": {"start": 18, "length": 74, "filename": "tests/backdoor.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "C", "source_mapping": {"start": 1, "length": 94, "filename": "tests/backdoor.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}]}]
[
{
"check": "backdoor",
"impact": "High",
"confidence": "High",
"description": "Backdoor function found in C.i_am_a_backdoor (tests/backdoor.sol#4-6)\n",
"elements": [
{
"type": "function",
"name": "i_am_a_backdoor",
"source_mapping": {
"start": 18,
"length": 74,
"filename_used": "/home/travis/build/crytic/slither/tests/backdoor.sol",
"filename_relative": "tests/backdoor.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/backdoor.sol",
"filename_short": "tests/backdoor.sol",
"lines": [
4,
5,
6
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 1,
"length": 94,
"filename_used": "/home/travis/build/crytic/slither/tests/backdoor.sol",
"filename_relative": "tests/backdoor.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/backdoor.sol",
"filename_short": "tests/backdoor.sol",
"lines": [
2,
3,
4,
5,
6,
7,
8
],
"starting_column": 1,
"ending_column": 2
}
}
}
]
}
]

5
tests/expected_json/backdoor.backdoor.txt
Unescape View File

@ -0,0 +1,5 @@
INFO:Detectors:
Backdoor function found in C.i_am_a_backdoor (tests/backdoor.sol#4-6)
Reference: https://github.com/trailofbits/slither/wiki/Adding-a-new-detector
INFO:Slither:/home/monty/Private/tob/tools/slither-public/scripts/../tests/expected_json/backdoor.backdoor.json exists already, the overwrite is prevented
INFO:Slither:tests/backdoor.sol analyzed (1 contracts), 1 result(s) found

53
tests/expected_json/backdoor.suicidal.json
Unescape View File

@ -1 +1,52 @@
[{"check": "suicidal", "impact": "High", "confidence": "High", "description": "C.i_am_a_backdoor (tests/backdoor.sol#4-6) allows anyone to destruct the contract\n", "elements": [{"type": "function", "name": "i_am_a_backdoor", "source_mapping": {"start": 18, "length": 74, "filename": "tests/backdoor.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "C", "source_mapping": {"start": 1, "length": 94, "filename": "tests/backdoor.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}]}]
[
{
"check": "suicidal",
"impact": "High",
"confidence": "High",
"description": "C.i_am_a_backdoor (tests/backdoor.sol#4-6) allows anyone to destruct the contract\n",
"elements": [
{
"type": "function",
"name": "i_am_a_backdoor",
"source_mapping": {
"start": 18,
"length": 74,
"filename_used": "/home/travis/build/crytic/slither/tests/backdoor.sol",
"filename_relative": "tests/backdoor.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/backdoor.sol",
"filename_short": "tests/backdoor.sol",
"lines": [
4,
5,
6
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 1,
"length": 94,
"filename_used": "/home/travis/build/crytic/slither/tests/backdoor.sol",
"filename_relative": "tests/backdoor.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/backdoor.sol",
"filename_short": "tests/backdoor.sol",
"lines": [
2,
3,
4,
5,
6,
7,
8
],
"starting_column": 1,
"ending_column": 2
}
}
}
]
}
]

5
tests/expected_json/backdoor.suicidal.txt
Unescape View File

@ -0,0 +1,5 @@
INFO:Detectors:
C.i_am_a_backdoor (tests/backdoor.sol#4-6) allows anyone to destruct the contract
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#suicidal
INFO:Slither:/home/monty/Private/tob/tools/slither-public/scripts/../tests/expected_json/backdoor.suicidal.json exists already, the overwrite is prevented
INFO:Slither:tests/backdoor.sol analyzed (1 contracts), 1 result(s) found

113
tests/expected_json/const_state_variables.constable-states.json
Unescape View File

@ -1 +1,112 @@
[{"check": "constable-states", "impact": "Informational", "confidence": "High", "description": "A.myFriendsAddress should be constant (tests/const_state_variables.sol#7)\nA.test should be constant (tests/const_state_variables.sol#10)\nA.text2 should be constant (tests/const_state_variables.sol#14)\nB.mySistersAddress should be constant (tests/const_state_variables.sol#26)\nMyConc.should_be_constant should be constant (tests/const_state_variables.sol#42)\nMyConc.should_be_constant_2 should be constant (tests/const_state_variables.sol#43)\n", "elements": [{"type": "variable", "name": "myFriendsAddress", "source_mapping": {"start": 132, "length": 76, "filename": "tests/const_state_variables.sol", "lines": [7]}}, {"type": "variable", "name": "mySistersAddress", "source_mapping": {"start": 496, "length": 76, "filename": "tests/const_state_variables.sol", "lines": [26]}}, {"type": "variable", "name": "should_be_constant", "source_mapping": {"start": 793, "length": 42, "filename": "tests/const_state_variables.sol", "lines": [42]}}, {"type": "variable", "name": "should_be_constant_2", "source_mapping": {"start": 841, "length": 33, "filename": "tests/const_state_variables.sol", "lines": [43]}}, {"type": "variable", "name": "test", "source_mapping": {"start": 237, "length": 20, "filename": "tests/const_state_variables.sol", "lines": [10]}}, {"type": "variable", "name": "text2", "source_mapping": {"start": 333, "length": 20, "filename": "tests/const_state_variables.sol", "lines": [14]}}]}]
[
{
"check": "constable-states",
"impact": "Informational",
"confidence": "High",
"description": "A.myFriendsAddress should be constant (tests/const_state_variables.sol#7)\nA.test should be constant (tests/const_state_variables.sol#10)\nA.text2 should be constant (tests/const_state_variables.sol#14)\nB.mySistersAddress should be constant (tests/const_state_variables.sol#26)\nMyConc.should_be_constant should be constant (tests/const_state_variables.sol#42)\nMyConc.should_be_constant_2 should be constant (tests/const_state_variables.sol#43)\n",
"elements": [
{
"type": "variable",
"name": "myFriendsAddress",
"source_mapping": {
"start": 132,
"length": 76,
"filename_used": "/home/travis/build/crytic/slither/tests/const_state_variables.sol",
"filename_relative": "tests/const_state_variables.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/const_state_variables.sol",
"filename_short": "tests/const_state_variables.sol",
"lines": [
7
],
"starting_column": 5,
"ending_column": 81
}
},
{
"type": "variable",
"name": "mySistersAddress",
"source_mapping": {
"start": 496,
"length": 76,
"filename_used": "/home/travis/build/crytic/slither/tests/const_state_variables.sol",
"filename_relative": "tests/const_state_variables.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/const_state_variables.sol",
"filename_short": "tests/const_state_variables.sol",
"lines": [
26
],
"starting_column": 5,
"ending_column": 81
}
},
{
"type": "variable",
"name": "should_be_constant",
"source_mapping": {
"start": 793,
"length": 42,
"filename_used": "/home/travis/build/crytic/slither/tests/const_state_variables.sol",
"filename_relative": "tests/const_state_variables.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/const_state_variables.sol",
"filename_short": "tests/const_state_variables.sol",
"lines": [
42
],
"starting_column": 5,
"ending_column": 47
}
},
{
"type": "variable",
"name": "should_be_constant_2",
"source_mapping": {
"start": 841,
"length": 33,
"filename_used": "/home/travis/build/crytic/slither/tests/const_state_variables.sol",
"filename_relative": "tests/const_state_variables.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/const_state_variables.sol",
"filename_short": "tests/const_state_variables.sol",
"lines": [
43
],
"starting_column": 5,
"ending_column": 38
}
},
{
"type": "variable",
"name": "test",
"source_mapping": {
"start": 237,
"length": 20,
"filename_used": "/home/travis/build/crytic/slither/tests/const_state_variables.sol",
"filename_relative": "tests/const_state_variables.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/const_state_variables.sol",
"filename_short": "tests/const_state_variables.sol",
"lines": [
10
],
"starting_column": 5,
"ending_column": 25
}
},
{
"type": "variable",
"name": "text2",
"source_mapping": {
"start": 333,
"length": 20,
"filename_used": "/home/travis/build/crytic/slither/tests/const_state_variables.sol",
"filename_relative": "tests/const_state_variables.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/const_state_variables.sol",
"filename_short": "tests/const_state_variables.sol",
"lines": [
14
],
"starting_column": 5,
"ending_column": 25
}
}
]
}
]

9
tests/expected_json/const_state_variables.constable-states.txt
Unescape View File

@ -0,0 +1,9 @@
INFO:Detectors:
A.myFriendsAddress should be constant (tests/const_state_variables.sol#7)
A.test should be constant (tests/const_state_variables.sol#10)
A.text2 should be constant (tests/const_state_variables.sol#14)
B.mySistersAddress should be constant (tests/const_state_variables.sol#26)
MyConc.should_be_constant should be constant (tests/const_state_variables.sol#42)
MyConc.should_be_constant_2 should be constant (tests/const_state_variables.sol#43)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-constant
INFO:Slither:tests/const_state_variables.sol analyzed (3 contracts), 1 result(s) found

68
tests/expected_json/constant-0.5.1.constant-function.json
Unescape View File

@ -1 +1,67 @@
[{"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_assembly_bug (tests/constant-0.5.1.sol#15-17) is declared view but contains assembly code\n", "elements": [{"type": "info", "contains_assembly": true}]}]
[
{
"check": "constant-function",
"impact": "Medium",
"confidence": "Medium",
"description": "Constant.test_assembly_bug (tests/constant-0.5.1.sol#15-17) is declared view but contains assembly code\n",
"elements": [
{
"type": "function",
"name": "test_assembly_bug",
"source_mapping": {
"start": 185,
"length": 66,
"filename_used": "/home/travis/build/crytic/slither/tests/constant-0.5.1.sol",
"filename_relative": "tests/constant-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/constant-0.5.1.sol",
"filename_short": "tests/constant-0.5.1.sol",
"lines": [
15,
16,
17
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Constant",
"source_mapping": {
"start": 0,
"length": 253,
"filename_used": "/home/travis/build/crytic/slither/tests/constant-0.5.1.sol",
"filename_relative": "tests/constant-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/constant-0.5.1.sol",
"filename_short": "tests/constant-0.5.1.sol",
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "info",
"contains_assembly": true
}
]
}
]

4
tests/expected_json/constant-0.5.1.constant-function.txt
Unescape View File

@ -0,0 +1,4 @@
INFO:Detectors:
Constant.test_assembly_bug (tests/constant-0.5.1.sol#15-17) is declared view but contains assembly code
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#constant-functions-changing-the-state
INFO:Slither:tests/constant-0.5.1.sol analyzed (1 contracts), 1 result(s) found

253
tests/expected_json/constant.constant-function.json
Unescape View File

@ -1 +1,252 @@
[{"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_view_bug (tests/constant.sol#5-7) is declared view but changes state variables:\n\t- Constant.a\n", "elements": [{"type": "function", "name": "test_view_bug", "source_mapping": {"start": 45, "length": 58, "filename": "tests/constant.sol", "lines": [5, 6, 7]}, "contract": {"type": "contract", "name": "Constant", "source_mapping": {"start": 0, "length": 392, "filename": "tests/constant.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "variable", "name": "a", "source_mapping": {"start": 28, "length": 6, "filename": "tests/constant.sol", "lines": [3]}}, {"type": "info", "contains_assembly": false}]}, {"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_constant_bug (tests/constant.sol#9-11) is declared view but changes state variables:\n\t- Constant.a\n", "elements": [{"type": "function", "name": "test_constant_bug", "source_mapping": {"start": 113, "length": 66, "filename": "tests/constant.sol", "lines": [9, 10, 11]}, "contract": {"type": "contract", "name": "Constant", "source_mapping": {"start": 0, "length": 392, "filename": "tests/constant.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "variable", "name": "a", "source_mapping": {"start": 28, "length": 6, "filename": "tests/constant.sol", "lines": [3]}}, {"type": "info", "contains_assembly": false}]}, {"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_assembly_bug (tests/constant.sol#22-24) is declared view but contains assembly code\n", "elements": [{"type": "info", "contains_assembly": true}]}]
[
{
"check": "constant-function",
"impact": "Medium",
"confidence": "Medium",
"description": "Constant.test_view_bug (tests/constant.sol#5-7) is declared view but changes state variables:\n\t- Constant.a\n",
"elements": [
{
"type": "function",
"name": "test_view_bug",
"source_mapping": {
"start": 45,
"length": 58,
"filename_used": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_relative": "tests/constant.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_short": "tests/constant.sol",
"lines": [
5,
6,
7
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Constant",
"source_mapping": {
"start": 0,
"length": 392,
"filename_used": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_relative": "tests/constant.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_short": "tests/constant.sol",
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "variable",
"name": "a",
"source_mapping": {
"start": 28,
"length": 6,
"filename_used": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_relative": "tests/constant.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_short": "tests/constant.sol",
"lines": [
3
],
"starting_column": 5,
"ending_column": 11
}
},
{
"type": "info",
"contains_assembly": false
}
]
},
{
"check": "constant-function",
"impact": "Medium",
"confidence": "Medium",
"description": "Constant.test_constant_bug (tests/constant.sol#9-11) is declared view but changes state variables:\n\t- Constant.a\n",
"elements": [
{
"type": "function",
"name": "test_constant_bug",
"source_mapping": {
"start": 113,
"length": 66,
"filename_used": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_relative": "tests/constant.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_short": "tests/constant.sol",
"lines": [
9,
10,
11
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Constant",
"source_mapping": {
"start": 0,
"length": 392,
"filename_used": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_relative": "tests/constant.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_short": "tests/constant.sol",
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "variable",
"name": "a",
"source_mapping": {
"start": 28,
"length": 6,
"filename_used": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_relative": "tests/constant.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_short": "tests/constant.sol",
"lines": [
3
],
"starting_column": 5,
"ending_column": 11
}
},
{
"type": "info",
"contains_assembly": false
}
]
},
{
"check": "constant-function",
"impact": "Medium",
"confidence": "Medium",
"description": "Constant.test_assembly_bug (tests/constant.sol#22-24) is declared view but contains assembly code\n",
"elements": [
{
"type": "function",
"name": "test_assembly_bug",
"source_mapping": {
"start": 324,
"length": 66,
"filename_used": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_relative": "tests/constant.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_short": "tests/constant.sol",
"lines": [
22,
23,
24
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Constant",
"source_mapping": {
"start": 0,
"length": 392,
"filename_used": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_relative": "tests/constant.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol",
"filename_short": "tests/constant.sol",
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "info",
"contains_assembly": true
}
]
}
]

8
tests/expected_json/constant.constant-function.txt
Unescape View File

@ -0,0 +1,8 @@
INFO:Detectors:
Constant.test_view_bug (tests/constant.sol#5-7) is declared view but changes state variables:
- Constant.a
Constant.test_constant_bug (tests/constant.sol#9-11) is declared view but changes state variables:
- Constant.a
Constant.test_assembly_bug (tests/constant.sol#22-24) is declared view but contains assembly code
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#constant-functions-changing-the-state
INFO:Slither:tests/constant.sol analyzed (1 contracts), 3 result(s) found

174
tests/expected_json/controlled_delegatecall.controlled-delegatecall.json
Unescape View File

@ -1 +1,173 @@
[{"check": "controlled-delegatecall", "impact": "High", "confidence": "Medium", "description": "C.bad_delegate_call (tests/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id\n\taddr_bad.delegatecall(data) (tests/controlled_delegatecall.sol#10)\n", "elements": [{"type": "function", "name": "bad_delegate_call", "source_mapping": {"start": 101, "length": 134, "filename": "tests/controlled_delegatecall.sol", "lines": [8, 9, 10, 11]}, "contract": {"type": "contract", "name": "C", "source_mapping": {"start": 0, "length": 585, "filename": "tests/controlled_delegatecall.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "expression", "expression": "addr_bad.delegatecall(data)", "source_mapping": {"start": 201, "length": 27, "filename": "tests/controlled_delegatecall.sol", "lines": [10]}}]}, {"check": "controlled-delegatecall", "impact": "High", "confidence": "Medium", "description": "C.bad_delegate_call2 (tests/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id\n\taddr_bad.delegatecall(abi.encode(func_id,data)) (tests/controlled_delegatecall.sol#19)\n", "elements": [{"type": "function", "name": "bad_delegate_call2", "source_mapping": {"start": 337, "length": 118, "filename": "tests/controlled_delegatecall.sol", "lines": [18, 19, 20]}, "contract": {"type": "contract", "name": "C", "source_mapping": {"start": 0, "length": 585, "filename": "tests/controlled_delegatecall.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "expression", "expression": "addr_bad.delegatecall(abi.encode(func_id,data))", "source_mapping": {"start": 400, "length": 48, "filename": "tests/controlled_delegatecall.sol", "lines": [19]}}]}]
[
{
"check": "controlled-delegatecall",
"impact": "High",
"confidence": "Medium",
"description": "C.bad_delegate_call (tests/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id\n\taddr_bad.delegatecall(data) (tests/controlled_delegatecall.sol#10)\n",
"elements": [
{
"type": "function",
"name": "bad_delegate_call",
"source_mapping": {
"start": 101,
"length": 134,
"filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_relative": "tests/controlled_delegatecall.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_short": "tests/controlled_delegatecall.sol",
"lines": [
8,
9,
10,
11
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 0,
"length": 585,
"filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_relative": "tests/controlled_delegatecall.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_short": "tests/controlled_delegatecall.sol",
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "addr_bad.delegatecall(data)",
"source_mapping": {
"start": 201,
"length": 27,
"filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_relative": "tests/controlled_delegatecall.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_short": "tests/controlled_delegatecall.sol",
"lines": [
10
],
"starting_column": 9,
"ending_column": 36
}
}
]
},
{
"check": "controlled-delegatecall",
"impact": "High",
"confidence": "Medium",
"description": "C.bad_delegate_call2 (tests/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id\n\taddr_bad.delegatecall(abi.encode(func_id,data)) (tests/controlled_delegatecall.sol#19)\n",
"elements": [
{
"type": "function",
"name": "bad_delegate_call2",
"source_mapping": {
"start": 337,
"length": 118,
"filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_relative": "tests/controlled_delegatecall.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_short": "tests/controlled_delegatecall.sol",
"lines": [
18,
19,
20
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 0,
"length": 585,
"filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_relative": "tests/controlled_delegatecall.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_short": "tests/controlled_delegatecall.sol",
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "addr_bad.delegatecall(abi.encode(func_id,data))",
"source_mapping": {
"start": 400,
"length": 48,
"filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_relative": "tests/controlled_delegatecall.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_short": "tests/controlled_delegatecall.sol",
"lines": [
19
],
"starting_column": 9,
"ending_column": 57
}
}
]
}
]

7
tests/expected_json/controlled_delegatecall.controlled-delegatecall.txt
Unescape View File

@ -0,0 +1,7 @@
INFO:Detectors:
C.bad_delegate_call (tests/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id
addr_bad.delegatecall(data) (tests/controlled_delegatecall.sol#10)
C.bad_delegate_call2 (tests/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id
addr_bad.delegatecall(abi.encode(func_id,data)) (tests/controlled_delegatecall.sol#19)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall
INFO:Slither:tests/controlled_delegatecall.sol analyzed (1 contracts), 2 result(s) found

181
tests/expected_json/deprecated_calls.deprecated-standards.json
Unescape View File

@ -1 +1,180 @@
[{"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#2:\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n", "elements": [{"type": "variable", "name": "globalBlockHash", "source_mapping": {"start": 48, "length": 44, "filename": "tests/deprecated_calls.sol", "lines": [2]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#7-10:\n\t- Usage of \"msg.gas\" should be replaced with \"gasleft()\"\n", "elements": [{"type": "expression", "expression": "msg.gas == msg.value", "source_mapping": {"start": 258, "length": 107, "filename": "tests/deprecated_calls.sol", "lines": [7, 8, 9, 10]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#9:\n\t- Usage of \"throw\" should be replaced with \"revert()\"\n", "elements": [{"type": "expression", "expression": "None", "source_mapping": {"start": 349, "length": 5, "filename": "tests/deprecated_calls.sol", "lines": [9]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#16:\n\t- Usage of \"sha3()\" should be replaced with \"keccak256()\"\n", "elements": [{"type": "expression", "expression": "sha3Result = sha3()(test deprecated sha3 usage)", "source_mapping": {"start": 542, "length": 55, "filename": "tests/deprecated_calls.sol", "lines": [16]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#19:\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n", "elements": [{"type": "expression", "expression": "blockHashResult = block.blockhash(0)", "source_mapping": {"start": 671, "length": 44, "filename": "tests/deprecated_calls.sol", "lines": [19]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#22:\n\t- Usage of \"callcode\" should be replaced with \"delegatecall\"\n", "elements": [{"type": "expression", "expression": "address(this).callcode()", "source_mapping": {"start": 785, "length": 24, "filename": "tests/deprecated_calls.sol", "lines": [22]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#25:\n\t- Usage of \"suicide()\" should be replaced with \"selfdestruct()\"\n", "elements": [{"type": "expression", "expression": "suicide(address)(address(0))", "source_mapping": {"start": 878, "length": 19, "filename": "tests/deprecated_calls.sol", "lines": [25]}}]}]
[
{
"check": "deprecated-standards",
"impact": "Informational",
"confidence": "High",
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#2:\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n",
"elements": [
{
"type": "variable",
"name": "globalBlockHash",
"source_mapping": {
"start": 48,
"length": 44,
"filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_relative": "tests/deprecated_calls.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_short": "tests/deprecated_calls.sol",
"lines": [
2
],
"starting_column": 5,
"ending_column": 49
}
}
]
},
{
"check": "deprecated-standards",
"impact": "Informational",
"confidence": "High",
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#7-10:\n\t- Usage of \"msg.gas\" should be replaced with \"gasleft()\"\n",
"elements": [
{
"type": "expression",
"expression": "msg.gas == msg.value",
"source_mapping": {
"start": 258,
"length": 107,
"filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_relative": "tests/deprecated_calls.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_short": "tests/deprecated_calls.sol",
"lines": [
7,
8,
9,
10
],
"starting_column": 9,
"ending_column": 10
}
}
]
},
{
"check": "deprecated-standards",
"impact": "Informational",
"confidence": "High",
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#9:\n\t- Usage of \"throw\" should be replaced with \"revert()\"\n",
"elements": [
{
"type": "expression",
"expression": "None",
"source_mapping": {
"start": 349,
"length": 5,
"filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_relative": "tests/deprecated_calls.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_short": "tests/deprecated_calls.sol",
"lines": [
9
],
"starting_column": 13,
"ending_column": 18
}
}
]
},
{
"check": "deprecated-standards",
"impact": "Informational",
"confidence": "High",
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#16:\n\t- Usage of \"sha3()\" should be replaced with \"keccak256()\"\n",
"elements": [
{
"type": "expression",
"expression": "sha3Result = sha3()(test deprecated sha3 usage)",
"source_mapping": {
"start": 542,
"length": 55,
"filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_relative": "tests/deprecated_calls.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_short": "tests/deprecated_calls.sol",
"lines": [
16
],
"starting_column": 9,
"ending_column": 64
}
}
]
},
{
"check": "deprecated-standards",
"impact": "Informational",
"confidence": "High",
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#19:\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n",
"elements": [
{
"type": "expression",
"expression": "blockHashResult = block.blockhash(0)",
"source_mapping": {
"start": 671,
"length": 44,
"filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_relative": "tests/deprecated_calls.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_short": "tests/deprecated_calls.sol",
"lines": [
19
],
"starting_column": 9,
"ending_column": 53
}
}
]
},
{
"check": "deprecated-standards",
"impact": "Informational",
"confidence": "High",
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#22:\n\t- Usage of \"callcode\" should be replaced with \"delegatecall\"\n",
"elements": [
{
"type": "expression",
"expression": "address(this).callcode()",
"source_mapping": {
"start": 785,
"length": 24,
"filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_relative": "tests/deprecated_calls.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_short": "tests/deprecated_calls.sol",
"lines": [
22
],
"starting_column": 9,
"ending_column": 33
}
}
]
},
{
"check": "deprecated-standards",
"impact": "Informational",
"confidence": "High",
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#25:\n\t- Usage of \"suicide()\" should be replaced with \"selfdestruct()\"\n",
"elements": [
{
"type": "expression",
"expression": "suicide(address)(address(0))",
"source_mapping": {
"start": 878,
"length": 19,
"filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_relative": "tests/deprecated_calls.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol",
"filename_short": "tests/deprecated_calls.sol",
"lines": [
25
],
"starting_column": 9,
"ending_column": 28
}
}
]
}
]

17
tests/expected_json/deprecated_calls.deprecated-standards.txt
Unescape View File

@ -0,0 +1,17 @@
INFO:Detectors:
Deprecated standard detected @ tests/deprecated_calls.sol#2:
- Usage of "block.blockhash()" should be replaced with "blockhash()"
Deprecated standard detected @ tests/deprecated_calls.sol#7-10:
- Usage of "msg.gas" should be replaced with "gasleft()"
Deprecated standard detected @ tests/deprecated_calls.sol#9:
- Usage of "throw" should be replaced with "revert()"
Deprecated standard detected @ tests/deprecated_calls.sol#16:
- Usage of "sha3()" should be replaced with "keccak256()"
Deprecated standard detected @ tests/deprecated_calls.sol#19:
- Usage of "block.blockhash()" should be replaced with "blockhash()"
Deprecated standard detected @ tests/deprecated_calls.sol#22:
- Usage of "callcode" should be replaced with "delegatecall"
Deprecated standard detected @ tests/deprecated_calls.sol#25:
- Usage of "suicide()" should be replaced with "selfdestruct()"
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#deprecated-standards
INFO:Slither:tests/deprecated_calls.sol analyzed (1 contracts), 7 result(s) found

183
tests/expected_json/erc20_indexed.erc20-indexed.json
Unescape View File

@ -1 +1,182 @@
[{"check": "erc20-indexed", "impact": "Informational", "confidence": "High", "description": "IERC20Bad (tests/erc20_indexed.sol#12-21) does not mark important ERC20 parameters as 'indexed':\n\t-Transfer (tests/erc20_indexed.sol#19) does not index parameter 'from'\n\t-Transfer (tests/erc20_indexed.sol#19) does not index parameter 'to'\n\t-Approval (tests/erc20_indexed.sol#20) does not index parameter 'owner'\n\t-Approval (tests/erc20_indexed.sol#20) does not index parameter 'spender'\n", "elements": [{"type": "function", "name": "Approval", "source_mapping": {"start": 1148, "length": 59, "filename": "tests/erc20_indexed.sol", "lines": [20]}, "contract": {"type": "contract", "name": "IERC20Bad", "source_mapping": {"start": 622, "length": 587, "filename": "tests/erc20_indexed.sol", "lines": [12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "function", "name": "Approval", "source_mapping": {"start": 1148, "length": 59, "filename": "tests/erc20_indexed.sol", "lines": [20]}, "contract": {"type": "contract", "name": "IERC20Bad", "source_mapping": {"start": 622, "length": 587, "filename": "tests/erc20_indexed.sol", "lines": [12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "function", "name": "Transfer", "source_mapping": {"start": 1090, "length": 53, "filename": "tests/erc20_indexed.sol", "lines": [19]}, "contract": {"type": "contract", "name": "IERC20Bad", "source_mapping": {"start": 622, "length": 587, "filename": "tests/erc20_indexed.sol", "lines": [12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "function", "name": "Transfer", "source_mapping": {"start": 1090, "length": 53, "filename": "tests/erc20_indexed.sol", "lines": [19]}, "contract": {"type": "contract", "name": "IERC20Bad", "source_mapping": {"start": 622, "length": 587, "filename": "tests/erc20_indexed.sol", "lines": [12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}]}]
[
{
"check": "erc20-indexed",
"impact": "Informational",
"confidence": "High",
"description": "IERC20Bad (tests/erc20_indexed.sol#12-21) does not mark important ERC20 parameters as 'indexed':\n\t-Transfer (tests/erc20_indexed.sol#19) does not index parameter 'from'\n\t-Transfer (tests/erc20_indexed.sol#19) does not index parameter 'to'\n\t-Approval (tests/erc20_indexed.sol#20) does not index parameter 'owner'\n\t-Approval (tests/erc20_indexed.sol#20) does not index parameter 'spender'\n",
"elements": [
{
"type": "function",
"name": "Approval",
"source_mapping": {
"start": 1148,
"length": 59,
"filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_relative": "tests/erc20_indexed.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_short": "tests/erc20_indexed.sol",
"lines": [
20
],
"starting_column": 5,
"ending_column": 64
},
"contract": {
"type": "contract",
"name": "IERC20Bad",
"source_mapping": {
"start": 622,
"length": 587,
"filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_relative": "tests/erc20_indexed.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_short": "tests/erc20_indexed.sol",
"lines": [
12,
13,
14,
15,
16,
17,
18,
19,
20,
21
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "Approval",
"source_mapping": {
"start": 1148,
"length": 59,
"filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_relative": "tests/erc20_indexed.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_short": "tests/erc20_indexed.sol",
"lines": [
20
],
"starting_column": 5,
"ending_column": 64
},
"contract": {
"type": "contract",
"name": "IERC20Bad",
"source_mapping": {
"start": 622,
"length": 587,
"filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_relative": "tests/erc20_indexed.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_short": "tests/erc20_indexed.sol",
"lines": [
12,
13,
14,
15,
16,
17,
18,
19,
20,
21
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "Transfer",
"source_mapping": {
"start": 1090,
"length": 53,
"filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_relative": "tests/erc20_indexed.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_short": "tests/erc20_indexed.sol",
"lines": [
19
],
"starting_column": 5,
"ending_column": 58
},
"contract": {
"type": "contract",
"name": "IERC20Bad",
"source_mapping": {
"start": 622,
"length": 587,
"filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_relative": "tests/erc20_indexed.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_short": "tests/erc20_indexed.sol",
"lines": [
12,
13,
14,
15,
16,
17,
18,
19,
20,
21
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "Transfer",
"source_mapping": {
"start": 1090,
"length": 53,
"filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_relative": "tests/erc20_indexed.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_short": "tests/erc20_indexed.sol",
"lines": [
19
],
"starting_column": 5,
"ending_column": 58
},
"contract": {
"type": "contract",
"name": "IERC20Bad",
"source_mapping": {
"start": 622,
"length": 587,
"filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_relative": "tests/erc20_indexed.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol",
"filename_short": "tests/erc20_indexed.sol",
"lines": [
12,
13,
14,
15,
16,
17,
18,
19,
20,
21
],
"starting_column": 1,
"ending_column": 2
}
}
}
]
}
]

8
tests/expected_json/erc20_indexed.erc20-indexed.txt
Unescape View File

@ -0,0 +1,8 @@
INFO:Detectors:
IERC20Bad (tests/erc20_indexed.sol#12-21) does not mark important ERC20 parameters as 'indexed':
-Transfer (tests/erc20_indexed.sol#19) does not index parameter 'from'
-Transfer (tests/erc20_indexed.sol#19) does not index parameter 'to'
-Approval (tests/erc20_indexed.sol#20) does not index parameter 'owner'
-Approval (tests/erc20_indexed.sol#20) does not index parameter 'spender'
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unindexed-erc20-event-parameters
INFO:Slither:tests/erc20_indexed.sol analyzed (3 contracts), 1 result(s) found

247
tests/expected_json/external_function.external-function.json
Unescape View File

@ -1 +1,246 @@
[{"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled.funcNotCalled3 (tests/external_function.sol#13-15) should be declared external\n", "elements": [{"type": "function", "name": "funcNotCalled3", "source_mapping": {"start": 259, "length": 41, "filename": "tests/external_function.sol", "lines": [13, 14, 15]}, "contract": {"type": "contract", "name": "ContractWithFunctionNotCalled", "source_mapping": {"start": 213, "length": 258, "filename": "tests/external_function.sol", "lines": [11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}}}]}, {"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled.funcNotCalled2 (tests/external_function.sol#17-19) should be declared external\n", "elements": [{"type": "function", "name": "funcNotCalled2", "source_mapping": {"start": 306, "length": 41, "filename": "tests/external_function.sol", "lines": [17, 18, 19]}, "contract": {"type": "contract", "name": "ContractWithFunctionNotCalled", "source_mapping": {"start": 213, "length": 258, "filename": "tests/external_function.sol", "lines": [11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}}}]}, {"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled.funcNotCalled (tests/external_function.sol#21-23) should be declared external\n", "elements": [{"type": "function", "name": "funcNotCalled", "source_mapping": {"start": 353, "length": 40, "filename": "tests/external_function.sol", "lines": [21, 22, 23]}, "contract": {"type": "contract", "name": "ContractWithFunctionNotCalled", "source_mapping": {"start": 213, "length": 258, "filename": "tests/external_function.sol", "lines": [11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}}}]}, {"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled2.funcNotCalled (tests/external_function.sol#32-39) should be declared external\n", "elements": [{"type": "function", "name": "funcNotCalled", "source_mapping": {"start": 554, "length": 325, "filename": "tests/external_function.sol", "lines": [32, 33, 34, 35, 36, 37, 38, 39]}, "contract": {"type": "contract", "name": "ContractWithFunctionNotCalled2", "source_mapping": {"start": 473, "length": 408, "filename": "tests/external_function.sol", "lines": [31, 32, 33, 34, 35, 36, 37, 38, 39, 40]}}}]}]
[
{
"check": "external-function",
"impact": "Informational",
"confidence": "High",
"description": "ContractWithFunctionNotCalled.funcNotCalled3 (tests/external_function.sol#13-15) should be declared external\n",
"elements": [
{
"type": "function",
"name": "funcNotCalled3",
"source_mapping": {
"start": 259,
"length": 41,
"filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_relative": "tests/external_function.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_short": "tests/external_function.sol",
"lines": [
13,
14,
15
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "ContractWithFunctionNotCalled",
"source_mapping": {
"start": 213,
"length": 258,
"filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_relative": "tests/external_function.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_short": "tests/external_function.sol",
"lines": [
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29
],
"starting_column": 1,
"ending_column": 2
}
}
}
]
},
{
"check": "external-function",
"impact": "Informational",
"confidence": "High",
"description": "ContractWithFunctionNotCalled.funcNotCalled2 (tests/external_function.sol#17-19) should be declared external\n",
"elements": [
{
"type": "function",
"name": "funcNotCalled2",
"source_mapping": {
"start": 306,
"length": 41,
"filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_relative": "tests/external_function.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_short": "tests/external_function.sol",
"lines": [
17,
18,
19
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "ContractWithFunctionNotCalled",
"source_mapping": {
"start": 213,
"length": 258,
"filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_relative": "tests/external_function.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_short": "tests/external_function.sol",
"lines": [
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29
],
"starting_column": 1,
"ending_column": 2
}
}
}
]
},
{
"check": "external-function",
"impact": "Informational",
"confidence": "High",
"description": "ContractWithFunctionNotCalled.funcNotCalled (tests/external_function.sol#21-23) should be declared external\n",
"elements": [
{
"type": "function",
"name": "funcNotCalled",
"source_mapping": {
"start": 353,
"length": 40,
"filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_relative": "tests/external_function.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_short": "tests/external_function.sol",
"lines": [
21,
22,
23
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "ContractWithFunctionNotCalled",
"source_mapping": {
"start": 213,
"length": 258,
"filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_relative": "tests/external_function.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_short": "tests/external_function.sol",
"lines": [
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29
],
"starting_column": 1,
"ending_column": 2
}
}
}
]
},
{
"check": "external-function",
"impact": "Informational",
"confidence": "High",
"description": "ContractWithFunctionNotCalled2.funcNotCalled (tests/external_function.sol#32-39) should be declared external\n",
"elements": [
{
"type": "function",
"name": "funcNotCalled",
"source_mapping": {
"start": 554,
"length": 325,
"filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_relative": "tests/external_function.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_short": "tests/external_function.sol",
"lines": [
32,
33,
34,
35,
36,
37,
38,
39
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "ContractWithFunctionNotCalled2",
"source_mapping": {
"start": 473,
"length": 408,
"filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_relative": "tests/external_function.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol",
"filename_short": "tests/external_function.sol",
"lines": [
31,
32,
33,
34,
35,
36,
37,
38,
39,
40
],
"starting_column": 1,
"ending_column": 2
}
}
}
]
}
]

7
tests/expected_json/external_function.external-function.txt
Unescape View File

@ -0,0 +1,7 @@
INFO:Detectors:
ContractWithFunctionNotCalled.funcNotCalled3 (tests/external_function.sol#13-15) should be declared external
ContractWithFunctionNotCalled.funcNotCalled2 (tests/external_function.sol#17-19) should be declared external
ContractWithFunctionNotCalled.funcNotCalled (tests/external_function.sol#21-23) should be declared external
ContractWithFunctionNotCalled2.funcNotCalled (tests/external_function.sol#32-39) should be declared external
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#public-function-that-could-be-declared-as-external
INFO:Slither:tests/external_function.sol analyzed (5 contracts), 4 result(s) found

1
tests/expected_json/external_function_2.external-function.txt
Unescape View File

@ -0,0 +1 @@
INFO:Slither:tests/external_function_2.sol analyzed (4 contracts), 0 result(s) found

1367
tests/expected_json/incorrect_equality.incorrect-equality.json
View File

File diff suppressed because one or more lines are too long

77
tests/expected_json/incorrect_equality.incorrect-equality.txt
Unescape View File

@ -0,0 +1,77 @@
INFO:Detectors:
ERC20TestBalance.bad0 (tests/incorrect_equality.sol#21-23) uses a dangerous strict equality:
- require(bool)(erc.balanceOf(address(this)) == 10)
ERC20TestBalance.bad0 (tests/incorrect_equality.sol#21-23) uses a dangerous strict equality:
- require(bool)(erc.balanceOf(address(this)) == 10)
ERC20TestBalance.bad1 (tests/incorrect_equality.sol#25-27) uses a dangerous strict equality:
- require(bool)(erc.balanceOf(msg.sender) == 10)
TestContractBalance.bad0 (tests/incorrect_equality.sol#32-35) uses a dangerous strict equality:
- require(bool)(address(address(this)).balance == 10000000000000000000)
TestContractBalance.bad0 (tests/incorrect_equality.sol#32-35) uses a dangerous strict equality:
- require(bool)(address(address(this)).balance == 10000000000000000000)
TestContractBalance.bad1 (tests/incorrect_equality.sol#37-40) uses a dangerous strict equality:
- require(bool)(10000000000000000000 == address(address(this)).balance)
TestContractBalance.bad0 (tests/incorrect_equality.sol#32-35) uses a dangerous strict equality:
- require(bool)(address(address(this)).balance == 10000000000000000000)
TestContractBalance.bad1 (tests/incorrect_equality.sol#37-40) uses a dangerous strict equality:
- require(bool)(10000000000000000000 == address(address(this)).balance)
TestContractBalance.bad2 (tests/incorrect_equality.sol#42-45) uses a dangerous strict equality:
- require(bool)(address(this).balance == 10000000000000000000)
TestContractBalance.bad0 (tests/incorrect_equality.sol#32-35) uses a dangerous strict equality:
- require(bool)(address(address(this)).balance == 10000000000000000000)
TestContractBalance.bad1 (tests/incorrect_equality.sol#37-40) uses a dangerous strict equality:
- require(bool)(10000000000000000000 == address(address(this)).balance)
TestContractBalance.bad2 (tests/incorrect_equality.sol#42-45) uses a dangerous strict equality:
- require(bool)(address(this).balance == 10000000000000000000)
TestContractBalance.bad3 (tests/incorrect_equality.sol#47-50) uses a dangerous strict equality:
- require(bool)(10000000000000000000 == address(this).balance)
TestContractBalance.bad0 (tests/incorrect_equality.sol#32-35) uses a dangerous strict equality:
- require(bool)(address(address(this)).balance == 10000000000000000000)
TestContractBalance.bad1 (tests/incorrect_equality.sol#37-40) uses a dangerous strict equality:
- require(bool)(10000000000000000000 == address(address(this)).balance)
TestContractBalance.bad2 (tests/incorrect_equality.sol#42-45) uses a dangerous strict equality:
- require(bool)(address(this).balance == 10000000000000000000)
TestContractBalance.bad3 (tests/incorrect_equality.sol#47-50) uses a dangerous strict equality:
- require(bool)(10000000000000000000 == address(this).balance)
TestContractBalance.bad4 (tests/incorrect_equality.sol#52-57) uses a dangerous strict equality:
- balance == 10000000000000000000
TestContractBalance.bad0 (tests/incorrect_equality.sol#32-35) uses a dangerous strict equality:
- require(bool)(address(address(this)).balance == 10000000000000000000)
TestContractBalance.bad1 (tests/incorrect_equality.sol#37-40) uses a dangerous strict equality:
- require(bool)(10000000000000000000 == address(address(this)).balance)
TestContractBalance.bad2 (tests/incorrect_equality.sol#42-45) uses a dangerous strict equality:
- require(bool)(address(this).balance == 10000000000000000000)
TestContractBalance.bad3 (tests/incorrect_equality.sol#47-50) uses a dangerous strict equality:
- require(bool)(10000000000000000000 == address(this).balance)
TestContractBalance.bad4 (tests/incorrect_equality.sol#52-57) uses a dangerous strict equality:
- balance == 10000000000000000000
TestContractBalance.bad5 (tests/incorrect_equality.sol#59-64) uses a dangerous strict equality:
- 10000000000000000000 == balance
TestContractBalance.bad0 (tests/incorrect_equality.sol#32-35) uses a dangerous strict equality:
- require(bool)(address(address(this)).balance == 10000000000000000000)
TestContractBalance.bad1 (tests/incorrect_equality.sol#37-40) uses a dangerous strict equality:
- require(bool)(10000000000000000000 == address(address(this)).balance)
TestContractBalance.bad2 (tests/incorrect_equality.sol#42-45) uses a dangerous strict equality:
- require(bool)(address(this).balance == 10000000000000000000)
TestContractBalance.bad3 (tests/incorrect_equality.sol#47-50) uses a dangerous strict equality:
- require(bool)(10000000000000000000 == address(this).balance)
TestContractBalance.bad4 (tests/incorrect_equality.sol#52-57) uses a dangerous strict equality:
- balance == 10000000000000000000
TestContractBalance.bad5 (tests/incorrect_equality.sol#59-64) uses a dangerous strict equality:
- 10000000000000000000 == balance
TestContractBalance.bad6 (tests/incorrect_equality.sol#66-71) uses a dangerous strict equality:
- balance == 10000000000000000000
TestSolidityKeyword.bad0 (tests/incorrect_equality.sol#123-125) uses a dangerous strict equality:
- require(bool)(now == 0)
TestSolidityKeyword.bad0 (tests/incorrect_equality.sol#123-125) uses a dangerous strict equality:
- require(bool)(now == 0)
TestSolidityKeyword.bad1 (tests/incorrect_equality.sol#127-129) uses a dangerous strict equality:
- require(bool)(block.number == 0)
TestSolidityKeyword.bad0 (tests/incorrect_equality.sol#123-125) uses a dangerous strict equality:
- require(bool)(now == 0)
TestSolidityKeyword.bad1 (tests/incorrect_equality.sol#127-129) uses a dangerous strict equality:
- require(bool)(block.number == 0)
TestSolidityKeyword.bad2 (tests/incorrect_equality.sol#131-133) uses a dangerous strict equality:
- require(bool)(block.number == 0)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities
INFO:Slither:tests/incorrect_equality.sol analyzed (5 contracts), 12 result(s) found

257
tests/expected_json/incorrect_erc20_interface.erc20-interface.json
Unescape View File

@ -1 +1,256 @@
[{"check": "erc20-interface", "impact": "Medium", "confidence": "High", "description": "Token (tests/incorrect_erc20_interface.sol#3-7) has incorrect ERC20 function interface(s):\n\t-transfer (tests/incorrect_erc20_interface.sol#5)\n", "elements": [{"type": "function", "name": "transfer", "source_mapping": {"start": 47, "length": 51, "filename": "tests/incorrect_erc20_interface.sol", "lines": [5]}, "contract": {"type": "contract", "name": "Token", "source_mapping": {"start": 26, "length": 75, "filename": "tests/incorrect_erc20_interface.sol", "lines": [3, 4, 5, 6, 7]}}}]}]
[
{
"check": "erc20-interface",
"impact": "Medium",
"confidence": "High",
"description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface(s):\n\t-transfer (tests/incorrect_erc20_interface.sol#4)\n\t-approve (tests/incorrect_erc20_interface.sol#5)\n\t-transferFrom (tests/incorrect_erc20_interface.sol#6)\n\t-totalSupply (tests/incorrect_erc20_interface.sol#7)\n\t-balanceOf (tests/incorrect_erc20_interface.sol#8)\n\t-allowance (tests/incorrect_erc20_interface.sol#9)\n",
"elements": [
{
"type": "function",
"name": "allowance",
"source_mapping": {
"start": 319,
"length": 60,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"lines": [
9
],
"starting_column": 5,
"ending_column": 65
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 26,
"length": 355,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"lines": [
3,
4,
5,
6,
7,
8,
9,
10
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "approve",
"source_mapping": {
"start": 102,
"length": 55,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"lines": [
5
],
"starting_column": 5,
"ending_column": 60
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 26,
"length": 355,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"lines": [
3,
4,
5,
6,
7,
8,
9,
10
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "balanceOf",
"source_mapping": {
"start": 273,
"length": 41,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"lines": [
8
],
"starting_column": 5,
"ending_column": 46
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 26,
"length": 355,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"lines": [
3,
4,
5,
6,
7,
8,
9,
10
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "totalSupply",
"source_mapping": {
"start": 236,
"length": 32,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"lines": [
7
],
"starting_column": 5,
"ending_column": 37
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 26,
"length": 355,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"lines": [
3,
4,
5,
6,
7,
8,
9,
10
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "transfer",
"source_mapping": {
"start": 46,
"length": 51,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"lines": [
4
],
"starting_column": 5,
"ending_column": 56
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 26,
"length": 355,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"lines": [
3,
4,
5,
6,
7,
8,
9,
10
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "transferFrom",
"source_mapping": {
"start": 162,
"length": 69,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"lines": [
6
],
"starting_column": 5,
"ending_column": 74
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 26,
"length": 355,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"lines": [
3,
4,
5,
6,
7,
8,
9,
10
],
"starting_column": 1,
"ending_column": 2
}
}
}
]
}
]

10
tests/expected_json/incorrect_erc20_interface.erc20-interface.txt
Unescape View File

@ -0,0 +1,10 @@
INFO:Detectors:
Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface(s):
-transfer (tests/incorrect_erc20_interface.sol#4)
-approve (tests/incorrect_erc20_interface.sol#5)
-transferFrom (tests/incorrect_erc20_interface.sol#6)
-totalSupply (tests/incorrect_erc20_interface.sol#7)
-balanceOf (tests/incorrect_erc20_interface.sol#8)
-allowance (tests/incorrect_erc20_interface.sol#9)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc20-interface
INFO:Slither:tests/incorrect_erc20_interface.sol analyzed (1 contracts), 1 result(s) found

442
tests/expected_json/incorrect_erc721_interface.erc721-interface.json
Unescape View File

@ -0,0 +1,442 @@
[
{
"check": "erc721-interface",
"impact": "Medium",
"confidence": "High",
"description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface(s):\n\t-supportsInterface (tests/incorrect_erc721_interface.sol#4)\n\t-balanceOf (tests/incorrect_erc721_interface.sol#7)\n\t-ownerOf (tests/incorrect_erc721_interface.sol#8)\n\t-safeTransferFrom (tests/incorrect_erc721_interface.sol#9)\n\t-safeTransferFrom (tests/incorrect_erc721_interface.sol#10)\n\t-transferFrom (tests/incorrect_erc721_interface.sol#11)\n\t-approve (tests/incorrect_erc721_interface.sol#12)\n\t-setApprovalForAll (tests/incorrect_erc721_interface.sol#13)\n\t-getApproved (tests/incorrect_erc721_interface.sol#14)\n\t-isApprovedForAll (tests/incorrect_erc721_interface.sol#15)\n",
"elements": [
{
"type": "function",
"name": "approve",
"source_mapping": {
"start": 549,
"length": 78,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
12
],
"starting_column": 5,
"ending_column": 83
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "balanceOf",
"source_mapping": {
"start": 140,
"length": 44,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
7
],
"starting_column": 5,
"ending_column": 49
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "getApproved",
"source_mapping": {
"start": 723,
"length": 48,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
14
],
"starting_column": 5,
"ending_column": 53
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "isApprovedForAll",
"source_mapping": {
"start": 776,
"length": 70,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
15
],
"starting_column": 5,
"ending_column": 75
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "ownerOf",
"source_mapping": {
"start": 189,
"length": 44,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
8
],
"starting_column": 5,
"ending_column": 49
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "safeTransferFrom",
"source_mapping": {
"start": 238,
"length": 108,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
9
],
"starting_column": 5,
"ending_column": 113
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "safeTransferFrom",
"source_mapping": {
"start": 351,
"length": 96,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
10
],
"starting_column": 5,
"ending_column": 101
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "setApprovalForAll",
"source_mapping": {
"start": 632,
"length": 86,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
13
],
"starting_column": 5,
"ending_column": 91
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "supportsInterface",
"source_mapping": {
"start": 50,
"length": 56,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
4
],
"starting_column": 5,
"ending_column": 61
},
"contract": {
"type": "contract",
"name": "IERC165",
"source_mapping": {
"start": 26,
"length": 82,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
3,
4,
5
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "function",
"name": "transferFrom",
"source_mapping": {
"start": 452,
"length": 92,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
11
],
"starting_column": 5,
"ending_column": 97
},
"contract": {
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
}
}
]
}
]

14
tests/expected_json/incorrect_erc721_interface.erc721-interface.txt
Unescape View File

@ -0,0 +1,14 @@
INFO:Detectors:
Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface(s):
-supportsInterface (tests/incorrect_erc721_interface.sol#4)
-balanceOf (tests/incorrect_erc721_interface.sol#7)
-ownerOf (tests/incorrect_erc721_interface.sol#8)
-safeTransferFrom (tests/incorrect_erc721_interface.sol#9)
-safeTransferFrom (tests/incorrect_erc721_interface.sol#10)
-transferFrom (tests/incorrect_erc721_interface.sol#11)
-approve (tests/incorrect_erc721_interface.sol#12)
-setApprovalForAll (tests/incorrect_erc721_interface.sol#13)
-getApproved (tests/incorrect_erc721_interface.sol#14)
-isApprovedForAll (tests/incorrect_erc721_interface.sol#15)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc721-interface
INFO:Slither:tests/incorrect_erc721_interface.sol analyzed (2 contracts), 1 result(s) found

105
tests/expected_json/inline_assembly_contract-0.5.1.assembly.json
Unescape View File

@ -1 +1,104 @@
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "GetCode.at uses assembly (tests/inline_assembly_contract-0.5.1.sol#6-20)\n\t- tests/inline_assembly_contract-0.5.1.sol#7-20\n", "elements": [{"type": "function", "name": "at", "source_mapping": {"start": 119, "length": 707, "filename": "tests/inline_assembly_contract-0.5.1.sol", "lines": [6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}, "contract": {"type": "contract", "name": "GetCode", "source_mapping": {"start": 97, "length": 731, "filename": "tests/inline_assembly_contract-0.5.1.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 198, "length": 628, "filename": "tests/inline_assembly_contract-0.5.1.sol", "lines": [7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}]}]
[
{
"check": "assembly",
"impact": "Informational",
"confidence": "High",
"description": "GetCode.at uses assembly (tests/inline_assembly_contract-0.5.1.sol#6-20)\n\t- tests/inline_assembly_contract-0.5.1.sol#7-20\n",
"elements": [
{
"type": "function",
"name": "at",
"source_mapping": {
"start": 119,
"length": 707,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_contract-0.5.1.sol",
"filename_relative": "tests/inline_assembly_contract-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_contract-0.5.1.sol",
"filename_short": "tests/inline_assembly_contract-0.5.1.sol",
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "GetCode",
"source_mapping": {
"start": 97,
"length": 731,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_contract-0.5.1.sol",
"filename_relative": "tests/inline_assembly_contract-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_contract-0.5.1.sol",
"filename_short": "tests/inline_assembly_contract-0.5.1.sol",
"lines": [
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "None",
"source_mapping": {
"start": 198,
"length": 628,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_contract-0.5.1.sol",
"filename_relative": "tests/inline_assembly_contract-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_contract-0.5.1.sol",
"filename_short": "tests/inline_assembly_contract-0.5.1.sol",
"lines": [
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20
],
"starting_column": 9,
"ending_column": 6
}
}
]
}
]

5
tests/expected_json/inline_assembly_contract-0.5.1.assembly.txt
Unescape View File

@ -0,0 +1,5 @@
INFO:Detectors:
GetCode.at uses assembly (tests/inline_assembly_contract-0.5.1.sol#6-20)
- tests/inline_assembly_contract-0.5.1.sol#7-20
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Slither:tests/inline_assembly_contract-0.5.1.sol analyzed (1 contracts), 1 result(s) found

105
tests/expected_json/inline_assembly_contract.assembly.json
Unescape View File

@ -1 +1,104 @@
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "GetCode.at uses assembly (tests/inline_assembly_contract.sol#6-20)\n\t- tests/inline_assembly_contract.sol#7-20\n", "elements": [{"type": "function", "name": "at", "source_mapping": {"start": 119, "length": 700, "filename": "tests/inline_assembly_contract.sol", "lines": [6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}, "contract": {"type": "contract", "name": "GetCode", "source_mapping": {"start": 97, "length": 724, "filename": "tests/inline_assembly_contract.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 191, "length": 628, "filename": "tests/inline_assembly_contract.sol", "lines": [7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}]}]
[
{
"check": "assembly",
"impact": "Informational",
"confidence": "High",
"description": "GetCode.at uses assembly (tests/inline_assembly_contract.sol#6-20)\n\t- tests/inline_assembly_contract.sol#7-20\n",
"elements": [
{
"type": "function",
"name": "at",
"source_mapping": {
"start": 119,
"length": 700,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_contract.sol",
"filename_relative": "tests/inline_assembly_contract.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_contract.sol",
"filename_short": "tests/inline_assembly_contract.sol",
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "GetCode",
"source_mapping": {
"start": 97,
"length": 724,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_contract.sol",
"filename_relative": "tests/inline_assembly_contract.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_contract.sol",
"filename_short": "tests/inline_assembly_contract.sol",
"lines": [
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "None",
"source_mapping": {
"start": 191,
"length": 628,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_contract.sol",
"filename_relative": "tests/inline_assembly_contract.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_contract.sol",
"filename_short": "tests/inline_assembly_contract.sol",
"lines": [
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20
],
"starting_column": 9,
"ending_column": 6
}
}
]
}
]

5
tests/expected_json/inline_assembly_contract.assembly.txt
Unescape View File

@ -0,0 +1,5 @@
INFO:Detectors:
GetCode.at uses assembly (tests/inline_assembly_contract.sol#6-20)
- tests/inline_assembly_contract.sol#7-20
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Slither:tests/inline_assembly_contract.sol analyzed (1 contracts), 1 result(s) found

259
tests/expected_json/inline_assembly_library-0.5.1.assembly.json
Unescape View File

@ -1 +1,258 @@
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumAsm uses assembly (tests/inline_assembly_library-0.5.1.sol#16-22)\n\t- tests/inline_assembly_library-0.5.1.sol#18-21\n", "elements": [{"type": "function", "name": "sumAsm", "source_mapping": {"start": 599, "length": 254, "filename": "tests/inline_assembly_library-0.5.1.sol", "lines": [16, 17, 18, 19, 20, 21, 22]}, "contract": {"type": "contract", "name": "VectorSum", "source_mapping": {"start": 97, "length": 1602, "filename": "tests/inline_assembly_library-0.5.1.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 733, "length": 114, "filename": "tests/inline_assembly_library-0.5.1.sol", "lines": [18, 19, 20, 21]}}]}, {"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library-0.5.1.sol#25-47)\n\t- tests/inline_assembly_library-0.5.1.sol#26-47\n", "elements": [{"type": "function", "name": "sumPureAsm", "source_mapping": {"start": 936, "length": 761, "filename": "tests/inline_assembly_library-0.5.1.sol", "lines": [25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}, "contract": {"type": "contract", "name": "VectorSum", "source_mapping": {"start": 97, "length": 1602, "filename": "tests/inline_assembly_library-0.5.1.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 1020, "length": 677, "filename": "tests/inline_assembly_library-0.5.1.sol", "lines": [26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}}]}]
[
{
"check": "assembly",
"impact": "Informational",
"confidence": "High",
"description": "VectorSum.sumAsm uses assembly (tests/inline_assembly_library-0.5.1.sol#16-22)\n\t- tests/inline_assembly_library-0.5.1.sol#18-21\n",
"elements": [
{
"type": "function",
"name": "sumAsm",
"source_mapping": {
"start": 599,
"length": 254,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol",
"filename_relative": "tests/inline_assembly_library-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol",
"filename_short": "tests/inline_assembly_library-0.5.1.sol",
"lines": [
16,
17,
18,
19,
20,
21,
22
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "VectorSum",
"source_mapping": {
"start": 97,
"length": 1602,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol",
"filename_relative": "tests/inline_assembly_library-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol",
"filename_short": "tests/inline_assembly_library-0.5.1.sol",
"lines": [
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "None",
"source_mapping": {
"start": 733,
"length": 114,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol",
"filename_relative": "tests/inline_assembly_library-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol",
"filename_short": "tests/inline_assembly_library-0.5.1.sol",
"lines": [
18,
19,
20,
21
],
"starting_column": 13,
"ending_column": 10
}
}
]
},
{
"check": "assembly",
"impact": "Informational",
"confidence": "High",
"description": "VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library-0.5.1.sol#25-47)\n\t- tests/inline_assembly_library-0.5.1.sol#26-47\n",
"elements": [
{
"type": "function",
"name": "sumPureAsm",
"source_mapping": {
"start": 936,
"length": 761,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol",
"filename_relative": "tests/inline_assembly_library-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol",
"filename_short": "tests/inline_assembly_library-0.5.1.sol",
"lines": [
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "VectorSum",
"source_mapping": {
"start": 97,
"length": 1602,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol",
"filename_relative": "tests/inline_assembly_library-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol",
"filename_short": "tests/inline_assembly_library-0.5.1.sol",
"lines": [
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "None",
"source_mapping": {
"start": 1020,
"length": 677,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol",
"filename_relative": "tests/inline_assembly_library-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol",
"filename_short": "tests/inline_assembly_library-0.5.1.sol",
"lines": [
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47
],
"starting_column": 9,
"ending_column": 6
}
}
]
}
]

7
tests/expected_json/inline_assembly_library-0.5.1.assembly.txt
Unescape View File

@ -0,0 +1,7 @@
INFO:Detectors:
VectorSum.sumAsm uses assembly (tests/inline_assembly_library-0.5.1.sol#16-22)
- tests/inline_assembly_library-0.5.1.sol#18-21
VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library-0.5.1.sol#25-47)
- tests/inline_assembly_library-0.5.1.sol#26-47
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Slither:tests/inline_assembly_library-0.5.1.sol analyzed (1 contracts), 2 result(s) found

259
tests/expected_json/inline_assembly_library.assembly.json
Unescape View File

@ -1 +1,258 @@
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumAsm uses assembly (tests/inline_assembly_library.sol#16-22)\n\t- tests/inline_assembly_library.sol#18-21\n", "elements": [{"type": "function", "name": "sumAsm", "source_mapping": {"start": 593, "length": 247, "filename": "tests/inline_assembly_library.sol", "lines": [16, 17, 18, 19, 20, 21, 22]}, "contract": {"type": "contract", "name": "VectorSum", "source_mapping": {"start": 98, "length": 1581, "filename": "tests/inline_assembly_library.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 720, "length": 114, "filename": "tests/inline_assembly_library.sol", "lines": [18, 19, 20, 21]}}]}, {"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library.sol#25-47)\n\t- tests/inline_assembly_library.sol#26-47\n", "elements": [{"type": "function", "name": "sumPureAsm", "source_mapping": {"start": 923, "length": 754, "filename": "tests/inline_assembly_library.sol", "lines": [25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}, "contract": {"type": "contract", "name": "VectorSum", "source_mapping": {"start": 98, "length": 1581, "filename": "tests/inline_assembly_library.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 1000, "length": 677, "filename": "tests/inline_assembly_library.sol", "lines": [26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}}]}]
[
{
"check": "assembly",
"impact": "Informational",
"confidence": "High",
"description": "VectorSum.sumAsm uses assembly (tests/inline_assembly_library.sol#16-22)\n\t- tests/inline_assembly_library.sol#18-21\n",
"elements": [
{
"type": "function",
"name": "sumAsm",
"source_mapping": {
"start": 593,
"length": 247,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol",
"filename_relative": "tests/inline_assembly_library.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol",
"filename_short": "tests/inline_assembly_library.sol",
"lines": [
16,
17,
18,
19,
20,
21,
22
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "VectorSum",
"source_mapping": {
"start": 98,
"length": 1581,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol",
"filename_relative": "tests/inline_assembly_library.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol",
"filename_short": "tests/inline_assembly_library.sol",
"lines": [
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "None",
"source_mapping": {
"start": 720,
"length": 114,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol",
"filename_relative": "tests/inline_assembly_library.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol",
"filename_short": "tests/inline_assembly_library.sol",
"lines": [
18,
19,
20,
21
],
"starting_column": 13,
"ending_column": 10
}
}
]
},
{
"check": "assembly",
"impact": "Informational",
"confidence": "High",
"description": "VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library.sol#25-47)\n\t- tests/inline_assembly_library.sol#26-47\n",
"elements": [
{
"type": "function",
"name": "sumPureAsm",
"source_mapping": {
"start": 923,
"length": 754,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol",
"filename_relative": "tests/inline_assembly_library.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol",
"filename_short": "tests/inline_assembly_library.sol",
"lines": [
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "VectorSum",
"source_mapping": {
"start": 98,
"length": 1581,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol",
"filename_relative": "tests/inline_assembly_library.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol",
"filename_short": "tests/inline_assembly_library.sol",
"lines": [
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "None",
"source_mapping": {
"start": 1000,
"length": 677,
"filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol",
"filename_relative": "tests/inline_assembly_library.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol",
"filename_short": "tests/inline_assembly_library.sol",
"lines": [
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47
],
"starting_column": 9,
"ending_column": 6
}
}
]
}
]

7
tests/expected_json/inline_assembly_library.assembly.txt
Unescape View File

@ -0,0 +1,7 @@
INFO:Detectors:
VectorSum.sumAsm uses assembly (tests/inline_assembly_library.sol#16-22)
- tests/inline_assembly_library.sol#18-21
VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library.sol#25-47)
- tests/inline_assembly_library.sol#26-47
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Slither:tests/inline_assembly_library.sol analyzed (1 contracts), 2 result(s) found

70
tests/expected_json/locked_ether-0.5.1.locked-ether.json
Unescape View File

@ -1 +1,69 @@
[{"check": "locked-ether", "impact": "Medium", "confidence": "High", "description": "Contract locking ether found in tests/locked_ether-0.5.1.sol:\n\tContract OnlyLocked has payable functions:\n\t - receive (tests/locked_ether-0.5.1.sol#4-6)\n\tBut has not function to withdraw the ether\n", "elements": [{"type": "function", "name": "receive", "source_mapping": {"start": 46, "length": 72, "filename": "tests/locked_ether-0.5.1.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "Locked", "source_mapping": {"start": 24, "length": 97, "filename": "tests/locked_ether-0.5.1.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}, {"type": "contract", "name": "OnlyLocked", "source_mapping": {"start": 375, "length": 32, "filename": "tests/locked_ether-0.5.1.sol", "lines": [26]}}]}]
[
{
"check": "locked-ether",
"impact": "Medium",
"confidence": "High",
"description": "Contract locking ether found in :\n\tContract OnlyLocked has payable functions:\n\t - receive (tests/locked_ether-0.5.1.sol#4-6)\n\tBut does not have a function to withdraw the ether\n",
"elements": [
{
"type": "function",
"name": "receive",
"source_mapping": {
"start": 46,
"length": 72,
"filename_used": "/home/travis/build/crytic/slither/tests/locked_ether-0.5.1.sol",
"filename_relative": "tests/locked_ether-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/locked_ether-0.5.1.sol",
"filename_short": "tests/locked_ether-0.5.1.sol",
"lines": [
4,
5,
6
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Locked",
"source_mapping": {
"start": 24,
"length": 97,
"filename_used": "/home/travis/build/crytic/slither/tests/locked_ether-0.5.1.sol",
"filename_relative": "tests/locked_ether-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/locked_ether-0.5.1.sol",
"filename_short": "tests/locked_ether-0.5.1.sol",
"lines": [
2,
3,
4,
5,
6,
7,
8
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "contract",
"name": "OnlyLocked",
"source_mapping": {
"start": 375,
"length": 32,
"filename_used": "/home/travis/build/crytic/slither/tests/locked_ether-0.5.1.sol",
"filename_relative": "tests/locked_ether-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/locked_ether-0.5.1.sol",
"filename_short": "tests/locked_ether-0.5.1.sol",
"lines": [
26
],
"starting_column": 1,
"ending_column": 33
}
}
]
}
]

7
tests/expected_json/locked_ether-0.5.1.locked-ether.txt
Unescape View File

@ -0,0 +1,7 @@
INFO:Detectors:
Contract locking ether found in :
Contract OnlyLocked has payable functions:
- receive (tests/locked_ether-0.5.1.sol#4-6)
But does not have a function to withdraw the ether
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether
INFO:Slither:tests/locked_ether-0.5.1.sol analyzed (4 contracts), 1 result(s) found

70
tests/expected_json/locked_ether.locked-ether.json
Unescape View File

@ -1 +1,69 @@
[{"check": "locked-ether", "impact": "Medium", "confidence": "High", "description": "Contract locking ether found in tests/locked_ether.sol:\n\tContract OnlyLocked has payable functions:\n\t - receive (tests/locked_ether.sol#4-6)\n\tBut has not function to withdraw the ether\n", "elements": [{"type": "function", "name": "receive", "source_mapping": {"start": 47, "length": 72, "filename": "tests/locked_ether.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "Locked", "source_mapping": {"start": 25, "length": 97, "filename": "tests/locked_ether.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}, {"type": "contract", "name": "OnlyLocked", "source_mapping": {"start": 368, "length": 32, "filename": "tests/locked_ether.sol", "lines": [26]}}]}]
[
{
"check": "locked-ether",
"impact": "Medium",
"confidence": "High",
"description": "Contract locking ether found in :\n\tContract OnlyLocked has payable functions:\n\t - receive (tests/locked_ether.sol#4-6)\n\tBut does not have a function to withdraw the ether\n",
"elements": [
{
"type": "function",
"name": "receive",
"source_mapping": {
"start": 47,
"length": 72,
"filename_used": "/home/travis/build/crytic/slither/tests/locked_ether.sol",
"filename_relative": "tests/locked_ether.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/locked_ether.sol",
"filename_short": "tests/locked_ether.sol",
"lines": [
4,
5,
6
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Locked",
"source_mapping": {
"start": 25,
"length": 97,
"filename_used": "/home/travis/build/crytic/slither/tests/locked_ether.sol",
"filename_relative": "tests/locked_ether.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/locked_ether.sol",
"filename_short": "tests/locked_ether.sol",
"lines": [
2,
3,
4,
5,
6,
7,
8
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "contract",
"name": "OnlyLocked",
"source_mapping": {
"start": 368,
"length": 32,
"filename_used": "/home/travis/build/crytic/slither/tests/locked_ether.sol",
"filename_relative": "tests/locked_ether.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/locked_ether.sol",
"filename_short": "tests/locked_ether.sol",
"lines": [
26
],
"starting_column": 1,
"ending_column": 33
}
}
]
}
]

7
tests/expected_json/locked_ether.locked-ether.txt
Unescape View File

@ -0,0 +1,7 @@
INFO:Detectors:
Contract locking ether found in :
Contract OnlyLocked has payable functions:
- receive (tests/locked_ether.sol#4-6)
But does not have a function to withdraw the ether
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether
INFO:Slither:tests/locked_ether.sol analyzed (4 contracts), 1 result(s) found

68
tests/expected_json/low_level_calls.low-level-calls.json
Unescape View File

@ -1 +1,67 @@
[{"check": "low-level-calls", "impact": "Informational", "confidence": "High", "description": "Low level call in Sender.send (tests/low_level_calls.sol#5-7):\n\t-_receiver.call.value(msg.value).gas(7777)() tests/low_level_calls.sol#6\n", "elements": [{"type": "function", "name": "send", "source_mapping": {"start": 51, "length": 112, "filename": "tests/low_level_calls.sol", "lines": [5, 6, 7]}, "contract": {"type": "contract", "name": "Sender", "source_mapping": {"start": 29, "length": 136, "filename": "tests/low_level_calls.sol", "lines": [4, 5, 6, 7, 8]}}}, {"type": "expression", "expression": "_receiver.call.value(msg.value).gas(7777)()", "source_mapping": {"start": 111, "length": 45, "filename": "tests/low_level_calls.sol", "lines": [6]}}]}]
[
{
"check": "low-level-calls",
"impact": "Informational",
"confidence": "High",
"description": "Low level call in Sender.send (tests/low_level_calls.sol#5-7):\n\t-_receiver.call.value(msg.value).gas(7777)() tests/low_level_calls.sol#6\n",
"elements": [
{
"type": "function",
"name": "send",
"source_mapping": {
"start": 51,
"length": 112,
"filename_used": "/home/travis/build/crytic/slither/tests/low_level_calls.sol",
"filename_relative": "tests/low_level_calls.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/low_level_calls.sol",
"filename_short": "tests/low_level_calls.sol",
"lines": [
5,
6,
7
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Sender",
"source_mapping": {
"start": 29,
"length": 136,
"filename_used": "/home/travis/build/crytic/slither/tests/low_level_calls.sol",
"filename_relative": "tests/low_level_calls.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/low_level_calls.sol",
"filename_short": "tests/low_level_calls.sol",
"lines": [
4,
5,
6,
7,
8
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "_receiver.call.value(msg.value).gas(7777)()",
"source_mapping": {
"start": 111,
"length": 45,
"filename_used": "/home/travis/build/crytic/slither/tests/low_level_calls.sol",
"filename_relative": "tests/low_level_calls.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/low_level_calls.sol",
"filename_short": "tests/low_level_calls.sol",
"lines": [
6
],
"starting_column": 9,
"ending_column": 54
}
}
]
}
]

5
tests/expected_json/low_level_calls.low-level-calls.txt
Unescape View File

@ -0,0 +1,5 @@
INFO:Detectors:
Low level call in Sender.send (tests/low_level_calls.sol#5-7):
-_receiver.call.value(msg.value).gas(7777)() tests/low_level_calls.sol#6
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Slither:tests/low_level_calls.sol analyzed (2 contracts), 1 result(s) found

80
tests/expected_json/multiple_calls_in_loop.calls-loop.json
Unescape View File

@ -1 +1,79 @@
[{"check": "calls-loop", "impact": "Low", "confidence": "Medium", "description": "CallInLoop.bad has external calls inside a loop:\n\t- destinations[i].transfer(i) (tests/multiple_calls_in_loop.sol#11)\n", "elements": [{"type": "function", "name": "bad", "source_mapping": {"start": 153, "length": 135, "filename": "tests/multiple_calls_in_loop.sol", "lines": [9, 10, 11, 12, 13]}, "contract": {"type": "contract", "name": "CallInLoop", "source_mapping": {"start": 0, "length": 291, "filename": "tests/multiple_calls_in_loop.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15]}}}, {"type": "expression", "expression": "destinations[i].transfer(i)", "source_mapping": {"start": 244, "length": 27, "filename": "tests/multiple_calls_in_loop.sol", "lines": [11]}}]}]
[
{
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium",
"description": "CallInLoop.bad has external calls inside a loop:\n\t- destinations[i].transfer(i) (tests/multiple_calls_in_loop.sol#11)\n",
"elements": [
{
"type": "function",
"name": "bad",
"source_mapping": {
"start": 153,
"length": 135,
"filename_used": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol",
"filename_relative": "tests/multiple_calls_in_loop.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol",
"filename_short": "tests/multiple_calls_in_loop.sol",
"lines": [
9,
10,
11,
12,
13
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 0,
"length": 291,
"filename_used": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol",
"filename_relative": "tests/multiple_calls_in_loop.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol",
"filename_short": "tests/multiple_calls_in_loop.sol",
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "expression",
"expression": "destinations[i].transfer(i)",
"source_mapping": {
"start": 244,
"length": 27,
"filename_used": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol",
"filename_relative": "tests/multiple_calls_in_loop.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol",
"filename_short": "tests/multiple_calls_in_loop.sol",
"lines": [
11
],
"starting_column": 13,
"ending_column": 40
}
}
]
}
]

5
tests/expected_json/multiple_calls_in_loop.calls-loop.txt
Unescape View File

@ -0,0 +1,5 @@
INFO:Detectors:
CallInLoop.bad has external calls inside a loop:
- destinations[i].transfer(i) (tests/multiple_calls_in_loop.sol#11)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation/_edit#calls-inside-a-loop
INFO:Slither:tests/multiple_calls_in_loop.sol analyzed (1 contracts), 1 result(s) found

367
tests/expected_json/naming_convention.naming-convention.json
Unescape View File

@ -1 +1,366 @@
[{"check": "naming-convention", "impact": "Informational", "confidence": "High", "description": "Contract 'naming' (tests/naming_convention.sol#3-48) is not in CapWords\n", "elements": [{"target": "contract", "convention": "CapWords", "name": "naming", "source_mapping": {"start": 28, "length": 642, "filename": "tests/naming_convention.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}]}, {"check": "naming-convention", "impact": "Informational", "confidence": "High", "description": "Struct 'naming.test' (tests/naming_convention.sol#14-16) is not in CapWords\n", "elements": [{"target": "structure", "convention": "CapWords", "name": "test", "source_mapping": {"start": 229, "length": 35, "filename": "tests/naming_convention.sol", "lines": [14, 15, 16]}}]}, {"check": "naming-convention", "impact": "Informational", "confidence": "High", "description": "Event 'naming.event_' (tests/naming_convention.sol#23) is not in CapWords\n", "elements": [{"target": "event", "convention": "CapWords", "name": "event_", "source_mapping": {"start": 335, "length": 19, "filename": "tests/naming_convention.sol", "lines": [23]}}]}, {"check": "naming-convention", "impact": "Informational", "confidence": "High", "description": "Function 'naming.GetOne' (tests/naming_convention.sol#30-33) is not in mixedCase\n", "elements": [{"target": "function", "convention": "mixedCase", "name": "GetOne", "source_mapping": {"start": 440, "length": 75, "filename": "tests/naming_convention.sol", "lines": [30, 31, 32, 33]}}]}, {"check": "naming-convention", "impact": "Informational", "confidence": "High", "description": "Parameter 'Number2' of naming.setInt (tests/naming_convention.sol#35) is not in mixedCase\n", "elements": [{"target": "parameter", "convention": "mixedCase", "name": "Number2", "source_mapping": {"start": 551, "length": 12, "filename": "tests/naming_convention.sol", "lines": [35]}}]}, {"check": "naming-convention", "impact": "Informational", "confidence": "High", "description": "Constant 'naming.MY_other_CONSTANT' (tests/naming_convention.sol#9) is not in UPPER_CASE_WITH_UNDERSCORES\n", "elements": [{"target": "variable_constant", "convention": "UPPER_CASE_WITH_UNDERSCORES", "name": "MY_other_CONSTANT", "source_mapping": {"start": 143, "length": 35, "filename": "tests/naming_convention.sol", "lines": [9]}}]}, {"check": "naming-convention", "impact": "Informational", "confidence": "High", "description": "Variable 'naming.Var_One' (tests/naming_convention.sol#11) is not in mixedCase\n", "elements": [{"target": "variable", "convention": "mixedCase", "name": "Var_One", "source_mapping": {"start": 185, "length": 16, "filename": "tests/naming_convention.sol", "lines": [11]}}]}, {"check": "naming-convention", "impact": "Informational", "confidence": "High", "description": "Enum 'naming.numbers' (tests/naming_convention.sol#6) is not in CapWords\n", "elements": [{"target": "enum", "convention": "CapWords", "name": "numbers", "source_mapping": {"start": 79, "length": 23, "filename": "tests/naming_convention.sol", "lines": [6]}}]}, {"check": "naming-convention", "impact": "Informational", "confidence": "High", "description": "Modifier 'naming.CantDo' (tests/naming_convention.sol#41-43) is not in mixedCase\n", "elements": [{"target": "modifier", "convention": "mixedCase", "name": "CantDo", "source_mapping": {"start": 591, "length": 36, "filename": "tests/naming_convention.sol", "lines": [41, 42, 43]}}]}, {"check": "naming-convention", "impact": "Informational", "confidence": "High", "description": "Parameter '_used' of T.test (tests/naming_convention.sol#59) is not in mixedCase\n", "elements": [{"target": "parameter", "convention": "mixedCase", "name": "_used", "source_mapping": {"start": 794, "length": 10, "filename": "tests/naming_convention.sol", "lines": [59]}}]}, {"check": "naming-convention", "impact": "Informational", "confidence": "High", "description": "Variable 'T._myPublicVar' (tests/naming_convention.sol#56) is not in mixedCase\n", "elements": [{"target": "variable", "convention": "mixedCase", "name": "_myPublicVar", "source_mapping": {"start": 741, "length": 17, "filename": "tests/naming_convention.sol", "lines": [56]}}]}, {"check": "naming-convention", "impact": "Informational", "confidence": "High", "description": "Variable 'T.l' (tests/naming_convention.sol#67) used l, O, I, which should not be used\n", "elements": [{"target": "variable", "convention": "l_O_I_should_not_be_used", "name": "l", "source_mapping": {"start": 900, "length": 10, "filename": "tests/naming_convention.sol", "lines": [67]}}]}]
[
{
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Contract 'naming' (tests/naming_convention.sol#3-48) is not in CapWords\n",
"elements": [
{
"target": "contract",
"convention": "CapWords",
"name": "naming",
"source_mapping": {
"start": 28,
"length": 642,
"filename_used": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_relative": "tests/naming_convention.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_short": "tests/naming_convention.sol",
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48
],
"starting_column": 1,
"ending_column": 2
}
}
]
},
{
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Struct 'naming.test' (tests/naming_convention.sol#14-16) is not in CapWords\n",
"elements": [
{
"target": "structure",
"convention": "CapWords",
"name": "test",
"source_mapping": {
"start": 229,
"length": 35,
"filename_used": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_relative": "tests/naming_convention.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_short": "tests/naming_convention.sol",
"lines": [
14,
15,
16
],
"starting_column": 5,
"ending_column": 6
}
}
]
},
{
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Event 'naming.event_' (tests/naming_convention.sol#23) is not in CapWords\n",
"elements": [
{
"target": "event",
"convention": "CapWords",
"name": "event_",
"source_mapping": {
"start": 335,
"length": 19,
"filename_used": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_relative": "tests/naming_convention.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_short": "tests/naming_convention.sol",
"lines": [
23
],
"starting_column": 5,
"ending_column": 24
}
}
]
},
{
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Function 'naming.GetOne' (tests/naming_convention.sol#30-33) is not in mixedCase\n",
"elements": [
{
"target": "function",
"convention": "mixedCase",
"name": "GetOne",
"source_mapping": {
"start": 440,
"length": 75,
"filename_used": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_relative": "tests/naming_convention.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_short": "tests/naming_convention.sol",
"lines": [
30,
31,
32,
33
],
"starting_column": 5,
"ending_column": 6
}
}
]
},
{
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Parameter 'Number2' of naming.setInt (tests/naming_convention.sol#35) is not in mixedCase\n",
"elements": [
{
"target": "parameter",
"convention": "mixedCase",
"name": "Number2",
"source_mapping": {
"start": 551,
"length": 12,
"filename_used": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_relative": "tests/naming_convention.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_short": "tests/naming_convention.sol",
"lines": [
35
],
"starting_column": 35,
"ending_column": 47
}
}
]
},
{
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Constant 'naming.MY_other_CONSTANT' (tests/naming_convention.sol#9) is not in UPPER_CASE_WITH_UNDERSCORES\n",
"elements": [
{
"target": "variable_constant",
"convention": "UPPER_CASE_WITH_UNDERSCORES",
"name": "MY_other_CONSTANT",
"source_mapping": {
"start": 143,
"length": 35,
"filename_used": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_relative": "tests/naming_convention.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_short": "tests/naming_convention.sol",
"lines": [
9
],
"starting_column": 5,
"ending_column": 40
}
}
]
},
{
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Variable 'naming.Var_One' (tests/naming_convention.sol#11) is not in mixedCase\n",
"elements": [
{
"target": "variable",
"convention": "mixedCase",
"name": "Var_One",
"source_mapping": {
"start": 185,
"length": 16,
"filename_used": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_relative": "tests/naming_convention.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_short": "tests/naming_convention.sol",
"lines": [
11
],
"starting_column": 5,
"ending_column": 21
}
}
]
},
{
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Enum 'naming.numbers' (tests/naming_convention.sol#6) is not in CapWords\n",
"elements": [
{
"target": "enum",
"convention": "CapWords",
"name": "numbers",
"source_mapping": {
"start": 79,
"length": 23,
"filename_used": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_relative": "tests/naming_convention.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_short": "tests/naming_convention.sol",
"lines": [
6
],
"starting_column": 5,
"ending_column": 28
}
}
]
},
{
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Modifier 'naming.CantDo' (tests/naming_convention.sol#41-43) is not in mixedCase\n",
"elements": [
{
"target": "modifier",
"convention": "mixedCase",
"name": "CantDo",
"source_mapping": {
"start": 591,
"length": 36,
"filename_used": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_relative": "tests/naming_convention.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_short": "tests/naming_convention.sol",
"lines": [
41,
42,
43
],
"starting_column": 5,
"ending_column": 6
}
}
]
},
{
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Parameter '_used' of T.test (tests/naming_convention.sol#59) is not in mixedCase\n",
"elements": [
{
"target": "parameter",
"convention": "mixedCase",
"name": "_used",
"source_mapping": {
"start": 794,
"length": 10,
"filename_used": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_relative": "tests/naming_convention.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_short": "tests/naming_convention.sol",
"lines": [
59
],
"starting_column": 33,
"ending_column": 43
}
}
]
},
{
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Variable 'T._myPublicVar' (tests/naming_convention.sol#56) is not in mixedCase\n",
"elements": [
{
"target": "variable",
"convention": "mixedCase",
"name": "_myPublicVar",
"source_mapping": {
"start": 741,
"length": 17,
"filename_used": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_relative": "tests/naming_convention.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_short": "tests/naming_convention.sol",
"lines": [
56
],
"starting_column": 5,
"ending_column": 22
}
}
]
},
{
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Variable 'T.l' (tests/naming_convention.sol#67) used l, O, I, which should not be used\n",
"elements": [
{
"target": "variable",
"convention": "l_O_I_should_not_be_used",
"name": "l",
"source_mapping": {
"start": 900,
"length": 10,
"filename_used": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_relative": "tests/naming_convention.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/naming_convention.sol",
"filename_short": "tests/naming_convention.sol",
"lines": [
67
],
"starting_column": 5,
"ending_column": 15
}
}
]
}
]

15
tests/expected_json/naming_convention.naming-convention.txt
Unescape View File

@ -0,0 +1,15 @@
INFO:Detectors:
Contract 'naming' (tests/naming_convention.sol#3-48) is not in CapWords
Struct 'naming.test' (tests/naming_convention.sol#14-16) is not in CapWords
Event 'naming.event_' (tests/naming_convention.sol#23) is not in CapWords
Function 'naming.GetOne' (tests/naming_convention.sol#30-33) is not in mixedCase
Parameter 'Number2' of naming.setInt (tests/naming_convention.sol#35) is not in mixedCase
Constant 'naming.MY_other_CONSTANT' (tests/naming_convention.sol#9) is not in UPPER_CASE_WITH_UNDERSCORES
Variable 'naming.Var_One' (tests/naming_convention.sol#11) is not in mixedCase
Enum 'naming.numbers' (tests/naming_convention.sol#6) is not in CapWords
Modifier 'naming.CantDo' (tests/naming_convention.sol#41-43) is not in mixedCase
Parameter '_used' of T.test (tests/naming_convention.sol#59) is not in mixedCase
Variable 'T._myPublicVar' (tests/naming_convention.sol#56) is not in mixedCase
Variable 'T.l' (tests/naming_convention.sol#67) used l, O, I, which should not be used
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:tests/naming_convention.sol analyzed (3 contracts), 12 result(s) found

26
tests/expected_json/old_solc.sol.json.solc-version.json
Unescape View File

@ -1 +1,25 @@
[{"check": "solc-version", "impact": "Informational", "confidence": "High", "description": "Detected issues with version pragma in tests/old_solc.sol.json:\n\t- pragma solidity0.4.21 (old_solc.sol): it allows old versions\n", "elements": [{"type": "expression", "expression": "0.4.21", "source_mapping": {"start": 0, "length": 23, "filename": "old_solc.sol", "lines": []}}]}]
[
{
"check": "solc-version",
"impact": "Informational",
"confidence": "High",
"description": "Detected issues with version pragma in tests/old_solc.sol.json:\n\t- pragma solidity0.4.21 (None): it allows old versions\n",
"elements": [
{
"type": "expression",
"expression": "0.4.21",
"source_mapping": {
"start": 0,
"length": 23,
"filename_used": "old_solc.sol",
"filename_relative": null,
"filename_absolute": null,
"filename_short": null,
"lines": [],
"starting_column": null,
"ending_column": null
}
}
]
}
]

6
tests/expected_json/old_solc.sol.json.solc-version.txt
Unescape View File

@ -0,0 +1,6 @@
INFO:Detectors:
Detected issues with version pragma in tests/old_solc.sol.json:
- pragma solidity0.4.21 (None): it allows old versions
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-version-of-solidity
INFO:Slither:/home/monty/Private/tob/tools/slither-public/scripts/../tests/expected_json/old_solc.sol.json.solc-version.json exists already, the overwrite is prevented
INFO:Slither:tests/old_solc.sol.json analyzed (1 contracts), 1 result(s) found

45
tests/expected_json/pragma.0.4.24.pragma.json
Unescape View File

@ -1 +1,44 @@
[{"check": "pragma", "impact": "Informational", "confidence": "High", "description": "Different versions of Solidity is used in tests/pragma.0.4.24.sol:\n\t- Version used: ['^0.4.23', '^0.4.24']\n\t- tests/pragma.0.4.23.sol#1 declares pragma solidity^0.4.23\n\t- tests/pragma.0.4.24.sol#1 declares pragma solidity^0.4.24\n", "elements": [{"type": "expression", "expression": "^0.4.23", "source_mapping": {"start": 0, "length": 24, "filename": "tests/pragma.0.4.23.sol", "lines": [1]}}, {"type": "expression", "expression": "^0.4.24", "source_mapping": {"start": 0, "length": 24, "filename": "tests/pragma.0.4.24.sol", "lines": [1]}}]}]
[
{
"check": "pragma",
"impact": "Informational",
"confidence": "High",
"description": "Different versions of Solidity is used in :\n\t- Version used: ['^0.4.23', '^0.4.24']\n\t- tests/pragma.0.4.23.sol#1 declares pragma solidity^0.4.23\n\t- tests/pragma.0.4.24.sol#1 declares pragma solidity^0.4.24\n",
"elements": [
{
"type": "expression",
"expression": "^0.4.23",
"source_mapping": {
"start": 0,
"length": 24,
"filename_used": "/home/travis/build/crytic/slither/tests/pragma.0.4.23.sol",
"filename_relative": "tests/pragma.0.4.23.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/pragma.0.4.23.sol",
"filename_short": "tests/pragma.0.4.23.sol",
"lines": [
1
],
"starting_column": 1,
"ending_column": 25
}
},
{
"type": "expression",
"expression": "^0.4.24",
"source_mapping": {
"start": 0,
"length": 24,
"filename_used": "/home/travis/build/crytic/slither/tests/pragma.0.4.24.sol",
"filename_relative": "tests/pragma.0.4.24.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/pragma.0.4.24.sol",
"filename_short": "tests/pragma.0.4.24.sol",
"lines": [
1
],
"starting_column": 1,
"ending_column": 25
}
}
]
}
]

8
tests/expected_json/pragma.0.4.24.pragma.txt
Unescape View File

@ -0,0 +1,8 @@
ERROR:Slither:Invalid compilation
ERROR:Slither:Invalid solc compilation tests/pragma.0.4.23.sol:1:1: Error: Source file requires different compiler version (current compiler is 0.5.1+commit.c8a2cb62.Linux.g++ - note that nightly builds are considered to be strictly less than the released version
pragma solidity ^0.4.23;
^----------------------^
tests/pragma.0.4.24.sol:1:1: Error: Source file requires different compiler version (current compiler is 0.5.1+commit.c8a2cb62.Linux.g++ - note that nightly builds are considered to be strictly less than the released version
pragma solidity ^0.4.24;
^----------------------^

276
tests/expected_json/reentrancy-0.5.1.reentrancy-eth.json
Unescape View File

@ -1 +1,275 @@
[{"check": "reentrancy-eth", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance (tests/reentrancy-0.5.1.sol#14-22):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/reentrancy-0.5.1.sol#17)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy-0.5.1.sol#21)\n", "elements": [{"type": "function", "name": "withdrawBalance", "source_mapping": {"start": 298, "length": 357, "filename": "tests/reentrancy-0.5.1.sol", "lines": [14, 15, 16, 17, 18, 19, 20, 21, 22]}, "contract": {"type": "contract", "name": "Reentrancy", "source_mapping": {"start": 25, "length": 1807, "filename": "tests/reentrancy-0.5.1.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54]}}}, {"type": "external_calls", "expression": "(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()", "source_mapping": {"start": 477, "length": 81, "filename": "tests/reentrancy-0.5.1.sol", "lines": [17]}}, {"type": "variables_written", "name": "userBalance", "expression": "userBalance[msg.sender] = 0", "source_mapping": {"start": 621, "length": 27, "filename": "tests/reentrancy-0.5.1.sol", "lines": [21]}}]}, {"check": "reentrancy-eth", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3 (tests/reentrancy-0.5.1.sol#44-53):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(amount)() (tests/reentrancy-0.5.1.sol#49)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy-0.5.1.sol#51)\n", "elements": [{"type": "function", "name": "withdrawBalance_fixed_3", "source_mapping": {"start": 1434, "length": 393, "filename": "tests/reentrancy-0.5.1.sol", "lines": [44, 45, 46, 47, 48, 49, 50, 51, 52, 53]}, "contract": {"type": "contract", "name": "Reentrancy", "source_mapping": {"start": 25, "length": 1807, "filename": "tests/reentrancy-0.5.1.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54]}}}, {"type": "external_calls", "expression": "(ret,mem) = msg.sender.call.value(amount)()", "source_mapping": {"start": 1679, "length": 64, "filename": "tests/reentrancy-0.5.1.sol", "lines": [49]}}, {"type": "variables_written", "name": "userBalance", "expression": "userBalance[msg.sender] = amount", "source_mapping": {"start": 1778, "length": 32, "filename": "tests/reentrancy-0.5.1.sol", "lines": [51]}}]}]
[
{
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium",
"description": "Reentrancy in Reentrancy.withdrawBalance (tests/reentrancy-0.5.1.sol#14-22):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/reentrancy-0.5.1.sol#17)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy-0.5.1.sol#21)\n",
"elements": [
{
"type": "function",
"name": "withdrawBalance",
"source_mapping": {
"start": 298,
"length": 357,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_relative": "tests/reentrancy-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_short": "tests/reentrancy-0.5.1.sol",
"lines": [
14,
15,
16,
17,
18,
19,
20,
21,
22
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Reentrancy",
"source_mapping": {
"start": 25,
"length": 1807,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_relative": "tests/reentrancy-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_short": "tests/reentrancy-0.5.1.sol",
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "external_calls",
"expression": "(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()",
"source_mapping": {
"start": 477,
"length": 81,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_relative": "tests/reentrancy-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_short": "tests/reentrancy-0.5.1.sol",
"lines": [
17
],
"starting_column": 9,
"ending_column": 90
}
},
{
"type": "variables_written",
"name": "userBalance",
"expression": "userBalance[msg.sender] = 0",
"source_mapping": {
"start": 621,
"length": 27,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_relative": "tests/reentrancy-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_short": "tests/reentrancy-0.5.1.sol",
"lines": [
21
],
"starting_column": 9,
"ending_column": 36
}
}
]
},
{
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium",
"description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3 (tests/reentrancy-0.5.1.sol#44-53):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(amount)() (tests/reentrancy-0.5.1.sol#49)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy-0.5.1.sol#51)\n",
"elements": [
{
"type": "function",
"name": "withdrawBalance_fixed_3",
"source_mapping": {
"start": 1434,
"length": 393,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_relative": "tests/reentrancy-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_short": "tests/reentrancy-0.5.1.sol",
"lines": [
44,
45,
46,
47,
48,
49,
50,
51,
52,
53
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Reentrancy",
"source_mapping": {
"start": 25,
"length": 1807,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_relative": "tests/reentrancy-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_short": "tests/reentrancy-0.5.1.sol",
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "external_calls",
"expression": "(ret,mem) = msg.sender.call.value(amount)()",
"source_mapping": {
"start": 1679,
"length": 64,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_relative": "tests/reentrancy-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_short": "tests/reentrancy-0.5.1.sol",
"lines": [
49
],
"starting_column": 9,
"ending_column": 73
}
},
{
"type": "variables_written",
"name": "userBalance",
"expression": "userBalance[msg.sender] = amount",
"source_mapping": {
"start": 1778,
"length": 32,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_relative": "tests/reentrancy-0.5.1.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol",
"filename_short": "tests/reentrancy-0.5.1.sol",
"lines": [
51
],
"starting_column": 13,
"ending_column": 45
}
}
]
}
]

13
tests/expected_json/reentrancy-0.5.1.reentrancy-eth.txt
Unescape View File

@ -0,0 +1,13 @@
INFO:Detectors:
Reentrancy in Reentrancy.withdrawBalance (tests/reentrancy-0.5.1.sol#14-22):
External calls:
- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/reentrancy-0.5.1.sol#17)
State variables written after the call(s):
- userBalance (tests/reentrancy-0.5.1.sol#21)
Reentrancy in Reentrancy.withdrawBalance_fixed_3 (tests/reentrancy-0.5.1.sol#44-53):
External calls:
- (ret,mem) = msg.sender.call.value(amount)() (tests/reentrancy-0.5.1.sol#49)
State variables written after the call(s):
- userBalance (tests/reentrancy-0.5.1.sol#51)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities
INFO:Slither:tests/reentrancy-0.5.1.sol analyzed (1 contracts), 2 result(s) found

10
tests/expected_json/reentrancy-0.5.1.reentrancy.txt
Unescape View File

@ -0,0 +1,10 @@
Traceback (most recent call last):
File "/home/monty/Envs/slither/bin/slither", line 11, in <module>
load_entry_point('slither-analyzer', 'console_scripts', 'slither')()
File "/home/monty/Private/tob/tools/slither-public/slither/__main__.py", line 469, in main
main_impl(all_detector_classes=detectors, all_printer_classes=printers)
File "/home/monty/Private/tob/tools/slither-public/slither/__main__.py", line 483, in main_impl
detector_classes = choose_detectors(args, all_detector_classes)
File "/home/monty/Private/tob/tools/slither-public/slither/__main__.py", line 176, in choose_detectors
raise Exception('Error: {} is not a detector'.format(d))
Exception: Error: reentrancy is not a detector

310
tests/expected_json/reentrancy.reentrancy-eth.json
Unescape View File

@ -1 +1,309 @@
[{"check": "reentrancy-eth", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance (tests/reentrancy.sol#14-21):\n\tExternal calls:\n\t- ! (msg.sender.call.value(userBalance[msg.sender])()) (tests/reentrancy.sol#17-19)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy.sol#20)\n", "elements": [{"type": "function", "name": "withdrawBalance", "source_mapping": {"start": 299, "length": 314, "filename": "tests/reentrancy.sol", "lines": [14, 15, 16, 17, 18, 19, 20, 21]}, "contract": {"type": "contract", "name": "Reentrancy", "source_mapping": {"start": 26, "length": 2334, "filename": "tests/reentrancy.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72]}}}, {"type": "external_calls", "expression": "! (msg.sender.call.value(userBalance[msg.sender])())", "source_mapping": {"start": 478, "length": 92, "filename": "tests/reentrancy.sol", "lines": [17, 18, 19]}}, {"type": "variables_written", "name": "userBalance", "expression": "userBalance[msg.sender] = 0", "source_mapping": {"start": 579, "length": 27, "filename": "tests/reentrancy.sol", "lines": [20]}}]}, {"check": "reentrancy-eth", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance_nested (tests/reentrancy.sol#64-70):\n\tExternal calls:\n\t- msg.sender.call.value(amount / 2)() (tests/reentrancy.sol#67)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy.sol#68)\n", "elements": [{"type": "function", "name": "withdrawBalance_nested", "source_mapping": {"start": 2108, "length": 246, "filename": "tests/reentrancy.sol", "lines": [64, 65, 66, 67, 68, 69, 70]}, "contract": {"type": "contract", "name": "Reentrancy", "source_mapping": {"start": 26, "length": 2334, "filename": "tests/reentrancy.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72]}}}, {"type": "external_calls", "expression": "msg.sender.call.value(amount / 2)()", "source_mapping": {"start": 2263, "length": 33, "filename": "tests/reentrancy.sol", "lines": [67]}}, {"type": "variables_written", "name": "userBalance", "expression": "userBalance[msg.sender] = 0", "source_mapping": {"start": 2310, "length": 27, "filename": "tests/reentrancy.sol", "lines": [68]}}]}]
[
{
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium",
"description": "Reentrancy in Reentrancy.withdrawBalance (tests/reentrancy.sol#14-21):\n\tExternal calls:\n\t- ! (msg.sender.call.value(userBalance[msg.sender])()) (tests/reentrancy.sol#17-19)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy.sol#20)\n",
"elements": [
{
"type": "function",
"name": "withdrawBalance",
"source_mapping": {
"start": 299,
"length": 314,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_relative": "tests/reentrancy.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_short": "tests/reentrancy.sol",
"lines": [
14,
15,
16,
17,
18,
19,
20,
21
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Reentrancy",
"source_mapping": {
"start": 26,
"length": 2334,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_relative": "tests/reentrancy.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_short": "tests/reentrancy.sol",
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "external_calls",
"expression": "! (msg.sender.call.value(userBalance[msg.sender])())",
"source_mapping": {
"start": 478,
"length": 92,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_relative": "tests/reentrancy.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_short": "tests/reentrancy.sol",
"lines": [
17,
18,
19
],
"starting_column": 9,
"ending_column": 10
}
},
{
"type": "variables_written",
"name": "userBalance",
"expression": "userBalance[msg.sender] = 0",
"source_mapping": {
"start": 579,
"length": 27,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_relative": "tests/reentrancy.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_short": "tests/reentrancy.sol",
"lines": [
20
],
"starting_column": 9,
"ending_column": 36
}
}
]
},
{
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium",
"description": "Reentrancy in Reentrancy.withdrawBalance_nested (tests/reentrancy.sol#64-70):\n\tExternal calls:\n\t- msg.sender.call.value(amount / 2)() (tests/reentrancy.sol#67)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy.sol#68)\n",
"elements": [
{
"type": "function",
"name": "withdrawBalance_nested",
"source_mapping": {
"start": 2108,
"length": 246,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_relative": "tests/reentrancy.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_short": "tests/reentrancy.sol",
"lines": [
64,
65,
66,
67,
68,
69,
70
],
"starting_column": 5,
"ending_column": 6
},
"contract": {
"type": "contract",
"name": "Reentrancy",
"source_mapping": {
"start": 26,
"length": 2334,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_relative": "tests/reentrancy.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_short": "tests/reentrancy.sol",
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72
],
"starting_column": 1,
"ending_column": 2
}
}
},
{
"type": "external_calls",
"expression": "msg.sender.call.value(amount / 2)()",
"source_mapping": {
"start": 2263,
"length": 33,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_relative": "tests/reentrancy.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_short": "tests/reentrancy.sol",
"lines": [
67
],
"starting_column": 13,
"ending_column": 46
}
},
{
"type": "variables_written",
"name": "userBalance",
"expression": "userBalance[msg.sender] = 0",
"source_mapping": {
"start": 2310,
"length": 27,
"filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_relative": "tests/reentrancy.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol",
"filename_short": "tests/reentrancy.sol",
"lines": [
68
],
"starting_column": 13,
"ending_column": 40
}
}
]
}
]

13
tests/expected_json/reentrancy.reentrancy-eth.txt
Unescape View File

@ -0,0 +1,13 @@
INFO:Detectors:
Reentrancy in Reentrancy.withdrawBalance (tests/reentrancy.sol#14-21):
External calls:
- ! (msg.sender.call.value(userBalance[msg.sender])()) (tests/reentrancy.sol#17-19)
State variables written after the call(s):
- userBalance (tests/reentrancy.sol#20)
Reentrancy in Reentrancy.withdrawBalance_nested (tests/reentrancy.sol#64-70):
External calls:
- msg.sender.call.value(amount / 2)() (tests/reentrancy.sol#67)
State variables written after the call(s):
- userBalance (tests/reentrancy.sol#68)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities
INFO:Slither:tests/reentrancy.sol analyzed (1 contracts), 2 result(s) found

Some files were not shown because too many files have changed in this diff Show More

Write Preview
Loading…
Cancel
Save