TheDude
/
slither
mirror of https://github.com/crytic/slither
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into dev-solidity-05

Browse Source
pull/102/head
Josselin 6 years ago
parent 1c666c729d 191cb76b42
commit 09c559c148
45 changed files with 98 additions and 1242 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      Dockerfile
  2. 10
      scripts/json_diff.py
  3. 40
      scripts/tests_generate_expected_json_4.sh
  4. 21
      slither/detectors/abstract_detector.py
  5. 4
      slither/detectors/attributes/const_functions.py
  6. 6
      slither/detectors/attributes/constant_pragma.py
  7. 2
      slither/detectors/attributes/locked_ether.py
  8. 4
      slither/detectors/attributes/old_solc.py
  9. 2
      slither/detectors/examples/backdoor.py
  10. 2
      slither/detectors/functions/arbitrary_send.py
  11. 2
      slither/detectors/functions/complex_function.py
  12. 2
      slither/detectors/functions/external_function.py
  13. 2
      slither/detectors/functions/suicidal.py
  14. 2
      slither/detectors/operations/low_level_calls.py
  15. 2
      slither/detectors/operations/unused_return_values.py
  16. 5
      slither/detectors/reentrancy/reentrancy.py
  17. 2
      slither/detectors/statements/assembly.py
  18. 2
      slither/detectors/statements/controlled_delegatecall.py
  19. 2
      slither/detectors/statements/tx_origin.py
  20. 7
      slither/detectors/variables/possible_const_state_variables.py
  21. 2
      slither/detectors/variables/uninitialized_local_variables.py
  22. 2
      slither/detectors/variables/uninitialized_state_variables.py
  23. 2
      slither/detectors/variables/uninitialized_storage_variables.py
  24. 2
      slither/detectors/variables/unused_state_variables.py
  25. 61
      tests/expected_json/arbitrary_send.arbitrary-send.json
  26. 2
      tests/expected_json/backdoor.backdoor.json
  27. 2
      tests/expected_json/backdoor.suicidal.json
  28. 57
      tests/expected_json/const_state_variables.constable-states.json
  29. 81
      tests/expected_json/constant.constant-function.json
  30. 62
      tests/expected_json/controlled_delegatecall.controlled-delegatecall.json
  31. 72
      tests/expected_json/external_function.external-function.json
  32. 56
      tests/expected_json/inline_assembly_contract.assembly.json
  33. 107
      tests/expected_json/inline_assembly_library.assembly.json
  34. 2
      tests/expected_json/locked_ether.locked-ether.json
  35. 32
      tests/expected_json/low_level_calls.low-level-calls.json
  36. 247
      tests/expected_json/naming_convention.naming-convention.json
  37. 17
      tests/expected_json/old_solc.sol.json.solc-version.json
  38. 30
      tests/expected_json/pragma.0.4.24.pragma.json
  39. 54
      tests/expected_json/reentrancy.reentrancy.json
  40. 65
      tests/expected_json/tx_origin.tx-origin.json
  41. 121
      tests/expected_json/uninitialized.uninitialized-state.json
  42. 32
      tests/expected_json/uninitialized_local_variable.uninitialized-local.json
  43. 33
      tests/expected_json/uninitialized_storage_pointer.uninitialized-storage.json
  44. 53
      tests/expected_json/unused_return.unused-return.json
  45. 19
      tests/expected_json/unused_state.unused-state.json

4
Dockerfile
Unescape View File

@ -9,8 +9,8 @@ LABEL desc "Static Analyzer for Solidity"
# Mostly stolen from ethereum/solc.
RUN apk add --no-cache git python3 build-base cmake boost-dev \
&& sed -i -E -e 's/include <sys\/poll.h>/include <poll.h>/' /usr/include/boost/asio/detail/socket_types.hpp \
&& git clone --depth 1 --recursive -b release https://github.com/ethereum/solidity \
&& cd /solidity && cmake -DCMAKE_BUILD_TYPE=Release -DTESTS=0 -DSTATIC_LINKING=1 \
&& git clone https://github.com/ethereum/solidity \
&& cd /solidity && git checkout 59dbf8f1085b8b92e8b7eb0ce380cbeb642e97eb \
&& cd /solidity && make solc && install -s solc/solc /usr/bin \
&& cd / && rm -rf solidity \
&& rm -rf /var/cache/apk/* \

10
scripts/json_diff.py
Unescape View File

@ -14,4 +14,14 @@ with open(sys.argv[2]) as f:
d2 = json.load(f)
# Remove description field to allow non deterministic print
for elem in d1:
if 'description' in elem:
del elem['description']
for elem in d2:
if 'description' in elem:
del elem['description']
pprint(DeepDiff(d1, d2, ignore_order=True, verbose_level=2))

40
scripts/tests_generate_expected_json_4.sh
Unescape View File

@ -14,25 +14,25 @@ generate_expected_json(){
}
#generate_expected_json tests/uninitialized.sol "uninitialized-state"
#generate_expected_json tests/backdoor.sol "backdoor"
#generate_expected_json tests/backdoor.sol "suicidal"
#generate_expected_json tests/pragma.0.4.24.sol "pragma"
#generate_expected_json tests/old_solc.sol.json "solc-version"
#generate_expected_json tests/reentrancy.sol "reentrancy"
#generate_expected_json tests/uninitialized_storage_pointer.sol "uninitialized-storage"
#generate_expected_json tests/tx_origin.sol "tx-origin"
#generate_expected_json tests/unused_state.sol "unused-state"
generate_expected_json tests/uninitialized.sol "uninitialized-state"
generate_expected_json tests/backdoor.sol "backdoor"
generate_expected_json tests/backdoor.sol "suicidal"
generate_expected_json tests/pragma.0.4.24.sol "pragma"
generate_expected_json tests/old_solc.sol.json "solc-version"
generate_expected_json tests/reentrancy.sol "reentrancy"
generate_expected_json tests/uninitialized_storage_pointer.sol "uninitialized-storage"
generate_expected_json tests/tx_origin.sol "tx-origin"
generate_expected_json tests/unused_state.sol "unused-state"
generate_expected_json tests/locked_ether.sol "locked-ether"
#generate_expected_json tests/arbitrary_send.sol "arbitrary-send"
#generate_expected_json tests/inline_assembly_contract.sol "assembly"
#generate_expected_json tests/inline_assembly_library.sol "assembly"
#generate_expected_json tests/low_level_calls.sol "low-level-calls"
#generate_expected_json tests/const_state_variables.sol "constable-states"
#generate_expected_json tests/external_function.sol "external-function"
#generate_expected_json tests/naming_convention.sol "naming-convention"
#generate_expected_json tests/uninitialized_local_variable.sol "uninitialized-local"
#generate_expected_json tests/controlled_delegatecall.sol "controlled-delegatecall"
#generate_expected_json tests/constant.sol "constant-function"
generate_expected_json tests/arbitrary_send.sol "arbitrary-send"
generate_expected_json tests/inline_assembly_contract.sol "assembly"
generate_expected_json tests/inline_assembly_library.sol "assembly"
generate_expected_json tests/low_level_calls.sol "low-level-calls"
generate_expected_json tests/const_state_variables.sol "constable-states"
generate_expected_json tests/external_function.sol "external-function"
generate_expected_json tests/naming_convention.sol "naming-convention"
generate_expected_json tests/uninitialized_local_variable.sol "uninitialized-local"
generate_expected_json tests/controlled_delegatecall.sol "controlled-delegatecall"
generate_expected_json tests/constant.sol "constant-function"
#generate_expected_json tests/unused_return.sol "unused-return"
generate_expected_json tests/unused_return.sol "unused-return"

21
slither/detectors/abstract_detector.py
Unescape View File

@ -81,9 +81,12 @@ class AbstractDetector(metaclass=abc.ABCMeta):
def color(self):
return classification_colors[self.IMPACT]
def generate_json_result(self):
def generate_json_result(self, info):
d = OrderedDict()
d['check'] = self.ARGUMENT
d['impact'] = classification_txt[self.IMPACT]
d['confidence'] = classification_txt[self.CONFIDENCE]
d['description'] = info
return d
@staticmethod
@ -96,7 +99,7 @@ class AbstractDetector(metaclass=abc.ABCMeta):
assert 'variables' not in d
d['variables'] = [{'name': variable.name,
'source_mapping': variable.source_mapping}
for variable in variables]
for variable in sorted(variables, key=lambda x:x.name)]
@staticmethod
def add_contract_to_json(contract, d):
@ -106,18 +109,22 @@ class AbstractDetector(metaclass=abc.ABCMeta):
@staticmethod
def add_function_to_json(function, d):
assert 'function' not in d
d['function'] = {'name': function.name, 'source_mapping': function.source_mapping}
contract = dict()
AbstractDetector.add_contract_to_json(function.contract, contract)
d['function'] = {'name': function.name, 'source_mapping': function.source_mapping, 'contract': contract['contract']}
@staticmethod
def add_functions_to_json(functions, d):
assert 'functions' not in d
d['functions'] = [{'name': function.name,
'source_mapping': function.source_mapping}
for function in functions]
d['functions'] = []
for function in sorted(functions, key=lambda x: x.name):
func_dict = dict()
AbstractDetector.add_function_to_json(function, func_dict)
d['functions'].append(func_dict['function'])
@staticmethod
def add_nodes_to_json(nodes, d):
assert 'expressions' not in d
d['expressions'] = [{'expression': str(node.expression),
'source_mapping': node.source_mapping}
for node in nodes]
for node in sorted(nodes, key=lambda x: x.node_id)]

4
slither/detectors/attributes/const_functions.py
Unescape View File

@ -35,7 +35,7 @@ class ConstantFunctions(AbstractDetector):
info = '{}.{} ({}) is declared {} but contains assembly code\n'
info = info.format(f.contract.name, f.name, f.source_mapping_str, attr)
self.log(info)
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(f, json)
json['variables'] = []
json['contains_assembly'] = True
@ -52,7 +52,7 @@ class ConstantFunctions(AbstractDetector):
self.log(info)
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(f, json)
self.add_variables_to_json(variables_written, json)
json['contains_assembly'] = False

6
slither/detectors/attributes/constant_pragma.py
Unescape View File

@ -15,13 +15,13 @@ class ConstantPragma(AbstractDetector):
IMPACT = DetectorClassification.INFORMATIONAL
CONFIDENCE = DetectorClassification.HIGH
WIKI = 'https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#state-variables-that-could-be-declared-constant'
WIKI = 'https://github.com/trailofbits/slither/wiki/Vulnerabilities-Description#different-pragma-directives-are-used'
def detect(self):
results = []
pragma = self.slither.pragma_directives
versions = [p.version for p in pragma]
versions = list(set(versions))
versions = sorted(list(set(versions)))
if len(versions) > 1:
info = "Different versions of Solidity is used in {}:\n".format(self.filename)
@ -30,7 +30,7 @@ class ConstantPragma(AbstractDetector):
info += "\t- {} declares {}\n".format(p.source_mapping_str, str(p))
self.log(info)
json = self.generate_json_result()
json = self.generate_json_result(info)
# follow the same format than add_nodes_to_json
json['expressions'] = [{'expression': p.version,
'source_mapping': p.source_mapping} for p in pragma]

2
slither/detectors/attributes/locked_ether.py
Unescape View File

@ -56,7 +56,7 @@ class LockedEther(AbstractDetector):
[f.name for f in funcs_payable])
self.log(info)
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_functions_to_json(funcs_payable, json)
self.add_contract_to_json(contract, json)
results.append(json)

4
slither/detectors/attributes/old_solc.py
Unescape View File

@ -25,7 +25,7 @@ class OldSolc(AbstractDetector):
def detect(self):
results = []
pragma = self.slither.pragma_directives
old_pragma = [p for p in pragma if self._convert_pragma(p.version) not in ['0.4.23', '0.4.24']]
old_pragma = sorted([p for p in pragma if self._convert_pragma(p.version) not in ['0.4.23', '0.4.24']], key=lambda x:str(x))
if old_pragma:
info = "Old version (<0.4.23) of Solidity used in {}:\n".format(self.filename)
@ -33,7 +33,7 @@ class OldSolc(AbstractDetector):
info += "\t- {} declares {}\n".format(p.source_mapping_str, str(p))
self.log(info)
json = self.generate_json_result()
json = self.generate_json_result(info)
# follow the same format than add_nodes_to_json
json['expressions'] = [{'expression': p.version,
'source_mapping': p.source_mapping} for p in old_pragma]

2
slither/detectors/examples/backdoor.py
Unescape View File

@ -24,7 +24,7 @@ class Backdoor(AbstractDetector):
# Print the info
self.log(info)
# Add the result in result
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(f, json)
results.append(json)

2
slither/detectors/functions/arbitrary_send.py
Unescape View File

@ -112,7 +112,7 @@ class ArbitrarySend(AbstractDetector):
self.log(info)
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(func, json)
self.add_nodes_to_json(nodes, json)
results.append(json)

2
slither/detectors/functions/complex_function.py
Unescape View File

@ -105,7 +105,7 @@ class ComplexFunction(AbstractDetector):
info = info + "\n"
self.log(info)
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(func, json)
json['high_number_of_external_calls'] = cause == self.CAUSE_EXTERNAL_CALL
json['high_number_of_branches'] = cause == self.CAUSE_CYCLOMATIC

2
slither/detectors/functions/external_function.py
Unescape View File

@ -65,7 +65,7 @@ class ExternalFunction(AbstractDetector):
func.source_mapping_str)
all_info += info
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(func, json)
results.append(json)
if all_info != '':

2
slither/detectors/functions/suicidal.py
Unescape View File

@ -64,7 +64,7 @@ class Suicidal(AbstractDetector):
self.log(info)
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(func, json)
results.append(json)

2
slither/detectors/operations/low_level_calls.py
Unescape View File

@ -51,7 +51,7 @@ class LowLevelCalls(AbstractDetector):
info += "\t-{} {}\n".format(str(node.expression), node.source_mapping_str)
all_info += info
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(func, json)
self.add_nodes_to_json(nodes, json)
results.append(json)

2
slither/detectors/operations/unused_return_values.py
Unescape View File

@ -60,7 +60,7 @@ class UnusedReturnValues(AbstractDetector):
info += "\t-{} ({})\n".format(node.expression, node.source_mapping_str)
self.log(info)
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(f, json)
self.add_nodes_to_json(unused_return, json)
results.append(json)

5
slither/detectors/reentrancy/reentrancy.py
Unescape View File

@ -177,7 +177,8 @@ class Reentrancy(AbstractDetector):
results = []
for (func, calls, send_eth), varsWritten in self.result.items():
result_sorted = sorted(list(self.result.items()), key=lambda x:x[0][0].name)
for (func, calls, send_eth), varsWritten in result_sorted:
calls = list(set(calls))
send_eth = list(set(send_eth))
# if calls == send_eth:
@ -204,7 +205,7 @@ class Reentrancy(AbstractDetector):
'source_mapping': call_info.source_mapping}
for call_info in calls]
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(func, json)
json['external_calls'] = [{'expression': str(call_info.expression),
'source_mapping': call_info.source_mapping}

2
slither/detectors/statements/assembly.py
Unescape View File

@ -55,7 +55,7 @@ class Assembly(AbstractDetector):
all_info += info
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(func, json)
json['assembly'] = [{'source_mapping': node.source_mapping}
for node in nodes]

2
slither/detectors/statements/controlled_delegatecall.py
Unescape View File

@ -37,7 +37,7 @@ class ControlledDelegateCall(AbstractDetector):
info += '\t{} ({})\n'.format(node.expression, node.source_mapping_str)
self.log(info)
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(f, json)
self.add_nodes_to_json(nodes, json)
results.append(json)

2
slither/detectors/statements/tx_origin.py
Unescape View File

@ -58,7 +58,7 @@ class TxOrigin(AbstractDetector):
self.log(info)
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_function_to_json(func, json)
self.add_nodes_to_json(nodes, json)
results.append(json)

7
slither/detectors/variables/possible_const_state_variables.py
Unescape View File

@ -66,12 +66,13 @@ class ConstCandidateStateVars(AbstractDetector):
variables_by_contract[state_var.contract.name].append(state_var)
for contract, variables in variables_by_contract.items():
info = ''
for v in variables:
all_info += "{}.{} should be constant ({})\n".format(contract,
info += "{}.{} should be constant ({})\n".format(contract,
v.name,
v.source_mapping_str)
json = self.generate_json_result()
all_info += info
json = self.generate_json_result(info)
self.add_variables_to_json(variables, json)
results.append(json)

2
slither/detectors/variables/uninitialized_local_variables.py
Unescape View File

@ -93,7 +93,7 @@ class UninitializedLocalVars(AbstractDetector):
self.log(info)
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_variable_to_json(uninitialized_local_variable, json)
self.add_function_to_json(function, json)
results.append(json)

2
slither/detectors/variables/uninitialized_state_variables.py
Unescape View File

@ -85,7 +85,7 @@ class UninitializedStateVarsDetection(AbstractDetector):
source = [variable.source_mapping]
source += [f.source_mapping for f in functions]
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_variable_to_json(variable, json)
self.add_functions_to_json(functions, json)
results.append(json)

2
slither/detectors/variables/uninitialized_storage_variables.py
Unescape View File

@ -90,7 +90,7 @@ class UninitializedStorageVars(AbstractDetector):
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_variable_to_json(uninitialized_storage_variable, json)
self.add_function_to_json(function, json)
results.append(json)

2
slither/detectors/variables/unused_state_variables.py
Unescape View File

@ -45,7 +45,7 @@ class UnusedStateVars(AbstractDetector):
all_info += info
json = self.generate_json_result()
json = self.generate_json_result(info)
self.add_variables_to_json(unusedVars, json)
results.append(json)

61
tests/expected_json/arbitrary_send.arbitrary-send.json
Unescape View File

@ -1,60 +1 @@
[
{
"check": "arbitrary-send",
"expressions": [
{
"expression": "msg.sender.send(this.balance)",
"source_mapping": {
"filename": "tests/arbitrary_send.sol",
"length": 29,
"lines": [
12
],
"start": 174
}
}
],
"function": {
"name": "direct",
"source_mapping": {
"filename": "tests/arbitrary_send.sol",
"length": 63,
"lines": [
11,
12,
13
],
"start": 147
}
}
},
{
"check": "arbitrary-send",
"expressions": [
{
"expression": "destination.send(this.balance)",
"source_mapping": {
"filename": "tests/arbitrary_send.sol",
"length": 30,
"lines": [
20
],
"start": 307
}
}
],
"function": {
"name": "indirect",
"source_mapping": {
"filename": "tests/arbitrary_send.sol",
"length": 66,
"lines": [
19,
20,
21
],
"start": 278
}
}
}
]
[{"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.direct (tests/arbitrary_send.sol#11-13) sends eth to arbirary user\n\tDangerous calls:\n\t- msg.sender.send(this.balance) (tests/arbitrary_send.sol#12)\n", "function": {"name": "direct", "source_mapping": {"start": 147, "length": 63, "filename": "tests/arbitrary_send.sol", "lines": [11, 12, 13]}, "contract": {"name": "Test", "source_mapping": {"start": 0, "length": 809, "filename": "tests/arbitrary_send.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, "expressions": [{"expression": "msg.sender.send(this.balance)", "source_mapping": {"start": 174, "length": 29, "filename": "tests/arbitrary_send.sol", "lines": [12]}}]}, {"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.indirect (tests/arbitrary_send.sol#19-21) sends eth to arbirary user\n\tDangerous calls:\n\t- destination.send(this.balance) (tests/arbitrary_send.sol#20)\n", "function": {"name": "indirect", "source_mapping": {"start": 278, "length": 66, "filename": "tests/arbitrary_send.sol", "lines": [19, 20, 21]}, "contract": {"name": "Test", "source_mapping": {"start": 0, "length": 809, "filename": "tests/arbitrary_send.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, "expressions": [{"expression": "destination.send(this.balance)", "source_mapping": {"start": 307, "length": 30, "filename": "tests/arbitrary_send.sol", "lines": [20]}}]}]

2
tests/expected_json/backdoor.backdoor.json
Unescape View File

@ -1 +1 @@
[{"check": "backdoor", "function": {"name": "i_am_a_backdoor", "source_mapping": {"start": 18, "length": 74, "filename": "tests/backdoor.sol", "lines": [4, 5, 6]}}}]
[{"check": "backdoor", "impact": "High", "confidence": "High", "description": "Backdoor function found in C.i_am_a_backdoor (tests/backdoor.sol#4-6)\n", "function": {"name": "i_am_a_backdoor", "source_mapping": {"start": 18, "length": 74, "filename": "tests/backdoor.sol", "lines": [4, 5, 6]}, "contract": {"name": "C", "source_mapping": {"start": 1, "length": 94, "filename": "tests/backdoor.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}}]

2
tests/expected_json/backdoor.suicidal.json
Unescape View File

@ -1 +1 @@
[{"check": "suicidal", "function": {"name": "i_am_a_backdoor", "source_mapping": {"start": 18, "length": 74, "filename": "tests/backdoor.sol", "lines": [4, 5, 6]}}}]
[{"check": "suicidal", "impact": "High", "confidence": "High", "description": "C.i_am_a_backdoor (tests/backdoor.sol#4-6) allows anyone to destruct the contract\n", "function": {"name": "i_am_a_backdoor", "source_mapping": {"start": 18, "length": 74, "filename": "tests/backdoor.sol", "lines": [4, 5, 6]}, "contract": {"name": "C", "source_mapping": {"start": 1, "length": 94, "filename": "tests/backdoor.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}}]

57
tests/expected_json/const_state_variables.constable-states.json
Unescape View File

@ -1,56 +1 @@
[
{
"check": "constable-states",
"variables": [
{
"name": "myFriendsAddress",
"source_mapping": {
"filename": "tests/const_state_variables.sol",
"length": 76,
"lines": [
7
],
"start": 130
}
},
{
"name": "test",
"source_mapping": {
"filename": "tests/const_state_variables.sol",
"length": 20,
"lines": [
10
],
"start": 235
}
},
{
"name": "text2",
"source_mapping": {
"filename": "tests/const_state_variables.sol",
"length": 20,
"lines": [
14
],
"start": 331
}
}
]
},
{
"check": "constable-states",
"variables": [
{
"name": "mySistersAddress",
"source_mapping": {
"filename": "tests/const_state_variables.sol",
"length": 76,
"lines": [
26
],
"start": 494
}
}
]
}
]
[{"check": "constable-states", "impact": "Informational", "confidence": "High", "description": "A.myFriendsAddress should be constant (tests/const_state_variables.sol#7)\nA.test should be constant (tests/const_state_variables.sol#10)\nA.text2 should be constant (tests/const_state_variables.sol#14)\n", "variables": [{"name": "myFriendsAddress", "source_mapping": {"start": 130, "length": 76, "filename": "tests/const_state_variables.sol", "lines": [7]}}, {"name": "test", "source_mapping": {"start": 235, "length": 20, "filename": "tests/const_state_variables.sol", "lines": [10]}}, {"name": "text2", "source_mapping": {"start": 331, "length": 20, "filename": "tests/const_state_variables.sol", "lines": [14]}}]}, {"check": "constable-states", "impact": "Informational", "confidence": "High", "description": "B.mySistersAddress should be constant (tests/const_state_variables.sol#26)\n", "variables": [{"name": "mySistersAddress", "source_mapping": {"start": 494, "length": 76, "filename": "tests/const_state_variables.sol", "lines": [26]}}]}]

81
tests/expected_json/constant.constant-function.json
Unescape View File

@ -1,80 +1 @@
[
{
"check": "constant-function",
"contains_assembly": false,
"function": {
"name": "test_view_bug",
"source_mapping": {
"filename": "tests/constant.sol",
"length": 58,
"lines": [
5,
6,
7
],
"start": 45
}
},
"variables": [
{
"name": "a",
"source_mapping": {
"filename": "tests/constant.sol",
"length": 6,
"lines": [
3
],
"start": 28
}
}
]
},
{
"check": "constant-function",
"contains_assembly": false,
"function": {
"name": "test_constant_bug",
"source_mapping": {
"filename": "tests/constant.sol",
"length": 66,
"lines": [
9,
10,
11
],
"start": 113
}
},
"variables": [
{
"name": "a",
"source_mapping": {
"filename": "tests/constant.sol",
"length": 6,
"lines": [
3
],
"start": 28
}
}
]
},
{
"check": "constant-function",
"contains_assembly": true,
"function": {
"name": "test_assembly_bug",
"source_mapping": {
"filename": "tests/constant.sol",
"length": 66,
"lines": [
22,
23,
24
],
"start": 324
}
},
"variables": []
}
]
[{"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_view_bug (tests/constant.sol#5-7) is declared view but changes state variables:\n\t- Constant.a\n", "function": {"name": "test_view_bug", "source_mapping": {"start": 45, "length": 58, "filename": "tests/constant.sol", "lines": [5, 6, 7]}, "contract": {"name": "Constant", "source_mapping": {"start": 0, "length": 392, "filename": "tests/constant.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, "variables": [{"name": "a", "source_mapping": {"start": 28, "length": 6, "filename": "tests/constant.sol", "lines": [3]}}], "contains_assembly": false}, {"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_constant_bug (tests/constant.sol#9-11) is declared view but changes state variables:\n\t- Constant.a\n", "function": {"name": "test_constant_bug", "source_mapping": {"start": 113, "length": 66, "filename": "tests/constant.sol", "lines": [9, 10, 11]}, "contract": {"name": "Constant", "source_mapping": {"start": 0, "length": 392, "filename": "tests/constant.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, "variables": [{"name": "a", "source_mapping": {"start": 28, "length": 6, "filename": "tests/constant.sol", "lines": [3]}}], "contains_assembly": false}, {"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_assembly_bug (tests/constant.sol#22-24) is declared view but contains assembly code\n", "function": {"name": "test_assembly_bug", "source_mapping": {"start": 324, "length": 66, "filename": "tests/constant.sol", "lines": [22, 23, 24]}, "contract": {"name": "Constant", "source_mapping": {"start": 0, "length": 392, "filename": "tests/constant.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, "variables": [], "contains_assembly": true}]

62
tests/expected_json/controlled_delegatecall.controlled-delegatecall.json
Unescape View File

@ -1,61 +1 @@
[
{
"check": "controlled-delegatecall",
"expressions": [
{
"expression": "addr_bad.delegatecall(data)",
"source_mapping": {
"filename": "tests/controlled_delegatecall.sol",
"length": 27,
"lines": [
10
],
"start": 178
}
}
],
"function": {
"name": "bad_delegate_call",
"source_mapping": {
"filename": "tests/controlled_delegatecall.sol",
"length": 120,
"lines": [
8,
9,
10,
11
],
"start": 92
}
}
},
{
"check": "controlled-delegatecall",
"expressions": [
{
"expression": "addr_bad.delegatecall(func_id,data)",
"source_mapping": {
"filename": "tests/controlled_delegatecall.sol",
"length": 36,
"lines": [
19
],
"start": 356
}
}
],
"function": {
"name": "bad_delegate_call2",
"source_mapping": {
"filename": "tests/controlled_delegatecall.sol",
"length": 92,
"lines": [
18,
19,
20
],
"start": 307
}
}
}
]
[{"check": "controlled-delegatecall", "impact": "High", "confidence": "Medium", "description": "C.bad_delegate_call (tests/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id\n\taddr_bad.delegatecall(data) (tests/controlled_delegatecall.sol#10)\n", "function": {"name": "bad_delegate_call", "source_mapping": {"start": 92, "length": 120, "filename": "tests/controlled_delegatecall.sol", "lines": [8, 9, 10, 11]}, "contract": {"name": "C", "source_mapping": {"start": 0, "length": 505, "filename": "tests/controlled_delegatecall.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, "expressions": [{"expression": "addr_bad.delegatecall(data)", "source_mapping": {"start": 178, "length": 27, "filename": "tests/controlled_delegatecall.sol", "lines": [10]}}]}, {"check": "controlled-delegatecall", "impact": "High", "confidence": "Medium", "description": "C.bad_delegate_call2 (tests/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id\n\taddr_bad.delegatecall(func_id,data) (tests/controlled_delegatecall.sol#19)\n", "function": {"name": "bad_delegate_call2", "source_mapping": {"start": 307, "length": 92, "filename": "tests/controlled_delegatecall.sol", "lines": [18, 19, 20]}, "contract": {"name": "C", "source_mapping": {"start": 0, "length": 505, "filename": "tests/controlled_delegatecall.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, "expressions": [{"expression": "addr_bad.delegatecall(func_id,data)", "source_mapping": {"start": 356, "length": 36, "filename": "tests/controlled_delegatecall.sol", "lines": [19]}}]}]

72
tests/expected_json/external_function.external-function.json
Unescape View File

@ -1,71 +1 @@
[
{
"check": "external-function",
"function": {
"name": "funcNotCalled3",
"source_mapping": {
"filename": "tests/external_function.sol",
"length": 41,
"lines": [
13,
14,
15
],
"start": 257
}
}
},
{
"check": "external-function",
"function": {
"name": "funcNotCalled2",
"source_mapping": {
"filename": "tests/external_function.sol",
"length": 41,
"lines": [
17,
18,
19
],
"start": 304
}
}
},
{
"check": "external-function",
"function": {
"name": "funcNotCalled",
"source_mapping": {
"filename": "tests/external_function.sol",
"length": 40,
"lines": [
21,
22,
23
],
"start": 351
}
}
},
{
"check": "external-function",
"function": {
"name": "funcNotCalled",
"source_mapping": {
"filename": "tests/external_function.sol",
"length": 304,
"lines": [
32,
33,
34,
35,
36,
37,
38,
39
],
"start": 552
}
}
}
]
[{"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled.funcNotCalled3 (tests/external_function.sol#13-15) should be declared external\n", "function": {"name": "funcNotCalled3", "source_mapping": {"start": 257, "length": 41, "filename": "tests/external_function.sol", "lines": [13, 14, 15]}, "contract": {"name": "ContractWithFunctionNotCalled", "source_mapping": {"start": 211, "length": 258, "filename": "tests/external_function.sol", "lines": [11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}}}}, {"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled.funcNotCalled2 (tests/external_function.sol#17-19) should be declared external\n", "function": {"name": "funcNotCalled2", "source_mapping": {"start": 304, "length": 41, "filename": "tests/external_function.sol", "lines": [17, 18, 19]}, "contract": {"name": "ContractWithFunctionNotCalled", "source_mapping": {"start": 211, "length": 258, "filename": "tests/external_function.sol", "lines": [11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}}}}, {"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled.funcNotCalled (tests/external_function.sol#21-23) should be declared external\n", "function": {"name": "funcNotCalled", "source_mapping": {"start": 351, "length": 40, "filename": "tests/external_function.sol", "lines": [21, 22, 23]}, "contract": {"name": "ContractWithFunctionNotCalled", "source_mapping": {"start": 211, "length": 258, "filename": "tests/external_function.sol", "lines": [11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}}}}, {"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled2.funcNotCalled (tests/external_function.sol#32-39) should be declared external\n", "function": {"name": "funcNotCalled", "source_mapping": {"start": 552, "length": 304, "filename": "tests/external_function.sol", "lines": [32, 33, 34, 35, 36, 37, 38, 39]}, "contract": {"name": "ContractWithFunctionNotCalled2", "source_mapping": {"start": 471, "length": 387, "filename": "tests/external_function.sol", "lines": [31, 32, 33, 34, 35, 36, 37, 38, 39, 40]}}}}]

56
tests/expected_json/inline_assembly_contract.assembly.json
Unescape View File

@ -1,55 +1 @@
[
{
"assembly": [
{
"source_mapping": {
"filename": "tests/inline_assembly_contract.sol",
"length": 628,
"lines": [
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20
],
"start": 191
}
}
],
"check": "assembly",
"function": {
"name": "at",
"source_mapping": {
"filename": "tests/inline_assembly_contract.sol",
"length": 700,
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20
],
"start": 119
}
}
}
]
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "GetCode.at uses assembly (tests/inline_assembly_contract.sol#6-20)\n\t- tests/inline_assembly_contract.sol#7-20\n", "function": {"name": "at", "source_mapping": {"start": 119, "length": 700, "filename": "tests/inline_assembly_contract.sol", "lines": [6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}, "contract": {"name": "GetCode", "source_mapping": {"start": 97, "length": 724, "filename": "tests/inline_assembly_contract.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, "assembly": [{"source_mapping": {"start": 191, "length": 628, "filename": "tests/inline_assembly_contract.sol", "lines": [7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}]}]

107
tests/expected_json/inline_assembly_library.assembly.json
Unescape View File

@ -1,106 +1 @@
[
{
"assembly": [
{
"source_mapping": {
"filename": "tests/inline_assembly_library.sol",
"length": 114,
"lines": [
18,
19,
20,
21
],
"start": 720
}
}
],
"check": "assembly",
"function": {
"name": "sumAsm",
"source_mapping": {
"filename": "tests/inline_assembly_library.sol",
"length": 247,
"lines": [
16,
17,
18,
19,
20,
21,
22
],
"start": 593
}
}
},
{
"assembly": [
{
"source_mapping": {
"filename": "tests/inline_assembly_library.sol",
"length": 677,
"lines": [
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47
],
"start": 1000
}
}
],
"check": "assembly",
"function": {
"name": "sumPureAsm",
"source_mapping": {
"filename": "tests/inline_assembly_library.sol",
"length": 754,
"lines": [
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47
],
"start": 923
}
}
}
]
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumAsm uses assembly (tests/inline_assembly_library.sol#16-22)\n\t- tests/inline_assembly_library.sol#18-21\n", "function": {"name": "sumAsm", "source_mapping": {"start": 593, "length": 247, "filename": "tests/inline_assembly_library.sol", "lines": [16, 17, 18, 19, 20, 21, 22]}, "contract": {"name": "VectorSum", "source_mapping": {"start": 98, "length": 1581, "filename": "tests/inline_assembly_library.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, "assembly": [{"source_mapping": {"start": 720, "length": 114, "filename": "tests/inline_assembly_library.sol", "lines": [18, 19, 20, 21]}}]}, {"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library.sol#25-47)\n\t- tests/inline_assembly_library.sol#26-47\n", "function": {"name": "sumPureAsm", "source_mapping": {"start": 923, "length": 754, "filename": "tests/inline_assembly_library.sol", "lines": [25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}, "contract": {"name": "VectorSum", "source_mapping": {"start": 98, "length": 1581, "filename": "tests/inline_assembly_library.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, "assembly": [{"source_mapping": {"start": 1000, "length": 677, "filename": "tests/inline_assembly_library.sol", "lines": [26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}}]}]

2
tests/expected_json/locked_ether.locked-ether.json
Unescape View File

@ -1 +1 @@
[{"check": "locked-ether", "functions": [{"name": "receive", "source_mapping": {"start": 47, "length": 72, "filename": "tests/locked_ether.sol", "lines": [4, 5, 6]}}], "contract": {"name": "OnlyLocked", "source_mapping": {"start": 368, "length": 32, "filename": "tests/locked_ether.sol", "lines": [26]}}}]
[]

32
tests/expected_json/low_level_calls.low-level-calls.json
Unescape View File

@ -1,31 +1 @@
[
{
"check": "low-level-calls",
"expressions": [
{
"expression": "_receiver.call.value(msg.value).gas(7777)()",
"source_mapping": {
"filename": "tests/low_level_calls.sol",
"length": 43,
"lines": [
6
],
"start": 100
}
}
],
"function": {
"name": "send",
"source_mapping": {
"filename": "tests/low_level_calls.sol",
"length": 101,
"lines": [
5,
6,
7
],
"start": 49
}
}
}
]
[{"check": "low-level-calls", "impact": "Informational", "confidence": "High", "description": "Low level call in Sender.send (tests/low_level_calls.sol#5-7):\n\t-_receiver.call.value(msg.value).gas(7777)() tests/low_level_calls.sol#6\n", "function": {"name": "send", "source_mapping": {"start": 49, "length": 101, "filename": "tests/low_level_calls.sol", "lines": [5, 6, 7]}, "contract": {"name": "Sender", "source_mapping": {"start": 27, "length": 125, "filename": "tests/low_level_calls.sol", "lines": [4, 5, 6, 7, 8]}}}, "expressions": [{"expression": "_receiver.call.value(msg.value).gas(7777)()", "source_mapping": {"start": 100, "length": 43, "filename": "tests/low_level_calls.sol", "lines": [6]}}]}]

247
tests/expected_json/naming_convention.naming-convention.json
Unescape View File

@ -1,246 +1 @@
[
{
"check": "naming-convention",
"convention": "CapWords",
"name": {
"name": "naming",
"source_mapping": {
"filename": "tests/naming_convention.sol",
"length": 598,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48
],
"start": 26
}
},
"type": "contract"
},
{
"check": "naming-convention",
"convention": "CapWords",
"name": {
"name": "numbers",
"source_mapping": {
"filename": "tests/naming_convention.sol",
"length": 23,
"lines": [
6
],
"start": 77
}
},
"type": "enum"
},
{
"check": "naming-convention",
"convention": "CapWords",
"name": {
"name": "event_",
"source_mapping": {
"filename": "tests/naming_convention.sol",
"length": 19,
"lines": [
23
],
"start": 303
}
},
"type": "event"
},
{
"check": "naming-convention",
"convention": "CapWords",
"name": {
"name": "test",
"source_mapping": {
"filename": "tests/naming_convention.sol",
"length": 20,
"lines": [
14,
15,
16
],
"start": 227
}
},
"type": "structure"
},
{
"check": "naming-convention",
"convention": "UPPER_CASE_WITH_UNDERSCORES",
"name": {
"name": "MY_other_CONSTANT",
"source_mapping": {
"filename": "tests/naming_convention.sol",
"length": 35,
"lines": [
9
],
"start": 141
}
},
"type": "variable_constant"
},
{
"check": "naming-convention",
"convention": "l_O_I_should_not_be_used",
"name": {
"name": "l",
"source_mapping": {
"filename": "tests/naming_convention.sol",
"length": 10,
"lines": [
67
],
"start": 847
}
},
"type": "variable"
},
{
"check": "naming-convention",
"convention": "mixedCase",
"name": {
"name": "GetOne",
"source_mapping": {
"filename": "tests/naming_convention.sol",
"length": 71,
"lines": [
30,
31,
32,
33
],
"start": 405
}
},
"type": "function"
},
{
"check": "naming-convention",
"convention": "mixedCase",
"name": {
"name": "CantDo",
"source_mapping": {
"filename": "tests/naming_convention.sol",
"length": 36,
"lines": [
41,
42,
43
],
"start": 545
}
},
"type": "modifier"
},
{
"check": "naming-convention",
"convention": "mixedCase",
"name": {
"name": "Number2",
"source_mapping": {
"filename": "tests/naming_convention.sol",
"length": 12,
"lines": [
35
],
"start": 512
}
},
"type": "parameter"
},
{
"check": "naming-convention",
"convention": "mixedCase",
"name": {
"name": "_used",
"source_mapping": {
"filename": "tests/naming_convention.sol",
"length": 10,
"lines": [
59
],
"start": 748
}
},
"type": "parameter"
},
{
"check": "naming-convention",
"convention": "mixedCase",
"name": {
"name": "Var_One",
"source_mapping": {
"filename": "tests/naming_convention.sol",
"length": 16,
"lines": [
11
],
"start": 183
}
},
"type": "variable"
},
{
"check": "naming-convention",
"convention": "mixedCase",
"name": {
"name": "_myPublicVar",
"source_mapping": {
"filename": "tests/naming_convention.sol",
"length": 17,
"lines": [
56
],
"start": 695
}
},
"type": "variable"
}
]
[{"check": "naming-convention", "type": "contract", "convention": "CapWords", "name": {"name": "naming", "source_mapping": {"start": 26, "length": 598, "filename": "tests/naming_convention.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"check": "naming-convention", "type": "structure", "convention": "CapWords", "name": {"name": "test", "source_mapping": {"start": 227, "length": 20, "filename": "tests/naming_convention.sol", "lines": [14, 15, 16]}}}, {"check": "naming-convention", "type": "event", "convention": "CapWords", "name": {"name": "event_", "source_mapping": {"start": 303, "length": 19, "filename": "tests/naming_convention.sol", "lines": [23]}}}, {"check": "naming-convention", "type": "function", "convention": "mixedCase", "name": {"name": "GetOne", "source_mapping": {"start": 405, "length": 71, "filename": "tests/naming_convention.sol", "lines": [30, 31, 32, 33]}}}, {"check": "naming-convention", "type": "parameter", "convention": "mixedCase", "name": {"name": "Number2", "source_mapping": {"start": 512, "length": 12, "filename": "tests/naming_convention.sol", "lines": [35]}}}, {"check": "naming-convention", "type": "variable_constant", "convention": "UPPER_CASE_WITH_UNDERSCORES", "name": {"name": "MY_other_CONSTANT", "source_mapping": {"start": 141, "length": 35, "filename": "tests/naming_convention.sol", "lines": [9]}}}, {"check": "naming-convention", "type": "variable", "convention": "mixedCase", "name": {"name": "Var_One", "source_mapping": {"start": 183, "length": 16, "filename": "tests/naming_convention.sol", "lines": [11]}}}, {"check": "naming-convention", "type": "enum", "convention": "CapWords", "name": {"name": "numbers", "source_mapping": {"start": 77, "length": 23, "filename": "tests/naming_convention.sol", "lines": [6]}}}, {"check": "naming-convention", "type": "modifier", "convention": "mixedCase", "name": {"name": "CantDo", "source_mapping": {"start": 545, "length": 36, "filename": "tests/naming_convention.sol", "lines": [41, 42, 43]}}}, {"check": "naming-convention", "type": "parameter", "convention": "mixedCase", "name": {"name": "_used", "source_mapping": {"start": 748, "length": 10, "filename": "tests/naming_convention.sol", "lines": [59]}}}, {"check": "naming-convention", "type": "variable", "convention": "mixedCase", "name": {"name": "_myPublicVar", "source_mapping": {"start": 695, "length": 17, "filename": "tests/naming_convention.sol", "lines": [56]}}}, {"check": "naming-convention", "type": "variable", "convention": "l_O_I_should_not_be_used", "name": {"name": "l", "source_mapping": {"start": 847, "length": 10, "filename": "tests/naming_convention.sol", "lines": [67]}}}]

17
tests/expected_json/old_solc.sol.json.solc-version.json
Unescape View File

@ -1,16 +1 @@
[
{
"check": "solc-version",
"expressions": [
{
"expression": "0.4.21",
"source_mapping": {
"filename": "old_solc.sol",
"length": 23,
"lines": [],
"start": 0
}
}
]
}
]
[{"check": "solc-version", "impact": "Informational", "confidence": "High", "description": "Old version (<0.4.23) of Solidity used in tests/old_solc.sol.json:\n\t- old_solc.sol declares pragma solidity0.4.21\n", "expressions": [{"expression": "0.4.21", "source_mapping": {"start": 0, "length": 23, "filename": "old_solc.sol", "lines": []}}]}]

30
tests/expected_json/pragma.0.4.24.pragma.json
Unescape View File

@ -1,29 +1 @@
[
{
"check": "pragma",
"expressions": [
{
"expression": "^0.4.23",
"source_mapping": {
"filename": "tests/pragma.0.4.23.sol",
"length": 24,
"lines": [
1
],
"start": 0
}
},
{
"expression": "^0.4.24",
"source_mapping": {
"filename": "tests/pragma.0.4.24.sol",
"length": 24,
"lines": [
1
],
"start": 0
}
}
]
}
]
[{"check": "pragma", "impact": "Informational", "confidence": "High", "description": "Different versions of Solidity is used in tests/pragma.0.4.24.sol:\n\t- Version used: ['^0.4.23', '^0.4.24']\n\t- tests/pragma.0.4.23.sol#1 declares pragma solidity^0.4.23\n\t- tests/pragma.0.4.24.sol#1 declares pragma solidity^0.4.24\n", "expressions": [{"expression": "^0.4.23", "source_mapping": {"start": 0, "length": 24, "filename": "tests/pragma.0.4.23.sol", "lines": [1]}}, {"expression": "^0.4.24", "source_mapping": {"start": 0, "length": 24, "filename": "tests/pragma.0.4.24.sol", "lines": [1]}}]}]

54
tests/expected_json/reentrancy.reentrancy.json
Unescape View File

@ -1,53 +1 @@
[
{
"check": "reentrancy",
"external_calls": [
{
"expression": "! (msg.sender.call.value(userBalance[msg.sender])())",
"source_mapping": {
"filename": "tests/reentrancy.sol",
"length": 92,
"lines": [
17,
18,
19
],
"start": 478
}
}
],
"external_calls_sending_eth": [],
"function": {
"name": "withdrawBalance",
"source_mapping": {
"filename": "tests/reentrancy.sol",
"length": 314,
"lines": [
14,
15,
16,
17,
18,
19,
20,
21
],
"start": 299
}
},
"variables_written": [
{
"expression": "userBalance[msg.sender] = 0",
"name": "userBalance",
"source_mapping": {
"filename": "tests/reentrancy.sol",
"length": 27,
"lines": [
20
],
"start": 579
}
}
]
}
]
[{"check": "reentrancy", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance (tests/reentrancy.sol#14-21):\n\tExternal calls:\n\t- ! (msg.sender.call.value(userBalance[msg.sender])()) (tests/reentrancy.sol#17-19)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy.sol#20)\n", "function": {"name": "withdrawBalance", "source_mapping": {"start": 299, "length": 314, "filename": "tests/reentrancy.sol", "lines": [14, 15, 16, 17, 18, 19, 20, 21]}, "contract": {"name": "Reentrancy", "source_mapping": {"start": 26, "length": 1678, "filename": "tests/reentrancy.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51]}}}, "external_calls": [{"expression": "! (msg.sender.call.value(userBalance[msg.sender])())", "source_mapping": {"start": 478, "length": 92, "filename": "tests/reentrancy.sol", "lines": [17, 18, 19]}}], "external_calls_sending_eth": [], "variables_written": [{"name": "userBalance", "expression": "userBalance[msg.sender] = 0", "source_mapping": {"start": 579, "length": 27, "filename": "tests/reentrancy.sol", "lines": [20]}}]}]

65
tests/expected_json/tx_origin.tx-origin.json
Unescape View File

@ -1,64 +1 @@
[
{
"check": "tx-origin",
"expressions": [
{
"expression": "require(bool)(tx.origin == owner)",
"source_mapping": {
"filename": "tests/tx_origin.sol",
"length": 27,
"lines": [
10
],
"start": 140
}
}
],
"function": {
"name": "bug0",
"source_mapping": {
"filename": "tests/tx_origin.sol",
"length": 60,
"lines": [
9,
10,
11
],
"start": 114
}
}
},
{
"check": "tx-origin",
"expressions": [
{
"expression": "tx.origin != owner",
"source_mapping": {
"filename": "tests/tx_origin.sol",
"length": 57,
"lines": [
14,
15,
16
],
"start": 206
}
}
],
"function": {
"name": "bug2",
"source_mapping": {
"filename": "tests/tx_origin.sol",
"length": 89,
"lines": [
13,
14,
15,
16,
17
],
"start": 180
}
}
}
]
[{"check": "tx-origin", "impact": "Medium", "confidence": "Medium", "description": "TxOrigin.bug0 uses tx.origin for authorization:\n\t- require(bool)(tx.origin == owner) (tests/tx_origin.sol#10)\n", "function": {"name": "bug0", "source_mapping": {"start": 114, "length": 60, "filename": "tests/tx_origin.sol", "lines": [9, 10, 11]}, "contract": {"name": "TxOrigin", "source_mapping": {"start": 26, "length": 393, "filename": "tests/tx_origin.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26]}}}, "expressions": [{"expression": "require(bool)(tx.origin == owner)", "source_mapping": {"start": 140, "length": 27, "filename": "tests/tx_origin.sol", "lines": [10]}}]}, {"check": "tx-origin", "impact": "Medium", "confidence": "Medium", "description": "TxOrigin.bug2 uses tx.origin for authorization:\n\t- tx.origin != owner (tests/tx_origin.sol#14-16)\n", "function": {"name": "bug2", "source_mapping": {"start": 180, "length": 89, "filename": "tests/tx_origin.sol", "lines": [13, 14, 15, 16, 17]}, "contract": {"name": "TxOrigin", "source_mapping": {"start": 26, "length": 393, "filename": "tests/tx_origin.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26]}}}, "expressions": [{"expression": "tx.origin != owner", "source_mapping": {"start": 206, "length": 57, "filename": "tests/tx_origin.sol", "lines": [14, 15, 16]}}]}]

121
tests/expected_json/uninitialized.uninitialized-state.json
Unescape View File

@ -1,120 +1 @@
[
{
"check": "uninitialized-state",
"functions": [
{
"name": "transfer",
"source_mapping": {
"filename": "tests/uninitialized.sol",
"length": 82,
"lines": [
7,
8,
9
],
"start": 81
}
}
],
"variable": {
"name": "destination",
"source_mapping": {
"filename": "tests/uninitialized.sol",
"length": 19,
"lines": [
5
],
"start": 55
}
}
},
{
"check": "uninitialized-state",
"functions": [
{
"name": "use",
"source_mapping": {
"filename": "tests/uninitialized.sol",
"length": 143,
"lines": [
23,
24,
25,
26
],
"start": 356
}
}
],
"variable": {
"name": "balances",
"source_mapping": {
"filename": "tests/uninitialized.sol",
"length": 34,
"lines": [
15
],
"start": 189
}
}
},
{
"check": "uninitialized-state",
"functions": [
{
"name": "use",
"source_mapping": {
"filename": "tests/uninitialized.sol",
"length": 117,
"lines": [
53,
54,
55,
56
],
"start": 875
}
}
],
"variable": {
"name": "st",
"source_mapping": {
"filename": "tests/uninitialized.sol",
"length": 15,
"lines": [
45
],
"start": 695
}
}
},
{
"check": "uninitialized-state",
"functions": [
{
"name": "init",
"source_mapping": {
"filename": "tests/uninitialized.sol",
"length": 52,
"lines": [
49,
50,
51
],
"start": 817
}
}
],
"variable": {
"name": "v",
"source_mapping": {
"filename": "tests/uninitialized.sol",
"length": 6,
"lines": [
47
],
"start": 748
}
}
}
]
[{"check": "uninitialized-state", "impact": "High", "confidence": "High", "description": "Uninitialized.destination (tests/uninitialized.sol#5) is never initialized. It is used in:\n\t- transfer (tests/uninitialized.sol#7-9)\n", "variable": {"name": "destination", "source_mapping": {"start": 55, "length": 19, "filename": "tests/uninitialized.sol", "lines": [5]}}, "functions": [{"name": "transfer", "source_mapping": {"start": 81, "length": 82, "filename": "tests/uninitialized.sol", "lines": [7, 8, 9]}, "contract": {"name": "Uninitialized", "source_mapping": {"start": 26, "length": 140, "filename": "tests/uninitialized.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11]}}}]}, {"check": "uninitialized-state", "impact": "High", "confidence": "High", "description": "Test.balances (tests/uninitialized.sol#15) is never initialized. It is used in:\n\t- use (tests/uninitialized.sol#23-26)\n", "variable": {"name": "balances", "source_mapping": {"start": 189, "length": 34, "filename": "tests/uninitialized.sol", "lines": [15]}}, "functions": [{"name": "use", "source_mapping": {"start": 356, "length": 143, "filename": "tests/uninitialized.sol", "lines": [23, 24, 25, 26]}, "contract": {"name": "Test", "source_mapping": {"start": 169, "length": 332, "filename": "tests/uninitialized.sol", "lines": [14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27]}}}]}, {"check": "uninitialized-state", "impact": "High", "confidence": "High", "description": "Test2.st (tests/uninitialized.sol#45) is never initialized. It is used in:\n\t- use (tests/uninitialized.sol#53-56)\n", "variable": {"name": "st", "source_mapping": {"start": 695, "length": 15, "filename": "tests/uninitialized.sol", "lines": [45]}}, "functions": [{"name": "use", "source_mapping": {"start": 875, "length": 117, "filename": "tests/uninitialized.sol", "lines": [53, 54, 55, 56]}, "contract": {"name": "Test2", "source_mapping": {"start": 641, "length": 354, "filename": "tests/uninitialized.sol", "lines": [42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58]}}}]}, {"check": "uninitialized-state", "impact": "High", "confidence": "High", "description": "Test2.v (tests/uninitialized.sol#47) is never initialized. It is used in:\n\t- init (tests/uninitialized.sol#49-51)\n", "variable": {"name": "v", "source_mapping": {"start": 748, "length": 6, "filename": "tests/uninitialized.sol", "lines": [47]}}, "functions": [{"name": "init", "source_mapping": {"start": 817, "length": 52, "filename": "tests/uninitialized.sol", "lines": [49, 50, 51]}, "contract": {"name": "Test2", "source_mapping": {"start": 641, "length": 354, "filename": "tests/uninitialized.sol", "lines": [42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58]}}}]}]

32
tests/expected_json/uninitialized_local_variable.uninitialized-local.json
Unescape View File

@ -1,31 +1 @@
[
{
"check": "uninitialized-local",
"function": {
"name": "func",
"source_mapping": {
"filename": "tests/uninitialized_local_variable.sol",
"length": 143,
"lines": [
3,
4,
5,
6,
7
],
"start": 29
}
},
"variable": {
"name": "uint_not_init",
"source_mapping": {
"filename": "tests/uninitialized_local_variable.sol",
"length": 18,
"lines": [
4
],
"start": 77
}
}
}
]
[{"check": "uninitialized-local", "impact": "Medium", "confidence": "Medium", "description": "uint_not_init in Uninitialized.func (tests/uninitialized_local_variable.sol#4) is a local variable never initialiazed\n", "variable": {"name": "uint_not_init", "source_mapping": {"start": 77, "length": 18, "filename": "tests/uninitialized_local_variable.sol", "lines": [4]}}, "function": {"name": "func", "source_mapping": {"start": 29, "length": 143, "filename": "tests/uninitialized_local_variable.sol", "lines": [3, 4, 5, 6, 7]}, "contract": {"name": "Uninitialized", "source_mapping": {"start": 0, "length": 179, "filename": "tests/uninitialized_local_variable.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9]}}}}]

33
tests/expected_json/uninitialized_storage_pointer.uninitialized-storage.json
Unescape View File

@ -1,32 +1 @@
[
{
"check": "uninitialized-storage",
"function": {
"name": "func",
"source_mapping": {
"filename": "tests/uninitialized_storage_pointer.sol",
"length": 138,
"lines": [
7,
8,
9,
10,
11,
12
],
"start": 67
}
},
"variable": {
"name": "st_bug",
"source_mapping": {
"filename": "tests/uninitialized_storage_pointer.sol",
"length": 9,
"lines": [
10
],
"start": 171
}
}
}
]
[{"check": "uninitialized-storage", "impact": "High", "confidence": "High", "description": "st_bug in Uninitialized.func (tests/uninitialized_storage_pointer.sol#10) is a storage variable never initialiazed\n", "variable": {"name": "st_bug", "source_mapping": {"start": 171, "length": 9, "filename": "tests/uninitialized_storage_pointer.sol", "lines": [10]}}, "function": {"name": "func", "source_mapping": {"start": 67, "length": 138, "filename": "tests/uninitialized_storage_pointer.sol", "lines": [7, 8, 9, 10, 11, 12]}, "contract": {"name": "Uninitialized", "source_mapping": {"start": 0, "length": 212, "filename": "tests/uninitialized_storage_pointer.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14]}}}}]

53
tests/expected_json/unused_return.unused-return.json
Unescape View File

@ -1,52 +1 @@
[
{
"check": "unused-return",
"expressions": [
{
"expression": "a.add(0)",
"source_mapping": {
"filename": "tests/unused_return.sol",
"length": 8,
"lines": [
22
],
"start": 337
}
},
{
"expression": "t.f()",
"source_mapping": {
"filename": "tests/unused_return.sol",
"length": 5,
"lines": [
18
],
"start": 263
}
}
],
"function": {
"name": "test",
"source_mapping": {
"filename": "tests/unused_return.sol",
"length": 347,
"lines": [
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29
],
"start": 230
}
}
}
]
[{"check": "unused-return", "impact": "Medium", "confidence": "Medium", "description": "User.test (tests/unused_return.sol#17-29) does not use the value returned by external calls:\n\t-t.f() (tests/unused_return.sol#18)\n\t-a.add(0) (tests/unused_return.sol#22)\n", "function": {"name": "test", "source_mapping": {"start": 230, "length": 347, "filename": "tests/unused_return.sol", "lines": [17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}, "contract": {"name": "User", "source_mapping": {"start": 180, "length": 399, "filename": "tests/unused_return.sol", "lines": [13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30]}}}, "expressions": [{"expression": "t.f()", "source_mapping": {"start": 263, "length": 5, "filename": "tests/unused_return.sol", "lines": [18]}}, {"expression": "a.add(0)", "source_mapping": {"start": 337, "length": 8, "filename": "tests/unused_return.sol", "lines": [22]}}]}]

19
tests/expected_json/unused_state.unused-state.json
Unescape View File

@ -1,18 +1 @@
[
{
"check": "unused-state",
"variables": [
{
"name": "unused",
"source_mapping": {
"filename": "tests/unused_state.sol",
"length": 14,
"lines": [
4
],
"start": 42
}
}
]
}
]
[{"check": "unused-state", "impact": "Informational", "confidence": "High", "description": "A.unused (tests/unused_state.sol#4) is never used in B\n", "variables": [{"name": "unused", "source_mapping": {"start": 42, "length": 14, "filename": "tests/unused_state.sol", "lines": [4]}}]}]
Write Preview
Loading…
Cancel
Save