Merge pull request #1485 from crytic/devtooligan-1476-refactor-vulnerable-solc-version

refactor: add VULNERABLE_SOLC_VERSIONS and logic
pull/1425/merge
Feist Josselin 2 years ago committed by GitHub
commit 16a5098bc3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 33
      slither/detectors/abstract_detector.py
  2. 10
      slither/detectors/attributes/const_functions_asm.py
  3. 10
      slither/detectors/attributes/const_functions_state.py
  4. 23
      slither/detectors/compiler_bugs/enum_conversion.py
  5. 16
      slither/detectors/compiler_bugs/public_mapping_nested.py
  6. 12
      slither/detectors/compiler_bugs/reused_base_constructor.py
  7. 44
      slither/detectors/compiler_bugs/storage_ABIEncoderV2_array.py
  8. 45
      slither/detectors/compiler_bugs/storage_signed_integer_array.py
  9. 45
      slither/detectors/compiler_bugs/uninitialized_function_ptr_in_constructor.py
  10. 21
      slither/detectors/functions/external_function.py
  11. 12
      slither/detectors/statements/array_length_assignment.py
  12. 505
      tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol.0.5.10.StorageSignedIntegerArray.json

@ -46,6 +46,20 @@ classification_txt = {
}
def make_solc_versions(minor: int, patch_min: int, patch_max: int) -> List[str]:
"""
Create a list of solc version: [0.minor.patch_min .... 0.minor.patch_max]
"""
return [f"0.{minor}.{x}" for x in range(patch_min, patch_max + 1)]
ALL_SOLC_VERSIONS_04 = make_solc_versions(4, 0, 26)
ALL_SOLC_VERSIONS_05 = make_solc_versions(5, 0, 17)
ALL_SOLC_VERSIONS_06 = make_solc_versions(6, 0, 12)
ALL_SOLC_VERSIONS_07 = make_solc_versions(7, 0, 6)
# No VERSIONS_08 as it is still in dev
class AbstractDetector(metaclass=abc.ABCMeta):
ARGUMENT = "" # run the detector with slither.py --ARGUMENT
HELP = "" # help information
@ -61,6 +75,10 @@ class AbstractDetector(metaclass=abc.ABCMeta):
STANDARD_JSON = True
# list of vulnerable solc versions as strings (e.g. ["0.4.25", "0.5.0"])
# If the detector is meant to run on all versions, use None
VULNERABLE_SOLC_VERSIONS: Optional[List[str]] = None
def __init__(
self, compilation_unit: SlitherCompilationUnit, slither: "Slither", logger: Logger
):
@ -108,6 +126,11 @@ class AbstractDetector(metaclass=abc.ABCMeta):
f"WIKI_RECOMMENDATION is not initialized {self.__class__.__name__}"
)
if self.VULNERABLE_SOLC_VERSIONS is not None and not self.VULNERABLE_SOLC_VERSIONS:
raise IncorrectDetectorInitialization(
f"VULNERABLE_SOLC_VERSIONS should not be an empty list {self.__class__.__name__}"
)
if re.match("^[a-zA-Z0-9_-]*$", self.ARGUMENT) is None:
raise IncorrectDetectorInitialization(
f"ARGUMENT has illegal character {self.__class__.__name__}"
@ -139,6 +162,11 @@ class AbstractDetector(metaclass=abc.ABCMeta):
if self.logger:
self.logger.info(self.color(info))
def _uses_vulnerable_solc_version(self) -> bool:
if self.VULNERABLE_SOLC_VERSIONS:
return self.compilation_unit.solc_version in self.VULNERABLE_SOLC_VERSIONS
return True
@abc.abstractmethod
def _detect(self) -> List[Output]:
"""TODO Documentation"""
@ -147,6 +175,11 @@ class AbstractDetector(metaclass=abc.ABCMeta):
# pylint: disable=too-many-branches
def detect(self) -> List[Dict]:
results: List[Dict] = []
# check solc version
if not self._uses_vulnerable_solc_version():
return results
# only keep valid result, and remove duplicate
# Keep only dictionaries
for r in [output.data for output in self._detect()]:

@ -2,7 +2,11 @@
Module detecting constant functions
Recursively check the called functions
"""
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.detectors.abstract_detector import (
AbstractDetector,
DetectorClassification,
ALL_SOLC_VERSIONS_04,
)
from slither.formatters.attributes.const_functions import custom_format
@ -49,6 +53,8 @@ All the calls to `get` revert, breaking Bob's smart contract execution."""
"Ensure the attributes of contracts compiled prior to Solidity 0.5.0 are correct."
)
VULNERABLE_SOLC_VERSIONS = ALL_SOLC_VERSIONS_04
def _detect(self):
"""Detect the constant function using assembly code
@ -57,8 +63,6 @@ All the calls to `get` revert, breaking Bob's smart contract execution."""
list: {'vuln', 'filename,'contract','func','#varsWritten'}
"""
results = []
if self.compilation_unit.solc_version and self.compilation_unit.solc_version >= "0.5.0":
return results
for c in self.contracts:
for f in c.functions:
if f.contract_declarer != c:

@ -2,7 +2,11 @@
Module detecting constant functions
Recursively check the called functions
"""
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.detectors.abstract_detector import (
AbstractDetector,
DetectorClassification,
ALL_SOLC_VERSIONS_04,
)
from slither.formatters.attributes.const_functions import custom_format
@ -49,6 +53,8 @@ All the calls to `get` revert, breaking Bob's smart contract execution."""
"Ensure that attributes of contracts compiled prior to Solidity 0.5.0 are correct."
)
VULNERABLE_SOLC_VERSIONS = ALL_SOLC_VERSIONS_04
def _detect(self):
"""Detect the constant function changing the state
@ -57,8 +63,6 @@ All the calls to `get` revert, breaking Bob's smart contract execution."""
list: {'vuln', 'filename,'contract','func','#varsWritten'}
"""
results = []
if self.compilation_unit.solc_version and self.compilation_unit.solc_version >= "0.5.0":
return results
for c in self.contracts:
for f in c.functions:
if f.contract_declarer != c:

@ -2,23 +2,15 @@
Module detecting dangerous conversion to enum
"""
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.detectors.abstract_detector import (
AbstractDetector,
DetectorClassification,
make_solc_versions,
)
from slither.slithir.operations import TypeConversion
from slither.core.declarations.enum import Enum
def _uses_vulnerable_solc_version(version):
"""Detect if used compiler version is 0.4.[0|1|2|3|4]
Args:
version (solc version used)
Returns:
Bool
"""
if version in ["0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4"]:
return True
return False
def _detect_dangerous_enum_conversions(contract):
"""Detect dangerous conversion to enum by checking IR
Args:
@ -67,12 +59,11 @@ Attackers can trigger unexpected behaviour by calling `bug(1)`."""
WIKI_RECOMMENDATION = "Use a recent compiler version. If `solc` <`0.4.5` is required, check the `enum` conversion range."
VULNERABLE_SOLC_VERSIONS = make_solc_versions(4, 0, 4)
def _detect(self):
"""Detect dangerous conversion to enum"""
results = []
# If solc version >= 0.4.5 then return
if not _uses_vulnerable_solc_version(self.compilation_unit.solc_version):
return results
for c in self.compilation_unit.contracts:
ret = _detect_dangerous_enum_conversions(c)

@ -2,7 +2,11 @@
Module detecting public mappings with nested variables (returns incorrect values prior to 0.5.x)
"""
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.detectors.abstract_detector import (
AbstractDetector,
DetectorClassification,
ALL_SOLC_VERSIONS_04,
)
from slither.core.solidity_types.mapping_type import MappingType
from slither.core.solidity_types.user_defined_type import UserDefinedType
from slither.core.declarations.structure import Structure
@ -62,6 +66,8 @@ class PublicMappingNested(AbstractDetector):
WIKI_EXPLOIT_SCENARIO = """Bob interacts with a contract that has a public mapping with nested structures. The values returned by the mapping are incorrect, breaking Bob's usage"""
WIKI_RECOMMENDATION = "Do not use public mapping with nested structures."
VULNERABLE_SOLC_VERSIONS = ALL_SOLC_VERSIONS_04
def _detect(self):
"""
Detect public mappings with nested variables (returns incorrect values prior to 0.5.x)
@ -72,14 +78,6 @@ class PublicMappingNested(AbstractDetector):
"""
results = []
if self.compilation_unit.solc_version >= "0.5.0":
return []
if self.compilation_unit.solc_version and self.compilation_unit.solc_version.startswith(
"0.5."
):
return []
for contract in self.contracts:
public_nested_mappings = detect_public_nested_mappings(contract)
if public_nested_mappings:

@ -2,7 +2,11 @@
Module detecting re-used base constructors in inheritance hierarchy.
"""
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.detectors.abstract_detector import (
AbstractDetector,
DetectorClassification,
ALL_SOLC_VERSIONS_04,
)
# Helper: adds explicitly called constructors with arguments to the results lookup.
@ -71,6 +75,8 @@ The constructor of `A` is called multiple times in `D` and `E`:
WIKI_RECOMMENDATION = "Remove the duplicate constructor call."
VULNERABLE_SOLC_VERSIONS = ALL_SOLC_VERSIONS_04
def _detect_explicitly_called_base_constructors(self, contract):
"""
Detects explicitly calls to base constructors with arguments in the inheritance hierarchy.
@ -126,10 +132,6 @@ The constructor of `A` is called multiple times in `D` and `E`:
results = []
# The bug is not possible with solc >= 0.5.0
if not self.compilation_unit.solc_version.startswith("0.4."):
return []
# Loop for each contract
for contract in self.contracts:

@ -2,7 +2,11 @@
Module detecting ABIEncoderV2 array bug
"""
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.detectors.abstract_detector import (
AbstractDetector,
DetectorClassification,
make_solc_versions,
)
from slither.core.solidity_types import ArrayType
from slither.core.solidity_types import UserDefinedType
from slither.core.variables.local_variable import LocalVariable
@ -13,38 +17,6 @@ from slither.slithir.operations import EventCall
from slither.slithir.operations import HighLevelCall
from slither.utils.utils import unroll
vulnerable_solc_versions = [
"0.4.7",
"0.4.8",
"0.4.9",
"0.4.10",
"0.4.11",
"0.4.12",
"0.4.13",
"0.4.14",
"0.4.15",
"0.4.16",
"0.4.17",
"0.4.18",
"0.4.19",
"0.4.20",
"0.4.21",
"0.4.22",
"0.4.23",
"0.4.24",
"0.4.25",
"0.5.0",
"0.5.1",
"0.5.2",
"0.5.3",
"0.5.4",
"0.5.5",
"0.5.6",
"0.5.7",
"0.5.8",
"0.5.9",
]
class ABIEncoderV2Array(AbstractDetector):
"""
@ -80,6 +52,8 @@ contract A {
WIKI_RECOMMENDATION = "Use a compiler >= `0.5.10`."
VULNERABLE_SOLC_VERSIONS = make_solc_versions(4, 7, 25) + make_solc_versions(5, 0, 9)
@staticmethod
def _detect_storage_abiencoderv2_arrays(contract):
"""
@ -130,10 +104,6 @@ contract A {
"""
results = []
# Check if vulnerable solc versions are used
if self.compilation_unit.solc_version not in vulnerable_solc_versions:
return results
# Check if pragma experimental ABIEncoderV2 is used
if not any(
(p.directive[0] == "experimental" and p.directive[1] == "ABIEncoderV2")

@ -2,7 +2,11 @@
Module detecting storage signed integer array bug
"""
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.detectors.abstract_detector import (
AbstractDetector,
DetectorClassification,
make_solc_versions,
)
from slither.core.cfg.node import NodeType
from slither.core.solidity_types import ArrayType
from slither.core.solidity_types.elementary_type import Int, ElementaryType
@ -11,39 +15,6 @@ from slither.core.variables.state_variable import StateVariable
from slither.slithir.operations.assignment import Assignment
from slither.slithir.operations.init_array import InitArray
vulnerable_solc_versions = [
"0.4.7",
"0.4.8",
"0.4.9",
"0.4.10",
"0.4.11",
"0.4.12",
"0.4.13",
"0.4.14",
"0.4.15",
"0.4.16",
"0.4.17",
"0.4.18",
"0.4.19",
"0.4.20",
"0.4.21",
"0.4.22",
"0.4.23",
"0.4.24",
"0.4.25",
"0.5.0",
"0.5.1",
"0.5.2",
"0.5.3",
"0.5.4",
"0.5.5",
"0.5.6",
"0.5.7",
"0.5.8",
"0.5.9",
"0.5.10",
]
class StorageSignedIntegerArray(AbstractDetector):
"""
@ -61,7 +32,7 @@ class StorageSignedIntegerArray(AbstractDetector):
WIKI_TITLE = "Storage Signed Integer Array"
# region wiki_description
WIKI_DESCRIPTION = """`solc` versions `0.4.7`-`0.5.10` contain [a compiler bug](https://blog.ethereum.org/2019/06/25/solidity-storage-array-bugs)
WIKI_DESCRIPTION = """`solc` versions `0.4.7`-`0.5.9` contain [a compiler bug](https://blog.ethereum.org/2019/06/25/solidity-storage-array-bugs)
leading to incorrect values in signed integer arrays."""
# endregion wiki_description
@ -84,6 +55,8 @@ contract A {
WIKI_RECOMMENDATION = "Use a compiler version >= `0.5.10`."
VULNERABLE_SOLC_VERSIONS = make_solc_versions(4, 7, 25) + make_solc_versions(5, 0, 9)
@staticmethod
def _is_vulnerable_type(ir):
"""
@ -140,8 +113,6 @@ contract A {
Detect storage signed integer array init/assignment
"""
results = []
if self.compilation_unit.solc_version not in vulnerable_solc_versions:
return results
for contract in self.contracts:
storage_signed_integer_arrays = self.detect_storage_signed_integer_arrays(contract)
for function, node in storage_signed_integer_arrays:

@ -2,44 +2,15 @@
Module detecting uninitialized function pointer calls in constructors
"""
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.detectors.abstract_detector import (
AbstractDetector,
DetectorClassification,
make_solc_versions,
)
from slither.slithir.operations import InternalDynamicCall, OperationWithLValue
from slither.slithir.variables import ReferenceVariable
from slither.slithir.variables.variable import SlithIRVariable
vulnerable_solc_versions = [
"0.4.5",
"0.4.6",
"0.4.7",
"0.4.8",
"0.4.9",
"0.4.10",
"0.4.11",
"0.4.12",
"0.4.13",
"0.4.14",
"0.4.15",
"0.4.16",
"0.4.17",
"0.4.18",
"0.4.19",
"0.4.20",
"0.4.21",
"0.4.22",
"0.4.23",
"0.4.24",
"0.4.25",
"0.5.0",
"0.5.1",
"0.5.2",
"0.5.3",
"0.5.4",
"0.5.5",
"0.5.6",
"0.5.7",
"0.5.8",
]
def _get_variables_entrance(function):
"""
@ -110,6 +81,8 @@ The call to `a(10)` will lead to unexpected behavior because function pointer `a
"Initialize function pointers before calling. Avoid function pointers if possible."
)
VULNERABLE_SOLC_VERSIONS = make_solc_versions(4, 5, 25) + make_solc_versions(5, 0, 8)
@staticmethod
def _detect_uninitialized_function_ptr_in_constructor(contract):
"""
@ -134,10 +107,6 @@ The call to `a(10)` will lead to unexpected behavior because function pointer `a
"""
results = []
# Check if vulnerable solc versions are used
if self.compilation_unit.solc_version not in vulnerable_solc_versions:
return results
for contract in self.compilation_unit.contracts:
contract_info = ["Contract ", contract, " \n"]
nodes = self._detect_uninitialized_function_ptr_in_constructor(contract)

@ -5,7 +5,13 @@ from slither.core.declarations.structure import Structure
from slither.core.solidity_types.array_type import ArrayType
from slither.core.solidity_types.user_defined_type import UserDefinedType
from slither.core.variables.variable import Variable
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.detectors.abstract_detector import (
AbstractDetector,
DetectorClassification,
ALL_SOLC_VERSIONS_04,
ALL_SOLC_VERSIONS_05,
make_solc_versions,
)
from slither.formatters.functions.external_function import custom_format
from slither.slithir.operations import InternalCall, InternalDynamicCall
from slither.slithir.operations import SolidityCall
@ -31,6 +37,10 @@ class ExternalFunction(AbstractDetector):
WIKI_DESCRIPTION = "`public` functions that are never called by the contract should be declared `external`, and its immutable parameters should be located in `calldata` to save gas."
WIKI_RECOMMENDATION = "Use the `external` attribute for functions never called from the contract, and change the location of immutable parameters to `calldata` to save gas."
VULNERABLE_SOLC_VERSIONS = (
ALL_SOLC_VERSIONS_04 + ALL_SOLC_VERSIONS_05 + make_solc_versions(6, 0, 8)
)
@staticmethod
def detect_functions_called(contract: Contract) -> List[Function]:
"""Returns a list of InternallCall, SolidityCall
@ -134,15 +144,6 @@ class ExternalFunction(AbstractDetector):
def _detect(self) -> List[Output]: # pylint: disable=too-many-locals,too-many-branches
results: List[Output] = []
# After solc 0.6.9, calldata arguments are allowed in public functions
if self.compilation_unit.solc_version >= "0.7." or self.compilation_unit.solc_version in [
"0.6.9",
"0.6.10",
"0.6.11",
"0.6.12",
]:
return results
# Create a set to track contracts with dynamic calls. All contracts with dynamic calls could potentially be
# calling functions internally, and thus we can't assume any function in such contracts isn't called by them.
dynamic_call_contracts: Set[Contract] = set()

@ -2,7 +2,12 @@
Module detecting assignment of array length
"""
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.detectors.abstract_detector import (
AbstractDetector,
DetectorClassification,
ALL_SOLC_VERSIONS_04,
ALL_SOLC_VERSIONS_05,
)
from slither.core.cfg.node import NodeType
from slither.slithir.operations import Assignment, Length
from slither.slithir.variables.reference import ReferenceVariable
@ -103,14 +108,13 @@ Note that storage slots here are indexed via a hash of the indexers; nonetheless
Otherwise, thoroughly review the contract to ensure a user-controlled variable cannot reach an array length assignment."""
# endregion wiki_recommendation
VULNERABLE_SOLC_VERSIONS = ALL_SOLC_VERSIONS_04 + ALL_SOLC_VERSIONS_05
def _detect(self):
"""
Detect array length assignments
"""
results = []
# Starting from 0.6 .length is read only
if self.compilation_unit.solc_version >= "0.6.":
return results
for contract in self.contracts:
array_length_assignments = detect_array_length_assignment(contract)
if array_length_assignments:

@ -1,506 +1,3 @@
[
[
{
"elements": [
{
"type": "contract",
"name": "A",
"source_mapping": {
"start": 25,
"length": 2256,
"filename_relative": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45
],
"starting_column": 1,
"ending_column": 2
}
},
{
"type": "function",
"name": "bad1",
"source_mapping": {
"start": 601,
"length": 170,
"filename_relative": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"is_dependency": false,
"lines": [
15,
16,
17
],
"starting_column": 3,
"ending_column": 4
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "A",
"source_mapping": {
"start": 25,
"length": 2256,
"filename_relative": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad1(int128[3])"
}
},
{
"type": "node",
"name": "intArray = userArray",
"source_mapping": {
"start": 746,
"length": 20,
"filename_relative": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"is_dependency": false,
"lines": [
16
],
"starting_column": 5,
"ending_column": 25
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad1",
"source_mapping": {
"start": 601,
"length": 170,
"filename_relative": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"is_dependency": false,
"lines": [
15,
16,
17
],
"starting_column": 3,
"ending_column": 4
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "A",
"source_mapping": {
"start": 25,
"length": 2256,
"filename_relative": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad1(int128[3])"
}
}
}
}
],
"description": "Contract A (tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#3-45) \n\t- Function A.bad1(int128[3]) (tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#15-17)\n\t\t- intArray = userArray (tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#16) has a storage signed integer array assignment\n",
"markdown": "Contract [A](tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#L3-L45) \n\t- Function [A.bad1(int128[3])](tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#L15-L17)\n\t\t- [intArray = userArray](tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#L16) has a storage signed integer array assignment\n",
"first_markdown_element": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#L3-L45",
"id": "7ba5efbfb61ba63a7ac01d376a0cede2fda18c2a2d8604c4a82cccec92ae2bdb",
"check": "storage-array",
"impact": "High",
"confidence": "Medium"
},
{
"elements": [
{
"type": "contract",
"name": "A",
"source_mapping": {
"start": 25,
"length": 2256,
"filename_relative": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45
],
"starting_column": 1,
"ending_column": 2
}
},
{
"type": "function",
"name": "bad0",
"source_mapping": {
"start": 355,
"length": 132,
"filename_relative": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"is_dependency": false,
"lines": [
10,
11,
12
],
"starting_column": 3,
"ending_column": 4
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "A",
"source_mapping": {
"start": 25,
"length": 2256,
"filename_relative": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad0()"
}
},
{
"type": "node",
"name": "intArray = (- 1,- 2,- 3)",
"source_mapping": {
"start": 384,
"length": 23,
"filename_relative": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"is_dependency": false,
"lines": [
11
],
"starting_column": 5,
"ending_column": 28
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad0",
"source_mapping": {
"start": 355,
"length": 132,
"filename_relative": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"is_dependency": false,
"lines": [
10,
11,
12
],
"starting_column": 3,
"ending_column": 4
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "A",
"source_mapping": {
"start": 25,
"length": 2256,
"filename_relative": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad0()"
}
}
}
}
],
"description": "Contract A (tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#3-45) \n\t- Function A.bad0() (tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#10-12)\n\t\t- intArray = (- 1,- 2,- 3) (tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#11) has a storage signed integer array assignment\n",
"markdown": "Contract [A](tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#L3-L45) \n\t- Function [A.bad0()](tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#L10-L12)\n\t\t- [intArray = (- 1,- 2,- 3)](tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#L11) has a storage signed integer array assignment\n",
"first_markdown_element": "tests/detectors/storage-array/0.5.10/storage_signed_integer_array.sol#L3-L45",
"id": "da870be9a396bc52d2f6f8caeb00e6b8809ad1b6fb4c24a019568257b3404a2f",
"check": "storage-array",
"impact": "High",
"confidence": "Medium"
}
]
[]
]
Loading…
Cancel
Save