Json refactor:

- merge similar fields
        - convert last detectors output
pull/84/head
Josselin 6 years ago
parent 242acd0538
commit 1995d4f57b
  1. 6
      slither/detectors/attributes/const_functions.py
  2. 4
      slither/detectors/attributes/constant_pragma.py
  3. 4
      slither/detectors/attributes/old_solc.py
  4. 6
      slither/detectors/functions/arbitrary_send.py
  5. 2
      slither/detectors/operations/low_level_calls.py
  6. 2
      slither/detectors/operations/unused_return_values.py
  7. 2
      slither/detectors/statements/controlled_delegatecall.py
  8. 2
      slither/detectors/statements/tx_origin.py
  9. 11
      slither/detectors/variables/uninitialized_local_variables.py
  10. 17
      slither/detectors/variables/uninitialized_state_variables.py
  11. 13
      slither/detectors/variables/uninitialized_storage_variables.py
  12. 11
      slither/detectors/variables/unused_state_variables.py
  13. 6
      tests/expected_json/arbitrary_send.arbitrary-send.json
  14. 30
      tests/expected_json/constant.constant-function.json
  15. 4
      tests/expected_json/controlled_delegatecall.controlled-delegatecall.json
  16. 28
      tests/expected_json/low_level_calls.low-level-calls.json
  17. 6
      tests/expected_json/old_solc.sol.json.solc-version.json
  18. 10
      tests/expected_json/pragma.0.4.24.pragma.json
  19. 52
      tests/expected_json/tx_origin.tx-origin.json
  20. 168
      tests/expected_json/uninitialized.uninitialized-state.json
  21. 32
      tests/expected_json/uninitialized_local_variable.uninitialized-local.json
  22. 32
      tests/expected_json/uninitialized_storage_pointer.uninitialized-storage.json
  23. 50
      tests/expected_json/unused_return.unused-return.json
  24. 26
      tests/expected_json/unused_state.unused-state.json

@ -39,7 +39,7 @@ class ConstantFunctions(AbstractDetector):
results.append({'check':self.ARGUMENT, results.append({'check':self.ARGUMENT,
'function':{'name': f.name, 'source_mapping': f.source_mapping}, 'function':{'name': f.name, 'source_mapping': f.source_mapping},
'contains_assembly': True, 'contains_assembly': True,
'variables_written': []}) 'variables': []})
variables_written = f.all_state_variables_written() variables_written = f.all_state_variables_written()
if variables_written: if variables_written:
@ -53,6 +53,8 @@ class ConstantFunctions(AbstractDetector):
results.append({'check':self.ARGUMENT, results.append({'check':self.ARGUMENT,
'function':{'name': f.name, 'source_mapping': f.source_mapping}, 'function':{'name': f.name, 'source_mapping': f.source_mapping},
'variables_written': [v.name for v in variables_written], 'variables': [{'name': v.name,
'source_mapping': v.source_mapping}
for v in variables_written],
'contains_assembly': False}) 'contains_assembly': False})
return results return results

@ -30,8 +30,8 @@ class ConstantPragma(AbstractDetector):
info += "\t- {} declares {}\n".format(p.source_mapping_str, str(p)) info += "\t- {} declares {}\n".format(p.source_mapping_str, str(p))
self.log(info) self.log(info)
pragma_json = [{'version': p.version, 'source_mapping': p.source_mapping} for p in pragma] pragma_json = [{'expression': p.version, 'source_mapping': p.source_mapping} for p in pragma]
results.append({'check': self.ARGUMENT, results.append({'check': self.ARGUMENT,
'pragmas': pragma_json}) 'expressions': pragma_json})
return results return results

@ -33,8 +33,8 @@ class OldSolc(AbstractDetector):
info += "\t- {} declares {}\n".format(p.source_mapping_str, str(p)) info += "\t- {} declares {}\n".format(p.source_mapping_str, str(p))
self.log(info) self.log(info)
pragma_json = [{'version': p.version, 'source_mapping': p.source_mapping} for p in old_pragma] pragma_json = [{'expression': p.version, 'source_mapping': p.source_mapping} for p in old_pragma]
results.append({'check': self.ARGUMENT, results.append({'check': self.ARGUMENT,
'pragmas': pragma_json}) 'expressions': pragma_json})
return results return results

@ -116,6 +116,10 @@ class ArbitrarySend(AbstractDetector):
'name' : func.name, 'name' : func.name,
'source_mapping': func.source_mapping 'source_mapping': func.source_mapping
}, },
'dangerous_calls':[{'source_mapping':n.source_mapping} for n in nodes]}) 'expressions':[{
'expression': str(n.expression),
'source_mapping':n.source_mapping}
for n in nodes]
})
return results return results

@ -55,7 +55,7 @@ class LowLevelCalls(AbstractDetector):
'function':{ 'function':{
'name': func.name, 'name': func.name,
'source_mapping': func.source_mapping}, 'source_mapping': func.source_mapping},
'low_level_calls': [ 'expressions': [
{'expression': str(node.expression), {'expression': str(node.expression),
'source_mapping':node.source_mapping} for node in nodes]}) 'source_mapping':node.source_mapping} for node in nodes]})

@ -64,7 +64,7 @@ class UnusedReturnValues(AbstractDetector):
'function':{ 'function':{
'name': f.name, 'name': f.name,
'source_mapping': f.source_mapping}, 'source_mapping': f.source_mapping},
'unused_returns': [ 'expressions': [
{'expression': str(node.expression), {'expression': str(node.expression),
'source_mapping': node.source_mapping} 'source_mapping': node.source_mapping}
for node in unused_return]}) for node in unused_return]})

@ -41,7 +41,7 @@ class ControlledDelegateCall(AbstractDetector):
'function':{ 'function':{
'name': f.name, 'name': f.name,
'source_mapping': f.source_mapping}, 'source_mapping': f.source_mapping},
'controlled_delegatecalls': [ 'expressions': [
{'expression': str(node.expression), {'expression': str(node.expression),
'source_mapping':node.source_mapping} for node in nodes]}) 'source_mapping':node.source_mapping} for node in nodes]})
return results return results

@ -62,7 +62,7 @@ class TxOrigin(AbstractDetector):
'function':{ 'function':{
'name': func.name, 'name': func.name,
'source_mapping': func.source_mapping}, 'source_mapping': func.source_mapping},
'tx_origin': [ 'expressions': [
{'expression': str(node.expression), {'expression': str(node.expression),
'source_mapping':node.source_mapping} for node in nodes]}) 'source_mapping':node.source_mapping} for node in nodes]})

@ -92,11 +92,10 @@ class UninitializedLocalVars(AbstractDetector):
source = [function.source_mapping, uninitialized_local_variable.source_mapping] source = [function.source_mapping, uninitialized_local_variable.source_mapping]
results.append({'vuln': 'UninitializedLocalVars', results.append({'check': self.ARGUMENT,
'sourceMapping': source, 'variable':{'name': uninitialized_local_variable.name,
'filename': self.filename, 'source_mapping': uninitialized_local_variable.source_mapping},
'contract': function.contract.name, 'function':{'name':function.name,
'function': function.name, 'source_mapping': function.source_mapping}})
'variable': var_name})
return results return results

@ -75,7 +75,9 @@ class UninitializedStateVarsDetection(AbstractDetector):
ret = self.detect_uninitialized(c) ret = self.detect_uninitialized(c)
for variable, functions in ret: for variable, functions in ret:
info = "{}.{} ({}) is never initialized. It is used in:\n" info = "{}.{} ({}) is never initialized. It is used in:\n"
info = info.format(variable.contract.name, variable.name, variable.source_mapping_str) info = info.format(variable.contract.name,
variable.name,
variable.source_mapping_str)
for f in functions: for f in functions:
info += "\t- {} ({})\n".format(f.name, f.source_mapping_str) info += "\t- {} ({})\n".format(f.name, f.source_mapping_str)
self.log(info) self.log(info)
@ -83,11 +85,12 @@ class UninitializedStateVarsDetection(AbstractDetector):
source = [variable.source_mapping] source = [variable.source_mapping]
source += [f.source_mapping for f in functions] source += [f.source_mapping for f in functions]
results.append({'vuln': 'UninitializedStateVars', results.append({'check': self.ARGUMENT,
'sourceMapping': source, 'variable':{'name': variable.name,
'filename': self.filename, 'source_mapping': variable.source_mapping},
'contract': c.name, 'functions':[
'functions': [str(f) for f in functions], {'name':function.name,
'variable': str(variable)}) 'source_mapping': function.source_mapping}
for function in functions]})
return results return results

@ -88,13 +88,10 @@ class UninitializedStorageVars(AbstractDetector):
self.log(info) self.log(info)
source = [function.source_mapping, uninitialized_storage_variable.source_mapping] results.append({'check': self.ARGUMENT,
'variable':{'name': uninitialized_storage_variable.name,
results.append({'vuln': 'UninitializedStorageVars', 'source_mapping': uninitialized_storage_variable.source_mapping},
'sourceMapping': source, 'function':{'name':function.name,
'filename': self.filename, 'source_mapping': function.source_mapping}})
'contract': function.contract.name,
'function': function.name,
'variable': var_name})
return results return results

@ -36,7 +36,6 @@ class UnusedStateVars(AbstractDetector):
for c in self.slither.contracts_derived: for c in self.slither.contracts_derived:
unusedVars = self.detect_unused(c) unusedVars = self.detect_unused(c)
if unusedVars: if unusedVars:
unusedVarsName = [v.name for v in unusedVars]
info = '' info = ''
for var in unusedVars: for var in unusedVars:
info += "{}.{} ({}) is never used in {}\n".format(var.contract.name, info += "{}.{} ({}) is never used in {}\n".format(var.contract.name,
@ -45,13 +44,11 @@ class UnusedStateVars(AbstractDetector):
c.name) c.name)
all_info += info all_info += info
sourceMapping = [v.source_mapping for v in unusedVars]
results.append({'vuln': 'unusedStateVars', results.append({'check': self.ARGUMENT,
'sourceMapping': sourceMapping, 'variables':[{'name': variable.name,
'filename': self.filename, 'source_mapping': variable.source_mapping}
'contract': c.name, for variable in unusedVars]})
'unusedVars': unusedVarsName})
if all_info != '': if all_info != '':
self.log(all_info) self.log(all_info)
return results return results

@ -1,8 +1,9 @@
[ [
{ {
"check": "arbitrary-send", "check": "arbitrary-send",
"dangerous_calls": [ "expressions": [
{ {
"expression": "msg.sender.send(this.balance)",
"source_mapping": { "source_mapping": {
"filename": "tests/arbitrary_send.sol", "filename": "tests/arbitrary_send.sol",
"length": 29, "length": 29,
@ -29,8 +30,9 @@
}, },
{ {
"check": "arbitrary-send", "check": "arbitrary-send",
"dangerous_calls": [ "expressions": [
{ {
"expression": "destination.send(this.balance)",
"source_mapping": { "source_mapping": {
"filename": "tests/arbitrary_send.sol", "filename": "tests/arbitrary_send.sol",
"length": 30, "length": 30,

@ -15,8 +15,18 @@
"start": 45 "start": 45
} }
}, },
"variables_written": [ "variables": [
"a" {
"name": "a",
"source_mapping": {
"filename": "tests/constant.sol",
"length": 6,
"lines": [
3
],
"start": 28
}
}
] ]
}, },
{ {
@ -35,8 +45,18 @@
"start": 113 "start": 113
} }
}, },
"variables_written": [ "variables": [
"a" {
"name": "a",
"source_mapping": {
"filename": "tests/constant.sol",
"length": 6,
"lines": [
3
],
"start": 28
}
}
] ]
}, },
{ {
@ -55,6 +75,6 @@
"start": 324 "start": 324
} }
}, },
"variables_written": [] "variables": []
} }
] ]

@ -1,7 +1,7 @@
[ [
{ {
"check": "controlled-delegatecall", "check": "controlled-delegatecall",
"controlled_delegatecalls": [ "expressions": [
{ {
"expression": "addr_bad.delegatecall(data)", "expression": "addr_bad.delegatecall(data)",
"source_mapping": { "source_mapping": {
@ -31,7 +31,7 @@
}, },
{ {
"check": "controlled-delegatecall", "check": "controlled-delegatecall",
"controlled_delegatecalls": [ "expressions": [
{ {
"expression": "addr_bad.delegatecall(func_id,data)", "expression": "addr_bad.delegatecall(func_id,data)",
"source_mapping": { "source_mapping": {

@ -1,6 +1,19 @@
[ [
{ {
"check": "low-level-calls", "check": "low-level-calls",
"expressions": [
{
"expression": "_receiver.call.value(msg.value).gas(7777)()",
"source_mapping": {
"filename": "tests/low_level_calls.sol",
"length": 43,
"lines": [
6
],
"start": 100
}
}
],
"function": { "function": {
"name": "send", "name": "send",
"source_mapping": { "source_mapping": {
@ -13,19 +26,6 @@
], ],
"start": 49 "start": 49
} }
}, }
"low_level_calls": [
{
"expression": "_receiver.call.value(msg.value).gas(7777)()",
"source_mapping": {
"filename": "tests/low_level_calls.sol",
"length": 43,
"lines": [
6
],
"start": 100
}
}
]
} }
] ]

@ -1,15 +1,15 @@
[ [
{ {
"check": "solc-version", "check": "solc-version",
"pragmas": [ "expressions": [
{ {
"expression": "0.4.21",
"source_mapping": { "source_mapping": {
"filename": "old_solc.sol", "filename": "old_solc.sol",
"length": 23, "length": 23,
"lines": [], "lines": [],
"start": 0 "start": 0
}, }
"version": "0.4.21"
} }
] ]
} }

@ -1,8 +1,9 @@
[ [
{ {
"check": "pragma", "check": "pragma",
"pragmas": [ "expressions": [
{ {
"expression": "^0.4.23",
"source_mapping": { "source_mapping": {
"filename": "tests/pragma.0.4.23.sol", "filename": "tests/pragma.0.4.23.sol",
"length": 24, "length": 24,
@ -10,10 +11,10 @@
1 1
], ],
"start": 0 "start": 0
}, }
"version": "^0.4.23"
}, },
{ {
"expression": "^0.4.24",
"source_mapping": { "source_mapping": {
"filename": "tests/pragma.0.4.24.sol", "filename": "tests/pragma.0.4.24.sol",
"length": 24, "length": 24,
@ -21,8 +22,7 @@
1 1
], ],
"start": 0 "start": 0
}, }
"version": "^0.4.24"
} }
] ]
} }

@ -1,6 +1,19 @@
[ [
{ {
"check": "tx-origin", "check": "tx-origin",
"expressions": [
{
"expression": "require(bool)(tx.origin == owner)",
"source_mapping": {
"filename": "tests/tx_origin.sol",
"length": 27,
"lines": [
10
],
"start": 140
}
}
],
"function": { "function": {
"name": "bug0", "name": "bug0",
"source_mapping": { "source_mapping": {
@ -13,23 +26,25 @@
], ],
"start": 114 "start": 114
} }
}, }
"tx_origin": [ },
{
"check": "tx-origin",
"expressions": [
{ {
"expression": "require(bool)(tx.origin == owner)", "expression": "tx.origin != owner",
"source_mapping": { "source_mapping": {
"filename": "tests/tx_origin.sol", "filename": "tests/tx_origin.sol",
"length": 27, "length": 57,
"lines": [ "lines": [
10 14,
15,
16
], ],
"start": 140 "start": 206
} }
} }
] ],
},
{
"check": "tx-origin",
"function": { "function": {
"name": "bug2", "name": "bug2",
"source_mapping": { "source_mapping": {
@ -44,21 +59,6 @@
], ],
"start": 180 "start": 180
} }
}, }
"tx_origin": [
{
"expression": "tx.origin != owner",
"source_mapping": {
"filename": "tests/tx_origin.sol",
"length": 57,
"lines": [
14,
15,
16
],
"start": 206
}
}
]
} }
] ]

@ -1,120 +1,120 @@
[ [
{ {
"contract": "Test", "check": "uninitialized-state",
"filename": "tests/uninitialized.sol",
"functions": [ "functions": [
"use"
],
"sourceMapping": [
{ {
"name": "transfer",
"source_mapping": {
"filename": "tests/uninitialized.sol",
"length": 82,
"lines": [
7,
8,
9
],
"start": 81
}
}
],
"variable": {
"name": "destination",
"source_mapping": {
"filename": "tests/uninitialized.sol", "filename": "tests/uninitialized.sol",
"length": 34, "length": 19,
"lines": [ "lines": [
15 5
], ],
"start": 189 "start": 55
}, }
}
},
{
"check": "uninitialized-state",
"functions": [
{ {
"name": "use",
"source_mapping": {
"filename": "tests/uninitialized.sol",
"length": 143,
"lines": [
23,
24,
25,
26
],
"start": 356
}
}
],
"variable": {
"name": "balances",
"source_mapping": {
"filename": "tests/uninitialized.sol", "filename": "tests/uninitialized.sol",
"length": 143, "length": 34,
"lines": [ "lines": [
23, 15
24,
25,
26
], ],
"start": 356 "start": 189
} }
], }
"variable": "balances",
"vuln": "UninitializedStateVars"
}, },
{ {
"contract": "Test2", "check": "uninitialized-state",
"filename": "tests/uninitialized.sol",
"functions": [ "functions": [
"use"
],
"sourceMapping": [
{ {
"name": "use",
"source_mapping": {
"filename": "tests/uninitialized.sol",
"length": 117,
"lines": [
53,
54,
55,
56
],
"start": 875
}
}
],
"variable": {
"name": "st",
"source_mapping": {
"filename": "tests/uninitialized.sol", "filename": "tests/uninitialized.sol",
"length": 15, "length": 15,
"lines": [ "lines": [
45 45
], ],
"start": 695 "start": 695
},
{
"filename": "tests/uninitialized.sol",
"length": 117,
"lines": [
53,
54,
55,
56
],
"start": 875
} }
], }
"variable": "st",
"vuln": "UninitializedStateVars"
}, },
{ {
"contract": "Test2", "check": "uninitialized-state",
"filename": "tests/uninitialized.sol",
"functions": [ "functions": [
"init"
],
"sourceMapping": [
{ {
"name": "init",
"source_mapping": {
"filename": "tests/uninitialized.sol",
"length": 52,
"lines": [
49,
50,
51
],
"start": 817
}
}
],
"variable": {
"name": "v",
"source_mapping": {
"filename": "tests/uninitialized.sol", "filename": "tests/uninitialized.sol",
"length": 6, "length": 6,
"lines": [ "lines": [
47 47
], ],
"start": 748 "start": 748
},
{
"filename": "tests/uninitialized.sol",
"length": 52,
"lines": [
49,
50,
51
],
"start": 817
}
],
"variable": "v",
"vuln": "UninitializedStateVars"
},
{
"contract": "Uninitialized",
"filename": "tests/uninitialized.sol",
"functions": [
"transfer"
],
"sourceMapping": [
{
"filename": "tests/uninitialized.sol",
"length": 19,
"lines": [
5
],
"start": 55
},
{
"filename": "tests/uninitialized.sol",
"length": 82,
"lines": [
7,
8,
9
],
"start": 81
} }
], }
"variable": "destination",
"vuln": "UninitializedStateVars"
} }
] ]

@ -1,18 +1,9 @@
[ [
{ {
"contract": "Uninitialized", "check": "uninitialized-local",
"filename": "tests/uninitialized_local_variable.sol", "function": {
"function": "func", "name": "func",
"sourceMapping": [ "source_mapping": {
{
"filename": "tests/uninitialized_local_variable.sol",
"length": 18,
"lines": [
4
],
"start": 77
},
{
"filename": "tests/uninitialized_local_variable.sol", "filename": "tests/uninitialized_local_variable.sol",
"length": 143, "length": 143,
"lines": [ "lines": [
@ -24,8 +15,17 @@
], ],
"start": 29 "start": 29
} }
], },
"variable": "uint_not_init", "variable": {
"vuln": "UninitializedLocalVars" "name": "uint_not_init",
"source_mapping": {
"filename": "tests/uninitialized_local_variable.sol",
"length": 18,
"lines": [
4
],
"start": 77
}
}
} }
] ]

@ -1,18 +1,9 @@
[ [
{ {
"contract": "Uninitialized", "check": "uninitialized-storage",
"filename": "tests/uninitialized_storage_pointer.sol", "function": {
"function": "func", "name": "func",
"sourceMapping": [ "source_mapping": {
{
"filename": "tests/uninitialized_storage_pointer.sol",
"length": 9,
"lines": [
10
],
"start": 171
},
{
"filename": "tests/uninitialized_storage_pointer.sol", "filename": "tests/uninitialized_storage_pointer.sol",
"length": 138, "length": 138,
"lines": [ "lines": [
@ -25,8 +16,17 @@
], ],
"start": 67 "start": 67
} }
], },
"variable": "st_bug", "variable": {
"vuln": "UninitializedStorageVars" "name": "st_bug",
"source_mapping": {
"filename": "tests/uninitialized_storage_pointer.sol",
"length": 9,
"lines": [
10
],
"start": 171
}
}
} }
] ]

@ -1,30 +1,7 @@
[ [
{ {
"check": "unused-return", "check": "unused-return",
"function": { "expressions": [
"name": "test",
"source_mapping": {
"filename": "tests/unused_return.sol",
"length": 347,
"lines": [
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29
],
"start": 230
}
},
"unused_returns": [
{ {
"expression": "a.add(0)", "expression": "a.add(0)",
"source_mapping": { "source_mapping": {
@ -47,6 +24,29 @@
"start": 263 "start": 263
} }
} }
] ],
"function": {
"name": "test",
"source_mapping": {
"filename": "tests/unused_return.sol",
"length": 347,
"lines": [
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29
],
"start": 230
}
}
} }
] ]

@ -1,20 +1,18 @@
[ [
{ {
"contract": "B", "check": "unused-state",
"filename": "tests/unused_state.sol", "variables": [
"sourceMapping": [
{ {
"filename": "tests/unused_state.sol", "name": "unused",
"length": 14, "source_mapping": {
"lines": [ "filename": "tests/unused_state.sol",
4 "length": 14,
], "lines": [
"start": 42 4
],
"start": 42
}
} }
], ]
"unusedVars": [
"unused"
],
"vuln": "unusedStateVars"
} }
] ]
Loading…
Cancel
Save