From 8a8424ea63aeba9e71d96aa1cef99ccac5f6e2c1 Mon Sep 17 00:00:00 2001 From: Josselin Date: Wed, 8 May 2019 07:06:04 +0100 Subject: [PATCH 01/11] Improve type deduction of Literal (old solc) --- slither/solc_parsing/expressions/expression_parsing.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/slither/solc_parsing/expressions/expression_parsing.py b/slither/solc_parsing/expressions/expression_parsing.py index 968ae446a..1de47a1d0 100644 --- a/slither/solc_parsing/expressions/expression_parsing.py +++ b/slither/solc_parsing/expressions/expression_parsing.py @@ -497,7 +497,12 @@ def parse_expression(expression, caller_context): value = '0x'+expression['attributes']['hexvalue'] type = expression['attributes']['type'] - if type.startswith('int_const '): + if type is None: + if value.isdecimal(): + type = ElementaryType('uint256') + else: + type = ElementaryType('string') + elif type.startswith('int_const '): type = ElementaryType('uint256') elif type.startswith('bool'): type = ElementaryType('bool') From 024ddef7f26f8ec45a49d23994f939edb86557ee Mon Sep 17 00:00:00 2001 From: Josselin Date: Wed, 8 May 2019 07:21:35 +0100 Subject: [PATCH 02/11] Incorrect ERC detectors: iterate over contracts_derived to avoid dupplicate --- slither/detectors/erc/incorrect_erc20_interface.py | 5 +++-- slither/detectors/erc/incorrect_erc721_interface.py | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/slither/detectors/erc/incorrect_erc20_interface.py b/slither/detectors/erc/incorrect_erc20_interface.py index 5333f089c..fab6d8aab 100644 --- a/slither/detectors/erc/incorrect_erc20_interface.py +++ b/slither/detectors/erc/incorrect_erc20_interface.py @@ -70,7 +70,8 @@ contract Token{ if contract.is_possible_erc721(): return [] - functions = [f for f in contract.functions if IncorrectERC20InterfaceDetection.incorrect_erc20_interface(f.signature)] + funcs = contract.functions + functions = [f for f in funcs if IncorrectERC20InterfaceDetection.incorrect_erc20_interface(f.signature)] return functions def _detect(self): @@ -80,7 +81,7 @@ contract Token{ dict: [contract name] = set(str) events """ results = [] - for c in self.contracts: + for c in self.slither.contracts_derived: functions = IncorrectERC20InterfaceDetection.detect_incorrect_erc20_interface(c) if functions: info = "{} ({}) has incorrect ERC20 function interface(s):\n" diff --git a/slither/detectors/erc/incorrect_erc721_interface.py b/slither/detectors/erc/incorrect_erc721_interface.py index 336d549db..0ee8063d8 100644 --- a/slither/detectors/erc/incorrect_erc721_interface.py +++ b/slither/detectors/erc/incorrect_erc721_interface.py @@ -71,7 +71,8 @@ contract Token{ if not contract.is_possible_erc721() or not contract.is_possible_erc20(): return [] - functions = [f for f in contract.functions if IncorrectERC721InterfaceDetection.incorrect_erc721_interface(f.signature)] + funcs = contract.functions + functions = [f for f in funcs if IncorrectERC721InterfaceDetection.incorrect_erc721_interface(f.signature)] return functions def _detect(self): @@ -81,7 +82,7 @@ contract Token{ dict: [contract name] = set(str) events """ results = [] - for c in self.contracts: + for c in self.slither.contracts_derived: functions = IncorrectERC721InterfaceDetection.detect_incorrect_erc721_interface(c) if functions: info = "{} ({}) has incorrect ERC721 function interface(s):\n" From 5fd3821a0ed48a2e7d7a2062d4feb5690473f5d4 Mon Sep 17 00:00:00 2001 From: Josselin Date: Wed, 8 May 2019 07:59:50 +0100 Subject: [PATCH 03/11] Minor --- slither/analyses/write/are_variables_written.py | 2 ++ slither/slither.py | 1 - 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/slither/analyses/write/are_variables_written.py b/slither/analyses/write/are_variables_written.py index d644e3ac2..bc667394c 100644 --- a/slither/analyses/write/are_variables_written.py +++ b/slither/analyses/write/are_variables_written.py @@ -33,6 +33,8 @@ def _visit(node, visited, variables_written, variables_to_write): variables_written = variables_written + [ir.lvalue] lvalue = ir.lvalue while isinstance(lvalue, ReferenceVariable): + if lvalue not in refs: + break variables_written = variables_written + [refs[lvalue]] lvalue = refs[lvalue] diff --git a/slither/slither.py b/slither/slither.py index ccd76ec7c..7b025952b 100644 --- a/slither/slither.py +++ b/slither/slither.py @@ -44,7 +44,6 @@ class Slither(SlitherSolc): embark_overwrite_config (bool): overwrite original config file (default false) ''' - # list of files provided (see --splitted option) if isinstance(contract, list): self._init_from_list(contract) From 62b94d71a7d76dc5ecccf3067c478d6fa5b0d9cd Mon Sep 17 00:00:00 2001 From: Josselin Date: Wed, 8 May 2019 11:39:15 +0100 Subject: [PATCH 04/11] Improve int conversion (0X) --- slither/slithir/variables/constant.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/slither/slithir/variables/constant.py b/slither/slithir/variables/constant.py index ba19279e1..058a1c9e4 100644 --- a/slither/slithir/variables/constant.py +++ b/slither/slithir/variables/constant.py @@ -14,7 +14,7 @@ class Constant(SlithIRVariable): assert isinstance(type, ElementaryType) self._type = type if type.type in Int + Uint: - if val.startswith('0x'): + if val.startswith('0x') or val.startswith('0X'): self._val = int(val, 16) else: if 'e' in val: From 6b9f2199517e24cdb835a9ae2e5209b955fd13a8 Mon Sep 17 00:00:00 2001 From: Josselin Date: Wed, 8 May 2019 11:44:56 +0100 Subject: [PATCH 05/11] Allow early conversion to address --- slither/slithir/variables/constant.py | 2 +- slither/solc_parsing/expressions/expression_parsing.py | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/slither/slithir/variables/constant.py b/slither/slithir/variables/constant.py index 058a1c9e4..dea39e259 100644 --- a/slither/slithir/variables/constant.py +++ b/slither/slithir/variables/constant.py @@ -13,7 +13,7 @@ class Constant(SlithIRVariable): if type: assert isinstance(type, ElementaryType) self._type = type - if type.type in Int + Uint: + if type.type in Int + Uint + ['address']: if val.startswith('0x') or val.startswith('0X'): self._val = int(val, 16) else: diff --git a/slither/solc_parsing/expressions/expression_parsing.py b/slither/solc_parsing/expressions/expression_parsing.py index 8982438d2..2d037ebdb 100644 --- a/slither/solc_parsing/expressions/expression_parsing.py +++ b/slither/solc_parsing/expressions/expression_parsing.py @@ -505,6 +505,8 @@ def parse_expression(expression, caller_context): type = ElementaryType('uint256') elif type.startswith('bool'): type = ElementaryType('bool') + elif type.startswith('address'): + type = ElementaryType('address') else: type = ElementaryType('string') literal = Literal(value, type) From 1970b4448f5ca34bc5c4b967ecbec0987437038d Mon Sep 17 00:00:00 2001 From: Josselin Date: Wed, 8 May 2019 11:47:30 +0100 Subject: [PATCH 06/11] Int conversion: support float declaration --- slither/slithir/variables/constant.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/slither/slithir/variables/constant.py b/slither/slithir/variables/constant.py index dea39e259..64c3e4fdf 100644 --- a/slither/slithir/variables/constant.py +++ b/slither/slithir/variables/constant.py @@ -24,7 +24,7 @@ class Constant(SlithIRVariable): base, expo = val.split('E') self._val = int(float(base) * (10 ** int(expo))) else: - self._val = int(val) + self._val = int(float(val)) elif type.type == 'bool': self._val = val == 'true' else: From 7ebda7cb9beb093a54c0a54942e99f6d54a83f19 Mon Sep 17 00:00:00 2001 From: Josselin Date: Wed, 8 May 2019 11:50:36 +0100 Subject: [PATCH 07/11] Return IR: use _unroll for ir.read --- slither/slithir/operations/return_operation.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/slither/slithir/operations/return_operation.py b/slither/slithir/operations/return_operation.py index 2ef776b13..8fb9c2990 100644 --- a/slither/slithir/operations/return_operation.py +++ b/slither/slithir/operations/return_operation.py @@ -40,7 +40,7 @@ class Return(Operation): @property def values(self): - return self._values + return self._unroll(self._values) def __str__(self): return "RETURN {}".format(','.join(['{}'.format(x) for x in self.values])) From 8983a9353abd5f56e0bddd2e62564cde7709978d Mon Sep 17 00:00:00 2001 From: Josselin Date: Wed, 8 May 2019 11:54:05 +0100 Subject: [PATCH 08/11] Fix minor bug in ConstantFolding --- slither/visitors/expression/constants_folding.py | 2 +- slither/visitors/expression/expression.py | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/slither/visitors/expression/constants_folding.py b/slither/visitors/expression/constants_folding.py index 26ce38906..60568881b 100644 --- a/slither/visitors/expression/constants_folding.py +++ b/slither/visitors/expression/constants_folding.py @@ -21,8 +21,8 @@ def set_val(expression, val): class ConstantFolding(ExpressionVisitor): def __init__(self, expression, type): - super(ConstantFolding, self).__init__(expression) self._type = type + super(ConstantFolding, self).__init__(expression) def result(self): return Literal(int(get_val(self._expression)), self._type) diff --git a/slither/visitors/expression/expression.py b/slither/visitors/expression/expression.py index 6714508de..e78ad17ce 100644 --- a/slither/visitors/expression/expression.py +++ b/slither/visitors/expression/expression.py @@ -22,6 +22,7 @@ logger = logging.getLogger("ExpressionVisitor") class ExpressionVisitor: def __init__(self, expression): + # Inherited class must declared their variables prior calling super().__init__ self._expression = expression self._result = None self._visit_expression(self.expression) From 30736c9f67f166a9d4f26fc68f69d4ae3221c0af Mon Sep 17 00:00:00 2001 From: Josselin Date: Wed, 8 May 2019 12:05:57 +0100 Subject: [PATCH 09/11] Fix incorrect function lookup in case of shadowing --- slither/slithir/convert.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/slither/slithir/convert.py b/slither/slithir/convert.py index 5208e4641..f1e0a84ed 100644 --- a/slither/slithir/convert.py +++ b/slither/slithir/convert.py @@ -678,6 +678,9 @@ def convert_type_library_call(ir, lib_contract): func = lib_contract.get_function_from_signature(sig) if not func: func = lib_contract.get_state_variable_from_name(ir.function_name) + if func: + # stop to explore if func is found (prevent dupplicate issue) + break # In case of multiple binding to the same type if not func: # specific lookup when the compiler does implicit conversion @@ -712,6 +715,9 @@ def convert_type_of_high_and_internal_level_call(ir, contract): func = contract.get_function_from_signature(sig) if not func: func = contract.get_state_variable_from_name(ir.function_name) + if func: + # stop to explore if func is found (prevent dupplicate issue) + break if not func: # specific lookup when the compiler does implicit conversion # for example From 5303b644ba3de56b4ebb98c6bfb9e1ce8b2ee63a Mon Sep 17 00:00:00 2001 From: Josselin Date: Wed, 8 May 2019 12:50:18 +0100 Subject: [PATCH 10/11] Minor --- scripts/tests_generate_expected_json_4.sh | 1 + scripts/tests_generate_expected_json_5.sh | 1 + .../arbitrary_send-0.5.1.arbitrary-send.txt | 1 + .../arbitrary_send.arbitrary-send.txt | 1 + tests/expected_json/backdoor.backdoor.txt | 2 +- tests/expected_json/backdoor.suicidal.txt | 2 +- ...const_state_variables.constable-states.txt | 1 + .../constant-0.5.1.constant-function.txt | 1 + .../constant.constant-function.txt | 1 + ...d_delegatecall.controlled-delegatecall.txt | 1 + .../deprecated_calls.deprecated-standards.txt | 1 + .../erc20_indexed.erc20-indexed.txt | 1 + .../external_function.external-function.txt | 1 + .../external_function_2.external-function.txt | 1 + .../incorrect_equality.incorrect-equality.txt | 1 + ...orrect_erc20_interface.erc20-interface.txt | 1 + ...rect_erc721_interface.erc721-interface.txt | 1 + ...nline_assembly_contract-0.5.1.assembly.txt | 1 + .../inline_assembly_contract.assembly.txt | 1 + ...inline_assembly_library-0.5.1.assembly.txt | 1 + .../inline_assembly_library.assembly.txt | 1 + .../locked_ether-0.5.1.locked-ether.txt | 1 + .../locked_ether.locked-ether.txt | 1 + .../low_level_calls.low-level-calls.txt | 1 + .../multiple_calls_in_loop.calls-loop.txt | 1 + .../naming_convention.naming-convention.txt | 1 + .../old_solc.sol.json.solc-version.txt | 2 +- tests/expected_json/pragma.0.4.24.pragma.txt | 40 ++++++++++++++++++- .../reentrancy-0.5.1.reentrancy-eth.txt | 1 + .../reentrancy-0.5.1.reentrancy.txt | 6 +-- .../reentrancy.reentrancy-eth.txt | 1 + .../right_to_left_override.rtlo.txt | 3 +- .../shadowing_abstract.shadowing-abstract.txt | 1 + ...wing_builtin_symbols.shadowing-builtin.txt | 1 + ...adowing_local_variable.shadowing-local.txt | 1 + ...adowing_state_variable.shadowing-state.txt | 1 + .../solc_version_incorrect.solc-version.txt | 1 + tests/expected_json/timestamp.timestamp.txt | 1 + .../too_many_digits.too-many-digits.txt | 1 + .../tx_origin-0.5.1.tx-origin.txt | 1 + tests/expected_json/tx_origin.tx-origin.txt | 1 + ...ninitialized-0.5.1.uninitialized-state.txt | 1 + .../uninitialized.uninitialized-state.txt | 1 + ...zed_local_variable.uninitialized-local.txt | 1 + ..._storage_pointer.uninitialized-storage.txt | 40 ++++++++++++++++++- .../unused_return.unused-return.txt | 1 + .../unused_state.unused-state.txt | 1 + 47 files changed, 124 insertions(+), 11 deletions(-) diff --git a/scripts/tests_generate_expected_json_4.sh b/scripts/tests_generate_expected_json_4.sh index 184c199f1..c87b181de 100755 --- a/scripts/tests_generate_expected_json_4.sh +++ b/scripts/tests_generate_expected_json_4.sh @@ -17,6 +17,7 @@ generate_expected_json(){ sed "s|$CURRENT_PATH|$TRAVIS_PATH|g" "$output_filename" -i + sed "s|$CURRENT_PATH|$TRAVIS_PATH|g" "$output_filename_txt" -i } diff --git a/scripts/tests_generate_expected_json_5.sh b/scripts/tests_generate_expected_json_5.sh index b6107458e..a834e2e3a 100755 --- a/scripts/tests_generate_expected_json_5.sh +++ b/scripts/tests_generate_expected_json_5.sh @@ -17,6 +17,7 @@ generate_expected_json(){ slither "$1" --solc-disable-warnings --detect "$2" --json "$output_filename" --solc solc-0.5.1 > $output_filename_txt 2>&1 sed "s|$CURRENT_PATH|$TRAVIS_PATH|g" "$output_filename" -i + sed "s|$CURRENT_PATH|$TRAVIS_PATH|g" "$output_filename_txt" -i } #generate_expected_json tests/uninitialized-0.5.1.sol "uninitialized-state" diff --git a/tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.txt b/tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.txt index 3861f0b9b..462d02b85 100644 --- a/tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.txt +++ b/tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.txt @@ -6,4 +6,5 @@ Test.indirect (tests/arbitrary_send-0.5.1.sol#19-21) sends eth to arbitrary user Dangerous calls: - destination.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#20) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#functions-that-send-ether-to-arbitrary-destinations +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.json exists already, the overwrite is prevented INFO:Slither:tests/arbitrary_send-0.5.1.sol analyzed (1 contracts), 2 result(s) found diff --git a/tests/expected_json/arbitrary_send.arbitrary-send.txt b/tests/expected_json/arbitrary_send.arbitrary-send.txt index 07fd98b5a..14250b95c 100644 --- a/tests/expected_json/arbitrary_send.arbitrary-send.txt +++ b/tests/expected_json/arbitrary_send.arbitrary-send.txt @@ -6,4 +6,5 @@ Test.indirect (tests/arbitrary_send.sol#19-21) sends eth to arbitrary user Dangerous calls: - destination.send(address(this).balance) (tests/arbitrary_send.sol#20) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#functions-that-send-ether-to-arbitrary-destinations +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/arbitrary_send.arbitrary-send.json exists already, the overwrite is prevented INFO:Slither:tests/arbitrary_send.sol analyzed (1 contracts), 2 result(s) found diff --git a/tests/expected_json/backdoor.backdoor.txt b/tests/expected_json/backdoor.backdoor.txt index 5b7ccbcca..76d21139d 100644 --- a/tests/expected_json/backdoor.backdoor.txt +++ b/tests/expected_json/backdoor.backdoor.txt @@ -1,5 +1,5 @@ INFO:Detectors: Backdoor function found in C.i_am_a_backdoor (tests/backdoor.sol#4-6) Reference: https://github.com/trailofbits/slither/wiki/Adding-a-new-detector -INFO:Slither:/home/monty/Private/tob/tools/slither-public/scripts/../tests/expected_json/backdoor.backdoor.json exists already, the overwrite is prevented +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/backdoor.backdoor.json exists already, the overwrite is prevented INFO:Slither:tests/backdoor.sol analyzed (1 contracts), 1 result(s) found diff --git a/tests/expected_json/backdoor.suicidal.txt b/tests/expected_json/backdoor.suicidal.txt index 9f540e527..441cfb34d 100644 --- a/tests/expected_json/backdoor.suicidal.txt +++ b/tests/expected_json/backdoor.suicidal.txt @@ -1,5 +1,5 @@ INFO:Detectors: C.i_am_a_backdoor (tests/backdoor.sol#4-6) allows anyone to destruct the contract Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#suicidal -INFO:Slither:/home/monty/Private/tob/tools/slither-public/scripts/../tests/expected_json/backdoor.suicidal.json exists already, the overwrite is prevented +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/backdoor.suicidal.json exists already, the overwrite is prevented INFO:Slither:tests/backdoor.sol analyzed (1 contracts), 1 result(s) found diff --git a/tests/expected_json/const_state_variables.constable-states.txt b/tests/expected_json/const_state_variables.constable-states.txt index 2fc92c58c..e0aa1d9fa 100644 --- a/tests/expected_json/const_state_variables.constable-states.txt +++ b/tests/expected_json/const_state_variables.constable-states.txt @@ -6,4 +6,5 @@ B.mySistersAddress should be constant (tests/const_state_variables.sol#26) MyConc.should_be_constant should be constant (tests/const_state_variables.sol#42) MyConc.should_be_constant_2 should be constant (tests/const_state_variables.sol#43) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-constant +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/const_state_variables.constable-states.json exists already, the overwrite is prevented INFO:Slither:tests/const_state_variables.sol analyzed (3 contracts), 1 result(s) found diff --git a/tests/expected_json/constant-0.5.1.constant-function.txt b/tests/expected_json/constant-0.5.1.constant-function.txt index c3090ad40..8f7443dd4 100644 --- a/tests/expected_json/constant-0.5.1.constant-function.txt +++ b/tests/expected_json/constant-0.5.1.constant-function.txt @@ -1,4 +1,5 @@ INFO:Detectors: Constant.test_assembly_bug (tests/constant-0.5.1.sol#15-17) is declared view but contains assembly code Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#constant-functions-changing-the-state +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/constant-0.5.1.constant-function.json exists already, the overwrite is prevented INFO:Slither:tests/constant-0.5.1.sol analyzed (1 contracts), 1 result(s) found diff --git a/tests/expected_json/constant.constant-function.txt b/tests/expected_json/constant.constant-function.txt index e0d191ca3..c8faa98b5 100644 --- a/tests/expected_json/constant.constant-function.txt +++ b/tests/expected_json/constant.constant-function.txt @@ -5,4 +5,5 @@ Constant.test_constant_bug (tests/constant.sol#9-11) is declared view but change - Constant.a Constant.test_assembly_bug (tests/constant.sol#22-24) is declared view but contains assembly code Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#constant-functions-changing-the-state +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/constant.constant-function.json exists already, the overwrite is prevented INFO:Slither:tests/constant.sol analyzed (1 contracts), 3 result(s) found diff --git a/tests/expected_json/controlled_delegatecall.controlled-delegatecall.txt b/tests/expected_json/controlled_delegatecall.controlled-delegatecall.txt index f19040c46..f0bbe2a20 100644 --- a/tests/expected_json/controlled_delegatecall.controlled-delegatecall.txt +++ b/tests/expected_json/controlled_delegatecall.controlled-delegatecall.txt @@ -4,4 +4,5 @@ C.bad_delegate_call (tests/controlled_delegatecall.sol#8-11) uses delegatecall t C.bad_delegate_call2 (tests/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id addr_bad.delegatecall(abi.encode(func_id,data)) (tests/controlled_delegatecall.sol#19) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/controlled_delegatecall.controlled-delegatecall.json exists already, the overwrite is prevented INFO:Slither:tests/controlled_delegatecall.sol analyzed (1 contracts), 2 result(s) found diff --git a/tests/expected_json/deprecated_calls.deprecated-standards.txt b/tests/expected_json/deprecated_calls.deprecated-standards.txt index e0733a66e..cd9b84953 100644 --- a/tests/expected_json/deprecated_calls.deprecated-standards.txt +++ b/tests/expected_json/deprecated_calls.deprecated-standards.txt @@ -14,4 +14,5 @@ Deprecated standard detected @ tests/deprecated_calls.sol#22: Deprecated standard detected @ tests/deprecated_calls.sol#25: - Usage of "suicide()" should be replaced with "selfdestruct()" Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#deprecated-standards +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/deprecated_calls.deprecated-standards.json exists already, the overwrite is prevented INFO:Slither:tests/deprecated_calls.sol analyzed (1 contracts), 7 result(s) found diff --git a/tests/expected_json/erc20_indexed.erc20-indexed.txt b/tests/expected_json/erc20_indexed.erc20-indexed.txt index 4e6f57a83..03eca10ef 100644 --- a/tests/expected_json/erc20_indexed.erc20-indexed.txt +++ b/tests/expected_json/erc20_indexed.erc20-indexed.txt @@ -5,4 +5,5 @@ IERC20Bad (tests/erc20_indexed.sol#12-21) does not mark important ERC20 paramete -Approval (tests/erc20_indexed.sol#20) does not index parameter 'owner' -Approval (tests/erc20_indexed.sol#20) does not index parameter 'spender' Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unindexed-erc20-event-parameters +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/erc20_indexed.erc20-indexed.json exists already, the overwrite is prevented INFO:Slither:tests/erc20_indexed.sol analyzed (3 contracts), 1 result(s) found diff --git a/tests/expected_json/external_function.external-function.txt b/tests/expected_json/external_function.external-function.txt index 7a7fcfbd5..a34023f25 100644 --- a/tests/expected_json/external_function.external-function.txt +++ b/tests/expected_json/external_function.external-function.txt @@ -4,4 +4,5 @@ ContractWithFunctionNotCalled.funcNotCalled2 (tests/external_function.sol#17-19) ContractWithFunctionNotCalled.funcNotCalled (tests/external_function.sol#21-23) should be declared external ContractWithFunctionNotCalled2.funcNotCalled (tests/external_function.sol#32-39) should be declared external Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#public-function-that-could-be-declared-as-external +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/external_function.external-function.json exists already, the overwrite is prevented INFO:Slither:tests/external_function.sol analyzed (5 contracts), 4 result(s) found diff --git a/tests/expected_json/external_function_2.external-function.txt b/tests/expected_json/external_function_2.external-function.txt index 352324d7f..e18bf2a79 100644 --- a/tests/expected_json/external_function_2.external-function.txt +++ b/tests/expected_json/external_function_2.external-function.txt @@ -1 +1,2 @@ +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/external_function_2.external-function.json exists already, the overwrite is prevented INFO:Slither:tests/external_function_2.sol analyzed (4 contracts), 0 result(s) found diff --git a/tests/expected_json/incorrect_equality.incorrect-equality.txt b/tests/expected_json/incorrect_equality.incorrect-equality.txt index a692fa750..2cf434165 100644 --- a/tests/expected_json/incorrect_equality.incorrect-equality.txt +++ b/tests/expected_json/incorrect_equality.incorrect-equality.txt @@ -74,4 +74,5 @@ TestSolidityKeyword.bad1 (tests/incorrect_equality.sol#127-129) uses a dangerous TestSolidityKeyword.bad2 (tests/incorrect_equality.sol#131-133) uses a dangerous strict equality: - require(bool)(block.number == 0) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/incorrect_equality.incorrect-equality.json exists already, the overwrite is prevented INFO:Slither:tests/incorrect_equality.sol analyzed (5 contracts), 12 result(s) found diff --git a/tests/expected_json/incorrect_erc20_interface.erc20-interface.txt b/tests/expected_json/incorrect_erc20_interface.erc20-interface.txt index acff5f223..95e3629e2 100644 --- a/tests/expected_json/incorrect_erc20_interface.erc20-interface.txt +++ b/tests/expected_json/incorrect_erc20_interface.erc20-interface.txt @@ -7,4 +7,5 @@ Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function in -balanceOf (tests/incorrect_erc20_interface.sol#8) -allowance (tests/incorrect_erc20_interface.sol#9) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc20-interface +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/incorrect_erc20_interface.erc20-interface.json exists already, the overwrite is prevented INFO:Slither:tests/incorrect_erc20_interface.sol analyzed (1 contracts), 1 result(s) found diff --git a/tests/expected_json/incorrect_erc721_interface.erc721-interface.txt b/tests/expected_json/incorrect_erc721_interface.erc721-interface.txt index 76530c072..30d5f153e 100644 --- a/tests/expected_json/incorrect_erc721_interface.erc721-interface.txt +++ b/tests/expected_json/incorrect_erc721_interface.erc721-interface.txt @@ -11,4 +11,5 @@ Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function -getApproved (tests/incorrect_erc721_interface.sol#14) -isApprovedForAll (tests/incorrect_erc721_interface.sol#15) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc721-interface +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/incorrect_erc721_interface.erc721-interface.json exists already, the overwrite is prevented INFO:Slither:tests/incorrect_erc721_interface.sol analyzed (2 contracts), 1 result(s) found diff --git a/tests/expected_json/inline_assembly_contract-0.5.1.assembly.txt b/tests/expected_json/inline_assembly_contract-0.5.1.assembly.txt index 40b941a00..de0e9cf16 100644 --- a/tests/expected_json/inline_assembly_contract-0.5.1.assembly.txt +++ b/tests/expected_json/inline_assembly_contract-0.5.1.assembly.txt @@ -2,4 +2,5 @@ INFO:Detectors: GetCode.at uses assembly (tests/inline_assembly_contract-0.5.1.sol#6-20) - tests/inline_assembly_contract-0.5.1.sol#7-20 Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/inline_assembly_contract-0.5.1.assembly.json exists already, the overwrite is prevented INFO:Slither:tests/inline_assembly_contract-0.5.1.sol analyzed (1 contracts), 1 result(s) found diff --git a/tests/expected_json/inline_assembly_contract.assembly.txt b/tests/expected_json/inline_assembly_contract.assembly.txt index 197ec10b1..84a0fb706 100644 --- a/tests/expected_json/inline_assembly_contract.assembly.txt +++ b/tests/expected_json/inline_assembly_contract.assembly.txt @@ -2,4 +2,5 @@ INFO:Detectors: GetCode.at uses assembly (tests/inline_assembly_contract.sol#6-20) - tests/inline_assembly_contract.sol#7-20 Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/inline_assembly_contract.assembly.json exists already, the overwrite is prevented INFO:Slither:tests/inline_assembly_contract.sol analyzed (1 contracts), 1 result(s) found diff --git a/tests/expected_json/inline_assembly_library-0.5.1.assembly.txt b/tests/expected_json/inline_assembly_library-0.5.1.assembly.txt index ca8bb59ea..49cba6ef0 100644 --- a/tests/expected_json/inline_assembly_library-0.5.1.assembly.txt +++ b/tests/expected_json/inline_assembly_library-0.5.1.assembly.txt @@ -4,4 +4,5 @@ VectorSum.sumAsm uses assembly (tests/inline_assembly_library-0.5.1.sol#16-22) VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library-0.5.1.sol#25-47) - tests/inline_assembly_library-0.5.1.sol#26-47 Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/inline_assembly_library-0.5.1.assembly.json exists already, the overwrite is prevented INFO:Slither:tests/inline_assembly_library-0.5.1.sol analyzed (1 contracts), 2 result(s) found diff --git a/tests/expected_json/inline_assembly_library.assembly.txt b/tests/expected_json/inline_assembly_library.assembly.txt index f8768203e..6ec6a9263 100644 --- a/tests/expected_json/inline_assembly_library.assembly.txt +++ b/tests/expected_json/inline_assembly_library.assembly.txt @@ -4,4 +4,5 @@ VectorSum.sumAsm uses assembly (tests/inline_assembly_library.sol#16-22) VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library.sol#25-47) - tests/inline_assembly_library.sol#26-47 Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/inline_assembly_library.assembly.json exists already, the overwrite is prevented INFO:Slither:tests/inline_assembly_library.sol analyzed (1 contracts), 2 result(s) found diff --git a/tests/expected_json/locked_ether-0.5.1.locked-ether.txt b/tests/expected_json/locked_ether-0.5.1.locked-ether.txt index 1d0fa6d3b..1380d8a6b 100644 --- a/tests/expected_json/locked_ether-0.5.1.locked-ether.txt +++ b/tests/expected_json/locked_ether-0.5.1.locked-ether.txt @@ -4,4 +4,5 @@ Contract locking ether found in : - receive (tests/locked_ether-0.5.1.sol#4-6) But does not have a function to withdraw the ether Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/locked_ether-0.5.1.locked-ether.json exists already, the overwrite is prevented INFO:Slither:tests/locked_ether-0.5.1.sol analyzed (4 contracts), 1 result(s) found diff --git a/tests/expected_json/locked_ether.locked-ether.txt b/tests/expected_json/locked_ether.locked-ether.txt index a27ff383b..80a7cdb52 100644 --- a/tests/expected_json/locked_ether.locked-ether.txt +++ b/tests/expected_json/locked_ether.locked-ether.txt @@ -4,4 +4,5 @@ Contract locking ether found in : - receive (tests/locked_ether.sol#4-6) But does not have a function to withdraw the ether Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/locked_ether.locked-ether.json exists already, the overwrite is prevented INFO:Slither:tests/locked_ether.sol analyzed (4 contracts), 1 result(s) found diff --git a/tests/expected_json/low_level_calls.low-level-calls.txt b/tests/expected_json/low_level_calls.low-level-calls.txt index d80302cdc..c6d551acc 100644 --- a/tests/expected_json/low_level_calls.low-level-calls.txt +++ b/tests/expected_json/low_level_calls.low-level-calls.txt @@ -2,4 +2,5 @@ INFO:Detectors: Low level call in Sender.send (tests/low_level_calls.sol#5-7): -_receiver.call.value(msg.value).gas(7777)() tests/low_level_calls.sol#6 Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/low_level_calls.low-level-calls.json exists already, the overwrite is prevented INFO:Slither:tests/low_level_calls.sol analyzed (2 contracts), 1 result(s) found diff --git a/tests/expected_json/multiple_calls_in_loop.calls-loop.txt b/tests/expected_json/multiple_calls_in_loop.calls-loop.txt index 217cf9ce7..5fc0309e7 100644 --- a/tests/expected_json/multiple_calls_in_loop.calls-loop.txt +++ b/tests/expected_json/multiple_calls_in_loop.calls-loop.txt @@ -2,4 +2,5 @@ INFO:Detectors: CallInLoop.bad has external calls inside a loop: - destinations[i].transfer(i) (tests/multiple_calls_in_loop.sol#11) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation/_edit#calls-inside-a-loop +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/multiple_calls_in_loop.calls-loop.json exists already, the overwrite is prevented INFO:Slither:tests/multiple_calls_in_loop.sol analyzed (1 contracts), 1 result(s) found diff --git a/tests/expected_json/naming_convention.naming-convention.txt b/tests/expected_json/naming_convention.naming-convention.txt index ae34a6944..a1e380699 100644 --- a/tests/expected_json/naming_convention.naming-convention.txt +++ b/tests/expected_json/naming_convention.naming-convention.txt @@ -12,4 +12,5 @@ Parameter '_used' of T.test (tests/naming_convention.sol#59) is not in mixedCase Variable 'T._myPublicVar' (tests/naming_convention.sol#56) is not in mixedCase Variable 'T.l' (tests/naming_convention.sol#67) used l, O, I, which should not be used Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/naming_convention.naming-convention.json exists already, the overwrite is prevented INFO:Slither:tests/naming_convention.sol analyzed (3 contracts), 12 result(s) found diff --git a/tests/expected_json/old_solc.sol.json.solc-version.txt b/tests/expected_json/old_solc.sol.json.solc-version.txt index c07084de4..d96cfb3a4 100644 --- a/tests/expected_json/old_solc.sol.json.solc-version.txt +++ b/tests/expected_json/old_solc.sol.json.solc-version.txt @@ -2,5 +2,5 @@ INFO:Detectors: Detected issues with version pragma in tests/old_solc.sol.json: - pragma solidity0.4.21 (None): it allows old versions Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-version-of-solidity -INFO:Slither:/home/monty/Private/tob/tools/slither-public/scripts/../tests/expected_json/old_solc.sol.json.solc-version.json exists already, the overwrite is prevented +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/old_solc.sol.json.solc-version.json exists already, the overwrite is prevented INFO:Slither:tests/old_solc.sol.json analyzed (1 contracts), 1 result(s) found diff --git a/tests/expected_json/pragma.0.4.24.pragma.txt b/tests/expected_json/pragma.0.4.24.pragma.txt index 8a5e1a540..d1371f27e 100644 --- a/tests/expected_json/pragma.0.4.24.pragma.txt +++ b/tests/expected_json/pragma.0.4.24.pragma.txt @@ -1,8 +1,44 @@ -ERROR:Slither:Invalid compilation -ERROR:Slither:Invalid solc compilation tests/pragma.0.4.23.sol:1:1: Error: Source file requires different compiler version (current compiler is 0.5.1+commit.c8a2cb62.Linux.g++ - note that nightly builds are considered to be strictly less than the released version +ERROR:root:Error in tests/pragma.0.4.24.sol +ERROR:root:Traceback (most recent call last): + File "/home/monty/Private/tob/tools/crytic-compile/crytic_compile/platform/solc.py", line 189, in _run_solc + ret = json.loads(stdout) + File "/usr/lib/python3.6/json/__init__.py", line 354, in loads + return _default_decoder.decode(s) + File "/usr/lib/python3.6/json/decoder.py", line 339, in decode + obj, end = self.raw_decode(s, idx=_w(s, 0).end()) + File "/usr/lib/python3.6/json/decoder.py", line 357, in raw_decode + raise JSONDecodeError("Expecting value", s, err.value) from None +json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0) + +During handling of the above exception, another exception occurred: + +Traceback (most recent call last): + File "/home/travis/build/crytic/slither/slither/slither.py", line 55, in __init__ + crytic_compile = CryticCompile(contract, **kwargs) + File "/home/monty/Private/tob/tools/crytic-compile/crytic_compile/crytic_compile.py", line 68, in __init__ + self._compile(target, **kwargs) + File "/home/monty/Private/tob/tools/crytic-compile/crytic_compile/crytic_compile.py", line 590, in _compile + self._platform.compile(self, target, **kwargs) + File "/home/monty/Private/tob/tools/crytic-compile/crytic_compile/platform/solc.py", line 33, in compile + working_dir=solc_working_dir) + File "/home/monty/Private/tob/tools/crytic-compile/crytic_compile/platform/solc.py", line 192, in _run_solc + raise InvalidCompilation(f'Invalid solc compilation {stderr}') +crytic_compile.platform.exceptions.InvalidCompilation: Invalid solc compilation tests/pragma.0.4.23.sol:1:1: Error: Source file requires different compiler version (current compiler is 0.5.1+commit.c8a2cb62.Linux.g++ - note that nightly builds are considered to be strictly less than the released version pragma solidity ^0.4.23; ^----------------------^ tests/pragma.0.4.24.sol:1:1: Error: Source file requires different compiler version (current compiler is 0.5.1+commit.c8a2cb62.Linux.g++ - note that nightly builds are considered to be strictly less than the released version pragma solidity ^0.4.24; ^----------------------^ + +During handling of the above exception, another exception occurred: + +Traceback (most recent call last): + File "/home/travis/build/crytic/slither/slither/__main__.py", line 520, in main_impl + (results, number_contracts) = process(filename, args, detector_classes, printer_classes) + File "/home/travis/build/crytic/slither/slither/__main__.py", line 52, in process + **vars(args)) + File "/home/travis/build/crytic/slither/slither/slither.py", line 58, in __init__ + raise SlitherError('Invalid compilation: '+e) +TypeError: must be str, not InvalidCompilation + diff --git a/tests/expected_json/reentrancy-0.5.1.reentrancy-eth.txt b/tests/expected_json/reentrancy-0.5.1.reentrancy-eth.txt index 465e75502..9de90e817 100644 --- a/tests/expected_json/reentrancy-0.5.1.reentrancy-eth.txt +++ b/tests/expected_json/reentrancy-0.5.1.reentrancy-eth.txt @@ -10,4 +10,5 @@ Reentrancy in Reentrancy.withdrawBalance_fixed_3 (tests/reentrancy-0.5.1.sol#44- State variables written after the call(s): - userBalance (tests/reentrancy-0.5.1.sol#51) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/reentrancy-0.5.1.reentrancy-eth.json exists already, the overwrite is prevented INFO:Slither:tests/reentrancy-0.5.1.sol analyzed (1 contracts), 2 result(s) found diff --git a/tests/expected_json/reentrancy-0.5.1.reentrancy.txt b/tests/expected_json/reentrancy-0.5.1.reentrancy.txt index 184c551e6..9c8be9ed7 100644 --- a/tests/expected_json/reentrancy-0.5.1.reentrancy.txt +++ b/tests/expected_json/reentrancy-0.5.1.reentrancy.txt @@ -1,10 +1,10 @@ Traceback (most recent call last): File "/home/monty/Envs/slither/bin/slither", line 11, in load_entry_point('slither-analyzer', 'console_scripts', 'slither')() - File "/home/monty/Private/tob/tools/slither-public/slither/__main__.py", line 469, in main + File "/home/travis/build/crytic/slither/slither/__main__.py", line 470, in main main_impl(all_detector_classes=detectors, all_printer_classes=printers) - File "/home/monty/Private/tob/tools/slither-public/slither/__main__.py", line 483, in main_impl + File "/home/travis/build/crytic/slither/slither/__main__.py", line 484, in main_impl detector_classes = choose_detectors(args, all_detector_classes) - File "/home/monty/Private/tob/tools/slither-public/slither/__main__.py", line 176, in choose_detectors + File "/home/travis/build/crytic/slither/slither/__main__.py", line 177, in choose_detectors raise Exception('Error: {} is not a detector'.format(d)) Exception: Error: reentrancy is not a detector diff --git a/tests/expected_json/reentrancy.reentrancy-eth.txt b/tests/expected_json/reentrancy.reentrancy-eth.txt index b5534660e..100eb94c8 100644 --- a/tests/expected_json/reentrancy.reentrancy-eth.txt +++ b/tests/expected_json/reentrancy.reentrancy-eth.txt @@ -10,4 +10,5 @@ Reentrancy in Reentrancy.withdrawBalance_nested (tests/reentrancy.sol#64-70): State variables written after the call(s): - userBalance (tests/reentrancy.sol#68) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/reentrancy.reentrancy-eth.json exists already, the overwrite is prevented INFO:Slither:tests/reentrancy.sol analyzed (1 contracts), 2 result(s) found diff --git a/tests/expected_json/right_to_left_override.rtlo.txt b/tests/expected_json/right_to_left_override.rtlo.txt index 2eb3ba03b..710af9a3d 100644 --- a/tests/expected_json/right_to_left_override.rtlo.txt +++ b/tests/expected_json/right_to_left_override.rtlo.txt @@ -1,5 +1,6 @@ INFO:Detectors: -/home/monty/Private/tob/tools/slither-public/tests/right_to_left_override.sol contains a unicode right-to-left-override character: +/home/travis/build/crytic/slither/tests/right_to_left_override.sol contains a unicode right-to-left-override character: - test1(/*A‮/*B*/2 , 1/*‭ Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#right-to-left-override-character +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/right_to_left_override.rtlo.json exists already, the overwrite is prevented INFO:Slither:tests/right_to_left_override.sol analyzed (1 contracts), 1 result(s) found diff --git a/tests/expected_json/shadowing_abstract.shadowing-abstract.txt b/tests/expected_json/shadowing_abstract.shadowing-abstract.txt index fed0e9e24..3f0c01615 100644 --- a/tests/expected_json/shadowing_abstract.shadowing-abstract.txt +++ b/tests/expected_json/shadowing_abstract.shadowing-abstract.txt @@ -2,4 +2,5 @@ INFO:Detectors: DerivedContract.owner (tests/shadowing_abstract.sol#7) shadows: - BaseContract.owner (tests/shadowing_abstract.sol#2) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#state-variable-shadowing-from-abstract-contracts +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/shadowing_abstract.shadowing-abstract.json exists already, the overwrite is prevented INFO:Slither:tests/shadowing_abstract.sol analyzed (2 contracts), 1 result(s) found diff --git a/tests/expected_json/shadowing_builtin_symbols.shadowing-builtin.txt b/tests/expected_json/shadowing_builtin_symbols.shadowing-builtin.txt index 18d9c370a..4f8ee64b4 100644 --- a/tests/expected_json/shadowing_builtin_symbols.shadowing-builtin.txt +++ b/tests/expected_json/shadowing_builtin_symbols.shadowing-builtin.txt @@ -13,4 +13,5 @@ FurtherExtendedContract.this (state variable @ tests/shadowing_builtin_symbols.s FurtherExtendedContract.abi (state variable @ tests/shadowing_builtin_symbols.sol#21) shadows built-in symbol "abi" Reserved.mutable (state variable @ tests/shadowing_builtin_symbols.sol#32) shadows built-in symbol "mutable" Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#builtin-symbol-shadowing +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/shadowing_builtin_symbols.shadowing-builtin.json exists already, the overwrite is prevented INFO:Slither:tests/shadowing_builtin_symbols.sol analyzed (4 contracts), 13 result(s) found diff --git a/tests/expected_json/shadowing_local_variable.shadowing-local.txt b/tests/expected_json/shadowing_local_variable.shadowing-local.txt index 944c3bd1b..96d12a9e3 100644 --- a/tests/expected_json/shadowing_local_variable.shadowing-local.txt +++ b/tests/expected_json/shadowing_local_variable.shadowing-local.txt @@ -12,4 +12,5 @@ FurtherExtendedContract.shadowingParent.w (local variable @ tests/shadowing_loca FurtherExtendedContract.shadowingParent.v (local variable @ tests/shadowing_local_variable.sol#25) shadows: - ExtendedContract.v (event @ tests/shadowing_local_variable.sol#13) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/shadowing_local_variable.shadowing-local.json exists already, the overwrite is prevented INFO:Slither:tests/shadowing_local_variable.sol analyzed (3 contracts), 5 result(s) found diff --git a/tests/expected_json/shadowing_state_variable.shadowing-state.txt b/tests/expected_json/shadowing_state_variable.shadowing-state.txt index 965837378..78278486e 100644 --- a/tests/expected_json/shadowing_state_variable.shadowing-state.txt +++ b/tests/expected_json/shadowing_state_variable.shadowing-state.txt @@ -2,4 +2,5 @@ INFO:Detectors: DerivedContract.owner (tests/shadowing_state_variable.sol#12) shadows: - BaseContract.owner (tests/shadowing_state_variable.sol#2) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#state-variable-shadowing +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/shadowing_state_variable.shadowing-state.json exists already, the overwrite is prevented INFO:Slither:tests/shadowing_state_variable.sol analyzed (2 contracts), 1 result(s) found diff --git a/tests/expected_json/solc_version_incorrect.solc-version.txt b/tests/expected_json/solc_version_incorrect.solc-version.txt index 7790cc023..c490e50c6 100644 --- a/tests/expected_json/solc_version_incorrect.solc-version.txt +++ b/tests/expected_json/solc_version_incorrect.solc-version.txt @@ -3,4 +3,5 @@ Detected issues with version pragma in : - pragma solidity^0.4.23 (tests/solc_version_incorrect.sol#2): it allows old versions - pragma solidity>=0.4.0<0.6.0 (tests/solc_version_incorrect.sol#3): it allows old versions Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-version-of-solidity +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/solc_version_incorrect.solc-version.json exists already, the overwrite is prevented INFO:Slither:tests/solc_version_incorrect.sol analyzed (1 contracts), 1 result(s) found diff --git a/tests/expected_json/timestamp.timestamp.txt b/tests/expected_json/timestamp.timestamp.txt index 4c6c54479..2408b0a3d 100644 --- a/tests/expected_json/timestamp.timestamp.txt +++ b/tests/expected_json/timestamp.timestamp.txt @@ -9,4 +9,5 @@ Timestamp.bad2 (tests/timestamp.sol#13-15) uses timestamp for comparisons Dangerous comparisons: - block.timestamp > 0 (tests/timestamp.sol#14) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/timestamp.timestamp.json exists already, the overwrite is prevented INFO:Slither:tests/timestamp.sol analyzed (1 contracts), 3 result(s) found diff --git a/tests/expected_json/too_many_digits.too-many-digits.txt b/tests/expected_json/too_many_digits.too-many-digits.txt index a80d381ca..b71221deb 100644 --- a/tests/expected_json/too_many_digits.too-many-digits.txt +++ b/tests/expected_json/too_many_digits.too-many-digits.txt @@ -16,4 +16,5 @@ C.i (tests/too_many_digits.sol#29-33) uses literals with too many digits: - x2 = 1000000000000 + 10000000000000 + 100000000000000 + 1000000000000000 + 10000000000000000 Use the proper denomination (ether-unit, time-unit,or the scientific notation Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#too-many-digits +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/too_many_digits.too-many-digits.json exists already, the overwrite is prevented INFO:Slither:tests/too_many_digits.sol analyzed (1 contracts), 3 result(s) found diff --git a/tests/expected_json/tx_origin-0.5.1.tx-origin.txt b/tests/expected_json/tx_origin-0.5.1.tx-origin.txt index a2c09823b..96da7ab14 100644 --- a/tests/expected_json/tx_origin-0.5.1.tx-origin.txt +++ b/tests/expected_json/tx_origin-0.5.1.tx-origin.txt @@ -4,4 +4,5 @@ TxOrigin.bug0 uses tx.origin for authorization: TxOrigin.bug2 uses tx.origin for authorization: - tx.origin != owner (tests/tx_origin-0.5.1.sol#14-16) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-usage-of-txorigin +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/tx_origin-0.5.1.tx-origin.json exists already, the overwrite is prevented INFO:Slither:tests/tx_origin-0.5.1.sol analyzed (1 contracts), 2 result(s) found diff --git a/tests/expected_json/tx_origin.tx-origin.txt b/tests/expected_json/tx_origin.tx-origin.txt index 412810eb8..de6d59e38 100644 --- a/tests/expected_json/tx_origin.tx-origin.txt +++ b/tests/expected_json/tx_origin.tx-origin.txt @@ -4,4 +4,5 @@ TxOrigin.bug0 uses tx.origin for authorization: TxOrigin.bug2 uses tx.origin for authorization: - tx.origin != owner (tests/tx_origin.sol#14-16) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-usage-of-txorigin +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/tx_origin.tx-origin.json exists already, the overwrite is prevented INFO:Slither:tests/tx_origin.sol analyzed (1 contracts), 2 result(s) found diff --git a/tests/expected_json/uninitialized-0.5.1.uninitialized-state.txt b/tests/expected_json/uninitialized-0.5.1.uninitialized-state.txt index ea27bfd31..7a6277a00 100644 --- a/tests/expected_json/uninitialized-0.5.1.uninitialized-state.txt +++ b/tests/expected_json/uninitialized-0.5.1.uninitialized-state.txt @@ -8,4 +8,5 @@ Test2.st (tests/uninitialized-0.5.1.sol#45) is never initialized. It is used in: Test2.v (tests/uninitialized-0.5.1.sol#47) is never initialized. It is used in: - init (tests/uninitialized-0.5.1.sol#49-51) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-state-variables +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/uninitialized-0.5.1.uninitialized-state.json exists already, the overwrite is prevented INFO:Slither:tests/uninitialized-0.5.1.sol analyzed (4 contracts), 4 result(s) found diff --git a/tests/expected_json/uninitialized.uninitialized-state.txt b/tests/expected_json/uninitialized.uninitialized-state.txt index a516750bf..acdee517f 100644 --- a/tests/expected_json/uninitialized.uninitialized-state.txt +++ b/tests/expected_json/uninitialized.uninitialized-state.txt @@ -8,4 +8,5 @@ Test2.st (tests/uninitialized.sol#45) is never initialized. It is used in: Test2.v (tests/uninitialized.sol#47) is never initialized. It is used in: - init (tests/uninitialized.sol#49-51) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-state-variables +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/uninitialized.uninitialized-state.json exists already, the overwrite is prevented INFO:Slither:tests/uninitialized.sol analyzed (4 contracts), 4 result(s) found diff --git a/tests/expected_json/uninitialized_local_variable.uninitialized-local.txt b/tests/expected_json/uninitialized_local_variable.uninitialized-local.txt index f4ff963e3..055376c04 100644 --- a/tests/expected_json/uninitialized_local_variable.uninitialized-local.txt +++ b/tests/expected_json/uninitialized_local_variable.uninitialized-local.txt @@ -1,4 +1,5 @@ INFO:Detectors: uint_not_init in Uninitialized.func (tests/uninitialized_local_variable.sol#4) is a local variable never initialiazed Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/uninitialized_local_variable.uninitialized-local.json exists already, the overwrite is prevented INFO:Slither:tests/uninitialized_local_variable.sol analyzed (1 contracts), 1 result(s) found diff --git a/tests/expected_json/uninitialized_storage_pointer.uninitialized-storage.txt b/tests/expected_json/uninitialized_storage_pointer.uninitialized-storage.txt index a7b868f1e..87fefa398 100644 --- a/tests/expected_json/uninitialized_storage_pointer.uninitialized-storage.txt +++ b/tests/expected_json/uninitialized_storage_pointer.uninitialized-storage.txt @@ -1,5 +1,29 @@ -ERROR:Slither:Invalid compilation -ERROR:Slither:Invalid solc compilation tests/uninitialized_storage_pointer.sol:7:5: Error: No visibility specified. Did you intend to add "public"? +ERROR:root:Error in tests/uninitialized_storage_pointer.sol +ERROR:root:Traceback (most recent call last): + File "/home/monty/Private/tob/tools/crytic-compile/crytic_compile/platform/solc.py", line 189, in _run_solc + ret = json.loads(stdout) + File "/usr/lib/python3.6/json/__init__.py", line 354, in loads + return _default_decoder.decode(s) + File "/usr/lib/python3.6/json/decoder.py", line 339, in decode + obj, end = self.raw_decode(s, idx=_w(s, 0).end()) + File "/usr/lib/python3.6/json/decoder.py", line 357, in raw_decode + raise JSONDecodeError("Expecting value", s, err.value) from None +json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0) + +During handling of the above exception, another exception occurred: + +Traceback (most recent call last): + File "/home/travis/build/crytic/slither/slither/slither.py", line 55, in __init__ + crytic_compile = CryticCompile(contract, **kwargs) + File "/home/monty/Private/tob/tools/crytic-compile/crytic_compile/crytic_compile.py", line 68, in __init__ + self._compile(target, **kwargs) + File "/home/monty/Private/tob/tools/crytic-compile/crytic_compile/crytic_compile.py", line 590, in _compile + self._platform.compile(self, target, **kwargs) + File "/home/monty/Private/tob/tools/crytic-compile/crytic_compile/platform/solc.py", line 33, in compile + working_dir=solc_working_dir) + File "/home/monty/Private/tob/tools/crytic-compile/crytic_compile/platform/solc.py", line 192, in _run_solc + raise InvalidCompilation(f'Invalid solc compilation {stderr}') +crytic_compile.platform.exceptions.InvalidCompilation: Invalid solc compilation tests/uninitialized_storage_pointer.sol:7:5: Error: No visibility specified. Did you intend to add "public"? function func() { ^ (Relevant source part starts here and spans across multiple lines). tests/uninitialized_storage_pointer.sol:1:1: Warning: Source file does not specify required compiler version! Consider adding "pragma solidity ^0.5.1;" @@ -12,3 +36,15 @@ tests/uninitialized_storage_pointer.sol:10:9: Error: Data location must be "stor St st_bug; ^-------^ + +During handling of the above exception, another exception occurred: + +Traceback (most recent call last): + File "/home/travis/build/crytic/slither/slither/__main__.py", line 520, in main_impl + (results, number_contracts) = process(filename, args, detector_classes, printer_classes) + File "/home/travis/build/crytic/slither/slither/__main__.py", line 52, in process + **vars(args)) + File "/home/travis/build/crytic/slither/slither/slither.py", line 58, in __init__ + raise SlitherError('Invalid compilation: '+e) +TypeError: must be str, not InvalidCompilation + diff --git a/tests/expected_json/unused_return.unused-return.txt b/tests/expected_json/unused_return.unused-return.txt index 1747daca3..02ac05297 100644 --- a/tests/expected_json/unused_return.unused-return.txt +++ b/tests/expected_json/unused_return.unused-return.txt @@ -3,4 +3,5 @@ User.test (tests/unused_return.sol#17-29) does not use the value returned by ext -t.f() (tests/unused_return.sol#18) -a.add(0) (tests/unused_return.sol#22) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-return +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/unused_return.unused-return.json exists already, the overwrite is prevented INFO:Slither:tests/unused_return.sol analyzed (3 contracts), 1 result(s) found diff --git a/tests/expected_json/unused_state.unused-state.txt b/tests/expected_json/unused_state.unused-state.txt index d8156d712..0ea4ec850 100644 --- a/tests/expected_json/unused_state.unused-state.txt +++ b/tests/expected_json/unused_state.unused-state.txt @@ -1,4 +1,5 @@ INFO:Detectors: A.unused (tests/unused_state.sol#4) is never used in B Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-state-variables +INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/unused_state.unused-state.json exists already, the overwrite is prevented INFO:Slither:tests/unused_state.sol analyzed (2 contracts), 1 result(s) found From 43534511727e3c4794478a15eff2479cb01f02d8 Mon Sep 17 00:00:00 2001 From: Josselin Date: Wed, 8 May 2019 12:56:07 +0100 Subject: [PATCH 11/11] Update README --- README.md | 49 +++++++++++++++++++++++++------------------------ 1 file changed, 25 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 880fd30e2..e98264ae6 100644 --- a/README.md +++ b/README.md @@ -48,30 +48,31 @@ Num | Detector | What it Detects | Impact | Confidence 7 | `controlled-delegatecall` | [Controlled delegatecall destination](https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall) | High | Medium 8 | `reentrancy-eth` | [Reentrancy vulnerabilities (theft of ethers)](https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities) | High | Medium 9 | `erc20-interface` | [Incorrect ERC20 interfaces](https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc20-interface) | Medium | High -10 | `incorrect-equality` | [Dangerous strict equalities](https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities) | Medium | High -11 | `locked-ether` | [Contracts that lock ether](https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether) | Medium | High -12 | `shadowing-abstract` | [State variables shadowing from abstract contracts](https://github.com/crytic/slither/wiki/Detector-Documentation#state-variable-shadowing-from-abstract-contracts) | Medium | High -13 | `constant-function` | [Constant functions changing the state](https://github.com/crytic/slither/wiki/Detector-Documentation#constant-functions-changing-the-state) | Medium | Medium -14 | `reentrancy-no-eth` | [Reentrancy vulnerabilities (no theft of ethers)](https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1) | Medium | Medium -15 | `tx-origin` | [Dangerous usage of `tx.origin`](https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-usage-of-txorigin) | Medium | Medium -16 | `uninitialized-local` | [Uninitialized local variables](https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables) | Medium | Medium -17 | `unused-return` | [Unused return values](https://github.com/crytic/slither/wiki/Detector-Documentation#unused-return) | Medium | Medium -18 | `shadowing-builtin` | [Built-in symbol shadowing](https://github.com/crytic/slither/wiki/Detector-Documentation#builtin-symbol-shadowing) | Low | High -19 | `shadowing-local` | [Local variables shadowing](https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing) | Low | High -20 | `calls-loop` | [Multiple calls in a loop](https://github.com/crytic/slither/wiki/Detector-Documentation/_edit#calls-inside-a-loop) | Low | Medium -21 | `reentrancy-benign` | [Benign reentrancy vulnerabilities](https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-2) | Low | Medium -22 | `timestamp` | [Dangerous usage of `block.timestamp`](https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp) | Low | Medium -23 | `assembly` | [Assembly usage](https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage) | Informational | High -24 | `constable-states` | [State variables that could be declared constant](https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-constant) | Informational | High -25 | `deprecated-standards` | [Deprecated Solidity Standards](https://github.com/crytic/slither/wiki/Detector-Documentation#deprecated-standards) | Informational | High -26 | `erc20-indexed` | [Un-indexed ERC20 event parameters](https://github.com/crytic/slither/wiki/Detector-Documentation#unindexed-erc20-event-parameters) | Informational | High -27 | `external-function` | [Public function that could be declared as external](https://github.com/crytic/slither/wiki/Detector-Documentation#public-function-that-could-be-declared-as-external) | Informational | High -28 | `low-level-calls` | [Low level calls](https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls) | Informational | High -29 | `naming-convention` | [Conformance to Solidity naming conventions](https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions) | Informational | High -30 | `pragma` | [If different pragma directives are used](https://github.com/crytic/slither/wiki/Detector-Documentation#different-pragma-directives-are-used) | Informational | High -31 | `solc-version` | [Incorrect Solidity version (< 0.4.24 or complex pragma)](https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-version-of-solidity) | Informational | High -32 | `unused-state` | [Unused state variables](https://github.com/crytic/slither/wiki/Detector-Documentation#unused-state-variables) | Informational | High -33 | `too-many-digits` | [Conformance to numeric notation best practices](https://github.com/crytic/slither/wiki/Detector-Documentation#too-many-digits) | Informational | Medium +10 | `erc721-interface` | [Incorrect ERC721 interfaces](https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc721-interface) | Medium | High +11 | `incorrect-equality` | [Dangerous strict equalities](https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities) | Medium | High +12 | `locked-ether` | [Contracts that lock ether](https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether) | Medium | High +13 | `shadowing-abstract` | [State variables shadowing from abstract contracts](https://github.com/crytic/slither/wiki/Detector-Documentation#state-variable-shadowing-from-abstract-contracts) | Medium | High +14 | `constant-function` | [Constant functions changing the state](https://github.com/crytic/slither/wiki/Detector-Documentation#constant-functions-changing-the-state) | Medium | Medium +15 | `reentrancy-no-eth` | [Reentrancy vulnerabilities (no theft of ethers)](https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1) | Medium | Medium +16 | `tx-origin` | [Dangerous usage of `tx.origin`](https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-usage-of-txorigin) | Medium | Medium +17 | `uninitialized-local` | [Uninitialized local variables](https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables) | Medium | Medium +18 | `unused-return` | [Unused return values](https://github.com/crytic/slither/wiki/Detector-Documentation#unused-return) | Medium | Medium +19 | `shadowing-builtin` | [Built-in symbol shadowing](https://github.com/crytic/slither/wiki/Detector-Documentation#builtin-symbol-shadowing) | Low | High +20 | `shadowing-local` | [Local variables shadowing](https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing) | Low | High +21 | `calls-loop` | [Multiple calls in a loop](https://github.com/crytic/slither/wiki/Detector-Documentation/_edit#calls-inside-a-loop) | Low | Medium +22 | `reentrancy-benign` | [Benign reentrancy vulnerabilities](https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-2) | Low | Medium +23 | `timestamp` | [Dangerous usage of `block.timestamp`](https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp) | Low | Medium +24 | `assembly` | [Assembly usage](https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage) | Informational | High +25 | `constable-states` | [State variables that could be declared constant](https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-constant) | Informational | High +26 | `deprecated-standards` | [Deprecated Solidity Standards](https://github.com/crytic/slither/wiki/Detector-Documentation#deprecated-standards) | Informational | High +27 | `erc20-indexed` | [Un-indexed ERC20 event parameters](https://github.com/crytic/slither/wiki/Detector-Documentation#unindexed-erc20-event-parameters) | Informational | High +28 | `external-function` | [Public function that could be declared as external](https://github.com/crytic/slither/wiki/Detector-Documentation#public-function-that-could-be-declared-as-external) | Informational | High +29 | `low-level-calls` | [Low level calls](https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls) | Informational | High +30 | `naming-convention` | [Conformance to Solidity naming conventions](https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions) | Informational | High +31 | `pragma` | [If different pragma directives are used](https://github.com/crytic/slither/wiki/Detector-Documentation#different-pragma-directives-are-used) | Informational | High +32 | `solc-version` | [Incorrect Solidity version (< 0.4.24 or complex pragma)](https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-version-of-solidity) | Informational | High +33 | `unused-state` | [Unused state variables](https://github.com/crytic/slither/wiki/Detector-Documentation#unused-state-variables) | Informational | High +34 | `too-many-digits` | [Conformance to numeric notation best practices](https://github.com/crytic/slither/wiki/Detector-Documentation#too-many-digits) | Informational | Medium [Contact us](https://www.trailofbits.com/contact/) to get access to additional detectors.