mirror of https://github.com/crytic/slither
commit
303ed83736
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@ -0,0 +1,23 @@ |
|||||||
|
{ |
||||||
|
"I": {}, |
||||||
|
"VendingMachine": { |
||||||
|
"err0()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"err1()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: NEW VARIABLE 1\n\"];\n1->2;\n2[label=\"Node Type: EXPRESSION 2\n\"];\n}\n", |
||||||
|
"err2()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n1->2;\n2[label=\"Node Type: EXPRESSION 2\n\"];\n}\n", |
||||||
|
"err3()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"err4()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"A": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"B": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"g()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"h()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: RETURN 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"ContractArgCustomError": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"g()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: NEW VARIABLE 1\n\"];\n1->2;\n2[label=\"Node Type: IF 2\n\"];\n2->3[label=\"True\"];\n2->4[label=\"False\"];\n3[label=\"Node Type: EXPRESSION 3\n\"];\n3->4;\n4[label=\"Node Type: END_IF 4\n\"];\n}\n", |
||||||
|
"h()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n}\n" |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,23 @@ |
|||||||
|
{ |
||||||
|
"I": {}, |
||||||
|
"VendingMachine": { |
||||||
|
"err0()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"err1()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: NEW VARIABLE 1\n\"];\n1->2;\n2[label=\"Node Type: EXPRESSION 2\n\"];\n}\n", |
||||||
|
"err2()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n1->2;\n2[label=\"Node Type: EXPRESSION 2\n\"];\n}\n", |
||||||
|
"err3()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"err4()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"A": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"B": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"g()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"h()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: RETURN 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"ContractArgCustomError": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"g()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: NEW VARIABLE 1\n\"];\n1->2;\n2[label=\"Node Type: IF 2\n\"];\n2->3[label=\"True\"];\n2->4[label=\"False\"];\n3[label=\"Node Type: EXPRESSION 3\n\"];\n3->4;\n4[label=\"Node Type: END_IF 4\n\"];\n}\n", |
||||||
|
"h()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n}\n" |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,23 @@ |
|||||||
|
{ |
||||||
|
"I": {}, |
||||||
|
"VendingMachine": { |
||||||
|
"err0()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"err1()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: NEW VARIABLE 1\n\"];\n1->2;\n2[label=\"Node Type: EXPRESSION 2\n\"];\n}\n", |
||||||
|
"err2()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n1->2;\n2[label=\"Node Type: EXPRESSION 2\n\"];\n}\n", |
||||||
|
"err3()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"err4()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"A": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"B": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"g()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"h()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: RETURN 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"ContractArgCustomError": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"g()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: NEW VARIABLE 1\n\"];\n1->2;\n2[label=\"Node Type: IF 2\n\"];\n2->3[label=\"True\"];\n2->4[label=\"False\"];\n3[label=\"Node Type: EXPRESSION 3\n\"];\n3->4;\n4[label=\"Node Type: END_IF 4\n\"];\n}\n", |
||||||
|
"h()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n}\n" |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,23 @@ |
|||||||
|
{ |
||||||
|
"I": {}, |
||||||
|
"VendingMachine": { |
||||||
|
"err0()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"err1()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: NEW VARIABLE 1\n\"];\n1->2;\n2[label=\"Node Type: EXPRESSION 2\n\"];\n}\n", |
||||||
|
"err2()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n1->2;\n2[label=\"Node Type: EXPRESSION 2\n\"];\n}\n", |
||||||
|
"err3()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"err4()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"A": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"B": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"g()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"h()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: RETURN 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"ContractArgCustomError": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"g()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: NEW VARIABLE 1\n\"];\n1->2;\n2[label=\"Node Type: IF 2\n\"];\n2->3[label=\"True\"];\n2->4[label=\"False\"];\n3[label=\"Node Type: EXPRESSION 3\n\"];\n3->4;\n4[label=\"Node Type: END_IF 4\n\"];\n}\n", |
||||||
|
"h()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n}\n" |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,23 @@ |
|||||||
|
{ |
||||||
|
"I": {}, |
||||||
|
"VendingMachine": { |
||||||
|
"err0()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"err1()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: NEW VARIABLE 1\n\"];\n1->2;\n2[label=\"Node Type: EXPRESSION 2\n\"];\n}\n", |
||||||
|
"err2()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n1->2;\n2[label=\"Node Type: EXPRESSION 2\n\"];\n}\n", |
||||||
|
"err3()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"err4()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"A": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"B": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"g()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"h()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: RETURN 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"ContractArgCustomError": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"g()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: NEW VARIABLE 1\n\"];\n1->2;\n2[label=\"Node Type: IF 2\n\"];\n2->3[label=\"True\"];\n2->4[label=\"False\"];\n3[label=\"Node Type: EXPRESSION 3\n\"];\n3->4;\n4[label=\"Node Type: END_IF 4\n\"];\n}\n", |
||||||
|
"h()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n}\n" |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,23 @@ |
|||||||
|
{ |
||||||
|
"I": {}, |
||||||
|
"VendingMachine": { |
||||||
|
"err0()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"err1()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: NEW VARIABLE 1\n\"];\n1->2;\n2[label=\"Node Type: EXPRESSION 2\n\"];\n}\n", |
||||||
|
"err2()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n1->2;\n2[label=\"Node Type: EXPRESSION 2\n\"];\n}\n", |
||||||
|
"err3()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"err4()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"A": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"B": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"g()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"h()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: RETURN 1\n\"];\n}\n" |
||||||
|
}, |
||||||
|
"ContractArgCustomError": { |
||||||
|
"f()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: EXPRESSION 1\n\"];\n}\n", |
||||||
|
"g()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n0->1;\n1[label=\"Node Type: NEW VARIABLE 1\n\"];\n1->2;\n2[label=\"Node Type: IF 2\n\"];\n2->3[label=\"True\"];\n2->4[label=\"False\"];\n3[label=\"Node Type: EXPRESSION 3\n\"];\n3->4;\n4[label=\"Node Type: END_IF 4\n\"];\n}\n", |
||||||
|
"h()": "digraph{\n0[label=\"Node Type: ENTRY_POINT 0\n\"];\n}\n" |
||||||
|
} |
||||||
|
} |
@ -1,5 +1,15 @@ |
|||||||
contract Initializable{ |
contract Initializable{ |
||||||
|
uint8 private _initialized; |
||||||
|
bool private _initializing; |
||||||
|
|
||||||
modifier initializer() { |
modifier initializer() { |
||||||
_; |
_; |
||||||
} |
} |
||||||
|
|
||||||
|
function _disableInitializers() internal virtual { |
||||||
|
require(!_initializing, "Initializable: contract is initializing"); |
||||||
|
if (_initialized < type(uint8).max) { |
||||||
|
_initialized = type(uint8).max; |
||||||
|
} |
||||||
|
} |
||||||
} |
} |
@ -0,0 +1,14 @@ |
|||||||
|
import "./Initializable.sol"; |
||||||
|
|
||||||
|
contract Buggy is Initializable{ |
||||||
|
address payable owner; |
||||||
|
|
||||||
|
function initialize() external initializer{ |
||||||
|
require(owner == address(0)); |
||||||
|
owner = payable(msg.sender); |
||||||
|
} |
||||||
|
function kill() external{ |
||||||
|
require(msg.sender == owner); |
||||||
|
selfdestruct(owner); |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,145 @@ |
|||||||
|
[ |
||||||
|
[ |
||||||
|
{ |
||||||
|
"elements": [ |
||||||
|
{ |
||||||
|
"type": "contract", |
||||||
|
"name": "Buggy", |
||||||
|
"source_mapping": { |
||||||
|
"start": 31, |
||||||
|
"length": 294, |
||||||
|
"filename_relative": "tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol", |
||||||
|
"filename_absolute": "/GENERIC_PATH", |
||||||
|
"filename_short": "tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol", |
||||||
|
"is_dependency": false, |
||||||
|
"lines": [ |
||||||
|
3, |
||||||
|
4, |
||||||
|
5, |
||||||
|
6, |
||||||
|
7, |
||||||
|
8, |
||||||
|
9, |
||||||
|
10, |
||||||
|
11, |
||||||
|
12, |
||||||
|
13, |
||||||
|
14 |
||||||
|
], |
||||||
|
"starting_column": 1, |
||||||
|
"ending_column": 2 |
||||||
|
} |
||||||
|
}, |
||||||
|
{ |
||||||
|
"type": "function", |
||||||
|
"name": "initialize", |
||||||
|
"source_mapping": { |
||||||
|
"start": 96, |
||||||
|
"length": 124, |
||||||
|
"filename_relative": "tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol", |
||||||
|
"filename_absolute": "/GENERIC_PATH", |
||||||
|
"filename_short": "tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol", |
||||||
|
"is_dependency": false, |
||||||
|
"lines": [ |
||||||
|
6, |
||||||
|
7, |
||||||
|
8, |
||||||
|
9 |
||||||
|
], |
||||||
|
"starting_column": 5, |
||||||
|
"ending_column": 6 |
||||||
|
}, |
||||||
|
"type_specific_fields": { |
||||||
|
"parent": { |
||||||
|
"type": "contract", |
||||||
|
"name": "Buggy", |
||||||
|
"source_mapping": { |
||||||
|
"start": 31, |
||||||
|
"length": 294, |
||||||
|
"filename_relative": "tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol", |
||||||
|
"filename_absolute": "/GENERIC_PATH", |
||||||
|
"filename_short": "tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol", |
||||||
|
"is_dependency": false, |
||||||
|
"lines": [ |
||||||
|
3, |
||||||
|
4, |
||||||
|
5, |
||||||
|
6, |
||||||
|
7, |
||||||
|
8, |
||||||
|
9, |
||||||
|
10, |
||||||
|
11, |
||||||
|
12, |
||||||
|
13, |
||||||
|
14 |
||||||
|
], |
||||||
|
"starting_column": 1, |
||||||
|
"ending_column": 2 |
||||||
|
} |
||||||
|
}, |
||||||
|
"signature": "initialize()" |
||||||
|
} |
||||||
|
}, |
||||||
|
{ |
||||||
|
"type": "function", |
||||||
|
"name": "kill", |
||||||
|
"source_mapping": { |
||||||
|
"start": 225, |
||||||
|
"length": 98, |
||||||
|
"filename_relative": "tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol", |
||||||
|
"filename_absolute": "/GENERIC_PATH", |
||||||
|
"filename_short": "tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol", |
||||||
|
"is_dependency": false, |
||||||
|
"lines": [ |
||||||
|
10, |
||||||
|
11, |
||||||
|
12, |
||||||
|
13 |
||||||
|
], |
||||||
|
"starting_column": 5, |
||||||
|
"ending_column": 6 |
||||||
|
}, |
||||||
|
"type_specific_fields": { |
||||||
|
"parent": { |
||||||
|
"type": "contract", |
||||||
|
"name": "Buggy", |
||||||
|
"source_mapping": { |
||||||
|
"start": 31, |
||||||
|
"length": 294, |
||||||
|
"filename_relative": "tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol", |
||||||
|
"filename_absolute": "/GENERIC_PATH", |
||||||
|
"filename_short": "tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol", |
||||||
|
"is_dependency": false, |
||||||
|
"lines": [ |
||||||
|
3, |
||||||
|
4, |
||||||
|
5, |
||||||
|
6, |
||||||
|
7, |
||||||
|
8, |
||||||
|
9, |
||||||
|
10, |
||||||
|
11, |
||||||
|
12, |
||||||
|
13, |
||||||
|
14 |
||||||
|
], |
||||||
|
"starting_column": 1, |
||||||
|
"ending_column": 2 |
||||||
|
} |
||||||
|
}, |
||||||
|
"signature": "kill()" |
||||||
|
} |
||||||
|
} |
||||||
|
], |
||||||
|
"description": "Buggy (tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol#3-14) is an upgradeable contract that does not protect its initialize functions: Buggy.initialize() (tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol#6-9). Anyone can delete the contract with: Buggy.kill() (tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol#10-13)", |
||||||
|
"markdown": "[Buggy](tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol#L3-L14) is an upgradeable contract that does not protect its initialize functions: [Buggy.initialize()](tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol#L6-L9). Anyone can delete the contract with: [Buggy.kill()](tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol#L10-L13)", |
||||||
|
"first_markdown_element": "tests/detectors/unprotected-upgrade/0.8.15/Buggy.sol#L3-L14", |
||||||
|
"id": "d85b90230632a30f7ffb5140a791d4a9ae8b0be045c5b27175f3c477e189c08c", |
||||||
|
"check": "unprotected-upgrade", |
||||||
|
"impact": "High", |
||||||
|
"confidence": "High" |
||||||
|
} |
||||||
|
] |
||||||
|
] |
@ -0,0 +1,73 @@ |
|||||||
|
import "./Initializable.sol"; |
||||||
|
|
||||||
|
contract Fixed is Initializable{ |
||||||
|
address payable owner; |
||||||
|
|
||||||
|
constructor() { |
||||||
|
owner = payable(msg.sender); |
||||||
|
} |
||||||
|
|
||||||
|
function initialize() external initializer{ |
||||||
|
require(owner == address(0)); |
||||||
|
owner = payable(msg.sender); |
||||||
|
|
||||||
|
} |
||||||
|
function kill() external{ |
||||||
|
require(msg.sender == owner); |
||||||
|
selfdestruct(owner); |
||||||
|
} |
||||||
|
|
||||||
|
function other_function() external{ |
||||||
|
|
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
contract Not_Upgradeable{ |
||||||
|
} |
||||||
|
|
||||||
|
contract UpgradeableNoDestruct is Initializable{ |
||||||
|
address payable owner; |
||||||
|
|
||||||
|
constructor() { |
||||||
|
owner = payable(msg.sender); |
||||||
|
} |
||||||
|
|
||||||
|
function initialize() external initializer{ |
||||||
|
require(owner == address(0)); |
||||||
|
owner = payable(msg.sender); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
contract Fixed2 is Initializable { |
||||||
|
address payable owner; |
||||||
|
|
||||||
|
constructor() initializer {} |
||||||
|
|
||||||
|
function initialize() external initializer { |
||||||
|
require(owner == address(0)); |
||||||
|
owner = payable(msg.sender); |
||||||
|
} |
||||||
|
|
||||||
|
function kill() external { |
||||||
|
require(msg.sender == owner); |
||||||
|
selfdestruct(owner); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
contract Fixed3 is Initializable { |
||||||
|
address payable owner; |
||||||
|
|
||||||
|
constructor() { |
||||||
|
_disableInitializers(); |
||||||
|
} |
||||||
|
|
||||||
|
function initialize() external initializer { |
||||||
|
require(owner == address(0)); |
||||||
|
owner = payable(msg.sender); |
||||||
|
} |
||||||
|
|
||||||
|
function kill() external { |
||||||
|
require(msg.sender == owner); |
||||||
|
selfdestruct(owner); |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,3 @@ |
|||||||
|
[ |
||||||
|
[] |
||||||
|
] |
@ -0,0 +1,15 @@ |
|||||||
|
contract Initializable { |
||||||
|
uint8 private _initialized; |
||||||
|
bool private _initializing; |
||||||
|
|
||||||
|
modifier initializer() { |
||||||
|
_; |
||||||
|
} |
||||||
|
|
||||||
|
function _disableInitializers() internal virtual { |
||||||
|
require(!_initializing, "Initializable: contract is initializing"); |
||||||
|
if (_initialized < type(uint8).max) { |
||||||
|
_initialized = type(uint8).max; |
||||||
|
} |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,5 @@ |
|||||||
|
contract OnlyProxy { |
||||||
|
modifier onlyProxy() { |
||||||
|
_; |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,15 @@ |
|||||||
|
import "./Initializable.sol"; |
||||||
|
import "./OnlyProxy.sol"; |
||||||
|
|
||||||
|
contract Whitelisted is Initializable, OnlyProxy{ |
||||||
|
address payable owner; |
||||||
|
|
||||||
|
function initialize() external initializer onlyProxy { |
||||||
|
owner = payable(msg.sender); |
||||||
|
} |
||||||
|
|
||||||
|
function kill() external { |
||||||
|
require(msg.sender == owner); |
||||||
|
selfdestruct(owner); |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,3 @@ |
|||||||
|
[ |
||||||
|
[] |
||||||
|
] |
Loading…
Reference in new issue