From c522ef9c14acc493948c546b3c50ba261ad64d47 Mon Sep 17 00:00:00 2001 From: Richie Date: Mon, 21 Nov 2022 14:13:34 -0800 Subject: [PATCH 1/2] refactor: add VULNERABLE_SOLC_VERSIONS and logic --- slither/detectors/abstract_detector.py | 15 ++++++++++++ .../compiler_bugs/enum_conversion.py | 23 ++++--------------- 2 files changed, 20 insertions(+), 18 deletions(-) diff --git a/slither/detectors/abstract_detector.py b/slither/detectors/abstract_detector.py index 4ebead96a..56989abcf 100644 --- a/slither/detectors/abstract_detector.py +++ b/slither/detectors/abstract_detector.py @@ -61,6 +61,11 @@ class AbstractDetector(metaclass=abc.ABCMeta): STANDARD_JSON = True + # list of vulnerable solc versions as strings (e.g. ["0.4.25", "0.5.0"]) + # if this list is not empty then the detector will not run unless the solc version is on the list + # an empty list means that the detector will run on any solc version + VULNERABLE_SOLC_VERSIONS = [] + def __init__( self, compilation_unit: SlitherCompilationUnit, slither: "Slither", logger: Logger ): @@ -139,6 +144,11 @@ class AbstractDetector(metaclass=abc.ABCMeta): if self.logger: self.logger.info(self.color(info)) + def _uses_vulnerable_solc_version(self) -> bool: + if self.VULNERABLE_SOLC_VERSIONS: + return self.compilation_unit.solc_version in self.VULNERABLE_SOLC_VERSIONS + return True + @abc.abstractmethod def _detect(self) -> List[Output]: """TODO Documentation""" @@ -147,6 +157,11 @@ class AbstractDetector(metaclass=abc.ABCMeta): # pylint: disable=too-many-branches def detect(self) -> List[Dict]: results: List[Dict] = [] + + # check solc version + if not self._uses_vulnerable_solc_version(): + return results + # only keep valid result, and remove duplicate # Keep only dictionaries for r in [output.data for output in self._detect()]: diff --git a/slither/detectors/compiler_bugs/enum_conversion.py b/slither/detectors/compiler_bugs/enum_conversion.py index 1db166ac2..60a012f10 100644 --- a/slither/detectors/compiler_bugs/enum_conversion.py +++ b/slither/detectors/compiler_bugs/enum_conversion.py @@ -7,18 +7,6 @@ from slither.slithir.operations import TypeConversion from slither.core.declarations.enum import Enum -def _uses_vulnerable_solc_version(version): - """Detect if used compiler version is 0.4.[0|1|2|3|4] - Args: - version (solc version used) - Returns: - Bool - """ - if version in ["0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4"]: - return True - return False - - def _detect_dangerous_enum_conversions(contract): """Detect dangerous conversion to enum by checking IR Args: @@ -54,11 +42,11 @@ class EnumConversion(AbstractDetector): ```solidity pragma solidity 0.4.2; contract Test{ - + enum E{a} - + function bug(uint a) public returns(E){ - return E(a); + return E(a); } } ``` @@ -67,12 +55,11 @@ Attackers can trigger unexpected behaviour by calling `bug(1)`.""" WIKI_RECOMMENDATION = "Use a recent compiler version. If `solc` <`0.4.5` is required, check the `enum` conversion range." + VULNERABLE_SOLC_VERSIONS = ["0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4"] + def _detect(self): """Detect dangerous conversion to enum""" results = [] - # If solc version >= 0.4.5 then return - if not _uses_vulnerable_solc_version(self.compilation_unit.solc_version): - return results for c in self.compilation_unit.contracts: ret = _detect_dangerous_enum_conversions(c) From 2412f834f09636ae33e7308164142ea61c5183bd Mon Sep 17 00:00:00 2001 From: Richie Date: Mon, 28 Nov 2022 09:25:28 -0800 Subject: [PATCH 2/2] fix: add type --- slither/detectors/abstract_detector.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/slither/detectors/abstract_detector.py b/slither/detectors/abstract_detector.py index 56989abcf..d00a9a780 100644 --- a/slither/detectors/abstract_detector.py +++ b/slither/detectors/abstract_detector.py @@ -64,7 +64,7 @@ class AbstractDetector(metaclass=abc.ABCMeta): # list of vulnerable solc versions as strings (e.g. ["0.4.25", "0.5.0"]) # if this list is not empty then the detector will not run unless the solc version is on the list # an empty list means that the detector will run on any solc version - VULNERABLE_SOLC_VERSIONS = [] + VULNERABLE_SOLC_VERSIONS: List[str] = [] def __init__( self, compilation_unit: SlitherCompilationUnit, slither: "Slither", logger: Logger