TheDude
/
slither
mirror of https://github.com/crytic/slither
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Run Black

Browse Source
pull/612/head
Josselin 4 years ago
parent 88954ac6d9
commit 3f706061e4
16 changed files with 286 additions and 194 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 59
      examples/scripts/call_graph.py
  2. 10
      examples/scripts/convert_to_evm_ins.py
  3. 14
      examples/scripts/convert_to_ir.py
  4. 146
      examples/scripts/data_dependency.py
  5. 6
      examples/scripts/export_dominator_tree_to_dot.py
  6. 6
      examples/scripts/export_to_dot.py
  7. 8
      examples/scripts/functions_called.py
  8. 6
      examples/scripts/functions_writing.py
  9. 56
      examples/scripts/possible_paths.py
  10. 10
      examples/scripts/slithIR.py
  11. 37
      examples/scripts/taint_mapping.py
  12. 20
      examples/scripts/variable_in_condition.py
  13. 20
      plugin_example/setup.py
  14. 17
      plugin_example/slither_my_plugin/detectors/example.py
  15. 19
      scripts/json_diff.py
  16. 46
      setup.py

59
examples/scripts/call_graph.py
Unescape View File

@ -9,38 +9,70 @@ logging.basicConfig()
logging.getLogger("Slither").setLevel(logging.INFO)
logging.getLogger("Printers").setLevel(logging.INFO)
class PrinterCallGraphStateChange(PrinterCallGraph):
def _process_function(self, contract, function, contract_functions, contract_calls, solidity_functions, solidity_calls, external_calls, all_contracts):
class PrinterCallGraphStateChange(PrinterCallGraph):
def _process_function(
self,
contract,
function,
contract_functions,
contract_calls,
solidity_functions,
solidity_calls,
external_calls,
all_contracts,
):
if function.view or function.pure:
return
super()._process_function(contract, function, contract_functions, contract_calls, solidity_functions, solidity_calls, external_calls, all_contracts)
super()._process_function(
contract,
function,
contract_functions,
contract_calls,
solidity_functions,
solidity_calls,
external_calls,
all_contracts,
)
def _process_internal_call(self, contract, function, internal_call, contract_calls, solidity_functions, solidity_calls):
def _process_internal_call(
self, contract, function, internal_call, contract_calls, solidity_functions, solidity_calls
):
if isinstance(internal_call, Function):
if internal_call.view or internal_call.pure:
return
super()._process_internal_call(contract, function, internal_call, contract_calls, solidity_functions, solidity_calls)
super()._process_internal_call(
contract, function, internal_call, contract_calls, solidity_functions, solidity_calls
)
def _process_external_call(self, contract, function, external_call, contract_functions, external_calls, all_contracts):
def _process_external_call(
self, contract, function, external_call, contract_functions, external_calls, all_contracts
):
if isinstance(external_call[1], Function):
if external_call[1].view or external_call[1].pure:
return
super()._process_external_call(contract, function, external_call, contract_functions, external_calls, all_contracts)
super()._process_external_call(
contract, function, external_call, contract_functions, external_calls, all_contracts
)
def parse_args():
"""
"""
parser = argparse.ArgumentParser(description='Call graph printer. Similar to --print call-graph, but without printing the view/pure functions',
usage='call_graph.py filename')
parser = argparse.ArgumentParser(
description="Call graph printer. Similar to --print call-graph, but without printing the view/pure functions",
usage="call_graph.py filename",
)
parser.add_argument('filename',
help='The filename of the contract or truffle directory to analyze.')
parser.add_argument(
"filename", help="The filename of the contract or truffle directory to analyze."
)
parser.add_argument('--solc', help='solc path', default='solc')
parser.add_argument("--solc", help="solc path", default="solc")
return parser.parse_args()
def main():
args = parse_args()
@ -50,5 +82,6 @@ def main():
slither.run_printers()
if __name__ == '__main__':
if __name__ == "__main__":
main()

10
examples/scripts/convert_to_evm_ins.py
Unescape View File

@ -3,14 +3,14 @@ from slither.slither import Slither
from slither.evm.convert import SourceToEVM
if len(sys.argv) != 2:
print('python3 function_called.py functions_called.sol')
print("python3 function_called.py functions_called.sol")
exit(-1)
# Init slither
slither = Slither(sys.argv[1])
# Get the contract evm instructions
contract = slither.get_contract_from_name('Test')
contract = slither.get_contract_from_name("Test")
contract_ins = SourceToEVM.get_evm_instructions(contract)
print("## Contract evm instructions: {} ##".format(contract.name))
for ins in contract_ins:
@ -22,14 +22,14 @@ print("## Function evm instructions: {} ##".format(constructor.name))
constructor_ins = SourceToEVM.get_evm_instructions(constructor)
for ins in constructor_ins:
print(str(ins))
# Get the function evm instructions
function = contract.get_function_from_signature('foo()')
function = contract.get_function_from_signature("foo()")
print("## Function evm instructions: {} ##".format(function.name))
function_ins = SourceToEVM.get_evm_instructions(function)
for ins in function_ins:
print(str(ins))
# Get the node evm instructions
nodes = function.nodes
for node in nodes:

14
examples/scripts/convert_to_ir.py
Unescape View File

@ -4,27 +4,25 @@ from slither.slithir.convert import convert_expression
if len(sys.argv) != 2:
print('python function_called.py functions_called.sol')
print("python function_called.py functions_called.sol")
exit(-1)
# Init slither
slither = Slither(sys.argv[1])
# Get the contract
contract = slither.get_contract_from_name('Test')
contract = slither.get_contract_from_name("Test")
# Get the variable
test = contract.get_function_from_signature('one()')
test = contract.get_function_from_signature("one()")
nodes = test.nodes
for node in nodes:
if node.expression:
print('Expression:\n\t{}'.format(node.expression))
print("Expression:\n\t{}".format(node.expression))
irs = convert_expression(node.expression)
print('IR expressions:')
print("IR expressions:")
for ir in irs:
print('\t{}'.format(ir))
print("\t{}".format(ir))
print()

146
examples/scripts/data_dependency.py
Unescape View File

@ -1,95 +1,139 @@
import sys
from slither import Slither
from slither.analyses.data_dependency.data_dependency import is_dependent, is_tainted, pprint_dependency
from slither.analyses.data_dependency.data_dependency import (
is_dependent,
is_tainted,
pprint_dependency,
)
from slither.core.declarations.solidity_variables import SolidityVariableComposed
if len(sys.argv) != 2:
print('Usage: python data_dependency.py file.sol')
print("Usage: python data_dependency.py file.sol")
exit(-1)
slither = Slither(sys.argv[1])
contract = slither.get_contract_from_name('Simple')
contract = slither.get_contract_from_name("Simple")
destination = contract.get_state_variable_from_name('destination')
source = contract.get_state_variable_from_name('source')
destination = contract.get_state_variable_from_name("destination")
source = contract.get_state_variable_from_name("source")
print('{} is dependent of {}: {}'.format(source, destination, is_dependent(source, destination, contract)))
print(
"{} is dependent of {}: {}".format(
source, destination, is_dependent(source, destination, contract)
)
)
assert not is_dependent(source, destination, contract)
print('{} is dependent of {}: {}'.format(destination, source, is_dependent(destination, source, contract)))
print(
"{} is dependent of {}: {}".format(
destination, source, is_dependent(destination, source, contract)
)
)
assert is_dependent(destination, source, contract)
print('{} is tainted {}'.format(source, is_tainted(source, contract)))
print("{} is tainted {}".format(source, is_tainted(source, contract)))
assert not is_tainted(source, contract)
print('{} is tainted {}'.format(destination, is_tainted(destination, contract)))
print("{} is tainted {}".format(destination, is_tainted(destination, contract)))
assert is_tainted(destination, contract)
contract = slither.get_contract_from_name('Reference')
contract = slither.get_contract_from_name("Reference")
destination = contract.get_state_variable_from_name('destination')
source = contract.get_state_variable_from_name('source')
destination = contract.get_state_variable_from_name("destination")
source = contract.get_state_variable_from_name("source")
print('Reference contract')
print('{} is dependent of {}: {}'.format(source, destination, is_dependent(source, destination, contract)))
print("Reference contract")
print(
"{} is dependent of {}: {}".format(
source, destination, is_dependent(source, destination, contract)
)
)
assert not is_dependent(source, destination, contract)
print('{} is dependent of {}: {}'.format(destination, source, is_dependent(destination, source, contract)))
print(
"{} is dependent of {}: {}".format(
destination, source, is_dependent(destination, source, contract)
)
)
assert is_dependent(destination, source, contract)
print('{} is tainted {}'.format(source, is_tainted(source, contract)))
print("{} is tainted {}".format(source, is_tainted(source, contract)))
assert not is_tainted(source, contract)
print('{} is tainted {}'.format(destination, is_tainted(destination, contract)))
print("{} is tainted {}".format(destination, is_tainted(destination, contract)))
assert is_tainted(destination, contract)
destination_indirect_1 = contract.get_state_variable_from_name('destination_indirect_1')
print('{} is tainted {}'.format(destination_indirect_1, is_tainted(destination_indirect_1, contract)))
destination_indirect_1 = contract.get_state_variable_from_name("destination_indirect_1")
print(
"{} is tainted {}".format(destination_indirect_1, is_tainted(destination_indirect_1, contract))
)
assert is_tainted(destination_indirect_1, contract)
destination_indirect_2 = contract.get_state_variable_from_name('destination_indirect_2')
print('{} is tainted {}'.format(destination_indirect_2, is_tainted(destination_indirect_2, contract)))
destination_indirect_2 = contract.get_state_variable_from_name("destination_indirect_2")
print(
"{} is tainted {}".format(destination_indirect_2, is_tainted(destination_indirect_2, contract))
)
assert is_tainted(destination_indirect_2, contract)
print('SolidityVar contract')
print("SolidityVar contract")
contract = slither.get_contract_from_name('SolidityVar')
contract = slither.get_contract_from_name("SolidityVar")
addr_1 = contract.get_state_variable_from_name('addr_1')
addr_2 = contract.get_state_variable_from_name('addr_2')
msgsender = SolidityVariableComposed('msg.sender')
print('{} is dependent of {}: {}'.format(addr_1, msgsender, is_dependent(addr_1, msgsender, contract)))
addr_1 = contract.get_state_variable_from_name("addr_1")
addr_2 = contract.get_state_variable_from_name("addr_2")
msgsender = SolidityVariableComposed("msg.sender")
print(
"{} is dependent of {}: {}".format(addr_1, msgsender, is_dependent(addr_1, msgsender, contract))
)
assert is_dependent(addr_1, msgsender, contract)
print('{} is dependent of {}: {}'.format(addr_2, msgsender, is_dependent(addr_2, msgsender, contract)))
print(
"{} is dependent of {}: {}".format(addr_2, msgsender, is_dependent(addr_2, msgsender, contract))
)
assert not is_dependent(addr_2, msgsender, contract)
print('Intermediate contract')
contract = slither.get_contract_from_name('Intermediate')
destination = contract.get_state_variable_from_name('destination')
source = contract.get_state_variable_from_name('source')
print("Intermediate contract")
contract = slither.get_contract_from_name("Intermediate")
destination = contract.get_state_variable_from_name("destination")
source = contract.get_state_variable_from_name("source")
print('{} is dependent of {}: {}'.format(destination, source, is_dependent(destination, source, contract)))
print(
"{} is dependent of {}: {}".format(
destination, source, is_dependent(destination, source, contract)
)
)
assert is_dependent(destination, source, contract)
print('Base Derived contract')
contract = slither.get_contract_from_name('Base')
contract_derived = slither.get_contract_from_name('Derived')
destination = contract.get_state_variable_from_name('destination')
source = contract.get_state_variable_from_name('source')
print('{} is dependent of {}: {} (base)'.format(destination, source, is_dependent(destination, source, contract)))
print("Base Derived contract")
contract = slither.get_contract_from_name("Base")
contract_derived = slither.get_contract_from_name("Derived")
destination = contract.get_state_variable_from_name("destination")
source = contract.get_state_variable_from_name("source")
print(
"{} is dependent of {}: {} (base)".format(
destination, source, is_dependent(destination, source, contract)
)
)
assert not is_dependent(destination, source, contract)
print('{} is dependent of {}: {} (derived)'.format(destination, source, is_dependent(destination, source, contract_derived)))
print(
"{} is dependent of {}: {} (derived)".format(
destination, source, is_dependent(destination, source, contract_derived)
)
)
assert is_dependent(destination, source, contract_derived)
print('PropagateThroughArguments contract')
contract = slither.get_contract_from_name('PropagateThroughArguments')
var_tainted = contract.get_state_variable_from_name('var_tainted')
var_not_tainted = contract.get_state_variable_from_name('var_not_tainted')
var_dependant = contract.get_state_variable_from_name('var_dependant')
print("PropagateThroughArguments contract")
contract = slither.get_contract_from_name("PropagateThroughArguments")
var_tainted = contract.get_state_variable_from_name("var_tainted")
var_not_tainted = contract.get_state_variable_from_name("var_not_tainted")
var_dependant = contract.get_state_variable_from_name("var_dependant")
f = contract.get_function_from_signature('f(uint256)')
f = contract.get_function_from_signature("f(uint256)")
user_input = f.parameters[0]
f2 = contract.get_function_from_signature('f2(uint256,uint256)')
f2 = contract.get_function_from_signature("f2(uint256,uint256)")
print('{} is dependent of {}: {} (base)'.format(var_dependant, user_input, is_dependent(var_dependant, user_input, contract)))
print(
"{} is dependent of {}: {} (base)".format(
var_dependant, user_input, is_dependent(var_dependant, user_input, contract)
)
)
assert is_dependent(var_dependant, user_input, contract)
print('{} is tainted: {}'.format(var_tainted, is_tainted(var_tainted, contract)))
print("{} is tainted: {}".format(var_tainted, is_tainted(var_tainted, contract)))
assert is_tainted(var_tainted, contract)
print('{} is tainted: {}'.format(var_not_tainted, is_tainted(var_not_tainted, contract)))
print("{} is tainted: {}".format(var_not_tainted, is_tainted(var_not_tainted, contract)))
assert not is_tainted(var_not_tainted, contract)

6
examples/scripts/export_dominator_tree_to_dot.py
Unescape View File

@ -3,7 +3,7 @@ from slither.slither import Slither
if len(sys.argv) != 2:
print('python export_dominator_tree_to_dot.py contract.sol')
print("python export_dominator_tree_to_dot.py contract.sol")
exit(-1)
# Init slither
@ -12,7 +12,5 @@ slither = Slither(sys.argv[1])
for contract in slither.contracts:
for function in contract.functions + contract.modifiers:
filename = "{}-{}-{}_dom.dot".format(sys.argv[1], contract.name, function.full_name)
print('Export {}'.format(filename))
print("Export {}".format(filename))
function.dominator_tree_to_dot(filename)

6
examples/scripts/export_to_dot.py
Unescape View File

@ -3,7 +3,7 @@ from slither.slither import Slither
if len(sys.argv) != 2:
print('python function_called.py contract.sol')
print("python function_called.py contract.sol")
exit(-1)
# Init slither
@ -12,7 +12,5 @@ slither = Slither(sys.argv[1])
for contract in slither.contracts:
for function in contract.functions + contract.modifiers:
filename = "{}-{}-{}.dot".format(sys.argv[1], contract.name, function.full_name)
print('Export {}'.format(filename))
print("Export {}".format(filename))
function.slithir_cfg_to_dot(filename)

8
examples/scripts/functions_called.py
Unescape View File

@ -2,21 +2,21 @@ import sys
from slither.slither import Slither
if len(sys.argv) != 2:
print('python functions_called.py functions_called.sol')
print("python functions_called.py functions_called.sol")
exit(-1)
# Init slither
slither = Slither(sys.argv[1])
# Get the contract
contract = slither.get_contract_from_name('Contract')
contract = slither.get_contract_from_name("Contract")
# Get the variable
entry_point = contract.get_function_from_signature('entry_point()')
entry_point = contract.get_function_from_signature("entry_point()")
all_calls = entry_point.all_internal_calls()
all_calls_formated = [f.canonical_name for f in all_calls]
# Print the result
print('From entry_point the functions reached are {}'.format(all_calls_formated))
print("From entry_point the functions reached are {}".format(all_calls_formated))

6
examples/scripts/functions_writing.py
Unescape View File

@ -2,17 +2,17 @@ import sys
from slither.slither import Slither
if len(sys.argv) != 2:
print('python function_writing.py functions_writing.sol')
print("python function_writing.py functions_writing.sol")
exit(-1)
# Init slither
slither = Slither(sys.argv[1])
# Get the contract
contract = slither.get_contract_from_name('Contract')
contract = slither.get_contract_from_name("Contract")
# Get the variable
var_a = contract.get_state_variable_from_name('a')
var_a = contract.get_state_variable_from_name("a")
# Get the functions writing the variable
functions_writing_a = contract.get_functions_writing_to_variable(var_a)

56
examples/scripts/possible_paths.py
Unescape View File

@ -18,7 +18,9 @@ def resolve_function(contract_name, function_name):
raise ValueError(f"Could not resolve target contract: {contract_name}")
# Obtain the target function
target_function = next((function for function in contract.functions if function.name == function_name), None)
target_function = next(
(function for function in contract.functions if function.name == function_name), None
)
# Verify we have resolved the function specified.
if target_function is None:
@ -46,17 +48,23 @@ def resolve_functions(functions):
for item in functions:
if isinstance(item, str):
# If the item is a single string, we assume it is of form 'ContractName.FunctionName'.
parts = item.split('.')
parts = item.split(".")
if len(parts) < 2:
raise ValueError("Provided string descriptor must be of form 'ContractName.FunctionName'")
raise ValueError(
"Provided string descriptor must be of form 'ContractName.FunctionName'"
)
resolved.append(resolve_function(parts[0], parts[1]))
elif isinstance(item, tuple):
# If the item is a tuple, it should be a 2-tuple providing contract and function names.
if len(item) != 2:
raise ValueError("Provided tuple descriptor must provide a contract and function name.")
raise ValueError(
"Provided tuple descriptor must provide a contract and function name."
)
resolved.append(resolve_function(item[0], item[1]))
else:
raise ValueError(f"Unexpected function descriptor type to resolve in list: {type(item)}")
raise ValueError(
f"Unexpected function descriptor type to resolve in list: {type(item)}"
)
# Return the resolved list.
return resolved
@ -68,9 +76,12 @@ def all_function_definitions(function):
:param function: The function to obtain all definitions at and beneath.
:return: Returns a list composed of the provided function definition and any base definitions.
"""
return [function] + [f for c in function.contract.inheritance
for f in c.functions_and_modifiers_declared
if f.full_name == function.full_name]
return [function] + [
f
for c in function.contract.inheritance
for f in c.functions_and_modifiers_declared
if f.full_name == function.full_name
]
def __find_target_paths(target_function, current_path=[]):
@ -104,7 +115,7 @@ def __find_target_paths(target_function, current_path=[]):
results = results.union(path_results)
# If this path is external accessible from this point, we add the current path to the list.
if target_function.visibility in ['public', 'external'] and len(current_path) > 1:
if target_function.visibility in ["public", "external"] and len(current_path) > 1:
results.add(tuple(current_path))
return results
@ -131,18 +142,23 @@ def parse_args():
Parse the underlying arguments for the program.
:return: Returns the arguments for the program.
"""
parser = argparse.ArgumentParser(description='PossiblePaths',
usage='possible_paths.py [--is-truffle] filename [contract.function targets]')
parser = argparse.ArgumentParser(
description="PossiblePaths",
usage="possible_paths.py [--is-truffle] filename [contract.function targets]",
)
parser.add_argument('--is-truffle',
help='Indicates the filename refers to a truffle directory path.',
action='store_true',
default=False)
parser.add_argument(
"--is-truffle",
help="Indicates the filename refers to a truffle directory path.",
action="store_true",
default=False,
)
parser.add_argument('filename',
help='The filename of the contract or truffle directory to analyze.')
parser.add_argument(
"filename", help="The filename of the contract or truffle directory to analyze."
)
parser.add_argument('targets', nargs='+')
parser.add_argument("targets", nargs="+")
return parser.parse_args()
@ -184,7 +200,9 @@ for function_desc in sorted([f"{f.canonical_name}" for f in reaching_functions])
print("\n")
# Format all function paths.
reaching_paths_str = [' -> '.join([f"{f.canonical_name}" for f in reaching_path]) for reaching_path in reaching_paths]
reaching_paths_str = [
" -> ".join([f"{f.canonical_name}" for f in reaching_path]) for reaching_path in reaching_paths
]
# Print a sorted list of all function paths which can reach the targets.
print(f"The following paths reach the specified targets:")

10
examples/scripts/slithIR.py
Unescape View File

@ -2,7 +2,7 @@ import sys
from slither import Slither
if len(sys.argv) != 2:
print('python slithIR.py contract.sol')
print("python slithIR.py contract.sol")
exit(-1)
# Init slither
@ -17,7 +17,7 @@ for contract in slither.contracts:
# Dont explore inherited functions
if function.contract_declarer == contract:
print('Function: {}'.format(function.name))
print("Function: {}".format(function.name))
# Iterate over the nodes of the function
for node in function.nodes:
@ -26,7 +26,7 @@ for contract in slither.contracts:
# And the SlithIR operations
if node.expression:
print('\tSolidity expression: {}'.format(node.expression))
print('\tSlithIR:')
print("\tSolidity expression: {}".format(node.expression))
print("\tSlithIR:")
for ir in node.irs:
print('\t\t\t{}'.format(ir))
print("\t\t\t{}".format(ir))

37
examples/scripts/taint_mapping.py
Unescape View File

@ -1,7 +1,6 @@
import sys
from slither.core.declarations.solidity_variables import \
SolidityVariableComposed
from slither.core.declarations.solidity_variables import SolidityVariableComposed
from slither.core.variables.state_variable import StateVariable
from slither.slither import Slither
from slither.slithir.operations.high_level_call import HighLevelCall
@ -27,17 +26,17 @@ def visit_node(node, visited):
else:
read = ir.read
print(ir)
print('Refs {}'.format(refs))
print('Read {}'.format([str(x) for x in ir.read]))
print('Before {}'.format([str(x) for x in taints]))
print("Refs {}".format(refs))
print("Read {}".format([str(x) for x in ir.read]))
print("Before {}".format([str(x) for x in taints]))
if any(var_read in taints for var_read in read):
taints += [ir.lvalue]
lvalue = ir.lvalue
while isinstance(lvalue, ReferenceVariable):
while isinstance(lvalue, ReferenceVariable):
taints += [refs[lvalue]]
lvalue = refs[lvalue]
print('After {}'.format([str(x) for x in taints]))
print("After {}".format([str(x) for x in taints]))
print()
taints = [v for v in taints if not isinstance(v, (TemporaryVariable, ReferenceVariable))]
@ -47,38 +46,44 @@ def visit_node(node, visited):
for son in node.sons:
visit_node(son, visited)
def check_call(func, taints):
for node in func.nodes:
for ir in node.irs:
if isinstance(ir, HighLevelCall):
if ir.destination in taints:
print('Call to tainted address found in {}'.format(function.name))
print("Call to tainted address found in {}".format(function.name))
if __name__ == "__main__":
if len(sys.argv) != 2:
print('python taint_mapping.py taint.sol')
print("python taint_mapping.py taint.sol")
exit(-1)
# Init slither
slither = Slither(sys.argv[1])
initial_taint = [SolidityVariableComposed('msg.sender')]
initial_taint += [SolidityVariableComposed('msg.value')]
initial_taint = [SolidityVariableComposed("msg.sender")]
initial_taint += [SolidityVariableComposed("msg.value")]
KEY = 'TAINT'
KEY = "TAINT"
prev_taints = []
slither.context[KEY] = initial_taint
while(set(prev_taints) != set(slither.context[KEY])):
while set(prev_taints) != set(slither.context[KEY]):
prev_taints = slither.context[KEY]
for contract in slither.contracts:
for function in contract.functions:
print('Function {}'.format(function.name))
print("Function {}".format(function.name))
slither.context[KEY] = list(set(slither.context[KEY] + function.parameters))
visit_node(function.entry_point, [])
print('All variables tainted : {}'.format([str(v) for v in slither.context[KEY]]))
print("All variables tainted : {}".format([str(v) for v in slither.context[KEY]]))
print('All state variables tainted : {}'.format([str(v) for v in prev_taints if isinstance(v, StateVariable)]))
print(
"All state variables tainted : {}".format(
[str(v) for v in prev_taints if isinstance(v, StateVariable)]
)
)
for function in contract.functions:
check_call(function, slither.context[KEY])

20
examples/scripts/variable_in_condition.py
Unescape View File

@ -2,24 +2,30 @@ import sys
from slither.slither import Slither
if len(sys.argv) != 2:
print('python variable_in_condition.py variable_in_condition.sol')
print("python variable_in_condition.py variable_in_condition.sol")
exit(-1)
# Init slither
slither = Slither(sys.argv[1])
# Get the contract
contract = slither.get_contract_from_name('Contract')
contract = slither.get_contract_from_name("Contract")
# Get the variable
var_a = contract.get_state_variable_from_name('a')
var_a = contract.get_state_variable_from_name("a")
# Get the functions reading the variable
functions_reading_a = contract.get_functions_reading_from_variable(var_a)
function_using_a_as_condition = [f for f in functions_reading_a if\
f.is_reading_in_conditional_node(var_a) or\
f.is_reading_in_require_or_assert(var_a)]
function_using_a_as_condition = [
f
for f in functions_reading_a
if f.is_reading_in_conditional_node(var_a) or f.is_reading_in_require_or_assert(var_a)
]
# Print the result
print('The function using "a" in condition are {}'.format([f.name for f in function_using_a_as_condition]))
print(
'The function using "a" in condition are {}'.format(
[f.name for f in function_using_a_as_condition]
)
)

20
plugin_example/setup.py
Unescape View File

@ -1,17 +1,13 @@
from setuptools import setup, find_packages
setup(
name='slither-my-plugins',
description='This is an example of detectors and printers to Slither.',
url='https://github.com/trailofbits/slither-plugins',
author='Trail of Bits',
version='0.0',
name="slither-my-plugins",
description="This is an example of detectors and printers to Slither.",
url="https://github.com/trailofbits/slither-plugins",
author="Trail of Bits",
version="0.0",
packages=find_packages(),
python_requires='>=3.6',
install_requires=[
'slither-analyzer==0.1'
],
entry_points={
'slither_analyzer.plugin': 'slither my-plugin=slither_my_plugin:make_plugin',
}
python_requires=">=3.6",
install_requires=["slither-analyzer==0.1"],
entry_points={"slither_analyzer.plugin": "slither my-plugin=slither_my_plugin:make_plugin",},
)

17
plugin_example/slither_my_plugin/detectors/example.py
Unescape View File

@ -1,4 +1,3 @@
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
@ -7,21 +6,21 @@ class Example(AbstractDetector):
Documentation
"""
ARGUMENT = 'mydetector' # slither will launch the detector with slither.py --mydetector
HELP = 'Help printed by slither'
ARGUMENT = "mydetector" # slither will launch the detector with slither.py --mydetector
HELP = "Help printed by slither"
IMPACT = DetectorClassification.HIGH
CONFIDENCE = DetectorClassification.HIGH
WIKI = ''
WIKI = ""
WIKI_TITLE = ''
WIKI_DESCRIPTION = ''
WIKI_EXPLOIT_SCENARIO = ''
WIKI_RECOMMENDATION = ''
WIKI_TITLE = ""
WIKI_DESCRIPTION = ""
WIKI_EXPLOIT_SCENARIO = ""
WIKI_RECOMMENDATION = ""
def _detect(self):
info = 'This is an example!'
info = "This is an example!"
json = self.generate_result(info)

19
scripts/json_diff.py
Unescape View File

@ -1,27 +1,26 @@
import sys
import json
from deepdiff import DeepDiff # pip install deepdiff
from deepdiff import DeepDiff # pip install deepdiff
from pprint import pprint
if len(sys.argv) !=3:
print('Usage: python json_diff.py 1.json 2.json')
if len(sys.argv) != 3:
print("Usage: python json_diff.py 1.json 2.json")
exit(-1)
with open(sys.argv[1], encoding='utf8') as f:
with open(sys.argv[1], encoding="utf8") as f:
d1 = json.load(f)
with open(sys.argv[2], encoding='utf8') as f:
with open(sys.argv[2], encoding="utf8") as f:
d2 = json.load(f)
# Remove description field to allow non deterministic print
for elem in d1:
if 'description' in elem:
del elem['description']
if "description" in elem:
del elem["description"]
for elem in d2:
if 'description' in elem:
del elem['description']
if "description" in elem:
del elem["description"]
pprint(DeepDiff(d1, d2, ignore_order=True, verbose_level=2))

46
setup.py
Unescape View File

@ -1,31 +1,29 @@
from setuptools import setup, find_packages
setup(
name='slither-analyzer',
description='Slither is a Solidity static analysis framework written in Python 3.',
url='https://github.com/crytic/slither',
author='Trail of Bits',
version='0.6.12',
name="slither-analyzer",
description="Slither is a Solidity static analysis framework written in Python 3.",
url="https://github.com/crytic/slither",
author="Trail of Bits",
version="0.6.12",
packages=find_packages(),
python_requires='>=3.6',
install_requires=['prettytable>=0.7.2',
'pysha3>=1.0.2',
'crytic-compile>=0.1.8'],
# 'crytic-compile'],
# dependency_links=['git+https://github.com/crytic/crytic-compile.git@master#egg=crytic-compile'],
license='AGPL-3.0',
long_description=open('README.md').read(),
python_requires=">=3.6",
install_requires=["prettytable>=0.7.2", "pysha3>=1.0.2", "crytic-compile>=0.1.8"],
# 'crytic-compile'],
# dependency_links=['git+https://github.com/crytic/crytic-compile.git@master#egg=crytic-compile'],
license="AGPL-3.0",
long_description=open("README.md").read(),
entry_points={
'console_scripts': [
'slither = slither.__main__:main',
'slither-check-upgradeability = slither.tools.upgradeability.__main__:main',
'slither-find-paths = slither.tools.possible_paths.__main__:main',
'slither-simil = slither.tools.similarity.__main__:main',
'slither-flat = slither.tools.flattening.__main__:main',
'slither-format = slither.tools.slither_format.__main__:main',
'slither-check-erc = slither.tools.erc_conformance.__main__:main',
'slither-check-kspec = slither.tools.kspec_coverage.__main__:main',
'slither-prop = slither.tools.properties.__main__:main'
"console_scripts": [
"slither = slither.__main__:main",
"slither-check-upgradeability = slither.tools.upgradeability.__main__:main",
"slither-find-paths = slither.tools.possible_paths.__main__:main",
"slither-simil = slither.tools.similarity.__main__:main",
"slither-flat = slither.tools.flattening.__main__:main",
"slither-format = slither.tools.slither_format.__main__:main",
"slither-check-erc = slither.tools.erc_conformance.__main__:main",
"slither-check-kspec = slither.tools.kspec_coverage.__main__:main",
"slither-prop = slither.tools.properties.__main__:main",
]
}
},
)

Write Preview
Loading…
Cancel
Save