From 3f706061e4f7857d9cef6f2608084366d06d5ab5 Mon Sep 17 00:00:00 2001 From: Josselin Date: Mon, 31 Aug 2020 12:19:18 +0200 Subject: [PATCH] Run Black --- examples/scripts/call_graph.py | 59 +++++-- examples/scripts/convert_to_evm_ins.py | 10 +- examples/scripts/convert_to_ir.py | 14 +- examples/scripts/data_dependency.py | 146 ++++++++++++------ .../scripts/export_dominator_tree_to_dot.py | 6 +- examples/scripts/export_to_dot.py | 6 +- examples/scripts/functions_called.py | 8 +- examples/scripts/functions_writing.py | 6 +- examples/scripts/possible_paths.py | 56 ++++--- examples/scripts/slithIR.py | 10 +- examples/scripts/taint_mapping.py | 37 +++-- examples/scripts/variable_in_condition.py | 20 ++- plugin_example/setup.py | 20 +-- .../slither_my_plugin/detectors/example.py | 17 +- scripts/json_diff.py | 19 ++- setup.py | 46 +++--- 16 files changed, 286 insertions(+), 194 deletions(-) diff --git a/examples/scripts/call_graph.py b/examples/scripts/call_graph.py index 7d1537d91..b19745cde 100644 --- a/examples/scripts/call_graph.py +++ b/examples/scripts/call_graph.py @@ -9,38 +9,70 @@ logging.basicConfig() logging.getLogger("Slither").setLevel(logging.INFO) logging.getLogger("Printers").setLevel(logging.INFO) -class PrinterCallGraphStateChange(PrinterCallGraph): - def _process_function(self, contract, function, contract_functions, contract_calls, solidity_functions, solidity_calls, external_calls, all_contracts): +class PrinterCallGraphStateChange(PrinterCallGraph): + def _process_function( + self, + contract, + function, + contract_functions, + contract_calls, + solidity_functions, + solidity_calls, + external_calls, + all_contracts, + ): if function.view or function.pure: return - super()._process_function(contract, function, contract_functions, contract_calls, solidity_functions, solidity_calls, external_calls, all_contracts) + super()._process_function( + contract, + function, + contract_functions, + contract_calls, + solidity_functions, + solidity_calls, + external_calls, + all_contracts, + ) - def _process_internal_call(self, contract, function, internal_call, contract_calls, solidity_functions, solidity_calls): + def _process_internal_call( + self, contract, function, internal_call, contract_calls, solidity_functions, solidity_calls + ): if isinstance(internal_call, Function): if internal_call.view or internal_call.pure: return - super()._process_internal_call(contract, function, internal_call, contract_calls, solidity_functions, solidity_calls) + super()._process_internal_call( + contract, function, internal_call, contract_calls, solidity_functions, solidity_calls + ) - def _process_external_call(self, contract, function, external_call, contract_functions, external_calls, all_contracts): + def _process_external_call( + self, contract, function, external_call, contract_functions, external_calls, all_contracts + ): if isinstance(external_call[1], Function): if external_call[1].view or external_call[1].pure: return - super()._process_external_call(contract, function, external_call, contract_functions, external_calls, all_contracts) + super()._process_external_call( + contract, function, external_call, contract_functions, external_calls, all_contracts + ) + def parse_args(): """ """ - parser = argparse.ArgumentParser(description='Call graph printer. Similar to --print call-graph, but without printing the view/pure functions', - usage='call_graph.py filename') + parser = argparse.ArgumentParser( + description="Call graph printer. Similar to --print call-graph, but without printing the view/pure functions", + usage="call_graph.py filename", + ) - parser.add_argument('filename', - help='The filename of the contract or truffle directory to analyze.') + parser.add_argument( + "filename", help="The filename of the contract or truffle directory to analyze." + ) - parser.add_argument('--solc', help='solc path', default='solc') + parser.add_argument("--solc", help="solc path", default="solc") return parser.parse_args() + def main(): args = parse_args() @@ -50,5 +82,6 @@ def main(): slither.run_printers() -if __name__ == '__main__': + +if __name__ == "__main__": main() diff --git a/examples/scripts/convert_to_evm_ins.py b/examples/scripts/convert_to_evm_ins.py index c6aa3ca2d..4c98af58f 100644 --- a/examples/scripts/convert_to_evm_ins.py +++ b/examples/scripts/convert_to_evm_ins.py @@ -3,14 +3,14 @@ from slither.slither import Slither from slither.evm.convert import SourceToEVM if len(sys.argv) != 2: - print('python3 function_called.py functions_called.sol') + print("python3 function_called.py functions_called.sol") exit(-1) # Init slither slither = Slither(sys.argv[1]) # Get the contract evm instructions -contract = slither.get_contract_from_name('Test') +contract = slither.get_contract_from_name("Test") contract_ins = SourceToEVM.get_evm_instructions(contract) print("## Contract evm instructions: {} ##".format(contract.name)) for ins in contract_ins: @@ -22,14 +22,14 @@ print("## Function evm instructions: {} ##".format(constructor.name)) constructor_ins = SourceToEVM.get_evm_instructions(constructor) for ins in constructor_ins: print(str(ins)) - + # Get the function evm instructions -function = contract.get_function_from_signature('foo()') +function = contract.get_function_from_signature("foo()") print("## Function evm instructions: {} ##".format(function.name)) function_ins = SourceToEVM.get_evm_instructions(function) for ins in function_ins: print(str(ins)) - + # Get the node evm instructions nodes = function.nodes for node in nodes: diff --git a/examples/scripts/convert_to_ir.py b/examples/scripts/convert_to_ir.py index 72f79ba64..9ab9d51f2 100644 --- a/examples/scripts/convert_to_ir.py +++ b/examples/scripts/convert_to_ir.py @@ -4,27 +4,25 @@ from slither.slithir.convert import convert_expression if len(sys.argv) != 2: - print('python function_called.py functions_called.sol') + print("python function_called.py functions_called.sol") exit(-1) # Init slither slither = Slither(sys.argv[1]) # Get the contract -contract = slither.get_contract_from_name('Test') +contract = slither.get_contract_from_name("Test") # Get the variable -test = contract.get_function_from_signature('one()') +test = contract.get_function_from_signature("one()") nodes = test.nodes for node in nodes: if node.expression: - print('Expression:\n\t{}'.format(node.expression)) + print("Expression:\n\t{}".format(node.expression)) irs = convert_expression(node.expression) - print('IR expressions:') + print("IR expressions:") for ir in irs: - print('\t{}'.format(ir)) + print("\t{}".format(ir)) print() - - diff --git a/examples/scripts/data_dependency.py b/examples/scripts/data_dependency.py index 74ca96c04..e28d8c7a2 100644 --- a/examples/scripts/data_dependency.py +++ b/examples/scripts/data_dependency.py @@ -1,95 +1,139 @@ import sys from slither import Slither -from slither.analyses.data_dependency.data_dependency import is_dependent, is_tainted, pprint_dependency +from slither.analyses.data_dependency.data_dependency import ( + is_dependent, + is_tainted, + pprint_dependency, +) from slither.core.declarations.solidity_variables import SolidityVariableComposed if len(sys.argv) != 2: - print('Usage: python data_dependency.py file.sol') + print("Usage: python data_dependency.py file.sol") exit(-1) slither = Slither(sys.argv[1]) -contract = slither.get_contract_from_name('Simple') +contract = slither.get_contract_from_name("Simple") -destination = contract.get_state_variable_from_name('destination') -source = contract.get_state_variable_from_name('source') +destination = contract.get_state_variable_from_name("destination") +source = contract.get_state_variable_from_name("source") -print('{} is dependent of {}: {}'.format(source, destination, is_dependent(source, destination, contract))) +print( + "{} is dependent of {}: {}".format( + source, destination, is_dependent(source, destination, contract) + ) +) assert not is_dependent(source, destination, contract) -print('{} is dependent of {}: {}'.format(destination, source, is_dependent(destination, source, contract))) +print( + "{} is dependent of {}: {}".format( + destination, source, is_dependent(destination, source, contract) + ) +) assert is_dependent(destination, source, contract) -print('{} is tainted {}'.format(source, is_tainted(source, contract))) +print("{} is tainted {}".format(source, is_tainted(source, contract))) assert not is_tainted(source, contract) -print('{} is tainted {}'.format(destination, is_tainted(destination, contract))) +print("{} is tainted {}".format(destination, is_tainted(destination, contract))) assert is_tainted(destination, contract) -contract = slither.get_contract_from_name('Reference') +contract = slither.get_contract_from_name("Reference") -destination = contract.get_state_variable_from_name('destination') -source = contract.get_state_variable_from_name('source') +destination = contract.get_state_variable_from_name("destination") +source = contract.get_state_variable_from_name("source") -print('Reference contract') -print('{} is dependent of {}: {}'.format(source, destination, is_dependent(source, destination, contract))) +print("Reference contract") +print( + "{} is dependent of {}: {}".format( + source, destination, is_dependent(source, destination, contract) + ) +) assert not is_dependent(source, destination, contract) -print('{} is dependent of {}: {}'.format(destination, source, is_dependent(destination, source, contract))) +print( + "{} is dependent of {}: {}".format( + destination, source, is_dependent(destination, source, contract) + ) +) assert is_dependent(destination, source, contract) -print('{} is tainted {}'.format(source, is_tainted(source, contract))) +print("{} is tainted {}".format(source, is_tainted(source, contract))) assert not is_tainted(source, contract) -print('{} is tainted {}'.format(destination, is_tainted(destination, contract))) +print("{} is tainted {}".format(destination, is_tainted(destination, contract))) assert is_tainted(destination, contract) -destination_indirect_1 = contract.get_state_variable_from_name('destination_indirect_1') -print('{} is tainted {}'.format(destination_indirect_1, is_tainted(destination_indirect_1, contract))) +destination_indirect_1 = contract.get_state_variable_from_name("destination_indirect_1") +print( + "{} is tainted {}".format(destination_indirect_1, is_tainted(destination_indirect_1, contract)) +) assert is_tainted(destination_indirect_1, contract) -destination_indirect_2 = contract.get_state_variable_from_name('destination_indirect_2') -print('{} is tainted {}'.format(destination_indirect_2, is_tainted(destination_indirect_2, contract))) +destination_indirect_2 = contract.get_state_variable_from_name("destination_indirect_2") +print( + "{} is tainted {}".format(destination_indirect_2, is_tainted(destination_indirect_2, contract)) +) assert is_tainted(destination_indirect_2, contract) -print('SolidityVar contract') +print("SolidityVar contract") -contract = slither.get_contract_from_name('SolidityVar') +contract = slither.get_contract_from_name("SolidityVar") -addr_1 = contract.get_state_variable_from_name('addr_1') -addr_2 = contract.get_state_variable_from_name('addr_2') -msgsender = SolidityVariableComposed('msg.sender') -print('{} is dependent of {}: {}'.format(addr_1, msgsender, is_dependent(addr_1, msgsender, contract))) +addr_1 = contract.get_state_variable_from_name("addr_1") +addr_2 = contract.get_state_variable_from_name("addr_2") +msgsender = SolidityVariableComposed("msg.sender") +print( + "{} is dependent of {}: {}".format(addr_1, msgsender, is_dependent(addr_1, msgsender, contract)) +) assert is_dependent(addr_1, msgsender, contract) -print('{} is dependent of {}: {}'.format(addr_2, msgsender, is_dependent(addr_2, msgsender, contract))) +print( + "{} is dependent of {}: {}".format(addr_2, msgsender, is_dependent(addr_2, msgsender, contract)) +) assert not is_dependent(addr_2, msgsender, contract) -print('Intermediate contract') -contract = slither.get_contract_from_name('Intermediate') -destination = contract.get_state_variable_from_name('destination') -source = contract.get_state_variable_from_name('source') +print("Intermediate contract") +contract = slither.get_contract_from_name("Intermediate") +destination = contract.get_state_variable_from_name("destination") +source = contract.get_state_variable_from_name("source") -print('{} is dependent of {}: {}'.format(destination, source, is_dependent(destination, source, contract))) +print( + "{} is dependent of {}: {}".format( + destination, source, is_dependent(destination, source, contract) + ) +) assert is_dependent(destination, source, contract) -print('Base Derived contract') -contract = slither.get_contract_from_name('Base') -contract_derived = slither.get_contract_from_name('Derived') -destination = contract.get_state_variable_from_name('destination') -source = contract.get_state_variable_from_name('source') - -print('{} is dependent of {}: {} (base)'.format(destination, source, is_dependent(destination, source, contract))) +print("Base Derived contract") +contract = slither.get_contract_from_name("Base") +contract_derived = slither.get_contract_from_name("Derived") +destination = contract.get_state_variable_from_name("destination") +source = contract.get_state_variable_from_name("source") + +print( + "{} is dependent of {}: {} (base)".format( + destination, source, is_dependent(destination, source, contract) + ) +) assert not is_dependent(destination, source, contract) -print('{} is dependent of {}: {} (derived)'.format(destination, source, is_dependent(destination, source, contract_derived))) +print( + "{} is dependent of {}: {} (derived)".format( + destination, source, is_dependent(destination, source, contract_derived) + ) +) assert is_dependent(destination, source, contract_derived) -print('PropagateThroughArguments contract') -contract = slither.get_contract_from_name('PropagateThroughArguments') -var_tainted = contract.get_state_variable_from_name('var_tainted') -var_not_tainted = contract.get_state_variable_from_name('var_not_tainted') -var_dependant = contract.get_state_variable_from_name('var_dependant') +print("PropagateThroughArguments contract") +contract = slither.get_contract_from_name("PropagateThroughArguments") +var_tainted = contract.get_state_variable_from_name("var_tainted") +var_not_tainted = contract.get_state_variable_from_name("var_not_tainted") +var_dependant = contract.get_state_variable_from_name("var_dependant") -f = contract.get_function_from_signature('f(uint256)') +f = contract.get_function_from_signature("f(uint256)") user_input = f.parameters[0] -f2 = contract.get_function_from_signature('f2(uint256,uint256)') +f2 = contract.get_function_from_signature("f2(uint256,uint256)") -print('{} is dependent of {}: {} (base)'.format(var_dependant, user_input, is_dependent(var_dependant, user_input, contract))) +print( + "{} is dependent of {}: {} (base)".format( + var_dependant, user_input, is_dependent(var_dependant, user_input, contract) + ) +) assert is_dependent(var_dependant, user_input, contract) -print('{} is tainted: {}'.format(var_tainted, is_tainted(var_tainted, contract))) +print("{} is tainted: {}".format(var_tainted, is_tainted(var_tainted, contract))) assert is_tainted(var_tainted, contract) -print('{} is tainted: {}'.format(var_not_tainted, is_tainted(var_not_tainted, contract))) +print("{} is tainted: {}".format(var_not_tainted, is_tainted(var_not_tainted, contract))) assert not is_tainted(var_not_tainted, contract) diff --git a/examples/scripts/export_dominator_tree_to_dot.py b/examples/scripts/export_dominator_tree_to_dot.py index de388d0de..f53592ca4 100644 --- a/examples/scripts/export_dominator_tree_to_dot.py +++ b/examples/scripts/export_dominator_tree_to_dot.py @@ -3,7 +3,7 @@ from slither.slither import Slither if len(sys.argv) != 2: - print('python export_dominator_tree_to_dot.py contract.sol') + print("python export_dominator_tree_to_dot.py contract.sol") exit(-1) # Init slither @@ -12,7 +12,5 @@ slither = Slither(sys.argv[1]) for contract in slither.contracts: for function in contract.functions + contract.modifiers: filename = "{}-{}-{}_dom.dot".format(sys.argv[1], contract.name, function.full_name) - print('Export {}'.format(filename)) + print("Export {}".format(filename)) function.dominator_tree_to_dot(filename) - - diff --git a/examples/scripts/export_to_dot.py b/examples/scripts/export_to_dot.py index 628747515..a2ee35333 100644 --- a/examples/scripts/export_to_dot.py +++ b/examples/scripts/export_to_dot.py @@ -3,7 +3,7 @@ from slither.slither import Slither if len(sys.argv) != 2: - print('python function_called.py contract.sol') + print("python function_called.py contract.sol") exit(-1) # Init slither @@ -12,7 +12,5 @@ slither = Slither(sys.argv[1]) for contract in slither.contracts: for function in contract.functions + contract.modifiers: filename = "{}-{}-{}.dot".format(sys.argv[1], contract.name, function.full_name) - print('Export {}'.format(filename)) + print("Export {}".format(filename)) function.slithir_cfg_to_dot(filename) - - diff --git a/examples/scripts/functions_called.py b/examples/scripts/functions_called.py index 4324ac902..6bec75105 100644 --- a/examples/scripts/functions_called.py +++ b/examples/scripts/functions_called.py @@ -2,21 +2,21 @@ import sys from slither.slither import Slither if len(sys.argv) != 2: - print('python functions_called.py functions_called.sol') + print("python functions_called.py functions_called.sol") exit(-1) # Init slither slither = Slither(sys.argv[1]) # Get the contract -contract = slither.get_contract_from_name('Contract') +contract = slither.get_contract_from_name("Contract") # Get the variable -entry_point = contract.get_function_from_signature('entry_point()') +entry_point = contract.get_function_from_signature("entry_point()") all_calls = entry_point.all_internal_calls() all_calls_formated = [f.canonical_name for f in all_calls] # Print the result -print('From entry_point the functions reached are {}'.format(all_calls_formated)) +print("From entry_point the functions reached are {}".format(all_calls_formated)) diff --git a/examples/scripts/functions_writing.py b/examples/scripts/functions_writing.py index 4609e9f6c..5a9253811 100644 --- a/examples/scripts/functions_writing.py +++ b/examples/scripts/functions_writing.py @@ -2,17 +2,17 @@ import sys from slither.slither import Slither if len(sys.argv) != 2: - print('python function_writing.py functions_writing.sol') + print("python function_writing.py functions_writing.sol") exit(-1) # Init slither slither = Slither(sys.argv[1]) # Get the contract -contract = slither.get_contract_from_name('Contract') +contract = slither.get_contract_from_name("Contract") # Get the variable -var_a = contract.get_state_variable_from_name('a') +var_a = contract.get_state_variable_from_name("a") # Get the functions writing the variable functions_writing_a = contract.get_functions_writing_to_variable(var_a) diff --git a/examples/scripts/possible_paths.py b/examples/scripts/possible_paths.py index 87806520f..c20ec0b1e 100644 --- a/examples/scripts/possible_paths.py +++ b/examples/scripts/possible_paths.py @@ -18,7 +18,9 @@ def resolve_function(contract_name, function_name): raise ValueError(f"Could not resolve target contract: {contract_name}") # Obtain the target function - target_function = next((function for function in contract.functions if function.name == function_name), None) + target_function = next( + (function for function in contract.functions if function.name == function_name), None + ) # Verify we have resolved the function specified. if target_function is None: @@ -46,17 +48,23 @@ def resolve_functions(functions): for item in functions: if isinstance(item, str): # If the item is a single string, we assume it is of form 'ContractName.FunctionName'. - parts = item.split('.') + parts = item.split(".") if len(parts) < 2: - raise ValueError("Provided string descriptor must be of form 'ContractName.FunctionName'") + raise ValueError( + "Provided string descriptor must be of form 'ContractName.FunctionName'" + ) resolved.append(resolve_function(parts[0], parts[1])) elif isinstance(item, tuple): # If the item is a tuple, it should be a 2-tuple providing contract and function names. if len(item) != 2: - raise ValueError("Provided tuple descriptor must provide a contract and function name.") + raise ValueError( + "Provided tuple descriptor must provide a contract and function name." + ) resolved.append(resolve_function(item[0], item[1])) else: - raise ValueError(f"Unexpected function descriptor type to resolve in list: {type(item)}") + raise ValueError( + f"Unexpected function descriptor type to resolve in list: {type(item)}" + ) # Return the resolved list. return resolved @@ -68,9 +76,12 @@ def all_function_definitions(function): :param function: The function to obtain all definitions at and beneath. :return: Returns a list composed of the provided function definition and any base definitions. """ - return [function] + [f for c in function.contract.inheritance - for f in c.functions_and_modifiers_declared - if f.full_name == function.full_name] + return [function] + [ + f + for c in function.contract.inheritance + for f in c.functions_and_modifiers_declared + if f.full_name == function.full_name + ] def __find_target_paths(target_function, current_path=[]): @@ -104,7 +115,7 @@ def __find_target_paths(target_function, current_path=[]): results = results.union(path_results) # If this path is external accessible from this point, we add the current path to the list. - if target_function.visibility in ['public', 'external'] and len(current_path) > 1: + if target_function.visibility in ["public", "external"] and len(current_path) > 1: results.add(tuple(current_path)) return results @@ -131,18 +142,23 @@ def parse_args(): Parse the underlying arguments for the program. :return: Returns the arguments for the program. """ - parser = argparse.ArgumentParser(description='PossiblePaths', - usage='possible_paths.py [--is-truffle] filename [contract.function targets]') + parser = argparse.ArgumentParser( + description="PossiblePaths", + usage="possible_paths.py [--is-truffle] filename [contract.function targets]", + ) - parser.add_argument('--is-truffle', - help='Indicates the filename refers to a truffle directory path.', - action='store_true', - default=False) + parser.add_argument( + "--is-truffle", + help="Indicates the filename refers to a truffle directory path.", + action="store_true", + default=False, + ) - parser.add_argument('filename', - help='The filename of the contract or truffle directory to analyze.') + parser.add_argument( + "filename", help="The filename of the contract or truffle directory to analyze." + ) - parser.add_argument('targets', nargs='+') + parser.add_argument("targets", nargs="+") return parser.parse_args() @@ -184,7 +200,9 @@ for function_desc in sorted([f"{f.canonical_name}" for f in reaching_functions]) print("\n") # Format all function paths. -reaching_paths_str = [' -> '.join([f"{f.canonical_name}" for f in reaching_path]) for reaching_path in reaching_paths] +reaching_paths_str = [ + " -> ".join([f"{f.canonical_name}" for f in reaching_path]) for reaching_path in reaching_paths +] # Print a sorted list of all function paths which can reach the targets. print(f"The following paths reach the specified targets:") diff --git a/examples/scripts/slithIR.py b/examples/scripts/slithIR.py index 2b65e3122..6d74833c5 100644 --- a/examples/scripts/slithIR.py +++ b/examples/scripts/slithIR.py @@ -2,7 +2,7 @@ import sys from slither import Slither if len(sys.argv) != 2: - print('python slithIR.py contract.sol') + print("python slithIR.py contract.sol") exit(-1) # Init slither @@ -17,7 +17,7 @@ for contract in slither.contracts: # Dont explore inherited functions if function.contract_declarer == contract: - print('Function: {}'.format(function.name)) + print("Function: {}".format(function.name)) # Iterate over the nodes of the function for node in function.nodes: @@ -26,7 +26,7 @@ for contract in slither.contracts: # And the SlithIR operations if node.expression: - print('\tSolidity expression: {}'.format(node.expression)) - print('\tSlithIR:') + print("\tSolidity expression: {}".format(node.expression)) + print("\tSlithIR:") for ir in node.irs: - print('\t\t\t{}'.format(ir)) + print("\t\t\t{}".format(ir)) diff --git a/examples/scripts/taint_mapping.py b/examples/scripts/taint_mapping.py index db88b0d91..922d739c8 100644 --- a/examples/scripts/taint_mapping.py +++ b/examples/scripts/taint_mapping.py @@ -1,7 +1,6 @@ import sys -from slither.core.declarations.solidity_variables import \ - SolidityVariableComposed +from slither.core.declarations.solidity_variables import SolidityVariableComposed from slither.core.variables.state_variable import StateVariable from slither.slither import Slither from slither.slithir.operations.high_level_call import HighLevelCall @@ -27,17 +26,17 @@ def visit_node(node, visited): else: read = ir.read print(ir) - print('Refs {}'.format(refs)) - print('Read {}'.format([str(x) for x in ir.read])) - print('Before {}'.format([str(x) for x in taints])) + print("Refs {}".format(refs)) + print("Read {}".format([str(x) for x in ir.read])) + print("Before {}".format([str(x) for x in taints])) if any(var_read in taints for var_read in read): taints += [ir.lvalue] lvalue = ir.lvalue - while isinstance(lvalue, ReferenceVariable): + while isinstance(lvalue, ReferenceVariable): taints += [refs[lvalue]] lvalue = refs[lvalue] - print('After {}'.format([str(x) for x in taints])) + print("After {}".format([str(x) for x in taints])) print() taints = [v for v in taints if not isinstance(v, (TemporaryVariable, ReferenceVariable))] @@ -47,38 +46,44 @@ def visit_node(node, visited): for son in node.sons: visit_node(son, visited) + def check_call(func, taints): for node in func.nodes: for ir in node.irs: if isinstance(ir, HighLevelCall): if ir.destination in taints: - print('Call to tainted address found in {}'.format(function.name)) + print("Call to tainted address found in {}".format(function.name)) + if __name__ == "__main__": if len(sys.argv) != 2: - print('python taint_mapping.py taint.sol') + print("python taint_mapping.py taint.sol") exit(-1) # Init slither slither = Slither(sys.argv[1]) - initial_taint = [SolidityVariableComposed('msg.sender')] - initial_taint += [SolidityVariableComposed('msg.value')] + initial_taint = [SolidityVariableComposed("msg.sender")] + initial_taint += [SolidityVariableComposed("msg.value")] - KEY = 'TAINT' + KEY = "TAINT" prev_taints = [] slither.context[KEY] = initial_taint - while(set(prev_taints) != set(slither.context[KEY])): + while set(prev_taints) != set(slither.context[KEY]): prev_taints = slither.context[KEY] for contract in slither.contracts: for function in contract.functions: - print('Function {}'.format(function.name)) + print("Function {}".format(function.name)) slither.context[KEY] = list(set(slither.context[KEY] + function.parameters)) visit_node(function.entry_point, []) - print('All variables tainted : {}'.format([str(v) for v in slither.context[KEY]])) + print("All variables tainted : {}".format([str(v) for v in slither.context[KEY]])) - print('All state variables tainted : {}'.format([str(v) for v in prev_taints if isinstance(v, StateVariable)])) + print( + "All state variables tainted : {}".format( + [str(v) for v in prev_taints if isinstance(v, StateVariable)] + ) + ) for function in contract.functions: check_call(function, slither.context[KEY]) diff --git a/examples/scripts/variable_in_condition.py b/examples/scripts/variable_in_condition.py index d931a744b..5bf022ed8 100644 --- a/examples/scripts/variable_in_condition.py +++ b/examples/scripts/variable_in_condition.py @@ -2,24 +2,30 @@ import sys from slither.slither import Slither if len(sys.argv) != 2: - print('python variable_in_condition.py variable_in_condition.sol') + print("python variable_in_condition.py variable_in_condition.sol") exit(-1) # Init slither slither = Slither(sys.argv[1]) # Get the contract -contract = slither.get_contract_from_name('Contract') +contract = slither.get_contract_from_name("Contract") # Get the variable -var_a = contract.get_state_variable_from_name('a') +var_a = contract.get_state_variable_from_name("a") # Get the functions reading the variable functions_reading_a = contract.get_functions_reading_from_variable(var_a) -function_using_a_as_condition = [f for f in functions_reading_a if\ - f.is_reading_in_conditional_node(var_a) or\ - f.is_reading_in_require_or_assert(var_a)] +function_using_a_as_condition = [ + f + for f in functions_reading_a + if f.is_reading_in_conditional_node(var_a) or f.is_reading_in_require_or_assert(var_a) +] # Print the result -print('The function using "a" in condition are {}'.format([f.name for f in function_using_a_as_condition])) +print( + 'The function using "a" in condition are {}'.format( + [f.name for f in function_using_a_as_condition] + ) +) diff --git a/plugin_example/setup.py b/plugin_example/setup.py index 2890e224f..36e274128 100644 --- a/plugin_example/setup.py +++ b/plugin_example/setup.py @@ -1,17 +1,13 @@ from setuptools import setup, find_packages setup( - name='slither-my-plugins', - description='This is an example of detectors and printers to Slither.', - url='https://github.com/trailofbits/slither-plugins', - author='Trail of Bits', - version='0.0', + name="slither-my-plugins", + description="This is an example of detectors and printers to Slither.", + url="https://github.com/trailofbits/slither-plugins", + author="Trail of Bits", + version="0.0", packages=find_packages(), - python_requires='>=3.6', - install_requires=[ - 'slither-analyzer==0.1' - ], - entry_points={ - 'slither_analyzer.plugin': 'slither my-plugin=slither_my_plugin:make_plugin', - } + python_requires=">=3.6", + install_requires=["slither-analyzer==0.1"], + entry_points={"slither_analyzer.plugin": "slither my-plugin=slither_my_plugin:make_plugin",}, ) diff --git a/plugin_example/slither_my_plugin/detectors/example.py b/plugin_example/slither_my_plugin/detectors/example.py index 5d5a8811e..9c92d8a17 100644 --- a/plugin_example/slither_my_plugin/detectors/example.py +++ b/plugin_example/slither_my_plugin/detectors/example.py @@ -1,4 +1,3 @@ - from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification @@ -7,21 +6,21 @@ class Example(AbstractDetector): Documentation """ - ARGUMENT = 'mydetector' # slither will launch the detector with slither.py --mydetector - HELP = 'Help printed by slither' + ARGUMENT = "mydetector" # slither will launch the detector with slither.py --mydetector + HELP = "Help printed by slither" IMPACT = DetectorClassification.HIGH CONFIDENCE = DetectorClassification.HIGH - WIKI = '' + WIKI = "" - WIKI_TITLE = '' - WIKI_DESCRIPTION = '' - WIKI_EXPLOIT_SCENARIO = '' - WIKI_RECOMMENDATION = '' + WIKI_TITLE = "" + WIKI_DESCRIPTION = "" + WIKI_EXPLOIT_SCENARIO = "" + WIKI_RECOMMENDATION = "" def _detect(self): - info = 'This is an example!' + info = "This is an example!" json = self.generate_result(info) diff --git a/scripts/json_diff.py b/scripts/json_diff.py index 532f22c4c..9b1844906 100644 --- a/scripts/json_diff.py +++ b/scripts/json_diff.py @@ -1,27 +1,26 @@ import sys import json -from deepdiff import DeepDiff # pip install deepdiff +from deepdiff import DeepDiff # pip install deepdiff from pprint import pprint -if len(sys.argv) !=3: - print('Usage: python json_diff.py 1.json 2.json') +if len(sys.argv) != 3: + print("Usage: python json_diff.py 1.json 2.json") exit(-1) -with open(sys.argv[1], encoding='utf8') as f: +with open(sys.argv[1], encoding="utf8") as f: d1 = json.load(f) -with open(sys.argv[2], encoding='utf8') as f: +with open(sys.argv[2], encoding="utf8") as f: d2 = json.load(f) # Remove description field to allow non deterministic print for elem in d1: - if 'description' in elem: - del elem['description'] + if "description" in elem: + del elem["description"] for elem in d2: - if 'description' in elem: - del elem['description'] - + if "description" in elem: + del elem["description"] pprint(DeepDiff(d1, d2, ignore_order=True, verbose_level=2)) diff --git a/setup.py b/setup.py index 5e0748e60..4db959462 100644 --- a/setup.py +++ b/setup.py @@ -1,31 +1,29 @@ from setuptools import setup, find_packages setup( - name='slither-analyzer', - description='Slither is a Solidity static analysis framework written in Python 3.', - url='https://github.com/crytic/slither', - author='Trail of Bits', - version='0.6.12', + name="slither-analyzer", + description="Slither is a Solidity static analysis framework written in Python 3.", + url="https://github.com/crytic/slither", + author="Trail of Bits", + version="0.6.12", packages=find_packages(), - python_requires='>=3.6', - install_requires=['prettytable>=0.7.2', - 'pysha3>=1.0.2', - 'crytic-compile>=0.1.8'], -# 'crytic-compile'], - # dependency_links=['git+https://github.com/crytic/crytic-compile.git@master#egg=crytic-compile'], - license='AGPL-3.0', - long_description=open('README.md').read(), + python_requires=">=3.6", + install_requires=["prettytable>=0.7.2", "pysha3>=1.0.2", "crytic-compile>=0.1.8"], + # 'crytic-compile'], + # dependency_links=['git+https://github.com/crytic/crytic-compile.git@master#egg=crytic-compile'], + license="AGPL-3.0", + long_description=open("README.md").read(), entry_points={ - 'console_scripts': [ - 'slither = slither.__main__:main', - 'slither-check-upgradeability = slither.tools.upgradeability.__main__:main', - 'slither-find-paths = slither.tools.possible_paths.__main__:main', - 'slither-simil = slither.tools.similarity.__main__:main', - 'slither-flat = slither.tools.flattening.__main__:main', - 'slither-format = slither.tools.slither_format.__main__:main', - 'slither-check-erc = slither.tools.erc_conformance.__main__:main', - 'slither-check-kspec = slither.tools.kspec_coverage.__main__:main', - 'slither-prop = slither.tools.properties.__main__:main' + "console_scripts": [ + "slither = slither.__main__:main", + "slither-check-upgradeability = slither.tools.upgradeability.__main__:main", + "slither-find-paths = slither.tools.possible_paths.__main__:main", + "slither-simil = slither.tools.similarity.__main__:main", + "slither-flat = slither.tools.flattening.__main__:main", + "slither-format = slither.tools.slither_format.__main__:main", + "slither-check-erc = slither.tools.erc_conformance.__main__:main", + "slither-check-kspec = slither.tools.kspec_coverage.__main__:main", + "slither-prop = slither.tools.properties.__main__:main", ] - } + }, )