fix: detect selfdestruct in internal calls (#2232)

* fix: detect selfdestruct in internal calls

* update snapshot
pull/2285/head
alpharush 10 months ago committed by GitHub
parent 28a921ec5d
commit 4454b3e34a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
  1. 2
      slither/detectors/functions/suicidal.py
  2. 2
      tests/e2e/detectors/snapshots/detectors__detector_Suicidal_0_7_6_suicidal_sol__0.txt
  3. 8
      tests/e2e/detectors/test_data/suicidal/0.7.6/suicidal.sol
  4. BIN
      tests/e2e/detectors/test_data/suicidal/0.7.6/suicidal.sol-0.7.6.zip

@ -59,7 +59,7 @@ Bob calls `kill` and destructs the contract."""
if func.visibility not in ["public", "external"]: if func.visibility not in ["public", "external"]:
return False return False
calls = [c.name for c in func.internal_calls] calls = [c.name for c in func.all_internal_calls()]
if not ("suicide(address)" in calls or "selfdestruct(address)" in calls): if not ("suicide(address)" in calls or "selfdestruct(address)" in calls):
return False return False

@ -1,2 +1,4 @@
C.i_am_a_backdoor2(address) (tests/e2e/detectors/test_data/suicidal/0.7.6/suicidal.sol#8-10) allows anyone to destruct the contract
C.i_am_a_backdoor() (tests/e2e/detectors/test_data/suicidal/0.7.6/suicidal.sol#4-6) allows anyone to destruct the contract C.i_am_a_backdoor() (tests/e2e/detectors/test_data/suicidal/0.7.6/suicidal.sol#4-6) allows anyone to destruct the contract

@ -5,4 +5,12 @@ contract C{
selfdestruct(msg.sender); selfdestruct(msg.sender);
} }
function i_am_a_backdoor2(address payable to) public{
internal_selfdestruct(to);
}
function internal_selfdestruct(address payable to) internal {
selfdestruct(to);
}
} }

Loading…
Cancel
Save