Merge pull request #1911 from crytic/dev-uninitialized-local-for

uninitialized-local don't report variable in loop header

slither/detectors/variables/uninitialized_local_variables.py

@@ -6,7 +6,7 @@
 """
 from typing import List
 
-from slither.core.cfg.node import Node
+from slither.core.cfg.node import Node, NodeType
 from slither.core.declarations.function_contract import FunctionContract
 from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
 from slither.utils.output import Output
@@ -64,6 +64,15 @@ Bob calls `transfer`. As a result, all Ether is sent to the address `0x0` and is
 
         self.visited_all_paths[node] = list(set(self.visited_all_paths[node] + fathers_context))
 
+        # Remove a local variable declared in a for loop header
+        if (
+            node.type == NodeType.VARIABLE
+            and len(node.sons) == 1  # Should always be true for a node that has a STARTLOOP son
+            and node.sons[0].type == NodeType.STARTLOOP
+        ):
+            if node.variable_declaration in fathers_context:
+                fathers_context.remove(node.variable_declaration)
+
         if self.key in node.context:
             fathers_context += node.context[self.key]
 

tests/e2e/detectors/test_data/uninitialized-local/0.4.25/uninitialized_local_variable.sol

@@ -6,4 +6,15 @@ contract Uninitialized{
         return uint_not_init + uint_init;
     }    
 
+    function noreportfor() public {
+        for(uint i; i < 6; i++) { 
+            uint a = i;
+        }
+
+        for(uint j = 0; j < 6; j++) { 
+            uint b = j;
+        }
+
+    }
+
 }

tests/e2e/detectors/test_data/uninitialized-local/0.5.16/uninitialized_local_variable.sol

@@ -6,4 +6,15 @@ contract Uninitialized{
         return uint_not_init + uint_init;
     }    
 
+    function noreportfor() public {
+        for(uint i; i < 6; i++) { 
+            uint a = i;
+        }
+
+        for(uint j = 0; j < 6; j++) { 
+            uint b = j;
+        }
+
+    }
+
 }

tests/e2e/detectors/test_data/uninitialized-local/0.6.11/uninitialized_local_variable.sol

@@ -6,4 +6,15 @@ contract Uninitialized{
         return uint_not_init + uint_init;
     }    
 
+    function noreportfor() public {
+        for(uint i; i < 6; i++) { 
+            uint a = i;
+        }
+
+        for(uint j = 0; j < 6; j++) { 
+            uint b = j;
+        }
+
+    }
+
 }

tests/e2e/detectors/test_data/uninitialized-local/0.7.6/uninitialized_local_variable.sol

@@ -6,4 +6,15 @@ contract Uninitialized{
         return uint_not_init + uint_init;
     }    
 
+    function noreportfor() public {
+        for(uint i; i < 6; i++) { 
+            uint a = i;
+        }
+
+        for(uint j = 0; j < 6; j++) { 
+            uint b = j;
+        }
+
+    }
+
 }