TheDude
/
slither
mirror of https://github.com/crytic/slither
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1725 from crytic/unitialized-storage-fix

Browse Source 
Uninitialized storage fix
pull/1739/head
Feist Josselin 2 years ago committed by GitHub
parent 61b7feb61a e26a520766
commit 65f1312703
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 115 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      slither/detectors/variables/uninitialized_storage_variables.py
  2. 17
      tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol
  3. 90
      tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol.0.8.19.UninitializedStorageVars.json
  4. 5
      tests/test_detectors.py

4
slither/detectors/variables/uninitialized_storage_variables.py
Unescape View File

@ -103,9 +103,11 @@ Bob calls `func`. As a result, `owner` is overridden to `0`.
for contract in self.compilation_unit.contracts:
for function in contract.functions:
if function.is_implemented and function.entry_point:
locals_except_params = set(function.variables) - set(function.parameters)
uninitialized_storage_variables = [
v for v in function.local_variables if v.is_storage and v.uninitialized
v for v in locals_except_params if v.is_storage and v.uninitialized
]
function.entry_point.context[self.key] = uninitialized_storage_variables
self._detect_uninitialized(function, function.entry_point, [])

17
tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol
Unescape View File

@ -0,0 +1,17 @@
contract Uninitialized{
struct St{
uint a;
}
function bad() internal returns (St storage ret){
ret = ret;
ret.a += 1;
}
function ok(St storage ret) internal {
ret = ret;
ret.a += 1;
}
}

90
tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol.0.8.19.UninitializedStorageVars.json
Unescape View File

@ -0,0 +1,90 @@
[
[
{
"elements": [
{
"type": "variable",
"name": "ret",
"source_mapping": {
"start": 100,
"length": 14,
"filename_relative": "tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol",
"is_dependency": false,
"lines": [
7
],
"starting_column": 38,
"ending_column": 52
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad",
"source_mapping": {
"start": 67,
"length": 95,
"filename_relative": "tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol",
"is_dependency": false,
"lines": [
7,
8,
9,
10
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "Uninitialized",
"source_mapping": {
"start": 0,
"length": 262,
"filename_relative": "tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol",
"is_dependency": false,
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
}
}
}
}
],
"description": "Uninitialized.bad().ret (tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol#7) is a storage variable never initialized\n",
"markdown": "[Uninitialized.bad().ret](tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol#L7) is a storage variable never initialized\n",
"first_markdown_element": "tests/detectors/uninitialized-storage/0.8.19/uninitialized_storage_pointer.sol#L7",
"id": "979d28e501693ed7ece0d429e7c30266f8e9d6a2e2eedc87006c4bad63e78706",
"check": "uninitialized-storage",
"impact": "High",
"confidence": "High"
}
]
]

5
tests/test_detectors.py
Unescape View File

@ -371,6 +371,11 @@ ALL_TEST_OBJECTS = [
"uninitialized_storage_pointer.sol",
"0.4.25",
),
Test(
all_detectors.UninitializedStorageVars,
"uninitialized_storage_pointer.sol",
"0.8.19",
),
Test(all_detectors.TxOrigin, "tx_origin.sol", "0.4.25"),
Test(all_detectors.TxOrigin, "tx_origin.sol", "0.5.16"),
Test(all_detectors.TxOrigin, "tx_origin.sol", "0.6.11"),

Write Preview
Loading…
Cancel
Save