TheDude
/
slither
mirror of https://github.com/crytic/slither
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #199 from crytic/dev-crytic-compile

Browse Source 
[WIP] use crytic-compile
pull/208/head
Feist Josselin 6 years ago committed by GitHub
parent 36707efe91 0f7b75cea9
commit 747b2a090c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
62 changed files with 387 additions and 324 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 3
      .travis.yml
  2. 65
      README.md
  3. 5
      scripts/fix_travis_relative_paths.sh
  4. 3
      scripts/tests_generate_expected_json_4.sh
  5. 32
      scripts/tests_generate_expected_json_5.sh
  6. 3
      scripts/travis_install.sh
  7. 7
      scripts/travis_test_4.sh
  8. 4
      scripts/travis_test_5.sh
  9. 23
      scripts/travis_test_dapp.sh
  10. 23
      scripts/travis_test_etherlime.sh
  11. 26
      scripts/travis_test_etherscan.sh
  12. 2
      setup.py
  13. 103
      slither/__main__.py
  14. 15
      slither/core/slither_core.py
  15. 49
      slither/core/source_mapping/source_mapping.py
  16. 1
      slither/detectors/all_detectors.py
  17. 4
      slither/detectors/attributes/const_functions.py
  18. 0
      slither/detectors/source/__init__.py
  19. 63
      slither/detectors/source/rtlo.py
  20. 184
      slither/slither.py
  21. 2
      tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.json
  22. 2
      tests/expected_json/arbitrary_send.arbitrary-send.json
  23. 2
      tests/expected_json/backdoor.backdoor.json
  24. 2
      tests/expected_json/backdoor.suicidal.json
  25. 2
      tests/expected_json/const_state_variables.constable-states.json
  26. 2
      tests/expected_json/constant-0.5.1.constant-function.json
  27. 2
      tests/expected_json/constant.constant-function.json
  28. 2
      tests/expected_json/controlled_delegatecall.controlled-delegatecall.json
  29. 2
      tests/expected_json/deprecated_calls.deprecated-standards.json
  30. 2
      tests/expected_json/erc20_indexed.erc20-indexed.json
  31. 2
      tests/expected_json/external_function.external-function.json
  32. 2
      tests/expected_json/incorrect_equality.incorrect-equality.json
  33. 2
      tests/expected_json/incorrect_erc20_interface.erc20-interface.json
  34. 2
      tests/expected_json/inline_assembly_contract-0.5.1.assembly.json
  35. 2
      tests/expected_json/inline_assembly_contract.assembly.json
  36. 2
      tests/expected_json/inline_assembly_library-0.5.1.assembly.json
  37. 2
      tests/expected_json/inline_assembly_library.assembly.json
  38. 2
      tests/expected_json/locked_ether-0.5.1.locked-ether.json
  39. 2
      tests/expected_json/locked_ether.locked-ether.json
  40. 2
      tests/expected_json/low_level_calls.low-level-calls.json
  41. 2
      tests/expected_json/multiple_calls_in_loop.calls-loop.json
  42. 2
      tests/expected_json/naming_convention.naming-convention.json
  43. 2
      tests/expected_json/old_solc.sol.json.solc-version.json
  44. 2
      tests/expected_json/pragma.0.4.24.pragma.json
  45. 2
      tests/expected_json/reentrancy-0.5.1.reentrancy-eth.json
  46. 2
      tests/expected_json/reentrancy.reentrancy-eth.json
  47. 1
      tests/expected_json/right_to_left_override.rtlo.json
  48. 2
      tests/expected_json/shadowing_abstract.shadowing-abstract.json
  49. 2
      tests/expected_json/shadowing_builtin_symbols.shadowing-builtin.json
  50. 2
      tests/expected_json/shadowing_local_variable.shadowing-local.json
  51. 2
      tests/expected_json/shadowing_state_variable.shadowing-state.json
  52. 2
      tests/expected_json/solc_version_incorrect.solc-version.json
  53. 2
      tests/expected_json/timestamp.timestamp.json
  54. 2
      tests/expected_json/tx_origin-0.5.1.tx-origin.json
  55. 2
      tests/expected_json/tx_origin.tx-origin.json
  56. 2
      tests/expected_json/uninitialized-0.5.1.uninitialized-state.json
  57. 2
      tests/expected_json/uninitialized.uninitialized-state.json
  58. 2
      tests/expected_json/uninitialized_local_variable.uninitialized-local.json
  59. 2
      tests/expected_json/uninitialized_storage_pointer.uninitialized-storage.json
  60. 2
      tests/expected_json/unused_return.unused-return.json
  61. 2
      tests/expected_json/unused_state.unused-state.json
  62. 15
      tests/right_to_left_override.sol

3
.travis.yml
Unescape View File

@ -12,6 +12,9 @@ env:
- TEST_SUITE=scripts/travis_test_find_paths.sh
- TEST_SUITE=scripts/travis_test_truffle.sh
- TEST_SUITE=scripts/travis_test_embark.sh
- TEST_SUITE=scripts/travis_test_etherscan.sh
- TEST_SUITE=scripts/travis_test_dapp.sh
- TEST_SUITE=scripts/travis_test_etherlime.sh
branches:
only:
- master

65
README.md
Unescape View File

@ -21,7 +21,7 @@ Slither is a Solidity static analysis framework written in Python 3. It runs a s
## Usage
Run Slither on a Truffle application:
Run Slither on a Truffle/Embark/Etherlime application:
```
slither .
```
@ -39,37 +39,38 @@ By default, all the detectors are run.
Num | Detector | What it Detects | Impact | Confidence
--- | --- | --- | --- | ---
1 | `shadowing-state` | [State variables shadowing](https://github.com/crytic/slither/wiki/Detector-Documentation#state-variable-shadowing) | High | High
2 | `suicidal` | [Functions allowing anyone to destruct the contract](https://github.com/crytic/slither/wiki/Detector-Documentation#suicidal) | High | High
3 | `uninitialized-state` | [Uninitialized state variables](https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-state-variables) | High | High
4 | `uninitialized-storage` | [Uninitialized storage variables](https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-storage-variables) | High | High
5 | `arbitrary-send` | [Functions that send ether to arbitrary destinations](https://github.com/crytic/slither/wiki/Detector-Documentation#functions-that-send-ether-to-arbitrary-destinations) | High | Medium
6 | `controlled-delegatecall` | [Controlled delegatecall destination](https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall) | High | Medium
7 | `reentrancy-eth` | [Reentrancy vulnerabilities (theft of ethers)](https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities) | High | Medium
8 | `erc20-interface` | [Incorrect ERC20 interfaces](https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc20-interface) | Medium | High
9 | `incorrect-equality` | [Dangerous strict equalities](https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities) | Medium | High
10 | `locked-ether` | [Contracts that lock ether](https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether) | Medium | High
11 | `shadowing-abstract` | [State variables shadowing from abstract contracts](https://github.com/crytic/slither/wiki/Detector-Documentation#state-variable-shadowing-from-abstract-contracts) | Medium | High
12 | `constant-function` | [Constant functions changing the state](https://github.com/crytic/slither/wiki/Detector-Documentation#constant-functions-changing-the-state) | Medium | Medium
13 | `reentrancy-no-eth` | [Reentrancy vulnerabilities (no theft of ethers)](https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1) | Medium | Medium
14 | `tx-origin` | [Dangerous usage of `tx.origin`](https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-usage-of-txorigin) | Medium | Medium
15 | `uninitialized-local` | [Uninitialized local variables](https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables) | Medium | Medium
16 | `unused-return` | [Unused return values](https://github.com/crytic/slither/wiki/Detector-Documentation#unused-return) | Medium | Medium
17 | `shadowing-builtin` | [Built-in symbol shadowing](https://github.com/crytic/slither/wiki/Detector-Documentation#builtin-symbol-shadowing) | Low | High
18 | `shadowing-local` | [Local variables shadowing](https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing) | Low | High
19 | `calls-loop` | [Multiple calls in a loop](https://github.com/crytic/slither/wiki/Detector-Documentation/_edit#calls-inside-a-loop) | Low | Medium
20 | `reentrancy-benign` | [Benign reentrancy vulnerabilities](https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-2) | Low | Medium
21 | `timestamp` | [Dangerous usage of `block.timestamp`](https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp) | Low | Medium
22 | `assembly` | [Assembly usage](https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage) | Informational | High
23 | `constable-states` | [State variables that could be declared constant](https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-constant) | Informational | High
24 | `deprecated-standards` | [Deprecated Solidity Standards](https://github.com/crytic/slither/wiki/Detector-Documentation#deprecated-standards) | Informational | High
25 | `erc20-indexed` | [Un-indexed ERC20 event parameters](https://github.com/crytic/slither/wiki/Detector-Documentation#unindexed-erc20-event-parameters) | Informational | High
26 | `external-function` | [Public function that could be declared as external](https://github.com/crytic/slither/wiki/Detector-Documentation#public-function-that-could-be-declared-as-external) | Informational | High
27 | `low-level-calls` | [Low level calls](https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls) | Informational | High
28 | `naming-convention` | [Conformance to Solidity naming conventions](https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions) | Informational | High
29 | `pragma` | [If different pragma directives are used](https://github.com/crytic/slither/wiki/Detector-Documentation#different-pragma-directives-are-used) | Informational | High
30 | `solc-version` | [Incorrect Solidity version (< 0.4.24 or complex pragma)](https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-version-of-solidity) | Informational | High
31 | `unused-state` | [Unused state variables](https://github.com/crytic/slither/wiki/Detector-Documentation#unused-state-variables) | Informational | High
1 | `rtlo` | [Right-To-Left-Override control character is used](https://github.com/crytic/slither/wiki/Detector-Documentation#right-to-left-override-character) | High | High
2 | `shadowing-state` | [State variables shadowing](https://github.com/crytic/slither/wiki/Detector-Documentation#state-variable-shadowing) | High | High
3 | `suicidal` | [Functions allowing anyone to destruct the contract](https://github.com/crytic/slither/wiki/Detector-Documentation#suicidal) | High | High
4 | `uninitialized-state` | [Uninitialized state variables](https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-state-variables) | High | High
5 | `uninitialized-storage` | [Uninitialized storage variables](https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-storage-variables) | High | High
6 | `arbitrary-send` | [Functions that send ether to arbitrary destinations](https://github.com/crytic/slither/wiki/Detector-Documentation#functions-that-send-ether-to-arbitrary-destinations) | High | Medium
7 | `controlled-delegatecall` | [Controlled delegatecall destination](https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall) | High | Medium
8 | `reentrancy-eth` | [Reentrancy vulnerabilities (theft of ethers)](https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities) | High | Medium
9 | `erc20-interface` | [Incorrect ERC20 interfaces](https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc20-interface) | Medium | High
10 | `incorrect-equality` | [Dangerous strict equalities](https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities) | Medium | High
11 | `locked-ether` | [Contracts that lock ether](https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether) | Medium | High
12 | `shadowing-abstract` | [State variables shadowing from abstract contracts](https://github.com/crytic/slither/wiki/Detector-Documentation#state-variable-shadowing-from-abstract-contracts) | Medium | High
13 | `constant-function` | [Constant functions changing the state](https://github.com/crytic/slither/wiki/Detector-Documentation#constant-functions-changing-the-state) | Medium | Medium
14 | `reentrancy-no-eth` | [Reentrancy vulnerabilities (no theft of ethers)](https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1) | Medium | Medium
15 | `tx-origin` | [Dangerous usage of `tx.origin`](https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-usage-of-txorigin) | Medium | Medium
16 | `uninitialized-local` | [Uninitialized local variables](https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables) | Medium | Medium
17 | `unused-return` | [Unused return values](https://github.com/crytic/slither/wiki/Detector-Documentation#unused-return) | Medium | Medium
18 | `shadowing-builtin` | [Built-in symbol shadowing](https://github.com/crytic/slither/wiki/Detector-Documentation#builtin-symbol-shadowing) | Low | High
19 | `shadowing-local` | [Local variables shadowing](https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing) | Low | High
20 | `calls-loop` | [Multiple calls in a loop](https://github.com/crytic/slither/wiki/Detector-Documentation/_edit#calls-inside-a-loop) | Low | Medium
21 | `reentrancy-benign` | [Benign reentrancy vulnerabilities](https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-2) | Low | Medium
22 | `timestamp` | [Dangerous usage of `block.timestamp`](https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp) | Low | Medium
23 | `assembly` | [Assembly usage](https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage) | Informational | High
24 | `constable-states` | [State variables that could be declared constant](https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-constant) | Informational | High
25 | `deprecated-standards` | [Deprecated Solidity Standards](https://github.com/crytic/slither/wiki/Detector-Documentation#deprecated-standards) | Informational | High
26 | `erc20-indexed` | [Un-indexed ERC20 event parameters](https://github.com/crytic/slither/wiki/Detector-Documentation#unindexed-erc20-event-parameters) | Informational | High
27 | `external-function` | [Public function that could be declared as external](https://github.com/crytic/slither/wiki/Detector-Documentation#public-function-that-could-be-declared-as-external) | Informational | High
28 | `low-level-calls` | [Low level calls](https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls) | Informational | High
29 | `naming-convention` | [Conformance to Solidity naming conventions](https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions) | Informational | High
30 | `pragma` | [If different pragma directives are used](https://github.com/crytic/slither/wiki/Detector-Documentation#different-pragma-directives-are-used) | Informational | High
31 | `solc-version` | [Incorrect Solidity version (< 0.4.24 or complex pragma)](https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-version-of-solidity) | Informational | High
32 | `unused-state` | [Unused state variables](https://github.com/crytic/slither/wiki/Detector-Documentation#unused-state-variables) | Informational | High
[Contact us](https://www.trailofbits.com/contact/) to get access to additional detectors.

5
scripts/fix_travis_relative_paths.sh
Unescape View File

@ -0,0 +1,5 @@
CURRENT_PATH=$(pwd)
TRAVIS_PATH='/home/travis/build/crytic/slither'
for f in tests/expected_json/*json; do
sed "s|$CURRENT_PATH|$TRAVIS_PATH|g" "$f" -i
done

3
scripts/tests_generate_expected_json_4.sh
Unescape View File

@ -10,7 +10,7 @@ generate_expected_json(){
output_filename="$(basename $1 .sol).$2.json"
# run slither detector on input file and save output as json
slither "$1" --disable-solc-warnings --detect "$2" --json "$DIR/../tests/expected_json/$output_filename" --solc solc-0.4.25
slither "$1" --solc-disable-warnings --detect "$2" --json "$DIR/../tests/expected_json/$output_filename" --solc solc-0.4.25
}
@ -47,3 +47,4 @@ generate_expected_json(){
#generate_expected_json tests/shadowing_builtin_symbols.sol "shadowing-builtin"
#generate_expected_json tests/shadowing_local_variable.sol "shadowing-local"
#generate_expected_json tests/solc_version_incorrect.sol "solc-version"
generate_expected_json tests/right_to_left_override.sol "rtlo"

32
scripts/tests_generate_expected_json_5.sh
Unescape View File

@ -10,22 +10,22 @@ generate_expected_json(){
output_filename="$(basename $1 .sol).$2.json"
# run slither detector on input file and save output as json
slither "$1" --disable-solc-warnings --detect "$2" --json "$DIR/../tests/expected_json/$output_filename" --solc solc-0.5.1
slither "$1" --solc-disable-warnings --detect "$2" --json "$DIR/../tests/expected_json/$output_filename" --solc solc-0.5.1
}
#generate_expected_json tests/uninitialized-0.5.1.sol "uninitialized-state"
#generate_expected_json tests/backdoor.sol "backdoor"
#generate_expected_json tests/backdoor.sol "suicidal"
#generate_expected_json tests/pragma.0.4.24.sol "pragma"
#generate_expected_json tests/old_solc.sol.json "solc-version"
#generate_expected_json tests/reentrancy-0.5.1.sol "reentrancy-eth"
#generate_expected_json tests/reentrancy-0.5.1.sol "reentrancy"
#generate_expected_json tests/uninitialized_storage_pointer.sol "uninitialized-storage"
#generate_expected_json tests/tx_origin-0.5.1.sol "tx-origin"
#generate_expected_json tests/locked_ether-0.5.1.sol "locked-ether"
#generate_expected_json tests/arbitrary_send-0.5.1.sol "arbitrary-send"
#generate_expected_json tests/inline_assembly_contract-0.5.1.sol "assembly"
#generate_expected_json tests/inline_assembly_library-0.5.1.sol "assembly"
#generate_expected_json tests/constant-0.5.1.sol "constant-function"
#generate_expected_json tests/incorrect_equality.sol "incorrect-equality"
generate_expected_json tests/uninitialized-0.5.1.sol "uninitialized-state"
generate_expected_json tests/backdoor.sol "backdoor"
generate_expected_json tests/backdoor.sol "suicidal"
generate_expected_json tests/pragma.0.4.24.sol "pragma"
generate_expected_json tests/old_solc.sol.json "solc-version"
generate_expected_json tests/reentrancy-0.5.1.sol "reentrancy-eth"
generate_expected_json tests/reentrancy-0.5.1.sol "reentrancy"
generate_expected_json tests/uninitialized_storage_pointer.sol "uninitialized-storage"
generate_expected_json tests/tx_origin-0.5.1.sol "tx-origin"
generate_expected_json tests/locked_ether-0.5.1.sol "locked-ether"
generate_expected_json tests/arbitrary_send-0.5.1.sol "arbitrary-send"
generate_expected_json tests/inline_assembly_contract-0.5.1.sol "assembly"
generate_expected_json tests/inline_assembly_library-0.5.1.sol "assembly"
generate_expected_json tests/constant-0.5.1.sol "constant-function"
generate_expected_json tests/incorrect_equality.sol "incorrect-equality"

3
scripts/travis_install.sh
Unescape View File

@ -15,3 +15,6 @@ function install_solc {
}
install_solc

7
scripts/travis_test_4.sh
Unescape View File

@ -10,7 +10,7 @@ test_slither(){
expected="$DIR/../tests/expected_json/$(basename $1 .sol).$2.json"
# run slither detector on input file and save output as json
slither "$1" --disable-solc-warnings --detect "$2" --json "$DIR/tmp-test.json" --solc solc-0.4.25
slither "$1" --solc-disable-warnings --detect "$2" --json "$DIR/tmp-test.json" --solc solc-0.4.25
if [ $? -eq 255 ]
then
echo "Slither crashed"
@ -37,7 +37,7 @@ test_slither(){
fi
# run slither detector on input file and save output as json
slither "$1" --disable-solc-warnings --detect "$2" --legacy-ast --json "$DIR/tmp-test.json" --solc solc-0.4.25
slither "$1" --solc-disable-warnings --detect "$2" --legacy-ast --json "$DIR/tmp-test.json" --solc solc-0.4.25
if [ $? -eq 255 ]
then
echo "Slither crashed"
@ -52,7 +52,7 @@ test_slither(){
fi
result=$(python "$DIR/json_diff.py" "$expected" "$DIR/tmp-test.json")
rm "$DIR/tmp-test.json"
if [ "$result" != "{}" ]; then
echo ""
@ -97,3 +97,4 @@ test_slither tests/multiple_calls_in_loop.sol "calls-loop"
test_slither tests/shadowing_builtin_symbols.sol "shadowing-builtin"
test_slither tests/shadowing_local_variable.sol "shadowing-local"
test_slither tests/solc_version_incorrect.sol "solc-version"
test_slither tests/right_to_left_override.sol "rtlo"

4
scripts/travis_test_5.sh
Unescape View File

@ -10,7 +10,7 @@ test_slither(){
expected="$DIR/../tests/expected_json/$(basename $1 .sol).$2.json"
# run slither detector on input file and save output as json
slither "$1" --disable-solc-warnings --detect "$2" --json "$DIR/tmp-test.json" --solc solc-0.5.1
slither "$1" --solc-disable-warnings --detect "$2" --json "$DIR/tmp-test.json" --solc solc-0.5.1
if [ $? -eq 255 ]
then
echo "Slither crashed"
@ -37,7 +37,7 @@ test_slither(){
fi
# run slither detector on input file and save output as json
slither "$1" --disable-solc-warnings --detect "$2" --legacy-ast --json "$DIR/tmp-test.json" --solc solc-0.5.1
slither "$1" --solc-disable-warnings --detect "$2" --legacy-ast --json "$DIR/tmp-test.json" --solc solc-0.5.1
if [ $? -eq 255 ]
then
echo "Slither crashed"

23
scripts/travis_test_dapp.sh
Unescape View File

@ -0,0 +1,23 @@
#!/usr/bin/env bash
### Test Dapp integration
mkdir test_dapp
cd test_dapp
curl https://nixos.org/nix/install | sh
. "$HOME/.nix-profile/etc/profile.d/nix.sh"
git clone --recursive https://github.com/dapphub/dapptools $HOME/.dapp/dapptools
nix-env -f $HOME/.dapp/dapptools -iA dapp seth solc hevm ethsign
dapp init
slither .
if [ $? -eq 21 ]
then
exit 0
fi
echo "Truffle test failed"
exit -1

23
scripts/travis_test_etherlime.sh
Unescape View File

@ -0,0 +1,23 @@
#!/usr/bin/env bash
### Test etherlime integration
mkdir test_etherlime
cd test_etherlime
curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.34.0/install.sh | bash
source ~/.nvm/nvm.sh
nvm install --lts
nvm use --lts
npm i -g etherlime
etherlime init
slither .
if [ $? -eq 6 ]
then
exit 0
fi
echo "Etherlime test failed"
exit -1

26
scripts/travis_test_etherscan.sh
Unescape View File

@ -0,0 +1,26 @@
#!/usr/bin/env bash
### Test etherscan integration
mkdir etherscan
cd etherscan
wget -O solc-0.4.25 https://github.com/ethereum/solidity/releases/download/v0.4.25/solc-static-linux
chmod +x solc-0.4.25
slither 0x7F37f78cBD74481E593F9C737776F7113d76B315 --solc "./solc-0.4.25"
if [ $? -ne 5 ]
then
echo "Etherscan test failed"
exit -1
fi
slither rinkeby:0xFe05820C5A92D9bc906D4A46F662dbeba794d3b7 --solc "./solc-0.4.25"
if [ $? -ne 68 ]
then
echo "Etherscan test failed"
exit -1
fi

2
setup.py
Unescape View File

@ -8,7 +8,7 @@ setup(
version='0.6.2',
packages=find_packages(),
python_requires='>=3.6',
install_requires=['prettytable>=0.7.2', 'pysha3>=1.0.2'],
install_requires=['prettytable>=0.7.2', 'pysha3>=1.0.2', 'crytic-compile>=0.1.0'],
license='AGPL-3.0',
long_description=open('README.md').read(),
entry_points={

103
slither/__main__.py
Unescape View File

@ -11,6 +11,7 @@ import sys
import traceback
from pkg_resources import iter_entry_points, require
from crytic_compile import cryticparser
from slither.detectors import all_detectors
from slither.detectors.abstract_detector import (AbstractDetector,
@ -22,6 +23,7 @@ from slither.utils.colors import red, yellow, set_colorization_enabled
from slither.utils.command_line import (output_detectors, output_results_to_markdown,
output_detectors_json, output_printers,
output_to_markdown, output_wiki)
from crytic_compile import is_supported
logging.basicConfig()
logger = logging.getLogger("Slither")
@ -43,18 +45,10 @@ def process(filename, args, detector_classes, printer_classes):
ast = '--ast-compact-json'
if args.legacy_ast:
ast = '--ast-json'
args.filter_paths = parse_filter_paths(args)
slither = Slither(filename,
solc=args.solc,
disable_solc_warnings=args.disable_solc_warnings,
solc_arguments=args.solc_args,
ast_format=ast,
truffle_build_directory=args.truffle_build_directory,
truffle_ignore_compile=args.truffle_ignore_compile,
truffle_version=args.truffle_version,
embark_ignore_compile=args.embark_ignore_compile,
embark_overwrite_config=args.embark_overwrite_config,
filter_paths=parse_filter_paths(args),
triage_mode=args.triage_mode)
**vars(args))
return _process(slither, detector_classes, printer_classes)
@ -261,6 +255,8 @@ def parse_args(detector_classes, printer_classes):
parser.add_argument('filename',
help='contract.sol')
cryticparser.init(parser)
parser.add_argument('--version',
help='displays the current version',
version=require('slither-analyzer')[0].version,
@ -268,9 +264,6 @@ def parse_args(detector_classes, printer_classes):
group_detector = parser.add_argument_group('Detectors')
group_printer = parser.add_argument_group('Printers')
group_solc = parser.add_argument_group('Solc options')
group_truffle = parser.add_argument_group('Truffle options')
group_embark = parser.add_argument_group('Embark options')
group_misc = parser.add_argument_group('Additional option')
group_detector.add_argument('--detect',
@ -327,53 +320,6 @@ def parse_args(detector_classes, printer_classes):
action='store_true',
default=defaults_flag_in_config['exclude_high'])
group_solc.add_argument('--solc',
help='solc path',
action='store',
default=defaults_flag_in_config['solc'])
group_solc.add_argument('--solc-args',
help='Add custom solc arguments. Example: --solc-args "--allow-path /tmp --evm-version byzantium".',
action='store',
default=defaults_flag_in_config['solc_args'])
group_solc.add_argument('--disable-solc-warnings',
help='Disable solc warnings',
action='store_true',
default=defaults_flag_in_config['disable_solc_warnings'])
group_solc.add_argument('--solc-ast',
help='Provide the ast solc file',
action='store_true',
default=False)
group_truffle.add_argument('--truffle-ignore-compile',
help='Do not run truffle compile',
action='store_true',
dest='truffle_ignore_compile',
default=defaults_flag_in_config['truffle_ignore_compile'])
group_truffle.add_argument('--truffle-build-directory',
help='Use an alternative truffle build directory',
action='store',
dest='truffle_build_directory',
default=defaults_flag_in_config['truffle_build_directory'])
group_truffle.add_argument('--truffle-version',
help='Use a local Truffle version (with npx)',
action='store',
default=defaults_flag_in_config['truffle_version'])
group_embark.add_argument('--embark-ignore-compile',
help='Do not run embark build',
action='store_true',
dest='embark_ignore_compile',
default=defaults_flag_in_config['embark_ignore_compile'])
group_embark.add_argument('--embark-overwrite-config',
help='Install @trailofbits/embark-contract-export and add it to embark.json',
action='store_true',
default=defaults_flag_in_config['embark_overwrite_config'])
group_misc.add_argument('--json',
help='Export results as JSON',
@ -538,19 +484,28 @@ def main_impl(all_detector_classes, all_printer_classes):
('ExpressionParsing', default_log),
('TypeParsing', default_log),
('SSA_Conversion', default_log),
('Printers', default_log)]:
('Printers', default_log),
#('CryticCompile', default_log)
]:
l = logging.getLogger(l_name)
l.setLevel(l_level)
console_handler = logging.StreamHandler()
console_handler.setLevel(logging.INFO)
console_handler.setFormatter(FormatterCryticCompile())
crytic_compile_error = logging.getLogger(('CryticCompile'))
crytic_compile_error.addHandler(console_handler)
crytic_compile_error.propagate = False
crytic_compile_error.setLevel(logging.INFO)
try:
filename = args.filename
globbed_filenames = glob.glob(filename, recursive=True)
if os.path.isfile(filename) or\
os.path.isfile(os.path.join(filename, 'truffle.js')) or\
os.path.isfile(os.path.join(filename, 'truffle-config.js')) or\
os.path.isfile(os.path.join(filename, 'embark.json')):
if os.path.isfile(filename) or is_supported(filename):
(results, number_contracts) = process(filename, args, detector_classes, printer_classes)
elif os.path.isdir(filename) or len(globbed_filenames) > 0:
@ -598,3 +553,21 @@ if __name__ == '__main__':
# endregion
###################################################################################
###################################################################################
# region CustomFormatter
###################################################################################
###################################################################################
class FormatterCryticCompile(logging.Formatter):
def format(self, record):
#for i, msg in enumerate(record.msg):
if record.msg.startswith('Compilation warnings/errors on '):
txt = record.args[1]
txt = txt.split('\n')
txt = [red(x) if 'Error' in x else x for x in txt]
txt = '\n'.join(txt)
record.args = (record.args[0], txt)
return super().format(record)
# endregion

15
slither/core/slither_core.py
Unescape View File

@ -33,6 +33,8 @@ class Slither(Context):
self._previous_results = []
self._paths_to_filter = set()
self._crytic_compile = None
###################################################################################
###################################################################################
@ -172,7 +174,8 @@ class Slither(Context):
- All its source paths belong to the source path filtered
- Or a similar result was reported and saved during a previous run
'''
if r['elements'] and all((any(path in elem['source_mapping']['filename'] for path in self._paths_to_filter if 'source_mapping' in elem) for elem in r['elements'])):
source_mapping_elements = [elem['source_mapping']['filename_absolute'] for elem in r['elements'] if 'source_mapping' in elem]
if r['elements'] and all((any(path in src_mapping for path in self._paths_to_filter) for src_mapping in source_mapping_elements)):
return False
return not r['description'] in [pr['description'] for pr in self._previous_results]
@ -204,3 +207,13 @@ class Slither(Context):
self._paths_to_filter.add(path)
# endregion
###################################################################################
###################################################################################
# region Crytic compile
###################################################################################
###################################################################################
@property
def crytic_compile(self):
return self._crytic_compile
# endregion

49
slither/core/source_mapping/source_mapping.py
Unescape View File

@ -53,14 +53,41 @@ class SourceMapping(Context):
if f not in sourceUnits:
return {'start':s, 'length':l}
filename = sourceUnits[f]
filename_used = sourceUnits[f]
filename_absolute = None
filename_relative = None
filename_short = None
lines = []
# If possible, convert the filename to its absolute/relative version
if slither.crytic_compile:
filenames = slither.crytic_compile.filename_lookup(filename_used)
filename_absolute = filenames.absolute
filename_relative = filenames.relative
filename_short = filenames.short
if filename_absolute in slither.source_code:
filename = filename_absolute
elif filename_relative in slither.source_code:
filename = filename_relative
elif filename_short in slither.source_code:
filename = filename_short
else:#
filename = filename_used.used
else:
filename = filename_used
if filename in slither.source_code:
lines = SourceMapping._compute_line(slither.source_code[filename], s, l)
return {'start':s, 'length':l, 'filename': filename, 'lines' : lines }
return {'start':s,
'length':l,
'filename_used': filename_used,
'filename_relative': filename_relative,
'filename_absolute': filename_absolute,
'filename_short': filename_short,
'lines' : lines }
def set_offset(self, offset, slither):
if isinstance(offset, dict):
@ -72,14 +99,14 @@ class SourceMapping(Context):
@property
def source_mapping_str(self):
def relative_path(path):
# Remove absolute path for printing
# Truffle returns absolutePath
splited_path = path.split(os.sep)
if 'contracts' in splited_path:
idx = splited_path.index('contracts')
return os.sep.join(splited_path[idx-1:])
return path
# def relative_path(path):
# # Remove absolute path for printing
# # Truffle returns absolutePath
# splited_path = path.split(os.sep)
# if 'contracts' in splited_path:
# idx = splited_path.index('contracts')
# return os.sep.join(splited_path[idx-1:])
# return path
lines = self.source_mapping['lines']
if not lines:
@ -88,5 +115,5 @@ class SourceMapping(Context):
lines = '#{}'.format(lines[0])
else:
lines = '#{}-{}'.format(lines[0], lines[-1])
return '{}{}'.format(relative_path(self.source_mapping['filename']), lines)
return '{}{}'.format(self.source_mapping['filename_short'], lines)

1
slither/detectors/all_detectors.py
Unescape View File

@ -31,5 +31,6 @@ from .statements.incorrect_strict_equality import IncorrectStrictEquality
from .erc20.incorrect_interface import IncorrectERC20InterfaceDetection
from .erc20.unindexed_event_parameters import UnindexedERC20EventParameters
from .statements.deprecated_calls import DeprecatedStandards
from .source.rtlo import RightToLeftOverride
#
#

4
slither/detectors/attributes/const_functions.py
Unescape View File

@ -60,8 +60,8 @@ All the calls to `get` revert, breaking Bob's smart contract execution.'''
info = info.format(f.contract.name, f.name, f.source_mapping_str, attr)
json = self.generate_json_result(info)
self.add_function_to_json(f, json)
json['elements'] = [{'type': 'info',
'contains_assembly' : True}]
json['elements'].append({'type': 'info',
'contains_assembly' : True})
results.append(json)
variables_written = f.all_state_variables_written()

0
slither/detectors/source/__init__.py
Unescape View File

63
slither/detectors/source/rtlo.py
Unescape View File

@ -0,0 +1,63 @@
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
import re
class RightToLeftOverride(AbstractDetector):
"""
Detect the usage of a Right-To-Left-Override (U+202E) character
"""
ARGUMENT = 'rtlo'
HELP = 'Right-To-Left-Override control character is used'
IMPACT = DetectorClassification.HIGH
CONFIDENCE = DetectorClassification.HIGH
WIKI = 'https://github.com/crytic/slither/wiki/Detector-Documentation#right-to-left-override-character'
WIKI_TITLE = 'Right-To-Left-Override character'
WIKI_DESCRIPTION = 'An attacker can manipulate the logic of the contract by using a right-to-left-override character (U+202E)'
WIKI_EXPLOIT_SCENARIO = '''
```solidity
contract Token
{
address payable o; // owner
mapping(address => uint) tokens;
function withdraw() external returns(uint)
{
uint amount = tokens[msg.sender];
address payable d = msg.sender;
tokens[msg.sender] = 0;
_withdraw(/*owner/*noitanitsed*/ d, o/*
/*value */, amount);
}
function _withdraw(address payable fee_receiver, address payable destination, uint value) internal
{
fee_receiver.transfer(1);
destination.transfer(value);
}
}
```
`Token` uses the right-to-left-override character when calling `_withdraw`. As a result, the fee is incorrectly sent to `msg.sender`, and the token balance is sent to the owner.
'''
WIKI_RECOMMENDATION = 'Special control characters must not be allowed.'
def _detect(self):
results = []
pattern = re.compile(".*\u202e.*")
for filename, source in self.slither.source_code.items():
info = "{} contains a unicode right-to-left-override character:\n".format(filename)
found = False
for match in pattern.finditer(source):
match_line = match.group(0)
info += "\t- {}\n".format(match_line)
found = True
if found:
json = self.generate_json_result(info)
results.append(json)
return results

184
slither/slither.py
Unescape View File

@ -6,6 +6,8 @@ import glob
import json
import platform
from crytic_compile import CryticCompile, InvalidCompilation
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.printers.abstract_printer import AbstractPrinter
from .solc_parsing.slitherSolc import SlitherSolc
@ -49,21 +51,22 @@ class Slither(SlitherSolc):
# list of files provided (see --splitted option)
if isinstance(contract, list):
self._init_from_list(contract)
# truffle directory
elif not truffle_ignore and (os.path.isfile(os.path.join(contract, 'truffle.js')) or
os.path.isfile(os.path.join(contract, 'truffle-config.js'))):
self._init_from_truffle(contract,
kwargs.get('truffle_build_directory', 'build/contracts'),
kwargs.get('truffle_ignore_compile', False),
kwargs.get('truffle_version', None))
# embark directory
elif not embark_ignore and os.path.isfile(os.path.join(contract, 'embark.json')):
self._init_from_embark(contract,
kwargs.get('embark_ignore_compile', False),
kwargs.get('embark_overwrite_config', False))
# .json or .sol provided
elif contract.endswith('.json'):
self._init_from_raw_json(contract)
else:
self._init_from_solc(contract, **kwargs)
super(Slither, self).__init__('')
try:
cryticCompile = CryticCompile(contract, **kwargs)
self._crytic_compile = cryticCompile
except InvalidCompilation as e:
logger.error('Invalid compilation')
logger.error(e)
exit(-1)
for path, ast in cryticCompile.asts.items():
self._parse_contracts_from_loaded_json(ast, path)
with open(path) as f:
self.source_code[path] = f.read()
self._detectors = []
self._printers = []
@ -77,104 +80,19 @@ class Slither(SlitherSolc):
self._analyze_contracts()
def _init_from_embark(self, contract, embark_ignore_compile, embark_overwrite_config):
super(Slither, self).__init__('')
plugin_name = '@trailofbits/embark-contract-info'
with open('embark.json') as f:
embark_json = json.load(f)
if embark_overwrite_config:
write_embark_json = False
if (not 'plugins' in embark_json):
embark_json['plugins'] = {plugin_name:{'flags':""}}
write_embark_json = True
elif (not plugin_name in embark_json['plugins']):
embark_json['plugins'][plugin_name] = {'flags':""}
write_embark_json = True
if write_embark_json:
process = subprocess.Popen(['npm','install', plugin_name])
_, stderr = process.communicate()
with open('embark.json', 'w') as outfile:
json.dump(embark_json, outfile, indent=2)
else:
if (not 'plugins' in embark_json) or (not plugin_name in embark_json['plugins']):
logger.error(red('embark-contract-info plugin was found in embark.json. Please install the plugin (see https://github.com/crytic/slither/wiki/Usage#embark), or use --embark-overwrite-config.'))
def _init_from_raw_json(self, filename):
if not os.path.isfile(filename):
logger.error('{} does not exist (are you in the correct directory?)'.format(filename))
exit(-1)
assert filename.endswith('json')
with open(filename, encoding='utf8') as astFile:
stdout = astFile.read()
if not stdout:
logger.info('Empty AST file: %s', filename)
sys.exit(-1)
contracts_json = stdout.split('\n=')
if not embark_ignore_compile:
process = subprocess.Popen(['embark','build','--contracts'],stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = process.communicate()
logger.info("%s\n"%stdout.decode())
if stderr:
# Embark might return information to stderr, but compile without issue
logger.error("%s"%stderr.decode())
infile = os.path.join(contract, 'crytic-export', 'contracts.json')
if not os.path.isfile(infile):
logger.error(red('Embark did not generate the AST file. Is Embark installed (npm install -g embark)? Is embark-contract-info installed? (npm install -g embark).'))
sys.exit(-1)
with open(infile, 'r') as f:
contracts_loaded = json.load(f)
contracts_loaded = contracts_loaded['asts']
for contract_loaded in contracts_loaded:
self._parse_contracts_from_loaded_json(contract_loaded,
contract_loaded['absolutePath'])
def _init_from_truffle(self, contract, build_directory, truffle_ignore_compile, truffle_version):
# Truffle on windows has naming conflicts where it will invoke truffle.js directly instead
# of truffle.cmd (unless in powershell or git bash). The cleanest solution is to explicitly call
# truffle.cmd. Reference:
# https://truffleframework.com/docs/truffle/reference/configuration#resolving-naming-conflicts-on-windows
if not truffle_ignore_compile:
truffle_base_command = "truffle" if platform.system() != 'Windows' else "truffle.cmd"
cmd = [truffle_base_command, 'compile']
if truffle_version:
cmd = ['npx', truffle_version, 'compile']
elif os.path.isfile('package.json'):
with open('package.json') as f:
package = json.load(f)
if 'devDependencies' in package:
if 'truffle' in package['devDependencies']:
version = package['devDependencies']['truffle']
if version.startswith('^'):
version = version[1:]
truffle_version = 'truffle@{}'.format(version)
cmd = ['npx', truffle_version, 'compile']
logger.info("'{}' running (use --truffle-version truffle@x.x.x to use specific version)".format(' '.join(cmd)))
process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = process.communicate()
stdout, stderr = stdout.decode(), stderr.decode()# convert bytestrings to unicode strings
logger.info(stdout)
if stderr:
logger.error(stderr)
if not os.path.isdir(os.path.join(contract, build_directory)):
logger.info(red('No truffle build directory found, did you run `truffle compile`?'))
sys.exit(-1)
super(Slither, self).__init__('')
filenames = glob.glob(os.path.join(contract, build_directory, '*.json'))
for filename in filenames:
with open(filename, encoding='utf8') as f:
contract_loaded = json.load(f)
contract_loaded = contract_loaded['ast']
if 'absolutePath' in contract_loaded:
path = contract_loaded['absolutePath']
else:
path = contract_loaded['attributes']['absolutePath']
self._parse_contracts_from_loaded_json(contract_loaded, path)
def _init_from_solc(self, contract, **kwargs):
solc = kwargs.get('solc', 'solc')
disable_solc_warnings = kwargs.get('disable_solc_warnings', False)
solc_arguments = kwargs.get('solc_arguments', '')
ast_format = kwargs.get('ast_format', '--ast-compact-json')
contracts_json = self._run_solc(contract,
solc,
disable_solc_warnings,
solc_arguments,
ast_format)
super(Slither, self).__init__(contract)
super(Slither, self).__init__(filename)
for c in contracts_json:
self._parse_contracts_from_json(c)
@ -261,46 +179,12 @@ class Slither(SlitherSolc):
if not os.path.isfile(filename):
logger.error('{} does not exist (are you in the correct directory?)'.format(filename))
exit(-1)
is_ast_file = False
if filename.endswith('json'):
is_ast_file = True
elif not filename.endswith('.sol'):
raise Exception('Incorrect file format')
if is_ast_file:
with open(filename, encoding='utf8') as astFile:
stdout = astFile.read()
if not stdout:
logger.info('Empty AST file: %s', filename)
sys.exit(-1)
else:
cmd = [solc, filename, ast_format]
if solc_arguments:
# To parse, we first split the string on each '--'
solc_args = solc_arguments.split('--')
# Split each argument on the first space found
# One solc option may have multiple argument sepparated with ' '
# For example: --allow-paths /tmp .
# split() removes the delimiter, so we add it again
solc_args = [('--' + x).split(' ', 1) for x in solc_args if x]
# Flat the list of list
solc_args = [item for sublist in solc_args for item in sublist]
cmd += solc_args
# Add . as default allowed path
if '--allow-paths' not in cmd:
cmd += ['--allow-paths', '.']
process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = process.communicate()
stdout, stderr = stdout.decode(), stderr.decode() # convert bytestrings to unicode strings
if stderr and (not disable_solc_warnings):
stderr = stderr.split('\n')
stderr = [x if 'Error' not in x else red(x) for x in stderr]
stderr = '\n'.join(stderr)
logger.info('Compilation warnings/errors on %s:\n%s', filename, stderr)
assert filename.endswith('json')
with open(filename, encoding='utf8') as astFile:
stdout = astFile.read()
if not stdout:
logger.info('Empty AST file: %s', filename)
sys.exit(-1)
stdout = stdout.split('\n=')
return stdout

2
tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.json
Unescape View File

@ -1 +1 @@
[{"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.direct (tests/arbitrary_send-0.5.1.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#12)\n", "elements": [{"type": "function", "name": "direct", "source_mapping": {"start": 162, "length": 79, "filename": "tests/arbitrary_send-0.5.1.sol", "lines": [11, 12, 13]}, "contract": {"type": "contract", "name": "Test", "source_mapping": {"start": 0, "length": 884, "filename": "tests/arbitrary_send-0.5.1.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, {"type": "expression", "expression": "msg.sender.send(address(this).balance)", "source_mapping": {"start": 196, "length": 38, "filename": "tests/arbitrary_send-0.5.1.sol", "lines": [12]}}]}, {"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.indirect (tests/arbitrary_send-0.5.1.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#20)\n", "elements": [{"type": "function", "name": "indirect", "source_mapping": {"start": 316, "length": 82, "filename": "tests/arbitrary_send-0.5.1.sol", "lines": [19, 20, 21]}, "contract": {"type": "contract", "name": "Test", "source_mapping": {"start": 0, "length": 884, "filename": "tests/arbitrary_send-0.5.1.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, {"type": "expression", "expression": "destination.send(address(this).balance)", "source_mapping": {"start": 352, "length": 39, "filename": "tests/arbitrary_send-0.5.1.sol", "lines": [20]}}]}]
[{"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.direct (tests/arbitrary_send-0.5.1.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#12)\n", "elements": [{"type": "function", "name": "direct", "source_mapping": {"start": 162, "length": 79, "filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol", "filename_relative": "tests/arbitrary_send-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol", "filename_short": "tests/arbitrary_send-0.5.1.sol", "lines": [11, 12, 13]}, "contract": {"type": "contract", "name": "Test", "source_mapping": {"start": 0, "length": 884, "filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol", "filename_relative": "tests/arbitrary_send-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol", "filename_short": "tests/arbitrary_send-0.5.1.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, {"type": "expression", "expression": "msg.sender.send(address(this).balance)", "source_mapping": {"start": 196, "length": 38, "filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol", "filename_relative": "tests/arbitrary_send-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol", "filename_short": "tests/arbitrary_send-0.5.1.sol", "lines": [12]}}]}, {"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.indirect (tests/arbitrary_send-0.5.1.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#20)\n", "elements": [{"type": "function", "name": "indirect", "source_mapping": {"start": 316, "length": 82, "filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol", "filename_relative": "tests/arbitrary_send-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol", "filename_short": "tests/arbitrary_send-0.5.1.sol", "lines": [19, 20, 21]}, "contract": {"type": "contract", "name": "Test", "source_mapping": {"start": 0, "length": 884, "filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol", "filename_relative": "tests/arbitrary_send-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol", "filename_short": "tests/arbitrary_send-0.5.1.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, {"type": "expression", "expression": "destination.send(address(this).balance)", "source_mapping": {"start": 352, "length": 39, "filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol", "filename_relative": "tests/arbitrary_send-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send-0.5.1.sol", "filename_short": "tests/arbitrary_send-0.5.1.sol", "lines": [20]}}]}]

2
tests/expected_json/arbitrary_send.arbitrary-send.json
Unescape View File

@ -1 +1 @@
[{"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.direct (tests/arbitrary_send.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/arbitrary_send.sol#12)\n", "elements": [{"type": "function", "name": "direct", "source_mapping": {"start": 147, "length": 79, "filename": "tests/arbitrary_send.sol", "lines": [11, 12, 13]}, "contract": {"type": "contract", "name": "Test", "source_mapping": {"start": 0, "length": 869, "filename": "tests/arbitrary_send.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, {"type": "expression", "expression": "msg.sender.send(address(this).balance)", "source_mapping": {"start": 181, "length": 38, "filename": "tests/arbitrary_send.sol", "lines": [12]}}]}, {"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.indirect (tests/arbitrary_send.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/arbitrary_send.sol#20)\n", "elements": [{"type": "function", "name": "indirect", "source_mapping": {"start": 301, "length": 82, "filename": "tests/arbitrary_send.sol", "lines": [19, 20, 21]}, "contract": {"type": "contract", "name": "Test", "source_mapping": {"start": 0, "length": 869, "filename": "tests/arbitrary_send.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, {"type": "expression", "expression": "destination.send(address(this).balance)", "source_mapping": {"start": 337, "length": 39, "filename": "tests/arbitrary_send.sol", "lines": [20]}}]}]
[{"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.direct (tests/arbitrary_send.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/arbitrary_send.sol#12)\n", "elements": [{"type": "function", "name": "direct", "source_mapping": {"start": 147, "length": 79, "filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol", "filename_relative": "tests/arbitrary_send.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol", "filename_short": "tests/arbitrary_send.sol", "lines": [11, 12, 13]}, "contract": {"type": "contract", "name": "Test", "source_mapping": {"start": 0, "length": 869, "filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol", "filename_relative": "tests/arbitrary_send.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol", "filename_short": "tests/arbitrary_send.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, {"type": "expression", "expression": "msg.sender.send(address(this).balance)", "source_mapping": {"start": 181, "length": 38, "filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol", "filename_relative": "tests/arbitrary_send.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol", "filename_short": "tests/arbitrary_send.sol", "lines": [12]}}]}, {"check": "arbitrary-send", "impact": "High", "confidence": "Medium", "description": "Test.indirect (tests/arbitrary_send.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/arbitrary_send.sol#20)\n", "elements": [{"type": "function", "name": "indirect", "source_mapping": {"start": 301, "length": 82, "filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol", "filename_relative": "tests/arbitrary_send.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol", "filename_short": "tests/arbitrary_send.sol", "lines": [19, 20, 21]}, "contract": {"type": "contract", "name": "Test", "source_mapping": {"start": 0, "length": 869, "filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol", "filename_relative": "tests/arbitrary_send.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol", "filename_short": "tests/arbitrary_send.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41]}}}, {"type": "expression", "expression": "destination.send(address(this).balance)", "source_mapping": {"start": 337, "length": 39, "filename_used": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol", "filename_relative": "tests/arbitrary_send.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/arbitrary_send.sol", "filename_short": "tests/arbitrary_send.sol", "lines": [20]}}]}]

2
tests/expected_json/backdoor.backdoor.json
Unescape View File

@ -1 +1 @@
[{"check": "backdoor", "impact": "High", "confidence": "High", "description": "Backdoor function found in C.i_am_a_backdoor (tests/backdoor.sol#4-6)\n", "elements": [{"type": "function", "name": "i_am_a_backdoor", "source_mapping": {"start": 18, "length": 74, "filename": "tests/backdoor.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "C", "source_mapping": {"start": 1, "length": 94, "filename": "tests/backdoor.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}]}]
[{"check": "backdoor", "impact": "High", "confidence": "High", "description": "Backdoor function found in C.i_am_a_backdoor (tests/backdoor.sol#4-6)\n", "elements": [{"type": "function", "name": "i_am_a_backdoor", "source_mapping": {"start": 18, "length": 74, "filename_used": "/home/travis/build/crytic/slither/tests/backdoor.sol", "filename_relative": "tests/backdoor.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/backdoor.sol", "filename_short": "tests/backdoor.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "C", "source_mapping": {"start": 1, "length": 94, "filename_used": "/home/travis/build/crytic/slither/tests/backdoor.sol", "filename_relative": "tests/backdoor.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/backdoor.sol", "filename_short": "tests/backdoor.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}]}]

2
tests/expected_json/backdoor.suicidal.json
Unescape View File

@ -1 +1 @@
[{"check": "suicidal", "impact": "High", "confidence": "High", "description": "C.i_am_a_backdoor (tests/backdoor.sol#4-6) allows anyone to destruct the contract\n", "elements": [{"type": "function", "name": "i_am_a_backdoor", "source_mapping": {"start": 18, "length": 74, "filename": "tests/backdoor.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "C", "source_mapping": {"start": 1, "length": 94, "filename": "tests/backdoor.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}]}]
[{"check": "suicidal", "impact": "High", "confidence": "High", "description": "C.i_am_a_backdoor (tests/backdoor.sol#4-6) allows anyone to destruct the contract\n", "elements": [{"type": "function", "name": "i_am_a_backdoor", "source_mapping": {"start": 18, "length": 74, "filename_used": "/home/travis/build/crytic/slither/tests/backdoor.sol", "filename_relative": "tests/backdoor.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/backdoor.sol", "filename_short": "tests/backdoor.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "C", "source_mapping": {"start": 1, "length": 94, "filename_used": "/home/travis/build/crytic/slither/tests/backdoor.sol", "filename_relative": "tests/backdoor.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/backdoor.sol", "filename_short": "tests/backdoor.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}]}]

2
tests/expected_json/const_state_variables.constable-states.json
Unescape View File

@ -1 +1 @@
[{"check": "constable-states", "impact": "Informational", "confidence": "High", "description": "A.myFriendsAddress should be constant (tests/const_state_variables.sol#7)\nA.test should be constant (tests/const_state_variables.sol#10)\nA.text2 should be constant (tests/const_state_variables.sol#14)\nB.mySistersAddress should be constant (tests/const_state_variables.sol#26)\nMyConc.should_be_constant should be constant (tests/const_state_variables.sol#42)\nMyConc.should_be_constant_2 should be constant (tests/const_state_variables.sol#43)\n", "elements": [{"type": "variable", "name": "myFriendsAddress", "source_mapping": {"start": 132, "length": 76, "filename": "tests/const_state_variables.sol", "lines": [7]}}, {"type": "variable", "name": "mySistersAddress", "source_mapping": {"start": 496, "length": 76, "filename": "tests/const_state_variables.sol", "lines": [26]}}, {"type": "variable", "name": "should_be_constant", "source_mapping": {"start": 793, "length": 42, "filename": "tests/const_state_variables.sol", "lines": [42]}}, {"type": "variable", "name": "should_be_constant_2", "source_mapping": {"start": 841, "length": 33, "filename": "tests/const_state_variables.sol", "lines": [43]}}, {"type": "variable", "name": "test", "source_mapping": {"start": 237, "length": 20, "filename": "tests/const_state_variables.sol", "lines": [10]}}, {"type": "variable", "name": "text2", "source_mapping": {"start": 333, "length": 20, "filename": "tests/const_state_variables.sol", "lines": [14]}}]}]
[{"check": "constable-states", "impact": "Informational", "confidence": "High", "description": "A.myFriendsAddress should be constant (tests/const_state_variables.sol#7)\nA.test should be constant (tests/const_state_variables.sol#10)\nA.text2 should be constant (tests/const_state_variables.sol#14)\nB.mySistersAddress should be constant (tests/const_state_variables.sol#26)\nMyConc.should_be_constant should be constant (tests/const_state_variables.sol#42)\nMyConc.should_be_constant_2 should be constant (tests/const_state_variables.sol#43)\n", "elements": [{"type": "variable", "name": "myFriendsAddress", "source_mapping": {"start": 132, "length": 76, "filename_used": "/home/travis/build/crytic/slither/tests/const_state_variables.sol", "filename_relative": "tests/const_state_variables.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/const_state_variables.sol", "filename_short": "tests/const_state_variables.sol", "lines": [7]}}, {"type": "variable", "name": "mySistersAddress", "source_mapping": {"start": 496, "length": 76, "filename_used": "/home/travis/build/crytic/slither/tests/const_state_variables.sol", "filename_relative": "tests/const_state_variables.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/const_state_variables.sol", "filename_short": "tests/const_state_variables.sol", "lines": [26]}}, {"type": "variable", "name": "should_be_constant", "source_mapping": {"start": 793, "length": 42, "filename_used": "/home/travis/build/crytic/slither/tests/const_state_variables.sol", "filename_relative": "tests/const_state_variables.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/const_state_variables.sol", "filename_short": "tests/const_state_variables.sol", "lines": [42]}}, {"type": "variable", "name": "should_be_constant_2", "source_mapping": {"start": 841, "length": 33, "filename_used": "/home/travis/build/crytic/slither/tests/const_state_variables.sol", "filename_relative": "tests/const_state_variables.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/const_state_variables.sol", "filename_short": "tests/const_state_variables.sol", "lines": [43]}}, {"type": "variable", "name": "test", "source_mapping": {"start": 237, "length": 20, "filename_used": "/home/travis/build/crytic/slither/tests/const_state_variables.sol", "filename_relative": "tests/const_state_variables.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/const_state_variables.sol", "filename_short": "tests/const_state_variables.sol", "lines": [10]}}, {"type": "variable", "name": "text2", "source_mapping": {"start": 333, "length": 20, "filename_used": "/home/travis/build/crytic/slither/tests/const_state_variables.sol", "filename_relative": "tests/const_state_variables.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/const_state_variables.sol", "filename_short": "tests/const_state_variables.sol", "lines": [14]}}]}]

2
tests/expected_json/constant-0.5.1.constant-function.json
Unescape View File

@ -1 +1 @@
[{"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_assembly_bug (tests/constant-0.5.1.sol#15-17) is declared view but contains assembly code\n", "elements": [{"type": "info", "contains_assembly": true}]}]
[{"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_assembly_bug (tests/constant-0.5.1.sol#15-17) is declared view but contains assembly code\n", "elements": [{"type": "function", "name": "test_assembly_bug", "source_mapping": {"start": 185, "length": 66, "filename_used": "/home/travis/build/crytic/slither/tests/constant-0.5.1.sol", "filename_relative": "tests/constant-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/constant-0.5.1.sol", "filename_short": "tests/constant-0.5.1.sol", "lines": [15, 16, 17]}, "contract": {"type": "contract", "name": "Constant", "source_mapping": {"start": 0, "length": 253, "filename_used": "/home/travis/build/crytic/slither/tests/constant-0.5.1.sol", "filename_relative": "tests/constant-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/constant-0.5.1.sol", "filename_short": "tests/constant-0.5.1.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18]}}}, {"type": "info", "contains_assembly": true}]}]

2
tests/expected_json/constant.constant-function.json
Unescape View File

@ -1 +1 @@
[{"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_view_bug (tests/constant.sol#5-7) is declared view but changes state variables:\n\t- Constant.a\n", "elements": [{"type": "function", "name": "test_view_bug", "source_mapping": {"start": 45, "length": 58, "filename": "tests/constant.sol", "lines": [5, 6, 7]}, "contract": {"type": "contract", "name": "Constant", "source_mapping": {"start": 0, "length": 392, "filename": "tests/constant.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "variable", "name": "a", "source_mapping": {"start": 28, "length": 6, "filename": "tests/constant.sol", "lines": [3]}}, {"type": "info", "contains_assembly": false}]}, {"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_constant_bug (tests/constant.sol#9-11) is declared view but changes state variables:\n\t- Constant.a\n", "elements": [{"type": "function", "name": "test_constant_bug", "source_mapping": {"start": 113, "length": 66, "filename": "tests/constant.sol", "lines": [9, 10, 11]}, "contract": {"type": "contract", "name": "Constant", "source_mapping": {"start": 0, "length": 392, "filename": "tests/constant.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "variable", "name": "a", "source_mapping": {"start": 28, "length": 6, "filename": "tests/constant.sol", "lines": [3]}}, {"type": "info", "contains_assembly": false}]}, {"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_assembly_bug (tests/constant.sol#22-24) is declared view but contains assembly code\n", "elements": [{"type": "info", "contains_assembly": true}]}]
[{"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_view_bug (tests/constant.sol#5-7) is declared view but changes state variables:\n\t- Constant.a\n", "elements": [{"type": "function", "name": "test_view_bug", "source_mapping": {"start": 45, "length": 58, "filename_used": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_relative": "tests/constant.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_short": "tests/constant.sol", "lines": [5, 6, 7]}, "contract": {"type": "contract", "name": "Constant", "source_mapping": {"start": 0, "length": 392, "filename_used": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_relative": "tests/constant.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_short": "tests/constant.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "variable", "name": "a", "source_mapping": {"start": 28, "length": 6, "filename_used": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_relative": "tests/constant.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_short": "tests/constant.sol", "lines": [3]}}, {"type": "info", "contains_assembly": false}]}, {"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_constant_bug (tests/constant.sol#9-11) is declared view but changes state variables:\n\t- Constant.a\n", "elements": [{"type": "function", "name": "test_constant_bug", "source_mapping": {"start": 113, "length": 66, "filename_used": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_relative": "tests/constant.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_short": "tests/constant.sol", "lines": [9, 10, 11]}, "contract": {"type": "contract", "name": "Constant", "source_mapping": {"start": 0, "length": 392, "filename_used": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_relative": "tests/constant.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_short": "tests/constant.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "variable", "name": "a", "source_mapping": {"start": 28, "length": 6, "filename_used": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_relative": "tests/constant.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_short": "tests/constant.sol", "lines": [3]}}, {"type": "info", "contains_assembly": false}]}, {"check": "constant-function", "impact": "Medium", "confidence": "Medium", "description": "Constant.test_assembly_bug (tests/constant.sol#22-24) is declared view but contains assembly code\n", "elements": [{"type": "function", "name": "test_assembly_bug", "source_mapping": {"start": 324, "length": 66, "filename_used": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_relative": "tests/constant.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_short": "tests/constant.sol", "lines": [22, 23, 24]}, "contract": {"type": "contract", "name": "Constant", "source_mapping": {"start": 0, "length": 392, "filename_used": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_relative": "tests/constant.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/constant.sol", "filename_short": "tests/constant.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "info", "contains_assembly": true}]}]

2
tests/expected_json/controlled_delegatecall.controlled-delegatecall.json
Unescape View File

@ -1 +1 @@
[{"check": "controlled-delegatecall", "impact": "High", "confidence": "Medium", "description": "C.bad_delegate_call (tests/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id\n\taddr_bad.delegatecall(data) (tests/controlled_delegatecall.sol#10)\n", "elements": [{"type": "function", "name": "bad_delegate_call", "source_mapping": {"start": 101, "length": 134, "filename": "tests/controlled_delegatecall.sol", "lines": [8, 9, 10, 11]}, "contract": {"type": "contract", "name": "C", "source_mapping": {"start": 0, "length": 585, "filename": "tests/controlled_delegatecall.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "expression", "expression": "addr_bad.delegatecall(data)", "source_mapping": {"start": 201, "length": 27, "filename": "tests/controlled_delegatecall.sol", "lines": [10]}}]}, {"check": "controlled-delegatecall", "impact": "High", "confidence": "Medium", "description": "C.bad_delegate_call2 (tests/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id\n\taddr_bad.delegatecall(abi.encode(func_id,data)) (tests/controlled_delegatecall.sol#19)\n", "elements": [{"type": "function", "name": "bad_delegate_call2", "source_mapping": {"start": 337, "length": 118, "filename": "tests/controlled_delegatecall.sol", "lines": [18, 19, 20]}, "contract": {"type": "contract", "name": "C", "source_mapping": {"start": 0, "length": 585, "filename": "tests/controlled_delegatecall.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "expression", "expression": "addr_bad.delegatecall(abi.encode(func_id,data))", "source_mapping": {"start": 400, "length": 48, "filename": "tests/controlled_delegatecall.sol", "lines": [19]}}]}]
[{"check": "controlled-delegatecall", "impact": "High", "confidence": "Medium", "description": "C.bad_delegate_call (tests/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id\n\taddr_bad.delegatecall(data) (tests/controlled_delegatecall.sol#10)\n", "elements": [{"type": "function", "name": "bad_delegate_call", "source_mapping": {"start": 101, "length": 134, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "lines": [8, 9, 10, 11]}, "contract": {"type": "contract", "name": "C", "source_mapping": {"start": 0, "length": 585, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "expression", "expression": "addr_bad.delegatecall(data)", "source_mapping": {"start": 201, "length": 27, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "lines": [10]}}]}, {"check": "controlled-delegatecall", "impact": "High", "confidence": "Medium", "description": "C.bad_delegate_call2 (tests/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id\n\taddr_bad.delegatecall(abi.encode(func_id,data)) (tests/controlled_delegatecall.sol#19)\n", "elements": [{"type": "function", "name": "bad_delegate_call2", "source_mapping": {"start": 337, "length": 118, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "lines": [18, 19, 20]}, "contract": {"type": "contract", "name": "C", "source_mapping": {"start": 0, "length": 585, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25]}}}, {"type": "expression", "expression": "addr_bad.delegatecall(abi.encode(func_id,data))", "source_mapping": {"start": 400, "length": 48, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "lines": [19]}}]}]

2
tests/expected_json/deprecated_calls.deprecated-standards.json
Unescape View File

@ -1 +1 @@
[{"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#2:\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n", "elements": [{"type": "variable", "name": "globalBlockHash", "source_mapping": {"start": 48, "length": 44, "filename": "tests/deprecated_calls.sol", "lines": [2]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#7-10:\n\t- Usage of \"msg.gas\" should be replaced with \"gasleft()\"\n", "elements": [{"type": "expression", "expression": "msg.gas == msg.value", "source_mapping": {"start": 258, "length": 107, "filename": "tests/deprecated_calls.sol", "lines": [7, 8, 9, 10]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#9:\n\t- Usage of \"throw\" should be replaced with \"revert()\"\n", "elements": [{"type": "expression", "expression": "None", "source_mapping": {"start": 349, "length": 5, "filename": "tests/deprecated_calls.sol", "lines": [9]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#16:\n\t- Usage of \"sha3()\" should be replaced with \"keccak256()\"\n", "elements": [{"type": "expression", "expression": "sha3Result = sha3()(test deprecated sha3 usage)", "source_mapping": {"start": 542, "length": 55, "filename": "tests/deprecated_calls.sol", "lines": [16]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#19:\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n", "elements": [{"type": "expression", "expression": "blockHashResult = block.blockhash(0)", "source_mapping": {"start": 671, "length": 44, "filename": "tests/deprecated_calls.sol", "lines": [19]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#22:\n\t- Usage of \"callcode\" should be replaced with \"delegatecall\"\n", "elements": [{"type": "expression", "expression": "address(this).callcode()", "source_mapping": {"start": 785, "length": 24, "filename": "tests/deprecated_calls.sol", "lines": [22]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#25:\n\t- Usage of \"suicide()\" should be replaced with \"selfdestruct()\"\n", "elements": [{"type": "expression", "expression": "suicide(address)(address(0))", "source_mapping": {"start": 878, "length": 19, "filename": "tests/deprecated_calls.sol", "lines": [25]}}]}]
[{"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#2:\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n", "elements": [{"type": "variable", "name": "globalBlockHash", "source_mapping": {"start": 48, "length": 44, "filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_relative": "tests/deprecated_calls.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_short": "tests/deprecated_calls.sol", "lines": [2]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#7-10:\n\t- Usage of \"msg.gas\" should be replaced with \"gasleft()\"\n", "elements": [{"type": "expression", "expression": "msg.gas == msg.value", "source_mapping": {"start": 258, "length": 107, "filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_relative": "tests/deprecated_calls.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_short": "tests/deprecated_calls.sol", "lines": [7, 8, 9, 10]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#9:\n\t- Usage of \"throw\" should be replaced with \"revert()\"\n", "elements": [{"type": "expression", "expression": "None", "source_mapping": {"start": 349, "length": 5, "filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_relative": "tests/deprecated_calls.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_short": "tests/deprecated_calls.sol", "lines": [9]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#16:\n\t- Usage of \"sha3()\" should be replaced with \"keccak256()\"\n", "elements": [{"type": "expression", "expression": "sha3Result = sha3()(test deprecated sha3 usage)", "source_mapping": {"start": 542, "length": 55, "filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_relative": "tests/deprecated_calls.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_short": "tests/deprecated_calls.sol", "lines": [16]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#19:\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n", "elements": [{"type": "expression", "expression": "blockHashResult = block.blockhash(0)", "source_mapping": {"start": 671, "length": 44, "filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_relative": "tests/deprecated_calls.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_short": "tests/deprecated_calls.sol", "lines": [19]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#22:\n\t- Usage of \"callcode\" should be replaced with \"delegatecall\"\n", "elements": [{"type": "expression", "expression": "address(this).callcode()", "source_mapping": {"start": 785, "length": 24, "filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_relative": "tests/deprecated_calls.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_short": "tests/deprecated_calls.sol", "lines": [22]}}]}, {"check": "deprecated-standards", "impact": "Informational", "confidence": "High", "description": "Deprecated standard detected @ tests/deprecated_calls.sol#25:\n\t- Usage of \"suicide()\" should be replaced with \"selfdestruct()\"\n", "elements": [{"type": "expression", "expression": "suicide(address)(address(0))", "source_mapping": {"start": 878, "length": 19, "filename_used": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_relative": "tests/deprecated_calls.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/deprecated_calls.sol", "filename_short": "tests/deprecated_calls.sol", "lines": [25]}}]}]

2
tests/expected_json/erc20_indexed.erc20-indexed.json
Unescape View File

@ -1 +1 @@
[{"check": "erc20-indexed", "impact": "Informational", "confidence": "High", "description": "IERC20Bad (tests/erc20_indexed.sol#12-21) does not mark important ERC20 parameters as 'indexed':\n\t-Transfer (tests/erc20_indexed.sol#19) does not index parameter 'from'\n\t-Transfer (tests/erc20_indexed.sol#19) does not index parameter 'to'\n\t-Approval (tests/erc20_indexed.sol#20) does not index parameter 'owner'\n\t-Approval (tests/erc20_indexed.sol#20) does not index parameter 'spender'\n", "elements": [{"type": "function", "name": "Approval", "source_mapping": {"start": 1148, "length": 59, "filename": "tests/erc20_indexed.sol", "lines": [20]}, "contract": {"type": "contract", "name": "IERC20Bad", "source_mapping": {"start": 622, "length": 587, "filename": "tests/erc20_indexed.sol", "lines": [12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "function", "name": "Approval", "source_mapping": {"start": 1148, "length": 59, "filename": "tests/erc20_indexed.sol", "lines": [20]}, "contract": {"type": "contract", "name": "IERC20Bad", "source_mapping": {"start": 622, "length": 587, "filename": "tests/erc20_indexed.sol", "lines": [12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "function", "name": "Transfer", "source_mapping": {"start": 1090, "length": 53, "filename": "tests/erc20_indexed.sol", "lines": [19]}, "contract": {"type": "contract", "name": "IERC20Bad", "source_mapping": {"start": 622, "length": 587, "filename": "tests/erc20_indexed.sol", "lines": [12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "function", "name": "Transfer", "source_mapping": {"start": 1090, "length": 53, "filename": "tests/erc20_indexed.sol", "lines": [19]}, "contract": {"type": "contract", "name": "IERC20Bad", "source_mapping": {"start": 622, "length": 587, "filename": "tests/erc20_indexed.sol", "lines": [12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}]}]
[{"check": "erc20-indexed", "impact": "Informational", "confidence": "High", "description": "IERC20Bad (tests/erc20_indexed.sol#12-21) does not mark important ERC20 parameters as 'indexed':\n\t-Transfer (tests/erc20_indexed.sol#19) does not index parameter 'from'\n\t-Transfer (tests/erc20_indexed.sol#19) does not index parameter 'to'\n\t-Approval (tests/erc20_indexed.sol#20) does not index parameter 'owner'\n\t-Approval (tests/erc20_indexed.sol#20) does not index parameter 'spender'\n", "elements": [{"type": "function", "name": "Approval", "source_mapping": {"start": 1148, "length": 59, "filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_relative": "tests/erc20_indexed.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_short": "tests/erc20_indexed.sol", "lines": [20]}, "contract": {"type": "contract", "name": "IERC20Bad", "source_mapping": {"start": 622, "length": 587, "filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_relative": "tests/erc20_indexed.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_short": "tests/erc20_indexed.sol", "lines": [12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "function", "name": "Approval", "source_mapping": {"start": 1148, "length": 59, "filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_relative": "tests/erc20_indexed.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_short": "tests/erc20_indexed.sol", "lines": [20]}, "contract": {"type": "contract", "name": "IERC20Bad", "source_mapping": {"start": 622, "length": 587, "filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_relative": "tests/erc20_indexed.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_short": "tests/erc20_indexed.sol", "lines": [12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "function", "name": "Transfer", "source_mapping": {"start": 1090, "length": 53, "filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_relative": "tests/erc20_indexed.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_short": "tests/erc20_indexed.sol", "lines": [19]}, "contract": {"type": "contract", "name": "IERC20Bad", "source_mapping": {"start": 622, "length": 587, "filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_relative": "tests/erc20_indexed.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_short": "tests/erc20_indexed.sol", "lines": [12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "function", "name": "Transfer", "source_mapping": {"start": 1090, "length": 53, "filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_relative": "tests/erc20_indexed.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_short": "tests/erc20_indexed.sol", "lines": [19]}, "contract": {"type": "contract", "name": "IERC20Bad", "source_mapping": {"start": 622, "length": 587, "filename_used": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_relative": "tests/erc20_indexed.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/erc20_indexed.sol", "filename_short": "tests/erc20_indexed.sol", "lines": [12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}]}]

2
tests/expected_json/external_function.external-function.json
Unescape View File

@ -1 +1 @@
[{"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled.funcNotCalled3 (tests/external_function.sol#13-15) should be declared external\n", "elements": [{"type": "function", "name": "funcNotCalled3", "source_mapping": {"start": 259, "length": 41, "filename": "tests/external_function.sol", "lines": [13, 14, 15]}, "contract": {"type": "contract", "name": "ContractWithFunctionNotCalled", "source_mapping": {"start": 213, "length": 258, "filename": "tests/external_function.sol", "lines": [11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}}}]}, {"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled.funcNotCalled2 (tests/external_function.sol#17-19) should be declared external\n", "elements": [{"type": "function", "name": "funcNotCalled2", "source_mapping": {"start": 306, "length": 41, "filename": "tests/external_function.sol", "lines": [17, 18, 19]}, "contract": {"type": "contract", "name": "ContractWithFunctionNotCalled", "source_mapping": {"start": 213, "length": 258, "filename": "tests/external_function.sol", "lines": [11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}}}]}, {"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled.funcNotCalled (tests/external_function.sol#21-23) should be declared external\n", "elements": [{"type": "function", "name": "funcNotCalled", "source_mapping": {"start": 353, "length": 40, "filename": "tests/external_function.sol", "lines": [21, 22, 23]}, "contract": {"type": "contract", "name": "ContractWithFunctionNotCalled", "source_mapping": {"start": 213, "length": 258, "filename": "tests/external_function.sol", "lines": [11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}}}]}, {"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled2.funcNotCalled (tests/external_function.sol#32-39) should be declared external\n", "elements": [{"type": "function", "name": "funcNotCalled", "source_mapping": {"start": 554, "length": 325, "filename": "tests/external_function.sol", "lines": [32, 33, 34, 35, 36, 37, 38, 39]}, "contract": {"type": "contract", "name": "ContractWithFunctionNotCalled2", "source_mapping": {"start": 473, "length": 408, "filename": "tests/external_function.sol", "lines": [31, 32, 33, 34, 35, 36, 37, 38, 39, 40]}}}]}]
[{"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled.funcNotCalled3 (tests/external_function.sol#13-15) should be declared external\n", "elements": [{"type": "function", "name": "funcNotCalled3", "source_mapping": {"start": 259, "length": 41, "filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_relative": "tests/external_function.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_short": "tests/external_function.sol", "lines": [13, 14, 15]}, "contract": {"type": "contract", "name": "ContractWithFunctionNotCalled", "source_mapping": {"start": 213, "length": 258, "filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_relative": "tests/external_function.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_short": "tests/external_function.sol", "lines": [11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}}}]}, {"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled.funcNotCalled2 (tests/external_function.sol#17-19) should be declared external\n", "elements": [{"type": "function", "name": "funcNotCalled2", "source_mapping": {"start": 306, "length": 41, "filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_relative": "tests/external_function.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_short": "tests/external_function.sol", "lines": [17, 18, 19]}, "contract": {"type": "contract", "name": "ContractWithFunctionNotCalled", "source_mapping": {"start": 213, "length": 258, "filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_relative": "tests/external_function.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_short": "tests/external_function.sol", "lines": [11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}}}]}, {"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled.funcNotCalled (tests/external_function.sol#21-23) should be declared external\n", "elements": [{"type": "function", "name": "funcNotCalled", "source_mapping": {"start": 353, "length": 40, "filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_relative": "tests/external_function.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_short": "tests/external_function.sol", "lines": [21, 22, 23]}, "contract": {"type": "contract", "name": "ContractWithFunctionNotCalled", "source_mapping": {"start": 213, "length": 258, "filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_relative": "tests/external_function.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_short": "tests/external_function.sol", "lines": [11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}}}]}, {"check": "external-function", "impact": "Informational", "confidence": "High", "description": "ContractWithFunctionNotCalled2.funcNotCalled (tests/external_function.sol#32-39) should be declared external\n", "elements": [{"type": "function", "name": "funcNotCalled", "source_mapping": {"start": 554, "length": 325, "filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_relative": "tests/external_function.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_short": "tests/external_function.sol", "lines": [32, 33, 34, 35, 36, 37, 38, 39]}, "contract": {"type": "contract", "name": "ContractWithFunctionNotCalled2", "source_mapping": {"start": 473, "length": 408, "filename_used": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_relative": "tests/external_function.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/external_function.sol", "filename_short": "tests/external_function.sol", "lines": [31, 32, 33, 34, 35, 36, 37, 38, 39, 40]}}}]}]

2
tests/expected_json/incorrect_equality.incorrect-equality.json
View File

File diff suppressed because one or more lines are too long

2
tests/expected_json/incorrect_erc20_interface.erc20-interface.json
Unescape View File

@ -1 +1 @@
[{"check": "erc20-interface", "impact": "Medium", "confidence": "High", "description": "Token (tests/incorrect_erc20_interface.sol#3-7) has incorrect ERC20 function interface(s):\n\t-transfer (tests/incorrect_erc20_interface.sol#5)\n", "elements": [{"type": "function", "name": "transfer", "source_mapping": {"start": 47, "length": 51, "filename": "tests/incorrect_erc20_interface.sol", "lines": [5]}, "contract": {"type": "contract", "name": "Token", "source_mapping": {"start": 26, "length": 75, "filename": "tests/incorrect_erc20_interface.sol", "lines": [3, 4, 5, 6, 7]}}}]}]
[{"check": "erc20-interface", "impact": "Medium", "confidence": "High", "description": "Token (tests/incorrect_erc20_interface.sol#3-7) has incorrect ERC20 function interface(s):\n\t-transfer (tests/incorrect_erc20_interface.sol#5)\n", "elements": [{"type": "function", "name": "transfer", "source_mapping": {"start": 47, "length": 51, "filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol", "filename_relative": "tests/incorrect_erc20_interface.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol", "filename_short": "tests/incorrect_erc20_interface.sol", "lines": [5]}, "contract": {"type": "contract", "name": "Token", "source_mapping": {"start": 26, "length": 75, "filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol", "filename_relative": "tests/incorrect_erc20_interface.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol", "filename_short": "tests/incorrect_erc20_interface.sol", "lines": [3, 4, 5, 6, 7]}}}]}]

2
tests/expected_json/inline_assembly_contract-0.5.1.assembly.json
Unescape View File

@ -1 +1 @@
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "GetCode.at uses assembly (tests/inline_assembly_contract-0.5.1.sol#6-20)\n\t- tests/inline_assembly_contract-0.5.1.sol#7-20\n", "elements": [{"type": "function", "name": "at", "source_mapping": {"start": 119, "length": 707, "filename": "tests/inline_assembly_contract-0.5.1.sol", "lines": [6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}, "contract": {"type": "contract", "name": "GetCode", "source_mapping": {"start": 97, "length": 731, "filename": "tests/inline_assembly_contract-0.5.1.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 198, "length": 628, "filename": "tests/inline_assembly_contract-0.5.1.sol", "lines": [7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}]}]
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "GetCode.at uses assembly (tests/inline_assembly_contract-0.5.1.sol#6-20)\n\t- tests/inline_assembly_contract-0.5.1.sol#7-20\n", "elements": [{"type": "function", "name": "at", "source_mapping": {"start": 119, "length": 707, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_contract-0.5.1.sol", "filename_relative": "tests/inline_assembly_contract-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_contract-0.5.1.sol", "filename_short": "tests/inline_assembly_contract-0.5.1.sol", "lines": [6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}, "contract": {"type": "contract", "name": "GetCode", "source_mapping": {"start": 97, "length": 731, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_contract-0.5.1.sol", "filename_relative": "tests/inline_assembly_contract-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_contract-0.5.1.sol", "filename_short": "tests/inline_assembly_contract-0.5.1.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 198, "length": 628, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_contract-0.5.1.sol", "filename_relative": "tests/inline_assembly_contract-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_contract-0.5.1.sol", "filename_short": "tests/inline_assembly_contract-0.5.1.sol", "lines": [7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}]}]

2
tests/expected_json/inline_assembly_contract.assembly.json
Unescape View File

@ -1 +1 @@
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "GetCode.at uses assembly (tests/inline_assembly_contract.sol#6-20)\n\t- tests/inline_assembly_contract.sol#7-20\n", "elements": [{"type": "function", "name": "at", "source_mapping": {"start": 119, "length": 700, "filename": "tests/inline_assembly_contract.sol", "lines": [6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}, "contract": {"type": "contract", "name": "GetCode", "source_mapping": {"start": 97, "length": 724, "filename": "tests/inline_assembly_contract.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 191, "length": 628, "filename": "tests/inline_assembly_contract.sol", "lines": [7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}]}]
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "GetCode.at uses assembly (tests/inline_assembly_contract.sol#6-20)\n\t- tests/inline_assembly_contract.sol#7-20\n", "elements": [{"type": "function", "name": "at", "source_mapping": {"start": 119, "length": 700, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_contract.sol", "filename_relative": "tests/inline_assembly_contract.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_contract.sol", "filename_short": "tests/inline_assembly_contract.sol", "lines": [6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}, "contract": {"type": "contract", "name": "GetCode", "source_mapping": {"start": 97, "length": 724, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_contract.sol", "filename_relative": "tests/inline_assembly_contract.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_contract.sol", "filename_short": "tests/inline_assembly_contract.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 191, "length": 628, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_contract.sol", "filename_relative": "tests/inline_assembly_contract.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_contract.sol", "filename_short": "tests/inline_assembly_contract.sol", "lines": [7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}]}]

2
tests/expected_json/inline_assembly_library-0.5.1.assembly.json
Unescape View File

@ -1 +1 @@
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumAsm uses assembly (tests/inline_assembly_library-0.5.1.sol#16-22)\n\t- tests/inline_assembly_library-0.5.1.sol#18-21\n", "elements": [{"type": "function", "name": "sumAsm", "source_mapping": {"start": 599, "length": 254, "filename": "tests/inline_assembly_library-0.5.1.sol", "lines": [16, 17, 18, 19, 20, 21, 22]}, "contract": {"type": "contract", "name": "VectorSum", "source_mapping": {"start": 97, "length": 1602, "filename": "tests/inline_assembly_library-0.5.1.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 733, "length": 114, "filename": "tests/inline_assembly_library-0.5.1.sol", "lines": [18, 19, 20, 21]}}]}, {"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library-0.5.1.sol#25-47)\n\t- tests/inline_assembly_library-0.5.1.sol#26-47\n", "elements": [{"type": "function", "name": "sumPureAsm", "source_mapping": {"start": 936, "length": 761, "filename": "tests/inline_assembly_library-0.5.1.sol", "lines": [25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}, "contract": {"type": "contract", "name": "VectorSum", "source_mapping": {"start": 97, "length": 1602, "filename": "tests/inline_assembly_library-0.5.1.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 1020, "length": 677, "filename": "tests/inline_assembly_library-0.5.1.sol", "lines": [26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}}]}]
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumAsm uses assembly (tests/inline_assembly_library-0.5.1.sol#16-22)\n\t- tests/inline_assembly_library-0.5.1.sol#18-21\n", "elements": [{"type": "function", "name": "sumAsm", "source_mapping": {"start": 599, "length": 254, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol", "filename_relative": "tests/inline_assembly_library-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol", "filename_short": "tests/inline_assembly_library-0.5.1.sol", "lines": [16, 17, 18, 19, 20, 21, 22]}, "contract": {"type": "contract", "name": "VectorSum", "source_mapping": {"start": 97, "length": 1602, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol", "filename_relative": "tests/inline_assembly_library-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol", "filename_short": "tests/inline_assembly_library-0.5.1.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 733, "length": 114, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol", "filename_relative": "tests/inline_assembly_library-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol", "filename_short": "tests/inline_assembly_library-0.5.1.sol", "lines": [18, 19, 20, 21]}}]}, {"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library-0.5.1.sol#25-47)\n\t- tests/inline_assembly_library-0.5.1.sol#26-47\n", "elements": [{"type": "function", "name": "sumPureAsm", "source_mapping": {"start": 936, "length": 761, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol", "filename_relative": "tests/inline_assembly_library-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol", "filename_short": "tests/inline_assembly_library-0.5.1.sol", "lines": [25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}, "contract": {"type": "contract", "name": "VectorSum", "source_mapping": {"start": 97, "length": 1602, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol", "filename_relative": "tests/inline_assembly_library-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol", "filename_short": "tests/inline_assembly_library-0.5.1.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 1020, "length": 677, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol", "filename_relative": "tests/inline_assembly_library-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library-0.5.1.sol", "filename_short": "tests/inline_assembly_library-0.5.1.sol", "lines": [26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}}]}]

2
tests/expected_json/inline_assembly_library.assembly.json
Unescape View File

@ -1 +1 @@
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumAsm uses assembly (tests/inline_assembly_library.sol#16-22)\n\t- tests/inline_assembly_library.sol#18-21\n", "elements": [{"type": "function", "name": "sumAsm", "source_mapping": {"start": 593, "length": 247, "filename": "tests/inline_assembly_library.sol", "lines": [16, 17, 18, 19, 20, 21, 22]}, "contract": {"type": "contract", "name": "VectorSum", "source_mapping": {"start": 98, "length": 1581, "filename": "tests/inline_assembly_library.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 720, "length": 114, "filename": "tests/inline_assembly_library.sol", "lines": [18, 19, 20, 21]}}]}, {"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library.sol#25-47)\n\t- tests/inline_assembly_library.sol#26-47\n", "elements": [{"type": "function", "name": "sumPureAsm", "source_mapping": {"start": 923, "length": 754, "filename": "tests/inline_assembly_library.sol", "lines": [25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}, "contract": {"type": "contract", "name": "VectorSum", "source_mapping": {"start": 98, "length": 1581, "filename": "tests/inline_assembly_library.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 1000, "length": 677, "filename": "tests/inline_assembly_library.sol", "lines": [26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}}]}]
[{"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumAsm uses assembly (tests/inline_assembly_library.sol#16-22)\n\t- tests/inline_assembly_library.sol#18-21\n", "elements": [{"type": "function", "name": "sumAsm", "source_mapping": {"start": 593, "length": 247, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol", "filename_relative": "tests/inline_assembly_library.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol", "filename_short": "tests/inline_assembly_library.sol", "lines": [16, 17, 18, 19, 20, 21, 22]}, "contract": {"type": "contract", "name": "VectorSum", "source_mapping": {"start": 98, "length": 1581, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol", "filename_relative": "tests/inline_assembly_library.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol", "filename_short": "tests/inline_assembly_library.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 720, "length": 114, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol", "filename_relative": "tests/inline_assembly_library.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol", "filename_short": "tests/inline_assembly_library.sol", "lines": [18, 19, 20, 21]}}]}, {"check": "assembly", "impact": "Informational", "confidence": "High", "description": "VectorSum.sumPureAsm uses assembly (tests/inline_assembly_library.sol#25-47)\n\t- tests/inline_assembly_library.sol#26-47\n", "elements": [{"type": "function", "name": "sumPureAsm", "source_mapping": {"start": 923, "length": 754, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol", "filename_relative": "tests/inline_assembly_library.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol", "filename_short": "tests/inline_assembly_library.sol", "lines": [25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}, "contract": {"type": "contract", "name": "VectorSum", "source_mapping": {"start": 98, "length": 1581, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol", "filename_relative": "tests/inline_assembly_library.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol", "filename_short": "tests/inline_assembly_library.sol", "lines": [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48]}}}, {"type": "expression", "expression": "None", "source_mapping": {"start": 1000, "length": 677, "filename_used": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol", "filename_relative": "tests/inline_assembly_library.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/inline_assembly_library.sol", "filename_short": "tests/inline_assembly_library.sol", "lines": [26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47]}}]}]

2
tests/expected_json/locked_ether-0.5.1.locked-ether.json
Unescape View File

@ -1 +1 @@
[{"check": "locked-ether", "impact": "Medium", "confidence": "High", "description": "Contract locking ether found in tests/locked_ether-0.5.1.sol:\n\tContract OnlyLocked has payable functions:\n\t - receive (tests/locked_ether-0.5.1.sol#4-6)\n\tBut has not function to withdraw the ether\n", "elements": [{"type": "function", "name": "receive", "source_mapping": {"start": 46, "length": 72, "filename": "tests/locked_ether-0.5.1.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "Locked", "source_mapping": {"start": 24, "length": 97, "filename": "tests/locked_ether-0.5.1.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}, {"type": "contract", "name": "OnlyLocked", "source_mapping": {"start": 375, "length": 32, "filename": "tests/locked_ether-0.5.1.sol", "lines": [26]}}]}]
[{"check": "locked-ether", "impact": "Medium", "confidence": "High", "description": "Contract locking ether found in :\n\tContract OnlyLocked has payable functions:\n\t - receive (tests/locked_ether-0.5.1.sol#4-6)\n\tBut does not have a function to withdraw the ether\n", "elements": [{"type": "function", "name": "receive", "source_mapping": {"start": 46, "length": 72, "filename_used": "/home/travis/build/crytic/slither/tests/locked_ether-0.5.1.sol", "filename_relative": "tests/locked_ether-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/locked_ether-0.5.1.sol", "filename_short": "tests/locked_ether-0.5.1.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "Locked", "source_mapping": {"start": 24, "length": 97, "filename_used": "/home/travis/build/crytic/slither/tests/locked_ether-0.5.1.sol", "filename_relative": "tests/locked_ether-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/locked_ether-0.5.1.sol", "filename_short": "tests/locked_ether-0.5.1.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}, {"type": "contract", "name": "OnlyLocked", "source_mapping": {"start": 375, "length": 32, "filename_used": "/home/travis/build/crytic/slither/tests/locked_ether-0.5.1.sol", "filename_relative": "tests/locked_ether-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/locked_ether-0.5.1.sol", "filename_short": "tests/locked_ether-0.5.1.sol", "lines": [26]}}]}]

2
tests/expected_json/locked_ether.locked-ether.json
Unescape View File

@ -1 +1 @@
[{"check": "locked-ether", "impact": "Medium", "confidence": "High", "description": "Contract locking ether found in tests/locked_ether.sol:\n\tContract OnlyLocked has payable functions:\n\t - receive (tests/locked_ether.sol#4-6)\n\tBut has not function to withdraw the ether\n", "elements": [{"type": "function", "name": "receive", "source_mapping": {"start": 47, "length": 72, "filename": "tests/locked_ether.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "Locked", "source_mapping": {"start": 25, "length": 97, "filename": "tests/locked_ether.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}, {"type": "contract", "name": "OnlyLocked", "source_mapping": {"start": 368, "length": 32, "filename": "tests/locked_ether.sol", "lines": [26]}}]}]
[{"check": "locked-ether", "impact": "Medium", "confidence": "High", "description": "Contract locking ether found in :\n\tContract OnlyLocked has payable functions:\n\t - receive (tests/locked_ether.sol#4-6)\n\tBut does not have a function to withdraw the ether\n", "elements": [{"type": "function", "name": "receive", "source_mapping": {"start": 47, "length": 72, "filename_used": "/home/travis/build/crytic/slither/tests/locked_ether.sol", "filename_relative": "tests/locked_ether.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/locked_ether.sol", "filename_short": "tests/locked_ether.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "Locked", "source_mapping": {"start": 25, "length": 97, "filename_used": "/home/travis/build/crytic/slither/tests/locked_ether.sol", "filename_relative": "tests/locked_ether.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/locked_ether.sol", "filename_short": "tests/locked_ether.sol", "lines": [2, 3, 4, 5, 6, 7, 8]}}}, {"type": "contract", "name": "OnlyLocked", "source_mapping": {"start": 368, "length": 32, "filename_used": "/home/travis/build/crytic/slither/tests/locked_ether.sol", "filename_relative": "tests/locked_ether.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/locked_ether.sol", "filename_short": "tests/locked_ether.sol", "lines": [26]}}]}]

2
tests/expected_json/low_level_calls.low-level-calls.json
Unescape View File

@ -1 +1 @@
[{"check": "low-level-calls", "impact": "Informational", "confidence": "High", "description": "Low level call in Sender.send (tests/low_level_calls.sol#5-7):\n\t-_receiver.call.value(msg.value).gas(7777)() tests/low_level_calls.sol#6\n", "elements": [{"type": "function", "name": "send", "source_mapping": {"start": 51, "length": 112, "filename": "tests/low_level_calls.sol", "lines": [5, 6, 7]}, "contract": {"type": "contract", "name": "Sender", "source_mapping": {"start": 29, "length": 136, "filename": "tests/low_level_calls.sol", "lines": [4, 5, 6, 7, 8]}}}, {"type": "expression", "expression": "_receiver.call.value(msg.value).gas(7777)()", "source_mapping": {"start": 111, "length": 45, "filename": "tests/low_level_calls.sol", "lines": [6]}}]}]
[{"check": "low-level-calls", "impact": "Informational", "confidence": "High", "description": "Low level call in Sender.send (tests/low_level_calls.sol#5-7):\n\t-_receiver.call.value(msg.value).gas(7777)() tests/low_level_calls.sol#6\n", "elements": [{"type": "function", "name": "send", "source_mapping": {"start": 51, "length": 112, "filename_used": "/home/travis/build/crytic/slither/tests/low_level_calls.sol", "filename_relative": "tests/low_level_calls.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/low_level_calls.sol", "filename_short": "tests/low_level_calls.sol", "lines": [5, 6, 7]}, "contract": {"type": "contract", "name": "Sender", "source_mapping": {"start": 29, "length": 136, "filename_used": "/home/travis/build/crytic/slither/tests/low_level_calls.sol", "filename_relative": "tests/low_level_calls.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/low_level_calls.sol", "filename_short": "tests/low_level_calls.sol", "lines": [4, 5, 6, 7, 8]}}}, {"type": "expression", "expression": "_receiver.call.value(msg.value).gas(7777)()", "source_mapping": {"start": 111, "length": 45, "filename_used": "/home/travis/build/crytic/slither/tests/low_level_calls.sol", "filename_relative": "tests/low_level_calls.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/low_level_calls.sol", "filename_short": "tests/low_level_calls.sol", "lines": [6]}}]}]

2
tests/expected_json/multiple_calls_in_loop.calls-loop.json
Unescape View File

@ -1 +1 @@
[{"check": "calls-loop", "impact": "Low", "confidence": "Medium", "description": "CallInLoop.bad has external calls inside a loop:\n\t- destinations[i].transfer(i) (tests/multiple_calls_in_loop.sol#11)\n", "elements": [{"type": "function", "name": "bad", "source_mapping": {"start": 153, "length": 135, "filename": "tests/multiple_calls_in_loop.sol", "lines": [9, 10, 11, 12, 13]}, "contract": {"type": "contract", "name": "CallInLoop", "source_mapping": {"start": 0, "length": 291, "filename": "tests/multiple_calls_in_loop.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15]}}}, {"type": "expression", "expression": "destinations[i].transfer(i)", "source_mapping": {"start": 244, "length": 27, "filename": "tests/multiple_calls_in_loop.sol", "lines": [11]}}]}]
[{"check": "calls-loop", "impact": "Low", "confidence": "Medium", "description": "CallInLoop.bad has external calls inside a loop:\n\t- destinations[i].transfer(i) (tests/multiple_calls_in_loop.sol#11)\n", "elements": [{"type": "function", "name": "bad", "source_mapping": {"start": 153, "length": 135, "filename_used": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol", "filename_relative": "tests/multiple_calls_in_loop.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol", "filename_short": "tests/multiple_calls_in_loop.sol", "lines": [9, 10, 11, 12, 13]}, "contract": {"type": "contract", "name": "CallInLoop", "source_mapping": {"start": 0, "length": 291, "filename_used": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol", "filename_relative": "tests/multiple_calls_in_loop.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol", "filename_short": "tests/multiple_calls_in_loop.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15]}}}, {"type": "expression", "expression": "destinations[i].transfer(i)", "source_mapping": {"start": 244, "length": 27, "filename_used": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol", "filename_relative": "tests/multiple_calls_in_loop.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol", "filename_short": "tests/multiple_calls_in_loop.sol", "lines": [11]}}]}]

2
tests/expected_json/naming_convention.naming-convention.json
View File

File diff suppressed because one or more lines are too long

2
tests/expected_json/old_solc.sol.json.solc-version.json
Unescape View File

@ -1 +1 @@
[{"check": "solc-version", "impact": "Informational", "confidence": "High", "description": "Detected issues with version pragma in tests/old_solc.sol.json:\n\t- pragma solidity0.4.21 (old_solc.sol): it allows old versions\n", "elements": [{"type": "expression", "expression": "0.4.21", "source_mapping": {"start": 0, "length": 23, "filename": "old_solc.sol", "lines": []}}]}]
[{"check": "solc-version", "impact": "Informational", "confidence": "High", "description": "Detected issues with version pragma in tests/old_solc.sol.json:\n\t- pragma solidity0.4.21 (None): it allows old versions\n", "elements": [{"type": "expression", "expression": "0.4.21", "source_mapping": {"start": 0, "length": 23, "filename_used": "old_solc.sol", "filename_relative": null, "filename_absolute": null, "filename_short": null, "lines": []}}]}]

2
tests/expected_json/pragma.0.4.24.pragma.json
Unescape View File

@ -1 +1 @@
[{"check": "pragma", "impact": "Informational", "confidence": "High", "description": "Different versions of Solidity is used in tests/pragma.0.4.24.sol:\n\t- Version used: ['^0.4.23', '^0.4.24']\n\t- tests/pragma.0.4.23.sol#1 declares pragma solidity^0.4.23\n\t- tests/pragma.0.4.24.sol#1 declares pragma solidity^0.4.24\n", "elements": [{"type": "expression", "expression": "^0.4.23", "source_mapping": {"start": 0, "length": 24, "filename": "tests/pragma.0.4.23.sol", "lines": [1]}}, {"type": "expression", "expression": "^0.4.24", "source_mapping": {"start": 0, "length": 24, "filename": "tests/pragma.0.4.24.sol", "lines": [1]}}]}]
[{"check": "pragma", "impact": "Informational", "confidence": "High", "description": "Different versions of Solidity is used in :\n\t- Version used: ['^0.4.23', '^0.4.24']\n\t- tests/pragma.0.4.23.sol#1 declares pragma solidity^0.4.23\n\t- tests/pragma.0.4.24.sol#1 declares pragma solidity^0.4.24\n", "elements": [{"type": "expression", "expression": "^0.4.23", "source_mapping": {"start": 0, "length": 24, "filename_used": "/home/travis/build/crytic/slither/tests/pragma.0.4.23.sol", "filename_relative": "tests/pragma.0.4.23.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/pragma.0.4.23.sol", "filename_short": "tests/pragma.0.4.23.sol", "lines": [1]}}, {"type": "expression", "expression": "^0.4.24", "source_mapping": {"start": 0, "length": 24, "filename_used": "/home/travis/build/crytic/slither/tests/pragma.0.4.24.sol", "filename_relative": "tests/pragma.0.4.24.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/pragma.0.4.24.sol", "filename_short": "tests/pragma.0.4.24.sol", "lines": [1]}}]}]

2
tests/expected_json/reentrancy-0.5.1.reentrancy-eth.json
Unescape View File

@ -1 +1 @@
[{"check": "reentrancy-eth", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance (tests/reentrancy-0.5.1.sol#14-22):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/reentrancy-0.5.1.sol#17)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy-0.5.1.sol#21)\n", "elements": [{"type": "function", "name": "withdrawBalance", "source_mapping": {"start": 298, "length": 357, "filename": "tests/reentrancy-0.5.1.sol", "lines": [14, 15, 16, 17, 18, 19, 20, 21, 22]}, "contract": {"type": "contract", "name": "Reentrancy", "source_mapping": {"start": 25, "length": 1807, "filename": "tests/reentrancy-0.5.1.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54]}}}, {"type": "external_calls", "expression": "(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()", "source_mapping": {"start": 477, "length": 81, "filename": "tests/reentrancy-0.5.1.sol", "lines": [17]}}, {"type": "variables_written", "name": "userBalance", "expression": "userBalance[msg.sender] = 0", "source_mapping": {"start": 621, "length": 27, "filename": "tests/reentrancy-0.5.1.sol", "lines": [21]}}]}, {"check": "reentrancy-eth", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3 (tests/reentrancy-0.5.1.sol#44-53):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(amount)() (tests/reentrancy-0.5.1.sol#49)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy-0.5.1.sol#51)\n", "elements": [{"type": "function", "name": "withdrawBalance_fixed_3", "source_mapping": {"start": 1434, "length": 393, "filename": "tests/reentrancy-0.5.1.sol", "lines": [44, 45, 46, 47, 48, 49, 50, 51, 52, 53]}, "contract": {"type": "contract", "name": "Reentrancy", "source_mapping": {"start": 25, "length": 1807, "filename": "tests/reentrancy-0.5.1.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54]}}}, {"type": "external_calls", "expression": "(ret,mem) = msg.sender.call.value(amount)()", "source_mapping": {"start": 1679, "length": 64, "filename": "tests/reentrancy-0.5.1.sol", "lines": [49]}}, {"type": "variables_written", "name": "userBalance", "expression": "userBalance[msg.sender] = amount", "source_mapping": {"start": 1778, "length": 32, "filename": "tests/reentrancy-0.5.1.sol", "lines": [51]}}]}]
[{"check": "reentrancy-eth", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance (tests/reentrancy-0.5.1.sol#14-22):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/reentrancy-0.5.1.sol#17)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy-0.5.1.sol#21)\n", "elements": [{"type": "function", "name": "withdrawBalance", "source_mapping": {"start": 298, "length": 357, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_relative": "tests/reentrancy-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_short": "tests/reentrancy-0.5.1.sol", "lines": [14, 15, 16, 17, 18, 19, 20, 21, 22]}, "contract": {"type": "contract", "name": "Reentrancy", "source_mapping": {"start": 25, "length": 1807, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_relative": "tests/reentrancy-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_short": "tests/reentrancy-0.5.1.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54]}}}, {"type": "external_calls", "expression": "(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()", "source_mapping": {"start": 477, "length": 81, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_relative": "tests/reentrancy-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_short": "tests/reentrancy-0.5.1.sol", "lines": [17]}}, {"type": "variables_written", "name": "userBalance", "expression": "userBalance[msg.sender] = 0", "source_mapping": {"start": 621, "length": 27, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_relative": "tests/reentrancy-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_short": "tests/reentrancy-0.5.1.sol", "lines": [21]}}]}, {"check": "reentrancy-eth", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3 (tests/reentrancy-0.5.1.sol#44-53):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(amount)() (tests/reentrancy-0.5.1.sol#49)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy-0.5.1.sol#51)\n", "elements": [{"type": "function", "name": "withdrawBalance_fixed_3", "source_mapping": {"start": 1434, "length": 393, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_relative": "tests/reentrancy-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_short": "tests/reentrancy-0.5.1.sol", "lines": [44, 45, 46, 47, 48, 49, 50, 51, 52, 53]}, "contract": {"type": "contract", "name": "Reentrancy", "source_mapping": {"start": 25, "length": 1807, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_relative": "tests/reentrancy-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_short": "tests/reentrancy-0.5.1.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54]}}}, {"type": "external_calls", "expression": "(ret,mem) = msg.sender.call.value(amount)()", "source_mapping": {"start": 1679, "length": 64, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_relative": "tests/reentrancy-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_short": "tests/reentrancy-0.5.1.sol", "lines": [49]}}, {"type": "variables_written", "name": "userBalance", "expression": "userBalance[msg.sender] = amount", "source_mapping": {"start": 1778, "length": 32, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_relative": "tests/reentrancy-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy-0.5.1.sol", "filename_short": "tests/reentrancy-0.5.1.sol", "lines": [51]}}]}]

2
tests/expected_json/reentrancy.reentrancy-eth.json
Unescape View File

@ -1 +1 @@
[{"check": "reentrancy-eth", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance (tests/reentrancy.sol#14-21):\n\tExternal calls:\n\t- ! (msg.sender.call.value(userBalance[msg.sender])()) (tests/reentrancy.sol#17-19)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy.sol#20)\n", "elements": [{"type": "function", "name": "withdrawBalance", "source_mapping": {"start": 299, "length": 314, "filename": "tests/reentrancy.sol", "lines": [14, 15, 16, 17, 18, 19, 20, 21]}, "contract": {"type": "contract", "name": "Reentrancy", "source_mapping": {"start": 26, "length": 2334, "filename": "tests/reentrancy.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72]}}}, {"type": "external_calls", "expression": "! (msg.sender.call.value(userBalance[msg.sender])())", "source_mapping": {"start": 478, "length": 92, "filename": "tests/reentrancy.sol", "lines": [17, 18, 19]}}, {"type": "variables_written", "name": "userBalance", "expression": "userBalance[msg.sender] = 0", "source_mapping": {"start": 579, "length": 27, "filename": "tests/reentrancy.sol", "lines": [20]}}]}, {"check": "reentrancy-eth", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance_nested (tests/reentrancy.sol#64-70):\n\tExternal calls:\n\t- msg.sender.call.value(amount / 2)() (tests/reentrancy.sol#67)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy.sol#68)\n", "elements": [{"type": "function", "name": "withdrawBalance_nested", "source_mapping": {"start": 2108, "length": 246, "filename": "tests/reentrancy.sol", "lines": [64, 65, 66, 67, 68, 69, 70]}, "contract": {"type": "contract", "name": "Reentrancy", "source_mapping": {"start": 26, "length": 2334, "filename": "tests/reentrancy.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72]}}}, {"type": "external_calls", "expression": "msg.sender.call.value(amount / 2)()", "source_mapping": {"start": 2263, "length": 33, "filename": "tests/reentrancy.sol", "lines": [67]}}, {"type": "variables_written", "name": "userBalance", "expression": "userBalance[msg.sender] = 0", "source_mapping": {"start": 2310, "length": 27, "filename": "tests/reentrancy.sol", "lines": [68]}}]}]
[{"check": "reentrancy-eth", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance (tests/reentrancy.sol#14-21):\n\tExternal calls:\n\t- ! (msg.sender.call.value(userBalance[msg.sender])()) (tests/reentrancy.sol#17-19)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy.sol#20)\n", "elements": [{"type": "function", "name": "withdrawBalance", "source_mapping": {"start": 299, "length": 314, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_relative": "tests/reentrancy.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_short": "tests/reentrancy.sol", "lines": [14, 15, 16, 17, 18, 19, 20, 21]}, "contract": {"type": "contract", "name": "Reentrancy", "source_mapping": {"start": 26, "length": 2334, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_relative": "tests/reentrancy.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_short": "tests/reentrancy.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72]}}}, {"type": "external_calls", "expression": "! (msg.sender.call.value(userBalance[msg.sender])())", "source_mapping": {"start": 478, "length": 92, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_relative": "tests/reentrancy.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_short": "tests/reentrancy.sol", "lines": [17, 18, 19]}}, {"type": "variables_written", "name": "userBalance", "expression": "userBalance[msg.sender] = 0", "source_mapping": {"start": 579, "length": 27, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_relative": "tests/reentrancy.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_short": "tests/reentrancy.sol", "lines": [20]}}]}, {"check": "reentrancy-eth", "impact": "High", "confidence": "Medium", "description": "Reentrancy in Reentrancy.withdrawBalance_nested (tests/reentrancy.sol#64-70):\n\tExternal calls:\n\t- msg.sender.call.value(amount / 2)() (tests/reentrancy.sol#67)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy.sol#68)\n", "elements": [{"type": "function", "name": "withdrawBalance_nested", "source_mapping": {"start": 2108, "length": 246, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_relative": "tests/reentrancy.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_short": "tests/reentrancy.sol", "lines": [64, 65, 66, 67, 68, 69, 70]}, "contract": {"type": "contract", "name": "Reentrancy", "source_mapping": {"start": 26, "length": 2334, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_relative": "tests/reentrancy.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_short": "tests/reentrancy.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72]}}}, {"type": "external_calls", "expression": "msg.sender.call.value(amount / 2)()", "source_mapping": {"start": 2263, "length": 33, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_relative": "tests/reentrancy.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_short": "tests/reentrancy.sol", "lines": [67]}}, {"type": "variables_written", "name": "userBalance", "expression": "userBalance[msg.sender] = 0", "source_mapping": {"start": 2310, "length": 27, "filename_used": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_relative": "tests/reentrancy.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/reentrancy.sol", "filename_short": "tests/reentrancy.sol", "lines": [68]}}]}]

1
tests/expected_json/right_to_left_override.rtlo.json
Unescape View File

@ -0,0 +1 @@
[{"check": "rtlo", "impact": "High", "confidence": "High", "description": "tests/right_to_left_override.sol contains a unicode right-to-left-override character:\n\t- return test1(/*A\u202e/*B*/2 , 1/*\u202d\n", "elements": []}]

2
tests/expected_json/shadowing_abstract.shadowing-abstract.json
Unescape View File

@ -1 +1 @@
[{"check": "shadowing-abstract", "impact": "Medium", "confidence": "High", "description": "DerivedContract.owner (tests/shadowing_abstract.sol#7) shadows:\n\t- BaseContract.owner (tests/shadowing_abstract.sol#2)\n", "elements": [{"type": "variable", "name": "owner", "source_mapping": {"start": 92, "length": 13, "filename": "tests/shadowing_abstract.sol", "lines": [7]}}, {"type": "variable", "name": "owner", "source_mapping": {"start": 27, "length": 13, "filename": "tests/shadowing_abstract.sol", "lines": [2]}}]}]
[{"check": "shadowing-abstract", "impact": "Medium", "confidence": "High", "description": "DerivedContract.owner (tests/shadowing_abstract.sol#7) shadows:\n\t- BaseContract.owner (tests/shadowing_abstract.sol#2)\n", "elements": [{"type": "variable", "name": "owner", "source_mapping": {"start": 92, "length": 13, "filename_used": "/home/travis/build/crytic/slither/tests/shadowing_abstract.sol", "filename_relative": "tests/shadowing_abstract.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/shadowing_abstract.sol", "filename_short": "tests/shadowing_abstract.sol", "lines": [7]}}, {"type": "variable", "name": "owner", "source_mapping": {"start": 27, "length": 13, "filename_used": "/home/travis/build/crytic/slither/tests/shadowing_abstract.sol", "filename_relative": "tests/shadowing_abstract.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/shadowing_abstract.sol", "filename_short": "tests/shadowing_abstract.sol", "lines": [2]}}]}]

2
tests/expected_json/shadowing_builtin_symbols.shadowing-builtin.json
View File

File diff suppressed because one or more lines are too long

2
tests/expected_json/shadowing_local_variable.shadowing-local.json
View File

File diff suppressed because one or more lines are too long

2
tests/expected_json/shadowing_state_variable.shadowing-state.json
Unescape View File

@ -1 +1 @@
[{"check": "shadowing-state", "impact": "High", "confidence": "High", "description": "DerivedContract.owner (tests/shadowing_state_variable.sol#12) shadows:\n\t- BaseContract.owner (tests/shadowing_state_variable.sol#2)\n", "elements": [{"type": "variable", "name": "owner", "source_mapping": {"start": 172, "length": 13, "filename": "tests/shadowing_state_variable.sol", "lines": [12]}}, {"type": "variable", "name": "owner", "source_mapping": {"start": 27, "length": 13, "filename": "tests/shadowing_state_variable.sol", "lines": [2]}}]}]
[{"check": "shadowing-state", "impact": "High", "confidence": "High", "description": "DerivedContract.owner (tests/shadowing_state_variable.sol#12) shadows:\n\t- BaseContract.owner (tests/shadowing_state_variable.sol#2)\n", "elements": [{"type": "variable", "name": "owner", "source_mapping": {"start": 172, "length": 13, "filename_used": "/home/travis/build/crytic/slither/tests/shadowing_state_variable.sol", "filename_relative": "tests/shadowing_state_variable.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/shadowing_state_variable.sol", "filename_short": "tests/shadowing_state_variable.sol", "lines": [12]}}, {"type": "variable", "name": "owner", "source_mapping": {"start": 27, "length": 13, "filename_used": "/home/travis/build/crytic/slither/tests/shadowing_state_variable.sol", "filename_relative": "tests/shadowing_state_variable.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/shadowing_state_variable.sol", "filename_short": "tests/shadowing_state_variable.sol", "lines": [2]}}]}]

2
tests/expected_json/solc_version_incorrect.solc-version.json
Unescape View File

@ -1 +1 @@
[{"check": "solc-version", "impact": "Informational", "confidence": "High", "description": "Detected issues with version pragma in tests/solc_version_incorrect.sol:\n\t- pragma solidity^0.4.23 (tests/solc_version_incorrect.sol#2): it allows old versions\n\t- pragma solidity>=0.4.0<0.6.0 (tests/solc_version_incorrect.sol#3): it allows old versions\n", "elements": [{"type": "expression", "expression": "^0.4.23", "source_mapping": {"start": 63, "length": 24, "filename": "tests/solc_version_incorrect.sol", "lines": [2]}}, {"type": "expression", "expression": ">=0.4.0<0.6.0", "source_mapping": {"start": 89, "length": 31, "filename": "tests/solc_version_incorrect.sol", "lines": [3]}}]}]
[{"check": "solc-version", "impact": "Informational", "confidence": "High", "description": "Detected issues with version pragma in :\n\t- pragma solidity^0.4.23 (tests/solc_version_incorrect.sol#2): it allows old versions\n\t- pragma solidity>=0.4.0<0.6.0 (tests/solc_version_incorrect.sol#3): it allows old versions\n", "elements": [{"type": "expression", "expression": "^0.4.23", "source_mapping": {"start": 63, "length": 24, "filename_used": "/home/travis/build/crytic/slither/tests/solc_version_incorrect.sol", "filename_relative": "tests/solc_version_incorrect.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/solc_version_incorrect.sol", "filename_short": "tests/solc_version_incorrect.sol", "lines": [2]}}, {"type": "expression", "expression": ">=0.4.0<0.6.0", "source_mapping": {"start": 89, "length": 31, "filename_used": "/home/travis/build/crytic/slither/tests/solc_version_incorrect.sol", "filename_relative": "tests/solc_version_incorrect.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/solc_version_incorrect.sol", "filename_short": "tests/solc_version_incorrect.sol", "lines": [3]}}]}]

2
tests/expected_json/timestamp.timestamp.json
Unescape View File

@ -1 +1 @@
[{"check": "timestamp", "impact": "Low", "confidence": "Medium", "description": "Timestamp.bad0 (tests/timestamp.sol#4-6) uses timestamp for comparisons\n\tDangerous comparisons:\n\t- require(bool)(block.timestamp == 0) (tests/timestamp.sol#5)\n", "elements": [{"type": "function", "name": "bad0", "source_mapping": {"start": 47, "length": 70, "filename": "tests/timestamp.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "Timestamp", "source_mapping": {"start": 0, "length": 402, "filename": "tests/timestamp.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}}, {"type": "expression", "expression": "require(bool)(block.timestamp == 0)", "source_mapping": {"start": 81, "length": 29, "filename": "tests/timestamp.sol", "lines": [5]}}]}, {"check": "timestamp", "impact": "Low", "confidence": "Medium", "description": "Timestamp.bad1 (tests/timestamp.sol#8-11) uses timestamp for comparisons\n\tDangerous comparisons:\n\t- require(bool)(time == 0) (tests/timestamp.sol#10)\n", "elements": [{"type": "function", "name": "bad1", "source_mapping": {"start": 126, "length": 96, "filename": "tests/timestamp.sol", "lines": [8, 9, 10, 11]}, "contract": {"type": "contract", "name": "Timestamp", "source_mapping": {"start": 0, "length": 402, "filename": "tests/timestamp.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}}, {"type": "expression", "expression": "require(bool)(time == 0)", "source_mapping": {"start": 197, "length": 18, "filename": "tests/timestamp.sol", "lines": [10]}}]}, {"check": "timestamp", "impact": "Low", "confidence": "Medium", "description": "Timestamp.bad2 (tests/timestamp.sol#13-15) uses timestamp for comparisons\n\tDangerous comparisons:\n\t- block.timestamp > 0 (tests/timestamp.sol#14)\n", "elements": [{"type": "function", "name": "bad2", "source_mapping": {"start": 231, "length": 79, "filename": "tests/timestamp.sol", "lines": [13, 14, 15]}, "contract": {"type": "contract", "name": "Timestamp", "source_mapping": {"start": 0, "length": 402, "filename": "tests/timestamp.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}}, {"type": "expression", "expression": "block.timestamp > 0", "source_mapping": {"start": 279, "length": 24, "filename": "tests/timestamp.sol", "lines": [14]}}]}]
[{"check": "timestamp", "impact": "Low", "confidence": "Medium", "description": "Timestamp.bad0 (tests/timestamp.sol#4-6) uses timestamp for comparisons\n\tDangerous comparisons:\n\t- require(bool)(block.timestamp == 0) (tests/timestamp.sol#5)\n", "elements": [{"type": "function", "name": "bad0", "source_mapping": {"start": 47, "length": 70, "filename_used": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_relative": "tests/timestamp.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_short": "tests/timestamp.sol", "lines": [4, 5, 6]}, "contract": {"type": "contract", "name": "Timestamp", "source_mapping": {"start": 0, "length": 402, "filename_used": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_relative": "tests/timestamp.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_short": "tests/timestamp.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}}, {"type": "expression", "expression": "require(bool)(block.timestamp == 0)", "source_mapping": {"start": 81, "length": 29, "filename_used": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_relative": "tests/timestamp.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_short": "tests/timestamp.sol", "lines": [5]}}]}, {"check": "timestamp", "impact": "Low", "confidence": "Medium", "description": "Timestamp.bad1 (tests/timestamp.sol#8-11) uses timestamp for comparisons\n\tDangerous comparisons:\n\t- require(bool)(time == 0) (tests/timestamp.sol#10)\n", "elements": [{"type": "function", "name": "bad1", "source_mapping": {"start": 126, "length": 96, "filename_used": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_relative": "tests/timestamp.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_short": "tests/timestamp.sol", "lines": [8, 9, 10, 11]}, "contract": {"type": "contract", "name": "Timestamp", "source_mapping": {"start": 0, "length": 402, "filename_used": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_relative": "tests/timestamp.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_short": "tests/timestamp.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}}, {"type": "expression", "expression": "require(bool)(time == 0)", "source_mapping": {"start": 197, "length": 18, "filename_used": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_relative": "tests/timestamp.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_short": "tests/timestamp.sol", "lines": [10]}}]}, {"check": "timestamp", "impact": "Low", "confidence": "Medium", "description": "Timestamp.bad2 (tests/timestamp.sol#13-15) uses timestamp for comparisons\n\tDangerous comparisons:\n\t- block.timestamp > 0 (tests/timestamp.sol#14)\n", "elements": [{"type": "function", "name": "bad2", "source_mapping": {"start": 231, "length": 79, "filename_used": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_relative": "tests/timestamp.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_short": "tests/timestamp.sol", "lines": [13, 14, 15]}, "contract": {"type": "contract", "name": "Timestamp", "source_mapping": {"start": 0, "length": 402, "filename_used": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_relative": "tests/timestamp.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_short": "tests/timestamp.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20]}}}, {"type": "expression", "expression": "block.timestamp > 0", "source_mapping": {"start": 279, "length": 24, "filename_used": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_relative": "tests/timestamp.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/timestamp.sol", "filename_short": "tests/timestamp.sol", "lines": [14]}}]}]

2
tests/expected_json/tx_origin-0.5.1.tx-origin.json
Unescape View File

@ -1 +1 @@
[{"check": "tx-origin", "impact": "Medium", "confidence": "Medium", "description": "TxOrigin.bug0 uses tx.origin for authorization:\n\t- require(bool)(tx.origin == owner) (tests/tx_origin-0.5.1.sol#10)\n", "elements": [{"type": "function", "name": "bug0", "source_mapping": {"start": 127, "length": 66, "filename": "tests/tx_origin-0.5.1.sol", "lines": [9, 10, 11]}, "contract": {"type": "contract", "name": "TxOrigin", "source_mapping": {"start": 25, "length": 442, "filename": "tests/tx_origin-0.5.1.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26]}}}, {"type": "expression", "expression": "require(bool)(tx.origin == owner)", "source_mapping": {"start": 159, "length": 27, "filename": "tests/tx_origin-0.5.1.sol", "lines": [10]}}]}, {"check": "tx-origin", "impact": "Medium", "confidence": "Medium", "description": "TxOrigin.bug2 uses tx.origin for authorization:\n\t- tx.origin != owner (tests/tx_origin-0.5.1.sol#14-16)\n", "elements": [{"type": "function", "name": "bug2", "source_mapping": {"start": 199, "length": 95, "filename": "tests/tx_origin-0.5.1.sol", "lines": [13, 14, 15, 16, 17]}, "contract": {"type": "contract", "name": "TxOrigin", "source_mapping": {"start": 25, "length": 442, "filename": "tests/tx_origin-0.5.1.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26]}}}, {"type": "expression", "expression": "tx.origin != owner", "source_mapping": {"start": 231, "length": 57, "filename": "tests/tx_origin-0.5.1.sol", "lines": [14, 15, 16]}}]}]
[{"check": "tx-origin", "impact": "Medium", "confidence": "Medium", "description": "TxOrigin.bug0 uses tx.origin for authorization:\n\t- require(bool)(tx.origin == owner) (tests/tx_origin-0.5.1.sol#10)\n", "elements": [{"type": "function", "name": "bug0", "source_mapping": {"start": 127, "length": 66, "filename_used": "/home/travis/build/crytic/slither/tests/tx_origin-0.5.1.sol", "filename_relative": "tests/tx_origin-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/tx_origin-0.5.1.sol", "filename_short": "tests/tx_origin-0.5.1.sol", "lines": [9, 10, 11]}, "contract": {"type": "contract", "name": "TxOrigin", "source_mapping": {"start": 25, "length": 442, "filename_used": "/home/travis/build/crytic/slither/tests/tx_origin-0.5.1.sol", "filename_relative": "tests/tx_origin-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/tx_origin-0.5.1.sol", "filename_short": "tests/tx_origin-0.5.1.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26]}}}, {"type": "expression", "expression": "require(bool)(tx.origin == owner)", "source_mapping": {"start": 159, "length": 27, "filename_used": "/home/travis/build/crytic/slither/tests/tx_origin-0.5.1.sol", "filename_relative": "tests/tx_origin-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/tx_origin-0.5.1.sol", "filename_short": "tests/tx_origin-0.5.1.sol", "lines": [10]}}]}, {"check": "tx-origin", "impact": "Medium", "confidence": "Medium", "description": "TxOrigin.bug2 uses tx.origin for authorization:\n\t- tx.origin != owner (tests/tx_origin-0.5.1.sol#14-16)\n", "elements": [{"type": "function", "name": "bug2", "source_mapping": {"start": 199, "length": 95, "filename_used": "/home/travis/build/crytic/slither/tests/tx_origin-0.5.1.sol", "filename_relative": "tests/tx_origin-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/tx_origin-0.5.1.sol", "filename_short": "tests/tx_origin-0.5.1.sol", "lines": [13, 14, 15, 16, 17]}, "contract": {"type": "contract", "name": "TxOrigin", "source_mapping": {"start": 25, "length": 442, "filename_used": "/home/travis/build/crytic/slither/tests/tx_origin-0.5.1.sol", "filename_relative": "tests/tx_origin-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/tx_origin-0.5.1.sol", "filename_short": "tests/tx_origin-0.5.1.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26]}}}, {"type": "expression", "expression": "tx.origin != owner", "source_mapping": {"start": 231, "length": 57, "filename_used": "/home/travis/build/crytic/slither/tests/tx_origin-0.5.1.sol", "filename_relative": "tests/tx_origin-0.5.1.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/tx_origin-0.5.1.sol", "filename_short": "tests/tx_origin-0.5.1.sol", "lines": [14, 15, 16]}}]}]

2
tests/expected_json/tx_origin.tx-origin.json
Unescape View File

@ -1 +1 @@
[{"check": "tx-origin", "impact": "Medium", "confidence": "Medium", "description": "TxOrigin.bug0 uses tx.origin for authorization:\n\t- require(bool)(tx.origin == owner) (tests/tx_origin.sol#10)\n", "elements": [{"type": "function", "name": "bug0", "source_mapping": {"start": 116, "length": 60, "filename": "tests/tx_origin.sol", "lines": [9, 10, 11]}, "contract": {"type": "contract", "name": "TxOrigin", "source_mapping": {"start": 28, "length": 393, "filename": "tests/tx_origin.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26]}}}, {"type": "expression", "expression": "require(bool)(tx.origin == owner)", "source_mapping": {"start": 142, "length": 27, "filename": "tests/tx_origin.sol", "lines": [10]}}]}, {"check": "tx-origin", "impact": "Medium", "confidence": "Medium", "description": "TxOrigin.bug2 uses tx.origin for authorization:\n\t- tx.origin != owner (tests/tx_origin.sol#14-16)\n", "elements": [{"type": "function", "name": "bug2", "source_mapping": {"start": 182, "length": 89, "filename": "tests/tx_origin.sol", "lines": [13, 14, 15, 16, 17]}, "contract": {"type": "contract", "name": "TxOrigin", "source_mapping": {"start": 28, "length": 393, "filename": "tests/tx_origin.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26]}}}, {"type": "expression", "expression": "tx.origin != owner", "source_mapping": {"start": 208, "length": 57, "filename": "tests/tx_origin.sol", "lines": [14, 15, 16]}}]}]
[{"check": "tx-origin", "impact": "Medium", "confidence": "Medium", "description": "TxOrigin.bug0 uses tx.origin for authorization:\n\t- require(bool)(tx.origin == owner) (tests/tx_origin.sol#10)\n", "elements": [{"type": "function", "name": "bug0", "source_mapping": {"start": 116, "length": 60, "filename_used": "/home/travis/build/crytic/slither/tests/tx_origin.sol", "filename_relative": "tests/tx_origin.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/tx_origin.sol", "filename_short": "tests/tx_origin.sol", "lines": [9, 10, 11]}, "contract": {"type": "contract", "name": "TxOrigin", "source_mapping": {"start": 28, "length": 393, "filename_used": "/home/travis/build/crytic/slither/tests/tx_origin.sol", "filename_relative": "tests/tx_origin.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/tx_origin.sol", "filename_short": "tests/tx_origin.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26]}}}, {"type": "expression", "expression": "require(bool)(tx.origin == owner)", "source_mapping": {"start": 142, "length": 27, "filename_used": "/home/travis/build/crytic/slither/tests/tx_origin.sol", "filename_relative": "tests/tx_origin.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/tx_origin.sol", "filename_short": "tests/tx_origin.sol", "lines": [10]}}]}, {"check": "tx-origin", "impact": "Medium", "confidence": "Medium", "description": "TxOrigin.bug2 uses tx.origin for authorization:\n\t- tx.origin != owner (tests/tx_origin.sol#14-16)\n", "elements": [{"type": "function", "name": "bug2", "source_mapping": {"start": 182, "length": 89, "filename_used": "/home/travis/build/crytic/slither/tests/tx_origin.sol", "filename_relative": "tests/tx_origin.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/tx_origin.sol", "filename_short": "tests/tx_origin.sol", "lines": [13, 14, 15, 16, 17]}, "contract": {"type": "contract", "name": "TxOrigin", "source_mapping": {"start": 28, "length": 393, "filename_used": "/home/travis/build/crytic/slither/tests/tx_origin.sol", "filename_relative": "tests/tx_origin.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/tx_origin.sol", "filename_short": "tests/tx_origin.sol", "lines": [3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26]}}}, {"type": "expression", "expression": "tx.origin != owner", "source_mapping": {"start": 208, "length": 57, "filename_used": "/home/travis/build/crytic/slither/tests/tx_origin.sol", "filename_relative": "tests/tx_origin.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/tx_origin.sol", "filename_short": "tests/tx_origin.sol", "lines": [14, 15, 16]}}]}]

2
tests/expected_json/uninitialized-0.5.1.uninitialized-state.json
View File

File diff suppressed because one or more lines are too long

2
tests/expected_json/uninitialized.uninitialized-state.json
View File

File diff suppressed because one or more lines are too long

2
tests/expected_json/uninitialized_local_variable.uninitialized-local.json
Unescape View File

@ -1 +1 @@
[{"check": "uninitialized-local", "impact": "Medium", "confidence": "Medium", "description": "uint_not_init in Uninitialized.func (tests/uninitialized_local_variable.sol#4) is a local variable never initialiazed\n", "elements": [{"type": "variable", "name": "uint_not_init", "source_mapping": {"start": 77, "length": 18, "filename": "tests/uninitialized_local_variable.sol", "lines": [4]}}, {"type": "function", "name": "func", "source_mapping": {"start": 29, "length": 143, "filename": "tests/uninitialized_local_variable.sol", "lines": [3, 4, 5, 6, 7]}, "contract": {"type": "contract", "name": "Uninitialized", "source_mapping": {"start": 0, "length": 179, "filename": "tests/uninitialized_local_variable.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9]}}}]}]
[{"check": "uninitialized-local", "impact": "Medium", "confidence": "Medium", "description": "uint_not_init in Uninitialized.func (tests/uninitialized_local_variable.sol#4) is a local variable never initialiazed\n", "elements": [{"type": "variable", "name": "uint_not_init", "source_mapping": {"start": 77, "length": 18, "filename_used": "/home/travis/build/crytic/slither/tests/uninitialized_local_variable.sol", "filename_relative": "tests/uninitialized_local_variable.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/uninitialized_local_variable.sol", "filename_short": "tests/uninitialized_local_variable.sol", "lines": [4]}}, {"type": "function", "name": "func", "source_mapping": {"start": 29, "length": 143, "filename_used": "/home/travis/build/crytic/slither/tests/uninitialized_local_variable.sol", "filename_relative": "tests/uninitialized_local_variable.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/uninitialized_local_variable.sol", "filename_short": "tests/uninitialized_local_variable.sol", "lines": [3, 4, 5, 6, 7]}, "contract": {"type": "contract", "name": "Uninitialized", "source_mapping": {"start": 0, "length": 179, "filename_used": "/home/travis/build/crytic/slither/tests/uninitialized_local_variable.sol", "filename_relative": "tests/uninitialized_local_variable.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/uninitialized_local_variable.sol", "filename_short": "tests/uninitialized_local_variable.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9]}}}]}]

2
tests/expected_json/uninitialized_storage_pointer.uninitialized-storage.json
Unescape View File

@ -1 +1 @@
[{"check": "uninitialized-storage", "impact": "High", "confidence": "High", "description": "st_bug in Uninitialized.func (tests/uninitialized_storage_pointer.sol#10) is a storage variable never initialiazed\n", "elements": [{"type": "variable", "name": "st_bug", "source_mapping": {"start": 171, "length": 9, "filename": "tests/uninitialized_storage_pointer.sol", "lines": [10]}}, {"type": "function", "name": "func", "source_mapping": {"start": 67, "length": 143, "filename": "tests/uninitialized_storage_pointer.sol", "lines": [7, 8, 9, 10, 11, 12]}, "contract": {"type": "contract", "name": "Uninitialized", "source_mapping": {"start": 0, "length": 217, "filename": "tests/uninitialized_storage_pointer.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14]}}}]}]
[{"check": "uninitialized-storage", "impact": "High", "confidence": "High", "description": "st_bug in Uninitialized.func (tests/uninitialized_storage_pointer.sol#10) is a storage variable never initialiazed\n", "elements": [{"type": "variable", "name": "st_bug", "source_mapping": {"start": 171, "length": 9, "filename_used": "/home/travis/build/crytic/slither/tests/uninitialized_storage_pointer.sol", "filename_relative": "tests/uninitialized_storage_pointer.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/uninitialized_storage_pointer.sol", "filename_short": "tests/uninitialized_storage_pointer.sol", "lines": [10]}}, {"type": "function", "name": "func", "source_mapping": {"start": 67, "length": 143, "filename_used": "/home/travis/build/crytic/slither/tests/uninitialized_storage_pointer.sol", "filename_relative": "tests/uninitialized_storage_pointer.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/uninitialized_storage_pointer.sol", "filename_short": "tests/uninitialized_storage_pointer.sol", "lines": [7, 8, 9, 10, 11, 12]}, "contract": {"type": "contract", "name": "Uninitialized", "source_mapping": {"start": 0, "length": 217, "filename_used": "/home/travis/build/crytic/slither/tests/uninitialized_storage_pointer.sol", "filename_relative": "tests/uninitialized_storage_pointer.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/uninitialized_storage_pointer.sol", "filename_short": "tests/uninitialized_storage_pointer.sol", "lines": [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14]}}}]}]

2
tests/expected_json/unused_return.unused-return.json
Unescape View File

@ -1 +1 @@
[{"check": "unused-return", "impact": "Medium", "confidence": "Medium", "description": "User.test (tests/unused_return.sol#17-29) does not use the value returned by external calls:\n\t-t.f() (tests/unused_return.sol#18)\n\t-a.add(0) (tests/unused_return.sol#22)\n", "elements": [{"type": "function", "name": "test", "source_mapping": {"start": 239, "length": 354, "filename": "tests/unused_return.sol", "lines": [17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}, "contract": {"type": "contract", "name": "User", "source_mapping": {"start": 189, "length": 406, "filename": "tests/unused_return.sol", "lines": [13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30]}}}, {"type": "expression", "expression": "t.f()", "source_mapping": {"start": 279, "length": 5, "filename": "tests/unused_return.sol", "lines": [18]}}, {"type": "expression", "expression": "a.add(0)", "source_mapping": {"start": 353, "length": 8, "filename": "tests/unused_return.sol", "lines": [22]}}]}]
[{"check": "unused-return", "impact": "Medium", "confidence": "Medium", "description": "User.test (tests/unused_return.sol#17-29) does not use the value returned by external calls:\n\t-t.f() (tests/unused_return.sol#18)\n\t-a.add(0) (tests/unused_return.sol#22)\n", "elements": [{"type": "function", "name": "test", "source_mapping": {"start": 239, "length": 354, "filename_used": "/home/travis/build/crytic/slither/tests/unused_return.sol", "filename_relative": "tests/unused_return.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/unused_return.sol", "filename_short": "tests/unused_return.sol", "lines": [17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29]}, "contract": {"type": "contract", "name": "User", "source_mapping": {"start": 189, "length": 406, "filename_used": "/home/travis/build/crytic/slither/tests/unused_return.sol", "filename_relative": "tests/unused_return.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/unused_return.sol", "filename_short": "tests/unused_return.sol", "lines": [13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30]}}}, {"type": "expression", "expression": "t.f()", "source_mapping": {"start": 279, "length": 5, "filename_used": "/home/travis/build/crytic/slither/tests/unused_return.sol", "filename_relative": "tests/unused_return.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/unused_return.sol", "filename_short": "tests/unused_return.sol", "lines": [18]}}, {"type": "expression", "expression": "a.add(0)", "source_mapping": {"start": 353, "length": 8, "filename_used": "/home/travis/build/crytic/slither/tests/unused_return.sol", "filename_relative": "tests/unused_return.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/unused_return.sol", "filename_short": "tests/unused_return.sol", "lines": [22]}}]}]

2
tests/expected_json/unused_state.unused-state.json
Unescape View File

@ -1 +1 @@
[{"check": "unused-state", "impact": "Informational", "confidence": "High", "description": "A.unused (tests/unused_state.sol#4) is never used in B\n", "elements": [{"type": "variable", "name": "unused", "source_mapping": {"start": 44, "length": 14, "filename": "tests/unused_state.sol", "lines": [4]}}]}]
[{"check": "unused-state", "impact": "Informational", "confidence": "High", "description": "A.unused (tests/unused_state.sol#4) is never used in B\n", "elements": [{"type": "variable", "name": "unused", "source_mapping": {"start": 44, "length": 14, "filename_used": "/home/travis/build/crytic/slither/tests/unused_state.sol", "filename_relative": "tests/unused_state.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/unused_state.sol", "filename_short": "tests/unused_state.sol", "lines": [4]}}]}]

15
tests/right_to_left_override.sol
Unescape View File

@ -0,0 +1,15 @@
//pragma solidity ^0.4.24;
contract A
{
function test() public pure
{
test1(/*A/*B*/2 , 1/*
/*C */,3);
}
function test1(uint a, uint b, uint c) internal pure
{
a = b + c;
}
}
Write Preview
Loading…
Cancel
Save