From 759368cb6e8532ea7610853588478d522ecc6d6e Mon Sep 17 00:00:00 2001 From: David Pokora Date: Mon, 27 May 2019 19:24:09 -0400 Subject: [PATCH] Improved rtlo element source mapping --- slither/detectors/source/rtlo.py | 36 +++++++++++++++++++++----------- 1 file changed, 24 insertions(+), 12 deletions(-) diff --git a/slither/detectors/source/rtlo.py b/slither/detectors/source/rtlo.py index 236d50c39..ff6006cce 100644 --- a/slither/detectors/source/rtlo.py +++ b/slither/detectors/source/rtlo.py @@ -44,21 +44,33 @@ contract Token ''' WIKI_RECOMMENDATION = 'Special control characters must not be allowed.' + RTLO_CHARACTER_ENCODED = "\u202e".encode('utf-8') + def _detect(self): results = [] - pattern = re.compile(".*\u202e.*") for filename, source in self.slither.source_code.items(): - info = "{} contains a unicode right-to-left-override character:\n".format(filename) - found = False - for match in pattern.finditer(source): - match_line = match.group(0) - info += "\t- {}\n".format(match_line) - found = True - - if found: - json = self.generate_json_result(info) - self.add_other_to_json("rtlo-character", (filename, 0, 0), json) - results.append(json) + # Attempt to find all RTLO characters in this source file. + source_encoded = source.encode('utf-8') + start_index = 0 + + # Keep searching all file contents for the character. + while True: + result_index = source_encoded.find(self.RTLO_CHARACTER_ENCODED, start_index) + + # If we couldn't find the character in the remainder of source, stop. + if result_index == -1: + break + else: + # We found another instance of the character, define our output + info = f"{filename} contains a unicode right-to-left-override character at byte offset {result_index}" + + json = self.generate_json_result(info) + self.add_other_to_json("rtlo-character", + (filename, result_index, len(self.RTLO_CHARACTER_ENCODED)), json) + results.append(json) + + # Advance the start index for the next iteration + start_index = result_index + 1 return results