TheDude
/
slither
mirror of https://github.com/crytic/slither
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1108 from crytic/fix-1081

Browse Source 
Fix infinite loop in RTLO detector
pull/1118/head
Feist Josselin 3 years ago committed by GitHub
parent 452fa7c9a0 a5470586ac
commit 7879251d0c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 108 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      slither/detectors/source/rtlo.py
  2. 11
      tests/detectors/rtlo/0.8.0/unicode_direction_override.sol
  3. 91
      tests/detectors/rtlo/0.8.0/unicode_direction_override.sol.0.8.0.RightToLeftOverride.json
  4. 5
      tests/test_detectors.py

2
slither/detectors/source/rtlo.py
Unescape View File

@ -88,6 +88,6 @@ contract Token
results.append(res)
# Advance the start index for the next iteration
start_index = result_index + 1
start_index = idx + 1
return results

11
tests/detectors/rtlo/0.8.0/unicode_direction_override.sol
Unescape View File

@ -0,0 +1,11 @@
pragma solidity ^0.8.0;
contract my_contract {
function empty_func() external pure
{
// The string below contains 3 RLO and 3 PDF unicode characters
// RLO is U+202E and changes the print direction to right-to-left
// PDF is U+202C and restores the print direction to what it was before RLO
/*ok aaabbbcccdddeee*/
}
}
// ----

91
tests/detectors/rtlo/0.8.0/unicode_direction_override.sol.0.8.0.RightToLeftOverride.json
Unescape View File

@ -0,0 +1,91 @@
[
[
{
"elements": [
{
"type": "other",
"name": "rtlo-character",
"source_mapping": {
"start": 336,
"length": 3,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/rtlo/0.8.0/unicode_direction_override.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/rtlo/0.8.0/unicode_direction_override.sol",
"is_dependency": false,
"lines": [
8
],
"starting_column": 14,
"ending_column": 17
}
}
],
"description": "tests/detectors/rtlo/0.8.0/unicode_direction_override.sol contains a unicode right-to-left-override character at byte offset 336:\n\t- b' /*ok \\xe2\\x80\\xaeaaa\\xe2\\x80\\xaebbb\\xe2\\x80\\xaeccc\\xe2\\x80\\xacddd\\xe2\\x80\\xaceee\\xe2\\x80\\xac*/'\n",
"markdown": "tests/detectors/rtlo/0.8.0/unicode_direction_override.sol contains a unicode right-to-left-override character at byte offset 336:\n\t- b' /*ok \\xe2\\x80\\xaeaaa\\xe2\\x80\\xaebbb\\xe2\\x80\\xaeccc\\xe2\\x80\\xacddd\\xe2\\x80\\xaceee\\xe2\\x80\\xac*/'\n",
"first_markdown_element": "",
"id": "2407672dea557be27d0c488ba9c714e6a7f21dd3f7759058e718c1984e142f95",
"check": "rtlo",
"impact": "High",
"confidence": "High"
},
{
"elements": [
{
"type": "other",
"name": "rtlo-character",
"source_mapping": {
"start": 348,
"length": 3,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/rtlo/0.8.0/unicode_direction_override.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/rtlo/0.8.0/unicode_direction_override.sol",
"is_dependency": false,
"lines": [
8
],
"starting_column": 26,
"ending_column": 29
}
}
],
"description": "tests/detectors/rtlo/0.8.0/unicode_direction_override.sol contains a unicode right-to-left-override character at byte offset 348:\n\t- b'\\x80\\xaebbb\\xe2\\x80\\xaeccc\\xe2\\x80\\xacddd\\xe2\\x80\\xaceee\\xe2\\x80\\xac*/'\n",
"markdown": "tests/detectors/rtlo/0.8.0/unicode_direction_override.sol contains a unicode right-to-left-override character at byte offset 348:\n\t- b'\\x80\\xaebbb\\xe2\\x80\\xaeccc\\xe2\\x80\\xacddd\\xe2\\x80\\xaceee\\xe2\\x80\\xac*/'\n",
"first_markdown_element": "",
"id": "477e54031d4d30d485b9cdc2d7ef3e9ae3de52640364505df8eb9619c2bcde6b",
"check": "rtlo",
"impact": "High",
"confidence": "High"
},
{
"elements": [
{
"type": "other",
"name": "rtlo-character",
"source_mapping": {
"start": 342,
"length": 3,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/rtlo/0.8.0/unicode_direction_override.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/rtlo/0.8.0/unicode_direction_override.sol",
"is_dependency": false,
"lines": [
8
],
"starting_column": 20,
"ending_column": 23
}
}
],
"description": "tests/detectors/rtlo/0.8.0/unicode_direction_override.sol contains a unicode right-to-left-override character at byte offset 342:\n\t- b'\\x80\\xaeaaa\\xe2\\x80\\xaebbb\\xe2\\x80\\xaeccc\\xe2\\x80\\xacddd\\xe2\\x80\\xaceee\\xe2\\x80\\xac*/'\n",
"markdown": "tests/detectors/rtlo/0.8.0/unicode_direction_override.sol contains a unicode right-to-left-override character at byte offset 342:\n\t- b'\\x80\\xaeaaa\\xe2\\x80\\xaebbb\\xe2\\x80\\xaeccc\\xe2\\x80\\xacddd\\xe2\\x80\\xaceee\\xe2\\x80\\xac*/'\n",
"first_markdown_element": "",
"id": "9dd23585bb0ff1f244f749281b27f62978e0bb5b0ae58c8c9cb6d3f9c7e82253",
"check": "rtlo",
"impact": "High",
"confidence": "High"
}
]
]

5
tests/test_detectors.py
Unescape View File

@ -724,6 +724,11 @@ ALL_TEST_OBJECTS = [
"right_to_left_override.sol",
"0.6.11",
),
Test(
all_detectors.RightToLeftOverride,
"unicode_direction_override.sol",
"0.8.0",
),
Test(all_detectors.VoidConstructor, "void-cst.sol", "0.4.25"),
Test(all_detectors.VoidConstructor, "void-cst.sol", "0.5.16"),
Test(all_detectors.VoidConstructor, "void-cst.sol", "0.6.11"),

Write Preview
Loading…
Cancel
Save