TheDude
/
slither
mirror of https://github.com/crytic/slither
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #925 from smonicas/dev-fix-detector-calls-in-loop

Browse Source 
Fix undetected cases for detector calls-loop
pull/958/head
Feist Josselin 3 years ago committed by GitHub
parent 3b1a07ea05 063da82cdf
commit a588fe184f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 2473 additions and 135 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 76
      slither/detectors/statements/calls_in_loop.py
  2. 38
      tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol
  3. 595
      tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol.0.4.25.MultipleCallsInLoop.json
  4. 38
      tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol
  5. 595
      tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol.0.5.16.MultipleCallsInLoop.json
  6. 38
      tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol
  7. 595
      tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol.0.6.11.MultipleCallsInLoop.json
  8. 38
      tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol
  9. 595
      tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol.0.7.6.MultipleCallsInLoop.json

76
slither/detectors/statements/calls_in_loop.py
Unescape View File

@ -1,14 +1,51 @@
from slither.core.cfg.node import NodeType
from typing import List
from slither.core.cfg.node import NodeType, Node
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
from slither.core.declarations import Contract
from slither.utils.output import Output
from slither.slithir.operations import (
HighLevelCall,
LibraryCall,
LowLevelCall,
Send,
Transfer,
InternalCall,
)
def detect_call_in_loop(contract: Contract) -> List[Node]:
ret: List[Node] = []
for f in contract.functions_entry_points:
if f.is_implemented:
call_in_loop(f.entry_point, 0, [], ret)
return ret
def call_in_loop(node: Node, in_loop_counter: int, visited: List[Node], ret: List[Node]) -> None:
if node in visited:
return
# shared visited
visited.append(node)
if node.type == NodeType.STARTLOOP:
in_loop_counter += 1
elif node.type == NodeType.ENDLOOP:
in_loop_counter -= 1
if in_loop_counter > 0:
for ir in node.all_slithir_operations():
if isinstance(ir, (LowLevelCall, HighLevelCall, Send, Transfer)):
if isinstance(ir, LibraryCall):
continue
ret.append(ir.node)
if isinstance(ir, (InternalCall)):
call_in_loop(ir.function.entry_point, in_loop_counter, visited, ret)
for son in node.sons:
call_in_loop(son, in_loop_counter, visited, ret)
class MultipleCallsInLoop(AbstractDetector):
ARGUMENT = "calls-loop"
@ -45,42 +82,11 @@ If one of the destinations has a fallback function that reverts, `bad` will alwa
WIKI_RECOMMENDATION = "Favor [pull over push](https://github.com/ethereum/wiki/wiki/Safety#favor-pull-over-push-for-external-calls) strategy for external calls."
@staticmethod
def call_in_loop(node, in_loop, visited, ret):
if node in visited:
return
# shared visited
visited.append(node)
if node.type == NodeType.STARTLOOP:
in_loop = True
elif node.type == NodeType.ENDLOOP:
in_loop = False
if in_loop:
for ir in node.irs:
if isinstance(ir, (LowLevelCall, HighLevelCall, Send, Transfer)):
if isinstance(ir, LibraryCall):
continue
ret.append(node)
for son in node.sons:
MultipleCallsInLoop.call_in_loop(son, in_loop, visited, ret)
@staticmethod
def detect_call_in_loop(contract):
ret = []
for f in contract.functions + contract.modifiers:
if f.contract_declarer == contract and f.is_implemented:
MultipleCallsInLoop.call_in_loop(f.entry_point, False, [], ret)
return ret
def _detect(self):
def _detect(self) -> List[Output]:
""""""
results = []
results: List[Output] = []
for c in self.compilation_unit.contracts_derived:
values = self.detect_call_in_loop(c)
values = detect_call_in_loop(c)
for node in values:
func = node.function

38
tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol
Unescape View File

@ -1,8 +1,23 @@
contract CallInLoop{
contract CallInLoopBase {
address[] destinations_base;
constructor(address[] newDestinations) public {
destinations_base = newDestinations;
}
function bad_base() external{
for (uint i=0; i < destinations_base.length; i++){
destinations_base[i].transfer(i);
}
}
}
contract CallInLoop is CallInLoopBase{
address[] destinations;
constructor(address[] newDestinations) public{
constructor(address[] newDestinations) CallInLoopBase(newDestinations) public{
destinations = newDestinations;
}
@ -12,4 +27,23 @@ contract CallInLoop{
}
}
function bad2() external {
for (uint i=0; i < destinations.length; i++){
for (uint j=0; j < destinations.length; j++){
// Do something
}
destinations[i].transfer(i);
}
}
function bad3() external {
for (uint i=0; i < destinations.length; i++){
bad3_internal(destinations[i], i);
}
}
function bad3_internal(address a, uint i) internal {
a.transfer(i);
}
}

595
tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol.0.4.25.MultipleCallsInLoop.json
Unescape View File

@ -4,10 +4,10 @@
"elements": [
{
"type": "function",
"name": "bad",
"name": "bad_base",
"source_mapping": {
"start": 153,
"length": 135,
"start": 173,
"length": 150,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -26,10 +26,10 @@
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"name": "CallInLoopBase",
"source_mapping": {
"start": 0,
"length": 291,
"length": 325,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -49,22 +49,21 @@
11,
12,
13,
14,
15
14
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
"signature": "bad_base()"
}
},
{
"type": "node",
"name": "destinations[i].transfer(i)",
"name": "destinations_base[i].transfer(i)",
"source_mapping": {
"start": 244,
"length": 27,
"start": 274,
"length": 32,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -74,15 +73,15 @@
11
],
"starting_column": 13,
"ending_column": 40
"ending_column": 45
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad",
"name": "bad_base",
"source_mapping": {
"start": 153,
"length": 135,
"start": 173,
"length": 150,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -101,10 +100,10 @@
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"name": "CallInLoopBase",
"source_mapping": {
"start": 0,
"length": 291,
"length": 325,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -124,23 +123,573 @@
11,
12,
13,
14,
15
14
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
"signature": "bad_base()"
}
}
}
}
],
"description": "CallInLoop.bad() (tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: destinations[i].transfer(i) (tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#11)\n",
"markdown": "[CallInLoop.bad()](tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L9-L13) has external calls inside a loop: [destinations[i].transfer(i)](tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L11)\n",
"description": "CallInLoopBase.bad_base() (tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: destinations_base[i].transfer(i) (tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#11)\n",
"markdown": "[CallInLoopBase.bad_base()](tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L9-L13) has external calls inside a loop: [destinations_base[i].transfer(i)](tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L11)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L9-L13",
"id": "997dd7de40b82c6ac8e98324329bd99f827ed067c22d5b508b2e56c87ad49c0a",
"id": "66e6cb3d36ce6385ebe80eb42e75cfcc0be03eee32eb49b287c75258de7433f6",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad",
"source_mapping": {
"start": 530,
"length": 135,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 327,
"length": 831,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
}
},
{
"type": "node",
"name": "destinations[i].transfer(i)",
"source_mapping": {
"start": 621,
"length": 27,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
26
],
"starting_column": 13,
"ending_column": 40
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad",
"source_mapping": {
"start": 530,
"length": 135,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 327,
"length": 831,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
}
}
}
}
],
"description": "CallInLoop.bad() (tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#24-28) has external calls inside a loop: destinations[i].transfer(i) (tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#26)\n",
"markdown": "[CallInLoop.bad()](tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L24-L28) has external calls inside a loop: [destinations[i].transfer(i)](tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L26)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L24-L28",
"id": "257715445371826f92add7e2202ff42cb445394069844c805c9bd7c46d0e0c78",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad2",
"source_mapping": {
"start": 671,
"length": 245,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
30,
31,
32,
33,
34,
35,
36,
37
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 327,
"length": 831,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad2()"
}
},
{
"type": "node",
"name": "destinations[i].transfer(i)",
"source_mapping": {
"start": 872,
"length": 27,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
35
],
"starting_column": 13,
"ending_column": 40
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad2",
"source_mapping": {
"start": 671,
"length": 245,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
30,
31,
32,
33,
34,
35,
36,
37
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 327,
"length": 831,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad2()"
}
}
}
}
],
"description": "CallInLoop.bad2() (tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#30-37) has external calls inside a loop: destinations[i].transfer(i) (tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#35)\n",
"markdown": "[CallInLoop.bad2()](tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L30-L37) has external calls inside a loop: [destinations[i].transfer(i)](tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L35)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L30-L37",
"id": "bcf4888be2bdca9c6e3794ed50d3a0c4cbffe97f6cafdd8c9f6b2a940f92330d",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad3_internal",
"source_mapping": {
"start": 1074,
"length": 81,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
45,
46,
47
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 327,
"length": 831,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad3_internal(address,uint256)"
}
},
{
"type": "node",
"name": "a.transfer(i)",
"source_mapping": {
"start": 1135,
"length": 13,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
46
],
"starting_column": 9,
"ending_column": 22
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad3_internal",
"source_mapping": {
"start": 1074,
"length": 81,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
45,
46,
47
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 327,
"length": 831,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad3_internal(address,uint256)"
}
}
}
}
],
"description": "CallInLoop.bad3_internal(address,uint256) (tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#45-47) has external calls inside a loop: a.transfer(i) (tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#46)\n",
"markdown": "[CallInLoop.bad3_internal(address,uint256)](tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L45-L47) has external calls inside a loop: [a.transfer(i)](tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L46)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.4.25/multiple_calls_in_loop.sol#L45-L47",
"id": "29874ab93647beebd98e69e6e02bfb9e8d07d22d82990b77e1e33ea9d64caddc",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"

38
tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol
Unescape View File

@ -1,8 +1,23 @@
contract CallInLoop{
contract CallInLoopBase {
address[] destinations_base;
constructor(address[] memory newDestinations) public {
destinations_base = newDestinations;
}
function bad_base() external{
for (uint i=0; i < destinations_base.length; i++){
address(uint160(destinations_base[i])).transfer(i);
}
}
}
contract CallInLoop is CallInLoopBase{
address[] destinations;
constructor(address[] memory newDestinations) public{
constructor(address[] memory newDestinations) CallInLoopBase(newDestinations) public{
destinations = newDestinations;
}
@ -12,4 +27,23 @@ contract CallInLoop{
}
}
function bad2() external {
for (uint i=0; i < destinations.length; i++){
for (uint j=0; j < destinations.length; j++){
// Do something
}
address(uint160(destinations[i])).transfer(i);
}
}
function bad3() external {
for (uint i=0; i < destinations.length; i++){
bad3_internal(destinations[i], i);
}
}
function bad3_internal(address a, uint i) internal {
address(uint160(a)).transfer(i);
}
}

595
tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol.0.5.16.MultipleCallsInLoop.json
Unescape View File

@ -4,10 +4,10 @@
"elements": [
{
"type": "function",
"name": "bad",
"name": "bad_base",
"source_mapping": {
"start": 160,
"length": 153,
"start": 180,
"length": 168,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -26,10 +26,10 @@
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"name": "CallInLoopBase",
"source_mapping": {
"start": 0,
"length": 316,
"length": 350,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -49,22 +49,21 @@
11,
12,
13,
14,
15
14
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
"signature": "bad_base()"
}
},
{
"type": "node",
"name": "address(uint160(destinations[i])).transfer(i)",
"name": "address(uint160(destinations_base[i])).transfer(i)",
"source_mapping": {
"start": 251,
"length": 45,
"start": 281,
"length": 50,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -74,15 +73,15 @@
11
],
"starting_column": 13,
"ending_column": 58
"ending_column": 63
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad",
"name": "bad_base",
"source_mapping": {
"start": 160,
"length": 153,
"start": 180,
"length": 168,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -101,10 +100,10 @@
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"name": "CallInLoopBase",
"source_mapping": {
"start": 0,
"length": 316,
"length": 350,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -124,23 +123,573 @@
11,
12,
13,
14,
15
14
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
"signature": "bad_base()"
}
}
}
}
],
"description": "CallInLoop.bad() (tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: address(uint160(destinations[i])).transfer(i) (tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#11)\n",
"markdown": "[CallInLoop.bad()](tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L9-L13) has external calls inside a loop: [address(uint160(destinations[i])).transfer(i)](tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L11)\n",
"description": "CallInLoopBase.bad_base() (tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: address(uint160(destinations_base[i])).transfer(i) (tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#11)\n",
"markdown": "[CallInLoopBase.bad_base()](tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L9-L13) has external calls inside a loop: [address(uint160(destinations_base[i])).transfer(i)](tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L11)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L9-L13",
"id": "47b82a76ee810d93f014f425eefea8adbb806036dfee401a9883b1aa3ca85c44",
"id": "5d659f8e891bf51f3542d3726e0d26bd7e5c23a48baba9356b6204fda561eb77",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad",
"source_mapping": {
"start": 562,
"length": 153,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
}
},
{
"type": "node",
"name": "address(uint160(destinations[i])).transfer(i)",
"source_mapping": {
"start": 653,
"length": 45,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
26
],
"starting_column": 13,
"ending_column": 58
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad",
"source_mapping": {
"start": 562,
"length": 153,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
}
}
}
}
],
"description": "CallInLoop.bad() (tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#24-28) has external calls inside a loop: address(uint160(destinations[i])).transfer(i) (tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#26)\n",
"markdown": "[CallInLoop.bad()](tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L24-L28) has external calls inside a loop: [address(uint160(destinations[i])).transfer(i)](tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L26)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L24-L28",
"id": "6cced5074b9c311682f603c75163ced753ba6a4ecca39cf4d565eef3f05b30f8",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad2",
"source_mapping": {
"start": 721,
"length": 263,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
30,
31,
32,
33,
34,
35,
36,
37
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad2()"
}
},
{
"type": "node",
"name": "address(uint160(destinations[i])).transfer(i)",
"source_mapping": {
"start": 922,
"length": 45,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
35
],
"starting_column": 13,
"ending_column": 58
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad2",
"source_mapping": {
"start": 721,
"length": 263,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
30,
31,
32,
33,
34,
35,
36,
37
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad2()"
}
}
}
}
],
"description": "CallInLoop.bad2() (tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#30-37) has external calls inside a loop: address(uint160(destinations[i])).transfer(i) (tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#35)\n",
"markdown": "[CallInLoop.bad2()](tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L30-L37) has external calls inside a loop: [address(uint160(destinations[i])).transfer(i)](tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L35)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L30-L37",
"id": "25c86080b32e786ebc200a68d29ce99aac3f426760b120f9bd359930a78e1e31",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad3_internal",
"source_mapping": {
"start": 1142,
"length": 99,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
45,
46,
47
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad3_internal(address,uint256)"
}
},
{
"type": "node",
"name": "address(uint160(a)).transfer(i)",
"source_mapping": {
"start": 1203,
"length": 31,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
46
],
"starting_column": 9,
"ending_column": 40
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad3_internal",
"source_mapping": {
"start": 1142,
"length": 99,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
45,
46,
47
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad3_internal(address,uint256)"
}
}
}
}
],
"description": "CallInLoop.bad3_internal(address,uint256) (tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#45-47) has external calls inside a loop: address(uint160(a)).transfer(i) (tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#46)\n",
"markdown": "[CallInLoop.bad3_internal(address,uint256)](tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L45-L47) has external calls inside a loop: [address(uint160(a)).transfer(i)](tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L46)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L45-L47",
"id": "a1df0d2cf47c14477c09214cc502b7706bf41258ef6f47452fa80dc24dea5647",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"

38
tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol
Unescape View File

@ -1,8 +1,23 @@
contract CallInLoop{
contract CallInLoopBase {
address[] destinations_base;
constructor(address[] memory newDestinations) public {
destinations_base = newDestinations;
}
function bad_base() external{
for (uint i=0; i < destinations_base.length; i++){
address(uint160(destinations_base[i])).transfer(i);
}
}
}
contract CallInLoop is CallInLoopBase{
address[] destinations;
constructor(address[] memory newDestinations) public{
constructor(address[] memory newDestinations) CallInLoopBase(newDestinations) public{
destinations = newDestinations;
}
@ -12,4 +27,23 @@ contract CallInLoop{
}
}
function bad2() external {
for (uint i=0; i < destinations.length; i++){
for (uint j=0; j < destinations.length; j++){
// Do something
}
address(uint160(destinations[i])).transfer(i);
}
}
function bad3() external {
for (uint i=0; i < destinations.length; i++){
bad3_internal(destinations[i], i);
}
}
function bad3_internal(address a, uint i) internal {
address(uint160(a)).transfer(i);
}
}

595
tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol.0.6.11.MultipleCallsInLoop.json
Unescape View File

@ -4,10 +4,10 @@
"elements": [
{
"type": "function",
"name": "bad",
"name": "bad_base",
"source_mapping": {
"start": 160,
"length": 153,
"start": 180,
"length": 168,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -26,10 +26,10 @@
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"name": "CallInLoopBase",
"source_mapping": {
"start": 0,
"length": 316,
"length": 350,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -49,22 +49,21 @@
11,
12,
13,
14,
15
14
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
"signature": "bad_base()"
}
},
{
"type": "node",
"name": "address(uint160(destinations[i])).transfer(i)",
"name": "address(uint160(destinations_base[i])).transfer(i)",
"source_mapping": {
"start": 251,
"length": 45,
"start": 281,
"length": 50,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -74,15 +73,15 @@
11
],
"starting_column": 13,
"ending_column": 58
"ending_column": 63
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad",
"name": "bad_base",
"source_mapping": {
"start": 160,
"length": 153,
"start": 180,
"length": 168,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -101,10 +100,10 @@
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"name": "CallInLoopBase",
"source_mapping": {
"start": 0,
"length": 316,
"length": 350,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -124,23 +123,573 @@
11,
12,
13,
14,
15
14
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
"signature": "bad_base()"
}
}
}
}
],
"description": "CallInLoop.bad() (tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: address(uint160(destinations[i])).transfer(i) (tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#11)\n",
"markdown": "[CallInLoop.bad()](tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L9-L13) has external calls inside a loop: [address(uint160(destinations[i])).transfer(i)](tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L11)\n",
"description": "CallInLoopBase.bad_base() (tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: address(uint160(destinations_base[i])).transfer(i) (tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#11)\n",
"markdown": "[CallInLoopBase.bad_base()](tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L9-L13) has external calls inside a loop: [address(uint160(destinations_base[i])).transfer(i)](tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L11)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L9-L13",
"id": "f7fa2b373fe4eb9207d3ed267d99d7ca34ec7d786898816bc113c3e20079a411",
"id": "676f5509699708442e5b513a2250f8e0e64781b139d2eafd86273c17528a16ce",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad",
"source_mapping": {
"start": 562,
"length": 153,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
}
},
{
"type": "node",
"name": "address(uint160(destinations[i])).transfer(i)",
"source_mapping": {
"start": 653,
"length": 45,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
26
],
"starting_column": 13,
"ending_column": 58
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad",
"source_mapping": {
"start": 562,
"length": 153,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
}
}
}
}
],
"description": "CallInLoop.bad() (tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#24-28) has external calls inside a loop: address(uint160(destinations[i])).transfer(i) (tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#26)\n",
"markdown": "[CallInLoop.bad()](tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L24-L28) has external calls inside a loop: [address(uint160(destinations[i])).transfer(i)](tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L26)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L24-L28",
"id": "5aef9fe610ef0caca726874226906ac1246d969d2d8ed6cde33e09601d0c7117",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad2",
"source_mapping": {
"start": 721,
"length": 263,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
30,
31,
32,
33,
34,
35,
36,
37
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad2()"
}
},
{
"type": "node",
"name": "address(uint160(destinations[i])).transfer(i)",
"source_mapping": {
"start": 922,
"length": 45,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
35
],
"starting_column": 13,
"ending_column": 58
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad2",
"source_mapping": {
"start": 721,
"length": 263,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
30,
31,
32,
33,
34,
35,
36,
37
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad2()"
}
}
}
}
],
"description": "CallInLoop.bad2() (tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#30-37) has external calls inside a loop: address(uint160(destinations[i])).transfer(i) (tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#35)\n",
"markdown": "[CallInLoop.bad2()](tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L30-L37) has external calls inside a loop: [address(uint160(destinations[i])).transfer(i)](tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L35)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L30-L37",
"id": "3b1948778e97667e6e749205edf70beeac8b8db364e68da43900136e2e7f4c8b",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad3_internal",
"source_mapping": {
"start": 1142,
"length": 99,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
45,
46,
47
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad3_internal(address,uint256)"
}
},
{
"type": "node",
"name": "address(uint160(a)).transfer(i)",
"source_mapping": {
"start": 1203,
"length": 31,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
46
],
"starting_column": 9,
"ending_column": 40
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad3_internal",
"source_mapping": {
"start": 1142,
"length": 99,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
45,
46,
47
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad3_internal(address,uint256)"
}
}
}
}
],
"description": "CallInLoop.bad3_internal(address,uint256) (tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#45-47) has external calls inside a loop: address(uint160(a)).transfer(i) (tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#46)\n",
"markdown": "[CallInLoop.bad3_internal(address,uint256)](tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L45-L47) has external calls inside a loop: [address(uint160(a)).transfer(i)](tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L46)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L45-L47",
"id": "cc16e95c30a63cb84d8ed1c59e3cc1fd338d861e8c8a2973764e017df3c2f38f",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"

38
tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol
Unescape View File

@ -1,8 +1,23 @@
contract CallInLoop{
contract CallInLoopBase {
address[] destinations_base;
constructor(address[] memory newDestinations) public {
destinations_base = newDestinations;
}
function bad_base() external{
for (uint i=0; i < destinations_base.length; i++){
address(uint160(destinations_base[i])).transfer(i);
}
}
}
contract CallInLoop is CallInLoopBase{
address[] destinations;
constructor(address[] memory newDestinations) public{
constructor(address[] memory newDestinations) CallInLoopBase(newDestinations) public{
destinations = newDestinations;
}
@ -12,4 +27,23 @@ contract CallInLoop{
}
}
function bad2() external {
for (uint i=0; i < destinations.length; i++){
for (uint j=0; j < destinations.length; j++){
// Do something
}
address(uint160(destinations[i])).transfer(i);
}
}
function bad3() external {
for (uint i=0; i < destinations.length; i++){
bad3_internal(destinations[i], i);
}
}
function bad3_internal(address a, uint i) internal {
address(uint160(a)).transfer(i);
}
}

595
tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol.0.7.6.MultipleCallsInLoop.json
Unescape View File

@ -4,10 +4,10 @@
"elements": [
{
"type": "function",
"name": "bad",
"name": "bad_base",
"source_mapping": {
"start": 160,
"length": 153,
"start": 180,
"length": 168,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -26,10 +26,10 @@
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"name": "CallInLoopBase",
"source_mapping": {
"start": 0,
"length": 316,
"length": 350,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -49,22 +49,21 @@
11,
12,
13,
14,
15
14
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
"signature": "bad_base()"
}
},
{
"type": "node",
"name": "address(uint160(destinations[i])).transfer(i)",
"name": "address(uint160(destinations_base[i])).transfer(i)",
"source_mapping": {
"start": 251,
"length": 45,
"start": 281,
"length": 50,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -74,15 +73,15 @@
11
],
"starting_column": 13,
"ending_column": 58
"ending_column": 63
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad",
"name": "bad_base",
"source_mapping": {
"start": 160,
"length": 153,
"start": 180,
"length": 168,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -101,10 +100,10 @@
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"name": "CallInLoopBase",
"source_mapping": {
"start": 0,
"length": 316,
"length": 350,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
@ -124,23 +123,573 @@
11,
12,
13,
14,
15
14
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
"signature": "bad_base()"
}
}
}
}
],
"description": "CallInLoop.bad() (tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: address(uint160(destinations[i])).transfer(i) (tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#11)\n",
"markdown": "[CallInLoop.bad()](tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L9-L13) has external calls inside a loop: [address(uint160(destinations[i])).transfer(i)](tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L11)\n",
"description": "CallInLoopBase.bad_base() (tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: address(uint160(destinations_base[i])).transfer(i) (tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#11)\n",
"markdown": "[CallInLoopBase.bad_base()](tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L9-L13) has external calls inside a loop: [address(uint160(destinations_base[i])).transfer(i)](tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L11)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L9-L13",
"id": "c06ed4f7f79cddc5fbc2f828500766cab0a6d18b262a0f8e9c227cef7e6607df",
"id": "2cb70798cc39fa47453799bd93bf9275930f21bcbfb2746e57cf2b77700b8cd8",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad",
"source_mapping": {
"start": 562,
"length": 153,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
}
},
{
"type": "node",
"name": "address(uint160(destinations[i])).transfer(i)",
"source_mapping": {
"start": 653,
"length": 45,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
26
],
"starting_column": 13,
"ending_column": 58
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad",
"source_mapping": {
"start": 562,
"length": 153,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
}
}
}
}
],
"description": "CallInLoop.bad() (tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#24-28) has external calls inside a loop: address(uint160(destinations[i])).transfer(i) (tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#26)\n",
"markdown": "[CallInLoop.bad()](tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L24-L28) has external calls inside a loop: [address(uint160(destinations[i])).transfer(i)](tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L26)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L24-L28",
"id": "f11a3c532d51a71adce3b5df738ce354d0a70ea3be928459582028cb72b5fdbd",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad2",
"source_mapping": {
"start": 721,
"length": 263,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
30,
31,
32,
33,
34,
35,
36,
37
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad2()"
}
},
{
"type": "node",
"name": "address(uint160(destinations[i])).transfer(i)",
"source_mapping": {
"start": 922,
"length": 45,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
35
],
"starting_column": 13,
"ending_column": 58
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad2",
"source_mapping": {
"start": 721,
"length": 263,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
30,
31,
32,
33,
34,
35,
36,
37
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad2()"
}
}
}
}
],
"description": "CallInLoop.bad2() (tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#30-37) has external calls inside a loop: address(uint160(destinations[i])).transfer(i) (tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#35)\n",
"markdown": "[CallInLoop.bad2()](tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L30-L37) has external calls inside a loop: [address(uint160(destinations[i])).transfer(i)](tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L35)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L30-L37",
"id": "3a39574e82d2f7f3b099bb034e0ff24b44e59a22109608d09a9ff3316409b1d2",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "bad3_internal",
"source_mapping": {
"start": 1142,
"length": 99,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
45,
46,
47
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad3_internal(address,uint256)"
}
},
{
"type": "node",
"name": "address(uint160(a)).transfer(i)",
"source_mapping": {
"start": 1203,
"length": 31,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
46
],
"starting_column": 9,
"ending_column": 40
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad3_internal",
"source_mapping": {
"start": 1142,
"length": 99,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
45,
46,
47
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 352,
"length": 892,
"filename_used": "/GENERIC_PATH",
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad3_internal(address,uint256)"
}
}
}
}
],
"description": "CallInLoop.bad3_internal(address,uint256) (tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#45-47) has external calls inside a loop: address(uint160(a)).transfer(i) (tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#46)\n",
"markdown": "[CallInLoop.bad3_internal(address,uint256)](tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L45-L47) has external calls inside a loop: [address(uint160(a)).transfer(i)](tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L46)\n",
"first_markdown_element": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L45-L47",
"id": "2834a80b6dbcd04a8c58bd803038e5f03936c886067d1ee39d0a31d0bb9e88ae",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"

Write Preview
Loading…
Cancel
Save