From cc4b2ed31948997e385d90bb530d046b046dae31 Mon Sep 17 00:00:00 2001 From: Evan Sultanik Date: Wed, 26 Aug 2020 10:28:28 -0400 Subject: [PATCH 1/5] Fixes a typo --- slither/detectors/attributes/incorrect_solc.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/slither/detectors/attributes/incorrect_solc.py b/slither/detectors/attributes/incorrect_solc.py index 36a3c11e3..0f320e256 100644 --- a/slither/detectors/attributes/incorrect_solc.py +++ b/slither/detectors/attributes/incorrect_solc.py @@ -122,7 +122,7 @@ Consider using the latest version of Solidity for testing.''' if self.slither.crytic_compile.compiler_version.version not in self.ALLOWED_VERSIONS: info = ["solc-", self.slither.crytic_compile.compiler_version.version, - " is not recommended for deployement\n"] + " is not recommended for deployment\n"] json = self.generate_result(info) From fd085c3e6c3865b72e91cd4ed8d86c839db97688 Mon Sep 17 00:00:00 2001 From: Evan Sultanik Date: Wed, 26 Aug 2020 10:29:39 -0400 Subject: [PATCH 2/5] More typo fixes --- tests/expected_json/solc_version_incorrect.solc-version.json | 4 ++-- tests/expected_json/solc_version_incorrect.solc-version.txt | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/expected_json/solc_version_incorrect.solc-version.json b/tests/expected_json/solc_version_incorrect.solc-version.json index 50855fc27..380344fe6 100644 --- a/tests/expected_json/solc_version_incorrect.solc-version.json +++ b/tests/expected_json/solc_version_incorrect.solc-version.json @@ -80,8 +80,8 @@ }, { "elements": [], - "description": "solc-0.4.25 is not recommended for deployement\n", - "markdown": "solc-0.4.25 is not recommended for deployement\n", + "description": "solc-0.4.25 is not recommended for deployment\n", + "markdown": "solc-0.4.25 is not recommended for deployment\n", "id": "5a4264386059605a5ac36e3f7dbc853e89e337be5bfbd8b05a64964a81d73790", "check": "solc-version", "impact": "Informational", diff --git a/tests/expected_json/solc_version_incorrect.solc-version.txt b/tests/expected_json/solc_version_incorrect.solc-version.txt index dc387dd18..3185583bf 100644 --- a/tests/expected_json/solc_version_incorrect.solc-version.txt +++ b/tests/expected_json/solc_version_incorrect.solc-version.txt @@ -1,7 +1,7 @@  Pragma version^0.4.23 (tests/solc_version_incorrect.sol#2) allows old versions Pragma version>=0.4.0<0.6.0 (tests/solc_version_incorrect.sol#3) allows old versions -solc-0.4.25 is not recommended for deployement +solc-0.4.25 is not recommended for deployment Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-versions-of-solidity tests/solc_version_incorrect.sol analyzed (1 contracts with 1 detectors), 3 result(s) found Use https://crytic.io/ to get access to additional detectors and Github integration From 4bca161bceb311d431ccf9f0599e42aa6f01b7a5 Mon Sep 17 00:00:00 2001 From: Evan Sultanik Date: Wed, 26 Aug 2020 10:51:33 -0400 Subject: [PATCH 3/5] Include associated pragmas as source mapping elements for old versions of solc --- slither/detectors/attributes/incorrect_solc.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/slither/detectors/attributes/incorrect_solc.py b/slither/detectors/attributes/incorrect_solc.py index 0f320e256..96871988a 100644 --- a/slither/detectors/attributes/incorrect_solc.py +++ b/slither/detectors/attributes/incorrect_solc.py @@ -126,6 +126,12 @@ Consider using the latest version of Solidity for testing.''' json = self.generate_result(info) + # can we find the pragma(s) associated with the version? + # if so, add their source mappings. + for p in pragma: + if p.is_solidity_version and p.version.endswith(info[1]): + json.add_pragma(p) + results.append(json) return results From 8a36f83a06fd4ae52c5dd0409db47453b28bfe80 Mon Sep 17 00:00:00 2001 From: Evan Sultanik Date: Wed, 26 Aug 2020 11:12:21 -0400 Subject: [PATCH 4/5] Removes the pragma mapping and adds a TODO for implementing this the right way --- slither/detectors/attributes/incorrect_solc.py | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/slither/detectors/attributes/incorrect_solc.py b/slither/detectors/attributes/incorrect_solc.py index 96871988a..184aa031d 100644 --- a/slither/detectors/attributes/incorrect_solc.py +++ b/slither/detectors/attributes/incorrect_solc.py @@ -126,11 +126,8 @@ Consider using the latest version of Solidity for testing.''' json = self.generate_result(info) - # can we find the pragma(s) associated with the version? - # if so, add their source mappings. - for p in pragma: - if p.is_solidity_version and p.version.endswith(info[1]): - json.add_pragma(p) + # TODO: Once crytic-compile adds config file info, add a source mapping element pointing to + # the line in the config that specifies the problematic version of solc results.append(json) From 690d4871662f7b6ad54821a2f62eeb2eb969d3ed Mon Sep 17 00:00:00 2001 From: Josselin Date: Thu, 3 Sep 2020 12:35:39 +0200 Subject: [PATCH 5/5] Update test --- tests/expected_json/solc_version_incorrect.solc-version.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/expected_json/solc_version_incorrect.solc-version.json b/tests/expected_json/solc_version_incorrect.solc-version.json index 380344fe6..60fbba65c 100644 --- a/tests/expected_json/solc_version_incorrect.solc-version.json +++ b/tests/expected_json/solc_version_incorrect.solc-version.json @@ -82,7 +82,7 @@ "elements": [], "description": "solc-0.4.25 is not recommended for deployment\n", "markdown": "solc-0.4.25 is not recommended for deployment\n", - "id": "5a4264386059605a5ac36e3f7dbc853e89e337be5bfbd8b05a64964a81d73790", + "id": "4d64003d70a62b1c6963f871e841b6cbd633d07d95554e1a50e0f25d9b71ebb3", "check": "solc-version", "impact": "Informational", "confidence": "High"