TheDude
/
slither
mirror of https://github.com/crytic/slither
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev'

Browse Source
pull/1483/head
Josselin Feist 2 years ago
parent 1ca59ab0b6 133c1a16f1
commit e292c67082
30 changed files with 7673 additions and 6374 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      setup.py
  2. 35
      slither/core/declarations/contract.py
  3. 48
      slither/core/declarations/function.py
  4. 2
      slither/detectors/erc/erc20/arbitrary_send_erc20_no_permit.py
  5. 2
      slither/detectors/erc/erc20/arbitrary_send_erc20_permit.py
  6. 61
      slither/detectors/reentrancy/reentrancy.py
  7. 31
      slither/detectors/reentrancy/reentrancy_eth.py
  8. 2
      slither/detectors/reentrancy/reentrancy_events.py
  9. 32
      slither/detectors/reentrancy/reentrancy_read_before_write.py
  10. 2
      slither/printers/summary/function_ids.py
  11. 8
      slither/utils/function.py
  12. 1782
      tests/detectors/reentrancy-eth/0.4.25/DAO.sol.0.4.25.ReentrancyEth.json
  13. 190
      tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol.0.4.25.ReentrancyEth.json
  14. 6
      tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol.0.4.25.ReentrancyEth.json
  15. 222
      tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol.0.5.16.ReentrancyEth.json
  16. 6
      tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol.0.5.16.ReentrancyEth.json
  17. 222
      tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol.0.6.11.ReentrancyEth.json
  18. 6
      tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol.0.6.11.ReentrancyEth.json
  19. 12
      tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol.0.7.6.ReentrancyEth.json
  20. 6
      tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol.0.7.6.ReentrancyEth.json
  21. 151
      tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol
  22. 981
      tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol.0.8.10.ReentrancyEth.json
  23. 9454
      tests/detectors/reentrancy-no-eth/0.4.25/DAO.sol.0.4.25.ReentrancyReadBeforeWritten.json
  24. 354
      tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol.0.4.25.ReentrancyReadBeforeWritten.json
  25. 12
      tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol.0.5.16.ReentrancyReadBeforeWritten.json
  26. 12
      tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol.0.6.11.ReentrancyReadBeforeWritten.json
  27. 352
      tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol.0.7.6.ReentrancyReadBeforeWritten.json
  28. 1
      tests/test_detectors.py
  29. 17
      tests/test_function.py
  30. 36
      tests/test_function_reentrant.sol

2
setup.py
Unescape View File

@ -13,7 +13,7 @@ setup(
python_requires=">=3.8",
install_requires=[
"prettytable>=0.7.2",
"pysha3>=1.0.2",
"pycryptodome>=3.4.6",
"crytic-compile>=0.2.4",
# "crytic-compile@git+https://github.com/crytic/crytic-compile.git@master#egg=crytic-compile",
],

35
slither/core/declarations/contract.py
Unescape View File

@ -2,8 +2,9 @@
Contract module
"""
import logging
from collections import defaultdict
from pathlib import Path
from typing import Optional, List, Dict, Callable, Tuple, TYPE_CHECKING, Union
from typing import Optional, List, Dict, Callable, Tuple, TYPE_CHECKING, Union, Set
from crytic_compile.platform import Type as PlatformType
@ -100,6 +101,11 @@ class Contract(SourceMapping): # pylint: disable=too-many-public-methods
self.compilation_unit: "SlitherCompilationUnit" = compilation_unit
self.file_scope: "FileScope" = scope
# memoize
self._state_variables_used_in_reentrant_targets: Optional[
Dict["StateVariable", Set[Union["StateVariable", "Function"]]]
] = None
###################################################################################
###################################################################################
# region General's properties
@ -356,6 +362,33 @@ class Contract(SourceMapping): # pylint: disable=too-many-public-methods
slithir_variables = [item for sublist in slithir_variabless for item in sublist]
return list(set(slithir_variables))
@property
def state_variables_used_in_reentrant_targets(
self,
) -> Dict["StateVariable", Set[Union["StateVariable", "Function"]]]:
"""
Returns the state variables used in reentrant targets. Heuristics:
- Variable used (read/write) in entry points that are reentrant
- State variables that are public
"""
from slither.core.variables.state_variable import StateVariable
if self._state_variables_used_in_reentrant_targets is None:
reentrant_functions = [f for f in self.functions_entry_points if f.is_reentrant]
variables_used: Dict[
StateVariable, Set[Union[StateVariable, "Function"]]
] = defaultdict(set)
for function in reentrant_functions:
for ir in function.all_slithir_operations():
state_variables = [v for v in ir.used if isinstance(v, StateVariable)]
for state_variable in state_variables:
variables_used[state_variable].add(ir.node.function)
for variable in [v for v in self.state_variables if v.visibility == "public"]:
variables_used[variable].add(variable)
self._state_variables_used_in_reentrant_targets = variables_used
return self._state_variables_used_in_reentrant_targets
# endregion
###################################################################################
###################################################################################

48
slither/core/declarations/function.py
Unescape View File

@ -189,7 +189,8 @@ class Function(SourceMapping, metaclass=ABCMeta): # pylint: disable=too-many-pu
# set(ReacheableNode)
self._reachable_from_nodes: Set[ReacheableNode] = set()
self._reachable_from_functions: Set[ReacheableNode] = set()
self._reachable_from_functions: Set[Function] = set()
self._all_reachable_from_functions: Optional[Set[Function]] = None
# Constructor, fallback, State variable constructor
self._function_type: Optional[FunctionType] = None
@ -214,7 +215,7 @@ class Function(SourceMapping, metaclass=ABCMeta): # pylint: disable=too-many-pu
self.compilation_unit: "SlitherCompilationUnit" = compilation_unit
# Assume we are analyzing Solidty by default
# Assume we are analyzing Solidity by default
self.function_language: FunctionLanguage = FunctionLanguage.Solidity
self._id: Optional[str] = None
@ -1029,9 +1030,30 @@ class Function(SourceMapping, metaclass=ABCMeta): # pylint: disable=too-many-pu
return self._reachable_from_nodes
@property
def reachable_from_functions(self) -> Set[ReacheableNode]:
def reachable_from_functions(self) -> Set["Function"]:
return self._reachable_from_functions
@property
def all_reachable_from_functions(self) -> Set["Function"]:
"""
Give the recursive version of reachable_from_functions (all the functions that lead to call self in the CFG)
"""
if self._all_reachable_from_functions is None:
functions: Set["Function"] = set()
new_functions = self.reachable_from_functions
# iterate until we have are finding new functions
while new_functions and not new_functions.issubset(functions):
functions = functions.union(new_functions)
# Use a temporary set, because we iterate over new_functions
new_functionss: Set["Function"] = set()
for f in new_functions:
new_functionss = new_functionss.union(f.reachable_from_functions)
new_functions = new_functionss - functions
self._all_reachable_from_functions = functions
return self._all_reachable_from_functions
def add_reachable_from_node(self, n: "Node", ir: "Operation"):
self._reachable_from_nodes.add(ReacheableNode(n, ir))
self._reachable_from_functions.add(n.function)
@ -1460,6 +1482,26 @@ class Function(SourceMapping, metaclass=ABCMeta): # pylint: disable=too-many-pu
)
return self._is_protected
@property
def is_reentrant(self) -> bool:
"""
Determine if the function can be re-entered
"""
# TODO: compare with hash of known nonReentrant modifier instead of the name
if "nonReentrant" in [m.name for m in self.modifiers]:
return False
if self.visibility in ["public", "external"]:
return True
# If it's an internal function, check if all its entry points have the nonReentrant modifier
all_entry_points = [
f for f in self.all_reachable_from_functions if f.visibility in ["public", "external"]
]
if not all_entry_points:
return True
return not all(("nonReentrant" in [m.name for m in f.modifiers] for f in all_entry_points))
# endregion
###################################################################################
###################################################################################

2
slither/detectors/erc/erc20/arbitrary_send_erc20_no_permit.py
Unescape View File

@ -14,7 +14,7 @@ class ArbitrarySendErc20NoPermit(AbstractDetector):
IMPACT = DetectorClassification.HIGH
CONFIDENCE = DetectorClassification.HIGH
WIKI = "https://github.com/trailofbits/slither/wiki/Detector-Documentation#arbitrary-send-erc20"
WIKI = "https://github.com/crytic/slither/wiki/Detector-Documentation#arbitrary-from-in-transferfrom"
WIKI_TITLE = "Arbitrary `from` in transferFrom"
WIKI_DESCRIPTION = "Detect when `msg.sender` is not used as `from` in transferFrom."

2
slither/detectors/erc/erc20/arbitrary_send_erc20_permit.py
Unescape View File

@ -14,7 +14,7 @@ class ArbitrarySendErc20Permit(AbstractDetector):
IMPACT = DetectorClassification.HIGH
CONFIDENCE = DetectorClassification.MEDIUM
WIKI = "https://github.com/trailofbits/slither/wiki/Detector-Documentation#arbitrary-send-erc20-permit"
WIKI = "https://github.com/crytic/slither/wiki/Detector-Documentation#arbitrary-from-in-transferfrom-used-with-permit"
WIKI_TITLE = "Arbitrary `from` in transferFrom used with permit"
WIKI_DESCRIPTION = (

61
slither/detectors/reentrancy/reentrancy.py
Unescape View File

@ -5,31 +5,32 @@
Iterate over all the nodes of the graph until reaching a fixpoint
"""
from collections import defaultdict
from typing import Set, Dict, Union
from typing import Set, Dict, List, Tuple, Optional
from slither.core.cfg.node import NodeType, Node
from slither.core.declarations import Function
from slither.core.declarations import Function, Contract
from slither.core.expressions import UnaryOperation, UnaryOperationType
from slither.core.variables.variable import Variable
from slither.detectors.abstract_detector import AbstractDetector
from slither.slithir.operations import Call, EventCall
from slither.slithir.operations import Call, EventCall, Operation
from slither.utils.output import Output
def union_dict(d1, d2):
def union_dict(d1: Dict, d2: Dict) -> Dict:
d3 = {k: d1.get(k, set()) | d2.get(k, set()) for k in set(list(d1.keys()) + list(d2.keys()))}
return defaultdict(set, d3)
def dict_are_equal(d1, d2):
def dict_are_equal(d1: Dict, d2: Dict) -> bool:
if set(list(d1.keys())) != set(list(d2.keys())):
return False
return all(set(d1[k]) == set(d2[k]) for k in d1.keys())
def is_subset(
new_info: Dict[Union[Variable, Node], Set[Node]],
old_info: Dict[Union[Variable, Node], Set[Node]],
):
new_info: Dict,
old_info: Dict,
) -> bool:
for k in new_info.keys():
if k not in old_info:
return False
@ -38,7 +39,7 @@ def is_subset(
return True
def to_hashable(d: Dict[Node, Set[Node]]):
def to_hashable(d: Dict[Node, Set[Node]]) -> Tuple:
list_tuple = list(
tuple((k, tuple(sorted(values, key=lambda x: x.node_id)))) for k, values in d.items()
)
@ -46,7 +47,7 @@ def to_hashable(d: Dict[Node, Set[Node]]):
class AbstractState:
def __init__(self):
def __init__(self) -> None:
# send_eth returns the list of calls sending value
# calls returns the list of calls that can callback
# read returns the variable read
@ -106,7 +107,9 @@ class AbstractState:
"""
return self._events
def merge_fathers(self, node, skip_father, detector):
def merge_fathers(
self, node: Node, skip_father: Optional[Node], detector: "Reentrancy"
) -> None:
for father in node.fathers:
if detector.KEY in father.context:
self._send_eth = union_dict(
@ -131,7 +134,7 @@ class AbstractState:
father.context[detector.KEY].reads_prior_calls,
)
def analyze_node(self, node, detector):
def analyze_node(self, node: Node, detector: "Reentrancy") -> bool:
state_vars_read: Dict[Variable, Set[Node]] = defaultdict(
set, {v: {node} for v in node.state_variables_read}
)
@ -175,13 +178,13 @@ class AbstractState:
return contains_call
def add(self, fathers):
def add(self, fathers: "AbstractState") -> None:
self._send_eth = union_dict(self._send_eth, fathers.send_eth)
self._calls = union_dict(self._calls, fathers.calls)
self._reads = union_dict(self._reads, fathers.reads)
self._reads_prior_calls = union_dict(self._reads_prior_calls, fathers.reads_prior_calls)
def does_not_bring_new_info(self, new_info):
def does_not_bring_new_info(self, new_info: "AbstractState") -> bool:
if is_subset(new_info.calls, self.calls):
if is_subset(new_info.send_eth, self.send_eth):
if is_subset(new_info.reads, self.reads):
@ -190,7 +193,7 @@ class AbstractState:
return False
def _filter_if(node):
def _filter_if(node: Node) -> bool:
"""
Check if the node is a condtional node where
there is an external call checked
@ -201,10 +204,8 @@ def _filter_if(node):
This will work only on naive implementation
"""
return (
isinstance(node.expression, UnaryOperation)
and node.expression.type == UnaryOperationType.BANG
)
expression = node.expression
return isinstance(expression, UnaryOperation) and expression.type == UnaryOperationType.BANG
class Reentrancy(AbstractDetector):
@ -214,7 +215,7 @@ class Reentrancy(AbstractDetector):
# allowing inherited classes to define different behaviors
# For example reentrancy_no_gas consider Send and Transfer as reentrant functions
@staticmethod
def can_callback(ir):
def can_callback(ir: Operation) -> bool:
"""
Detect if the node contains a call that can
be used to re-entrance
@ -228,13 +229,13 @@ class Reentrancy(AbstractDetector):
return isinstance(ir, Call) and ir.can_reenter()
@staticmethod
def can_send_eth(ir):
def can_send_eth(ir: Operation) -> bool:
"""
Detect if the node can send eth
"""
return isinstance(ir, Call) and ir.can_send_eth()
def _explore(self, node, visited, skip_father=None):
def _explore(self, node: Optional[Node], skip_father: Optional[Node] = None) -> None:
"""
Explore the CFG and look for re-entrancy
Heuristic: There is a re-entrancy if a state variable is written
@ -245,11 +246,9 @@ class Reentrancy(AbstractDetector):
if node.context is not empty, and variables are written, a re-entrancy is possible
"""
if node in visited:
if node is None:
return
visited = visited + [node]
fathers_context = AbstractState()
fathers_context.merge_fathers(node, skip_father, self)
@ -271,26 +270,26 @@ class Reentrancy(AbstractDetector):
if contains_call and node.type in [NodeType.IF, NodeType.IFLOOP]:
if _filter_if(node):
son = sons[0]
self._explore(son, visited, node)
self._explore(son, skip_father=node)
sons = sons[1:]
else:
son = sons[1]
self._explore(son, visited, node)
self._explore(son, skip_father=node)
sons = [sons[0]]
for son in sons:
self._explore(son, visited)
self._explore(son)
def detect_reentrancy(self, contract):
def detect_reentrancy(self, contract: Contract) -> None:
for function in contract.functions_and_modifiers_declared:
if not function.is_constructor:
if function.is_implemented:
if self.KEY in function.context:
continue
self._explore(function.entry_point, [])
self._explore(function.entry_point)
function.context[self.KEY] = True
def _detect(self):
def _detect(self) -> List[Output]:
""""""
# if a node was already visited by another path
# we will only explore it if the traversal brings

31
slither/detectors/reentrancy/reentrancy_eth.py
Unescape View File

@ -5,13 +5,14 @@
Iterate over all the nodes of the graph until reaching a fixpoint
"""
from collections import namedtuple, defaultdict
from typing import List
from typing import List, Dict, Set
from slither.detectors.abstract_detector import DetectorClassification
from .reentrancy import Reentrancy, to_hashable
from ...utils.output import Output
FindingKey = namedtuple("FindingKey", ["function", "calls", "send_eth"])
FindingValue = namedtuple("FindingValue", ["variable", "node", "nodes"])
FindingValue = namedtuple("FindingValue", ["variable", "node", "nodes", "cross_functions"])
class ReentrancyEth(Reentrancy):
@ -52,9 +53,10 @@ Bob uses the re-entrancy bug to call `withdrawBalance` two times, and withdraw m
STANDARD_JSON = False
def find_reentrancies(self):
result = defaultdict(set)
def find_reentrancies(self) -> Dict[FindingKey, Set[FindingValue]]:
result: Dict[FindingKey, Set[FindingValue]] = defaultdict(set)
for contract in self.contracts: # pylint: disable=too-many-nested-blocks
variables_used_in_reentrancy = contract.state_variables_used_in_reentrant_targets
for f in contract.functions_and_modifiers_declared:
for node in f.nodes:
# dead code
@ -72,9 +74,15 @@ Bob uses the re-entrancy bug to call `withdrawBalance` two times, and withdraw m
v,
node,
tuple(sorted(nodes, key=lambda x: x.node_id)),
tuple(
sorted(
variables_used_in_reentrancy[v], key=lambda x: str(x)
)
),
)
for (v, nodes) in node.context[self.KEY].written.items()
if v in node.context[self.KEY].reads_prior_calls[c]
and (f.is_reentrant or v in variables_used_in_reentrancy)
}
if read_then_written:
@ -88,7 +96,7 @@ Bob uses the re-entrancy bug to call `withdrawBalance` two times, and withdraw m
result[finding_key] |= set(read_then_written)
return result
def _detect(self): # pylint: disable=too-many-branches
def _detect(self) -> List[Output]: # pylint: disable=too-many-branches,too-many-locals
""""""
super()._detect()
@ -98,10 +106,11 @@ Bob uses the re-entrancy bug to call `withdrawBalance` two times, and withdraw m
result_sorted = sorted(list(reentrancies.items()), key=lambda x: x[0].function.name)
varsWritten: List[FindingValue]
for (func, calls, send_eth), varsWritten in result_sorted:
varsWrittenSet: Set[FindingValue]
for (func, calls, send_eth), varsWrittenSet in result_sorted:
calls = sorted(list(set(calls)), key=lambda x: x[0].node_id)
send_eth = sorted(list(set(send_eth)), key=lambda x: x[0].node_id)
varsWritten = sorted(varsWritten, key=lambda x: (x.variable.name, x.node.node_id))
varsWritten = sorted(varsWrittenSet, key=lambda x: (x.variable.name, x.node.node_id))
info = ["Reentrancy in ", func, ":\n"]
info += ["\tExternal calls:\n"]
@ -123,6 +132,14 @@ Bob uses the re-entrancy bug to call `withdrawBalance` two times, and withdraw m
for other_node in finding_value.nodes:
if other_node != finding_value.node:
info += ["\t\t- ", other_node, "\n"]
if finding_value.cross_functions:
info += [
"\t",
finding_value.variable,
" can be used in cross function reentrancies:\n",
]
for cross in finding_value.cross_functions:
info += ["\t- ", cross, "\n"]
# Create our JSON result
res = self.generate_result(info)

2
slither/detectors/reentrancy/reentrancy_events.py
Unescape View File

@ -52,6 +52,8 @@ If `d.()` re-enters, the `Counter` events will be shown in an incorrect order, w
result = defaultdict(set)
for contract in self.contracts:
for f in contract.functions_and_modifiers_declared:
if not f.is_reentrant:
continue
for node in f.nodes:
# dead code
if self.KEY not in node.context:

32
slither/detectors/reentrancy/reentrancy_read_before_write.py
Unescape View File

@ -5,12 +5,14 @@
Iterate over all the nodes of the graph until reaching a fixpoint
"""
from collections import namedtuple, defaultdict
from typing import Dict, Set, List
from slither.detectors.abstract_detector import DetectorClassification
from .reentrancy import Reentrancy, to_hashable
from ...utils.output import Output
FindingKey = namedtuple("FindingKey", ["function", "calls"])
FindingValue = namedtuple("FindingValue", ["variable", "node", "nodes"])
FindingValue = namedtuple("FindingValue", ["variable", "node", "nodes", "cross_functions"])
class ReentrancyReadBeforeWritten(Reentrancy):
@ -49,9 +51,11 @@ Do not report reentrancies that involve Ether (see `reentrancy-eth`)."""
STANDARD_JSON = False
def find_reentrancies(self):
result = defaultdict(set)
# pylint: disable=too-many-locals
def find_reentrancies(self) -> Dict[FindingKey, Set[FindingValue]]:
result: Dict[FindingKey, Set[FindingValue]] = defaultdict(set)
for contract in self.contracts: # pylint: disable=too-many-nested-blocks
variables_used_in_reentrancy = contract.state_variables_used_in_reentrant_targets
for f in contract.functions_and_modifiers_declared:
for node in f.nodes:
# dead code
@ -67,9 +71,15 @@ Do not report reentrancies that involve Ether (see `reentrancy-eth`)."""
v,
node,
tuple(sorted(nodes, key=lambda x: x.node_id)),
tuple(
sorted(
variables_used_in_reentrancy[v], key=lambda x: str(x)
)
),
)
for (v, nodes) in node.context[self.KEY].written.items()
if v in node.context[self.KEY].reads_prior_calls[c]
and (f.is_reentrant or v in variables_used_in_reentrancy)
}
# We found a potential re-entrancy bug
@ -82,7 +92,7 @@ Do not report reentrancies that involve Ether (see `reentrancy-eth`)."""
result[finding_key] |= read_then_written
return result
def _detect(self): # pylint: disable=too-many-branches
def _detect(self) -> List[Output]: # pylint: disable=too-many-branches
""""""
super()._detect()
@ -91,9 +101,11 @@ Do not report reentrancies that involve Ether (see `reentrancy-eth`)."""
results = []
result_sorted = sorted(list(reentrancies.items()), key=lambda x: x[0].function.name)
for (func, calls), varsWritten in result_sorted:
varsWritten: List[FindingValue]
varsWrittenSet: Set[FindingValue]
for (func, calls), varsWrittenSet in result_sorted:
calls = sorted(list(set(calls)), key=lambda x: x[0].node_id)
varsWritten = sorted(varsWritten, key=lambda x: (x.variable.name, x.node.node_id))
varsWritten = sorted(varsWrittenSet, key=lambda x: (x.variable.name, x.node.node_id))
info = ["Reentrancy in ", func, ":\n"]
@ -109,6 +121,14 @@ Do not report reentrancies that involve Ether (see `reentrancy-eth`)."""
for other_node in finding_value.nodes:
if other_node != finding_value.node:
info += ["\t\t- ", other_node, "\n"]
if finding_value.cross_functions:
info += [
"\t",
finding_value.variable,
" can be used in cross function reentrancies:\n",
]
for cross in finding_value.cross_functions:
info += ["\t- ", cross, "\n"]
# Create our JSON result
res = self.generate_result(info)

2
slither/printers/summary/function_ids.py
Unescape View File

@ -9,7 +9,7 @@ from slither.utils.myprettytable import MyPrettyTable
class FunctionIds(AbstractPrinter):
ARGUMENT = "function-id"
HELP = "Print the keccack256 signature of the functions"
HELP = "Print the keccak256 signature of the functions"
WIKI = "https://github.com/trailofbits/slither/wiki/Printer-documentation#function-id"

8
slither/utils/function.py
Unescape View File

@ -1,4 +1,4 @@
import sha3
from Crypto.Hash import keccak
def get_function_id(sig: str) -> int:
@ -9,6 +9,6 @@ def get_function_id(sig: str) -> int:
Return:
(int)
"""
s = sha3.keccak_256()
s.update(sig.encode("utf-8"))
return int("0x" + s.hexdigest()[:8], 16)
digest = keccak.new(digest_bits=256)
digest.update(sig.encode("utf-8"))
return int("0x" + digest.hexdigest()[:8], 16)

1782
tests/detectors/reentrancy-eth/0.4.25/DAO.sol.0.4.25.ReentrancyEth.json
View File

File diff suppressed because one or more lines are too long

190
tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol.0.4.25.ReentrancyEth.json
Unescape View File

@ -4,23 +4,22 @@
"elements": [
{
"type": "function",
"name": "withdrawBalance",
"name": "withdrawBalance_nested",
"source_mapping": {
"start": 656,
"length": 314,
"start": 2465,
"length": 246,
"filename_relative": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28,
29,
30,
31
74,
75,
76,
77,
78,
79,
80
],
"starting_column": 5,
"ending_column": 6
@ -122,45 +121,44 @@
"ending_column": 2
}
},
"signature": "withdrawBalance()"
"signature": "withdrawBalance_nested()"
}
},
{
"type": "node",
"name": "! (msg.sender.call.value(userBalance[msg.sender])())",
"name": "msg.sender.call.value(amount / 2)()",
"source_mapping": {
"start": 839,
"length": 53,
"start": 2620,
"length": 33,
"filename_relative": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"is_dependency": false,
"lines": [
27
77
],
"starting_column": 13,
"ending_column": 66
"ending_column": 46
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdrawBalance",
"name": "withdrawBalance_nested",
"source_mapping": {
"start": 656,
"length": 314,
"start": 2465,
"length": 246,
"filename_relative": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28,
29,
30,
31
74,
75,
76,
77,
78,
79,
80
],
"starting_column": 5,
"ending_column": 6
@ -262,7 +260,7 @@
"ending_column": 2
}
},
"signature": "withdrawBalance()"
"signature": "withdrawBalance_nested()"
}
}
},
@ -274,38 +272,37 @@
"type": "node",
"name": "userBalance[msg.sender] = 0",
"source_mapping": {
"start": 936,
"start": 2667,
"length": 27,
"filename_relative": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"is_dependency": false,
"lines": [
30
78
],
"starting_column": 9,
"ending_column": 36
"starting_column": 13,
"ending_column": 40
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdrawBalance",
"name": "withdrawBalance_nested",
"source_mapping": {
"start": 656,
"length": 314,
"start": 2465,
"length": 246,
"filename_relative": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28,
29,
30,
31
74,
75,
76,
77,
78,
79,
80
],
"starting_column": 5,
"ending_column": 6
@ -407,7 +404,7 @@
"ending_column": 2
}
},
"signature": "withdrawBalance()"
"signature": "withdrawBalance_nested()"
}
}
},
@ -417,10 +414,10 @@
}
}
],
"description": "Reentrancy in Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#24-31):\n\tExternal calls:\n\t- ! (msg.sender.call.value(userBalance[msg.sender])()) (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#27)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = 0 (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#30)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L24-L31):\n\tExternal calls:\n\t- [! (msg.sender.call.value(userBalance[msg.sender])())](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L27)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = 0](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L30)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L24-L31",
"id": "759a5ea5deb597f6ca748c9b27656dee01b1e4b634365a68b918bf10518662e8",
"description": "Reentrancy in Reentrancy.withdrawBalance_nested() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#74-80):\n\tExternal calls:\n\t- msg.sender.call.value(amount / 2)() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#77)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = 0 (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#78)\n\tReentrancy.userBalance (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#4) can be used in cross function reentrancies:\n\t- Reentrancy.addToBalance() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#10-12)\n\t- Reentrancy.constructor() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#15-22)\n\t- Reentrancy.getBalance(address) (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#6-8)\n\t- Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#24-31)\n\t- Reentrancy.withdrawBalance_fixed() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#33-41)\n\t- Reentrancy.withdrawBalance_fixed_2() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#43-50)\n\t- Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#52-60)\n\t- Reentrancy.withdrawBalance_fixed_4() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#61-72)\n\t- Reentrancy.withdrawBalance_nested() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#74-80)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance_nested()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L74-L80):\n\tExternal calls:\n\t- [msg.sender.call.value(amount / 2)()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L77)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = 0](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L78)\n\t[Reentrancy.userBalance](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L4) can be used in cross function reentrancies:\n\t- [Reentrancy.addToBalance()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L10-L12)\n\t- [Reentrancy.constructor()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L15-L22)\n\t- [Reentrancy.getBalance(address)](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L6-L8)\n\t- [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L24-L31)\n\t- [Reentrancy.withdrawBalance_fixed()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L33-L41)\n\t- [Reentrancy.withdrawBalance_fixed_2()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L43-L50)\n\t- [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L52-L60)\n\t- [Reentrancy.withdrawBalance_fixed_4()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L61-L72)\n\t- [Reentrancy.withdrawBalance_nested()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L74-L80)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L74-L80",
"id": "5853108dfdb4138662a85fbd17c35511950298872f89c124f1869942c6c4e880",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"
@ -429,22 +426,23 @@
"elements": [
{
"type": "function",
"name": "withdrawBalance_nested",
"name": "withdrawBalance",
"source_mapping": {
"start": 2465,
"length": 246,
"start": 656,
"length": 314,
"filename_relative": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"is_dependency": false,
"lines": [
74,
75,
76,
77,
78,
79,
80
24,
25,
26,
27,
28,
29,
30,
31
],
"starting_column": 5,
"ending_column": 6
@ -546,44 +544,45 @@
"ending_column": 2
}
},
"signature": "withdrawBalance_nested()"
"signature": "withdrawBalance()"
}
},
{
"type": "node",
"name": "msg.sender.call.value(amount / 2)()",
"name": "! (msg.sender.call.value(userBalance[msg.sender])())",
"source_mapping": {
"start": 2620,
"length": 33,
"start": 839,
"length": 53,
"filename_relative": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"is_dependency": false,
"lines": [
77
27
],
"starting_column": 13,
"ending_column": 46
"ending_column": 66
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdrawBalance_nested",
"name": "withdrawBalance",
"source_mapping": {
"start": 2465,
"length": 246,
"start": 656,
"length": 314,
"filename_relative": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"is_dependency": false,
"lines": [
74,
75,
76,
77,
78,
79,
80
24,
25,
26,
27,
28,
29,
30,
31
],
"starting_column": 5,
"ending_column": 6
@ -685,7 +684,7 @@
"ending_column": 2
}
},
"signature": "withdrawBalance_nested()"
"signature": "withdrawBalance()"
}
}
},
@ -697,37 +696,38 @@
"type": "node",
"name": "userBalance[msg.sender] = 0",
"source_mapping": {
"start": 2667,
"start": 936,
"length": 27,
"filename_relative": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"is_dependency": false,
"lines": [
78
30
],
"starting_column": 13,
"ending_column": 40
"starting_column": 9,
"ending_column": 36
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdrawBalance_nested",
"name": "withdrawBalance",
"source_mapping": {
"start": 2465,
"length": 246,
"start": 656,
"length": 314,
"filename_relative": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol",
"is_dependency": false,
"lines": [
74,
75,
76,
77,
78,
79,
80
24,
25,
26,
27,
28,
29,
30,
31
],
"starting_column": 5,
"ending_column": 6
@ -829,7 +829,7 @@
"ending_column": 2
}
},
"signature": "withdrawBalance_nested()"
"signature": "withdrawBalance()"
}
}
},
@ -839,10 +839,10 @@
}
}
],
"description": "Reentrancy in Reentrancy.withdrawBalance_nested() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#74-80):\n\tExternal calls:\n\t- msg.sender.call.value(amount / 2)() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#77)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = 0 (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#78)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance_nested()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L74-L80):\n\tExternal calls:\n\t- [msg.sender.call.value(amount / 2)()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L77)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = 0](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L78)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L74-L80",
"id": "cc27a0e36ba51b1a24ae1df9b9f2ec9e67afedd649839a3302b6f9e08987c7d8",
"description": "Reentrancy in Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#24-31):\n\tExternal calls:\n\t- ! (msg.sender.call.value(userBalance[msg.sender])()) (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#27)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = 0 (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#30)\n\tReentrancy.userBalance (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#4) can be used in cross function reentrancies:\n\t- Reentrancy.addToBalance() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#10-12)\n\t- Reentrancy.constructor() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#15-22)\n\t- Reentrancy.getBalance(address) (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#6-8)\n\t- Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#24-31)\n\t- Reentrancy.withdrawBalance_fixed() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#33-41)\n\t- Reentrancy.withdrawBalance_fixed_2() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#43-50)\n\t- Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#52-60)\n\t- Reentrancy.withdrawBalance_fixed_4() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#61-72)\n\t- Reentrancy.withdrawBalance_nested() (tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#74-80)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L24-L31):\n\tExternal calls:\n\t- [! (msg.sender.call.value(userBalance[msg.sender])())](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L27)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = 0](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L30)\n\t[Reentrancy.userBalance](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L4) can be used in cross function reentrancies:\n\t- [Reentrancy.addToBalance()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L10-L12)\n\t- [Reentrancy.constructor()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L15-L22)\n\t- [Reentrancy.getBalance(address)](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L6-L8)\n\t- [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L24-L31)\n\t- [Reentrancy.withdrawBalance_fixed()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L33-L41)\n\t- [Reentrancy.withdrawBalance_fixed_2()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L43-L50)\n\t- [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L52-L60)\n\t- [Reentrancy.withdrawBalance_fixed_4()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L61-L72)\n\t- [Reentrancy.withdrawBalance_nested()](tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L74-L80)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.4.25/reentrancy.sol#L24-L31",
"id": "8746b87cbc0fcd59a17ae20018967719c6ebc9fca41c6a128e5ac18dd4ee27cc",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"

6
tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol.0.4.25.ReentrancyEth.json
Unescape View File

@ -428,10 +428,10 @@
}
}
],
"description": "Reentrancy in Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#22-29):\n\tExternal calls:\n\t- require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender])) (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#24)\n\tExternal calls sending eth:\n\t- msg.sender.transfer(eth_deposed[token][msg.sender]) (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#23)\n\tState variables written after the call(s):\n\t- eth_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#26)\n\t- token_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#27)\n",
"markdown": "Reentrancy in [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L22-L29):\n\tExternal calls:\n\t- [require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender]))](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L24)\n\tExternal calls sending eth:\n\t- [msg.sender.transfer(eth_deposed[token][msg.sender])](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L23)\n\tState variables written after the call(s):\n\t- [eth_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L26)\n\t- [token_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L27)\n",
"description": "Reentrancy in Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#22-29):\n\tExternal calls:\n\t- require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender])) (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#24)\n\tExternal calls sending eth:\n\t- msg.sender.transfer(eth_deposed[token][msg.sender]) (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#23)\n\tState variables written after the call(s):\n\t- eth_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#26)\n\tReentrancy.eth_deposed (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#10) can be used in cross function reentrancies:\n\t- Reentrancy.deposit_eth(address) (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#13-15)\n\t- Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#22-29)\n\t- token_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#27)\n\tReentrancy.token_deposed (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#11) can be used in cross function reentrancies:\n\t- Reentrancy.deposit_token(address,uint256) (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#17-20)\n\t- Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#22-29)\n",
"markdown": "Reentrancy in [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L22-L29):\n\tExternal calls:\n\t- [require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender]))](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L24)\n\tExternal calls sending eth:\n\t- [msg.sender.transfer(eth_deposed[token][msg.sender])](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L23)\n\tState variables written after the call(s):\n\t- [eth_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L26)\n\t[Reentrancy.eth_deposed](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L10) can be used in cross function reentrancies:\n\t- [Reentrancy.deposit_eth(address)](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L13-L15)\n\t- [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L22-L29)\n\t- [token_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L27)\n\t[Reentrancy.token_deposed](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L11) can be used in cross function reentrancies:\n\t- [Reentrancy.deposit_token(address,uint256)](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L17-L20)\n\t- [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L22-L29)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.4.25/reentrancy_indirect.sol#L22-L29",
"id": "8a2174b6a3476b6e52f3cdac7e85b44337e3b7d7df2b2504c5a75b8e2a00ea7f",
"id": "7ff6a788e1559497246f084096fd10a9fd3a7d30de1b89ac896b7600ba32710d",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"

222
tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol.0.5.16.ReentrancyEth.json
Unescape View File

@ -4,25 +4,24 @@
"elements": [
{
"type": "function",
"name": "withdrawBalance_fixed_3",
"name": "withdrawBalance",
"source_mapping": {
"start": 1839,
"length": 393,
"start": 703,
"length": 357,
"filename_relative": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"is_dependency": false,
"lines": [
55,
56,
57,
58,
59,
60,
61,
62,
63,
64
25,
26,
27,
28,
29,
30,
31,
32,
33
],
"starting_column": 5,
"ending_column": 6
@ -107,47 +106,46 @@
"ending_column": 2
}
},
"signature": "withdrawBalance_fixed_3()"
"signature": "withdrawBalance()"
}
},
{
"type": "node",
"name": "(ret,mem) = msg.sender.call.value(amount)()",
"name": "(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()",
"source_mapping": {
"start": 2084,
"length": 64,
"start": 882,
"length": 81,
"filename_relative": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"is_dependency": false,
"lines": [
60
28
],
"starting_column": 9,
"ending_column": 73
"ending_column": 90
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdrawBalance_fixed_3",
"name": "withdrawBalance",
"source_mapping": {
"start": 1839,
"length": 393,
"start": 703,
"length": 357,
"filename_relative": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"is_dependency": false,
"lines": [
55,
56,
57,
58,
59,
60,
61,
62,
63,
64
25,
26,
27,
28,
29,
30,
31,
32,
33
],
"starting_column": 5,
"ending_column": 6
@ -232,7 +230,7 @@
"ending_column": 2
}
},
"signature": "withdrawBalance_fixed_3()"
"signature": "withdrawBalance()"
}
}
},
@ -242,42 +240,41 @@
},
{
"type": "node",
"name": "userBalance[msg.sender] = amount",
"name": "userBalance[msg.sender] = 0",
"source_mapping": {
"start": 2183,
"length": 32,
"start": 1026,
"length": 27,
"filename_relative": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"is_dependency": false,
"lines": [
62
32
],
"starting_column": 13,
"ending_column": 45
"starting_column": 9,
"ending_column": 36
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdrawBalance_fixed_3",
"name": "withdrawBalance",
"source_mapping": {
"start": 1839,
"length": 393,
"start": 703,
"length": 357,
"filename_relative": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"is_dependency": false,
"lines": [
55,
56,
57,
58,
59,
60,
61,
62,
63,
64
25,
26,
27,
28,
29,
30,
31,
32,
33
],
"starting_column": 5,
"ending_column": 6
@ -362,7 +359,7 @@
"ending_column": 2
}
},
"signature": "withdrawBalance_fixed_3()"
"signature": "withdrawBalance()"
}
}
},
@ -372,10 +369,10 @@
}
}
],
"description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#55-64):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(amount)() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#60)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = amount (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#62)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L55-L64):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call.value(amount)()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L60)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = amount](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L62)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L55-L64",
"id": "b1d5762a3d9738215079d50da4bf0ecdc8eddd575b7f8686bdbfa3d101adf809",
"description": "Reentrancy in Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#25-33):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#28)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = 0 (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#32)\n\tReentrancy.userBalance (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#4) can be used in cross function reentrancies:\n\t- Reentrancy.addToBalance() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#10-12)\n\t- Reentrancy.constructor() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#15-23)\n\t- Reentrancy.getBalance(address) (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#6-8)\n\t- Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#25-33)\n\t- Reentrancy.withdrawBalance_fixed() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#35-44)\n\t- Reentrancy.withdrawBalance_fixed_2() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#46-53)\n\t- Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#55-64)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L25-L33):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L28)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = 0](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L32)\n\t[Reentrancy.userBalance](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L4) can be used in cross function reentrancies:\n\t- [Reentrancy.addToBalance()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L10-L12)\n\t- [Reentrancy.constructor()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L15-L23)\n\t- [Reentrancy.getBalance(address)](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L6-L8)\n\t- [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L25-L33)\n\t- [Reentrancy.withdrawBalance_fixed()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L35-L44)\n\t- [Reentrancy.withdrawBalance_fixed_2()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L46-L53)\n\t- [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L55-L64)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L25-L33",
"id": "1fec5eddc1a1f7c95bbaa72099c7f36d9c8768271ba1bb51b2ece7f2dab1a175",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"
@ -384,24 +381,25 @@
"elements": [
{
"type": "function",
"name": "withdrawBalance",
"name": "withdrawBalance_fixed_3",
"source_mapping": {
"start": 703,
"length": 357,
"start": 1839,
"length": 393,
"filename_relative": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"is_dependency": false,
"lines": [
25,
26,
27,
28,
29,
30,
31,
32,
33
55,
56,
57,
58,
59,
60,
61,
62,
63,
64
],
"starting_column": 5,
"ending_column": 6
@ -486,46 +484,47 @@
"ending_column": 2
}
},
"signature": "withdrawBalance()"
"signature": "withdrawBalance_fixed_3()"
}
},
{
"type": "node",
"name": "(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()",
"name": "(ret,mem) = msg.sender.call.value(amount)()",
"source_mapping": {
"start": 882,
"length": 81,
"start": 2084,
"length": 64,
"filename_relative": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"is_dependency": false,
"lines": [
28
60
],
"starting_column": 9,
"ending_column": 90
"ending_column": 73
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdrawBalance",
"name": "withdrawBalance_fixed_3",
"source_mapping": {
"start": 703,
"length": 357,
"start": 1839,
"length": 393,
"filename_relative": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"is_dependency": false,
"lines": [
25,
26,
27,
28,
29,
30,
31,
32,
33
55,
56,
57,
58,
59,
60,
61,
62,
63,
64
],
"starting_column": 5,
"ending_column": 6
@ -610,7 +609,7 @@
"ending_column": 2
}
},
"signature": "withdrawBalance()"
"signature": "withdrawBalance_fixed_3()"
}
}
},
@ -620,41 +619,42 @@
},
{
"type": "node",
"name": "userBalance[msg.sender] = 0",
"name": "userBalance[msg.sender] = amount",
"source_mapping": {
"start": 1026,
"length": 27,
"start": 2183,
"length": 32,
"filename_relative": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"is_dependency": false,
"lines": [
32
62
],
"starting_column": 9,
"ending_column": 36
"starting_column": 13,
"ending_column": 45
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdrawBalance",
"name": "withdrawBalance_fixed_3",
"source_mapping": {
"start": 703,
"length": 357,
"start": 1839,
"length": 393,
"filename_relative": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol",
"is_dependency": false,
"lines": [
25,
26,
27,
28,
29,
30,
31,
32,
33
55,
56,
57,
58,
59,
60,
61,
62,
63,
64
],
"starting_column": 5,
"ending_column": 6
@ -739,7 +739,7 @@
"ending_column": 2
}
},
"signature": "withdrawBalance()"
"signature": "withdrawBalance_fixed_3()"
}
}
},
@ -749,10 +749,10 @@
}
}
],
"description": "Reentrancy in Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#25-33):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#28)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = 0 (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#32)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L25-L33):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L28)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = 0](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L32)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L25-L33",
"id": "e2dcb62d8ffcc2636bab0fee518b4a79c760f2974c39950214749fc78bebc9de",
"description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#55-64):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(amount)() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#60)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = amount (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#62)\n\tReentrancy.userBalance (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#4) can be used in cross function reentrancies:\n\t- Reentrancy.addToBalance() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#10-12)\n\t- Reentrancy.constructor() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#15-23)\n\t- Reentrancy.getBalance(address) (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#6-8)\n\t- Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#25-33)\n\t- Reentrancy.withdrawBalance_fixed() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#35-44)\n\t- Reentrancy.withdrawBalance_fixed_2() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#46-53)\n\t- Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#55-64)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L55-L64):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call.value(amount)()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L60)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = amount](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L62)\n\t[Reentrancy.userBalance](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L4) can be used in cross function reentrancies:\n\t- [Reentrancy.addToBalance()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L10-L12)\n\t- [Reentrancy.constructor()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L15-L23)\n\t- [Reentrancy.getBalance(address)](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L6-L8)\n\t- [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L25-L33)\n\t- [Reentrancy.withdrawBalance_fixed()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L35-L44)\n\t- [Reentrancy.withdrawBalance_fixed_2()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L46-L53)\n\t- [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L55-L64)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.5.16/reentrancy.sol#L55-L64",
"id": "c1a4b6379bd0137d705b0e1994021e4478445b98ba4d23c547338f09e2213ef0",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"

6
tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol.0.5.16.ReentrancyEth.json
Unescape View File

@ -428,10 +428,10 @@
}
}
],
"description": "Reentrancy in Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#22-29):\n\tExternal calls:\n\t- require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender])) (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#24)\n\tExternal calls sending eth:\n\t- msg.sender.transfer(eth_deposed[token][msg.sender]) (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#23)\n\tState variables written after the call(s):\n\t- eth_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#26)\n\t- token_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#27)\n",
"markdown": "Reentrancy in [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L22-L29):\n\tExternal calls:\n\t- [require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender]))](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L24)\n\tExternal calls sending eth:\n\t- [msg.sender.transfer(eth_deposed[token][msg.sender])](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L23)\n\tState variables written after the call(s):\n\t- [eth_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L26)\n\t- [token_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L27)\n",
"description": "Reentrancy in Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#22-29):\n\tExternal calls:\n\t- require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender])) (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#24)\n\tExternal calls sending eth:\n\t- msg.sender.transfer(eth_deposed[token][msg.sender]) (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#23)\n\tState variables written after the call(s):\n\t- eth_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#26)\n\tReentrancy.eth_deposed (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#10) can be used in cross function reentrancies:\n\t- Reentrancy.deposit_eth(address) (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#13-15)\n\t- Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#22-29)\n\t- token_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#27)\n\tReentrancy.token_deposed (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#11) can be used in cross function reentrancies:\n\t- Reentrancy.deposit_token(address,uint256) (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#17-20)\n\t- Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#22-29)\n",
"markdown": "Reentrancy in [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L22-L29):\n\tExternal calls:\n\t- [require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender]))](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L24)\n\tExternal calls sending eth:\n\t- [msg.sender.transfer(eth_deposed[token][msg.sender])](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L23)\n\tState variables written after the call(s):\n\t- [eth_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L26)\n\t[Reentrancy.eth_deposed](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L10) can be used in cross function reentrancies:\n\t- [Reentrancy.deposit_eth(address)](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L13-L15)\n\t- [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L22-L29)\n\t- [token_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L27)\n\t[Reentrancy.token_deposed](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L11) can be used in cross function reentrancies:\n\t- [Reentrancy.deposit_token(address,uint256)](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L17-L20)\n\t- [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L22-L29)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.5.16/reentrancy_indirect.sol#L22-L29",
"id": "b409436e604deed3ecb1b621a908db6ddbd69754315b41a9806919d8348391d9",
"id": "52cd1e82b29830aa25a1ea1bbc1b35c0e3097eab1f2922b4ecc98eae8f1ed225",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"

222
tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol.0.6.11.ReentrancyEth.json
Unescape View File

@ -4,24 +4,25 @@
"elements": [
{
"type": "function",
"name": "withdrawBalance",
"name": "withdrawBalance_fixed_3",
"source_mapping": {
"start": 707,
"length": 357,
"start": 1843,
"length": 393,
"filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"is_dependency": false,
"lines": [
25,
26,
27,
28,
29,
30,
31,
32,
33
55,
56,
57,
58,
59,
60,
61,
62,
63,
64
],
"starting_column": 5,
"ending_column": 6
@ -106,46 +107,47 @@
"ending_column": 2
}
},
"signature": "withdrawBalance()"
"signature": "withdrawBalance_fixed_3()"
}
},
{
"type": "node",
"name": "(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()",
"name": "(ret,mem) = msg.sender.call.value(amount)()",
"source_mapping": {
"start": 886,
"length": 81,
"start": 2088,
"length": 64,
"filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"is_dependency": false,
"lines": [
28
60
],
"starting_column": 9,
"ending_column": 90
"ending_column": 73
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdrawBalance",
"name": "withdrawBalance_fixed_3",
"source_mapping": {
"start": 707,
"length": 357,
"start": 1843,
"length": 393,
"filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"is_dependency": false,
"lines": [
25,
26,
27,
28,
29,
30,
31,
32,
33
55,
56,
57,
58,
59,
60,
61,
62,
63,
64
],
"starting_column": 5,
"ending_column": 6
@ -230,7 +232,7 @@
"ending_column": 2
}
},
"signature": "withdrawBalance()"
"signature": "withdrawBalance_fixed_3()"
}
}
},
@ -240,41 +242,42 @@
},
{
"type": "node",
"name": "userBalance[msg.sender] = 0",
"name": "userBalance[msg.sender] = amount",
"source_mapping": {
"start": 1030,
"length": 27,
"start": 2187,
"length": 32,
"filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"is_dependency": false,
"lines": [
32
62
],
"starting_column": 9,
"ending_column": 36
"starting_column": 13,
"ending_column": 45
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdrawBalance",
"name": "withdrawBalance_fixed_3",
"source_mapping": {
"start": 707,
"length": 357,
"start": 1843,
"length": 393,
"filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"is_dependency": false,
"lines": [
25,
26,
27,
28,
29,
30,
31,
32,
33
55,
56,
57,
58,
59,
60,
61,
62,
63,
64
],
"starting_column": 5,
"ending_column": 6
@ -359,7 +362,7 @@
"ending_column": 2
}
},
"signature": "withdrawBalance()"
"signature": "withdrawBalance_fixed_3()"
}
}
},
@ -369,10 +372,10 @@
}
}
],
"description": "Reentrancy in Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#25-33):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#28)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = 0 (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#32)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L25-L33):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L28)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = 0](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L32)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L25-L33",
"id": "2ae23f335df95d0f5c56d214774a6afc507773d057c4ca44f2eb4eff0e2ebe98",
"description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#55-64):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(amount)() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#60)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = amount (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#62)\n\tReentrancy.userBalance (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#4) can be used in cross function reentrancies:\n\t- Reentrancy.addToBalance() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#10-12)\n\t- Reentrancy.constructor() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#15-23)\n\t- Reentrancy.getBalance(address) (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#6-8)\n\t- Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#25-33)\n\t- Reentrancy.withdrawBalance_fixed() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#35-44)\n\t- Reentrancy.withdrawBalance_fixed_2() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#46-53)\n\t- Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#55-64)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L55-L64):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call.value(amount)()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L60)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = amount](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L62)\n\t[Reentrancy.userBalance](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L4) can be used in cross function reentrancies:\n\t- [Reentrancy.addToBalance()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L10-L12)\n\t- [Reentrancy.constructor()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L15-L23)\n\t- [Reentrancy.getBalance(address)](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L6-L8)\n\t- [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L25-L33)\n\t- [Reentrancy.withdrawBalance_fixed()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L35-L44)\n\t- [Reentrancy.withdrawBalance_fixed_2()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L46-L53)\n\t- [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L55-L64)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L55-L64",
"id": "bc199b4c8749cb08649e2084ac891e0cb098640e2752bf319ffa79d99ee10cdb",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"
@ -381,25 +384,24 @@
"elements": [
{
"type": "function",
"name": "withdrawBalance_fixed_3",
"name": "withdrawBalance",
"source_mapping": {
"start": 1843,
"length": 393,
"start": 707,
"length": 357,
"filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"is_dependency": false,
"lines": [
55,
56,
57,
58,
59,
60,
61,
62,
63,
64
25,
26,
27,
28,
29,
30,
31,
32,
33
],
"starting_column": 5,
"ending_column": 6
@ -484,47 +486,46 @@
"ending_column": 2
}
},
"signature": "withdrawBalance_fixed_3()"
"signature": "withdrawBalance()"
}
},
{
"type": "node",
"name": "(ret,mem) = msg.sender.call.value(amount)()",
"name": "(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()",
"source_mapping": {
"start": 2088,
"length": 64,
"start": 886,
"length": 81,
"filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"is_dependency": false,
"lines": [
60
28
],
"starting_column": 9,
"ending_column": 73
"ending_column": 90
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdrawBalance_fixed_3",
"name": "withdrawBalance",
"source_mapping": {
"start": 1843,
"length": 393,
"start": 707,
"length": 357,
"filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"is_dependency": false,
"lines": [
55,
56,
57,
58,
59,
60,
61,
62,
63,
64
25,
26,
27,
28,
29,
30,
31,
32,
33
],
"starting_column": 5,
"ending_column": 6
@ -609,7 +610,7 @@
"ending_column": 2
}
},
"signature": "withdrawBalance_fixed_3()"
"signature": "withdrawBalance()"
}
}
},
@ -619,42 +620,41 @@
},
{
"type": "node",
"name": "userBalance[msg.sender] = amount",
"name": "userBalance[msg.sender] = 0",
"source_mapping": {
"start": 2187,
"length": 32,
"start": 1030,
"length": 27,
"filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"is_dependency": false,
"lines": [
62
32
],
"starting_column": 13,
"ending_column": 45
"starting_column": 9,
"ending_column": 36
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdrawBalance_fixed_3",
"name": "withdrawBalance",
"source_mapping": {
"start": 1843,
"length": 393,
"start": 707,
"length": 357,
"filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol",
"is_dependency": false,
"lines": [
55,
56,
57,
58,
59,
60,
61,
62,
63,
64
25,
26,
27,
28,
29,
30,
31,
32,
33
],
"starting_column": 5,
"ending_column": 6
@ -739,7 +739,7 @@
"ending_column": 2
}
},
"signature": "withdrawBalance_fixed_3()"
"signature": "withdrawBalance()"
}
}
},
@ -749,10 +749,10 @@
}
}
],
"description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#55-64):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(amount)() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#60)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = amount (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#62)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L55-L64):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call.value(amount)()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L60)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = amount](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L62)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L55-L64",
"id": "c4d2dd489fd8bc396119bdd7e5a73c3782cf5fa27171112104e34b2f3ccf37c4",
"description": "Reentrancy in Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#25-33):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#28)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = 0 (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#32)\n\tReentrancy.userBalance (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#4) can be used in cross function reentrancies:\n\t- Reentrancy.addToBalance() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#10-12)\n\t- Reentrancy.constructor() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#15-23)\n\t- Reentrancy.getBalance(address) (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#6-8)\n\t- Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#25-33)\n\t- Reentrancy.withdrawBalance_fixed() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#35-44)\n\t- Reentrancy.withdrawBalance_fixed_2() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#46-53)\n\t- Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#55-64)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L25-L33):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L28)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = 0](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L32)\n\t[Reentrancy.userBalance](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L4) can be used in cross function reentrancies:\n\t- [Reentrancy.addToBalance()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L10-L12)\n\t- [Reentrancy.constructor()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L15-L23)\n\t- [Reentrancy.getBalance(address)](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L6-L8)\n\t- [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L25-L33)\n\t- [Reentrancy.withdrawBalance_fixed()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L35-L44)\n\t- [Reentrancy.withdrawBalance_fixed_2()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L46-L53)\n\t- [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L55-L64)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L25-L33",
"id": "c8c4106c11c4f1fc4a76fc18e91bb3132d5b8d95d94c707453f64be98f1efa8d",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"

6
tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol.0.6.11.ReentrancyEth.json
Unescape View File

@ -428,10 +428,10 @@
}
}
],
"description": "Reentrancy in Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#22-29):\n\tExternal calls:\n\t- require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender])) (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#24)\n\tExternal calls sending eth:\n\t- msg.sender.transfer(eth_deposed[token][msg.sender]) (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#23)\n\tState variables written after the call(s):\n\t- eth_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#26)\n\t- token_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#27)\n",
"markdown": "Reentrancy in [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L22-L29):\n\tExternal calls:\n\t- [require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender]))](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L24)\n\tExternal calls sending eth:\n\t- [msg.sender.transfer(eth_deposed[token][msg.sender])](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L23)\n\tState variables written after the call(s):\n\t- [eth_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L26)\n\t- [token_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L27)\n",
"description": "Reentrancy in Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#22-29):\n\tExternal calls:\n\t- require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender])) (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#24)\n\tExternal calls sending eth:\n\t- msg.sender.transfer(eth_deposed[token][msg.sender]) (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#23)\n\tState variables written after the call(s):\n\t- eth_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#26)\n\tReentrancy.eth_deposed (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#10) can be used in cross function reentrancies:\n\t- Reentrancy.deposit_eth(address) (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#13-15)\n\t- Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#22-29)\n\t- token_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#27)\n\tReentrancy.token_deposed (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#11) can be used in cross function reentrancies:\n\t- Reentrancy.deposit_token(address,uint256) (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#17-20)\n\t- Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#22-29)\n",
"markdown": "Reentrancy in [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L22-L29):\n\tExternal calls:\n\t- [require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender]))](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L24)\n\tExternal calls sending eth:\n\t- [msg.sender.transfer(eth_deposed[token][msg.sender])](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L23)\n\tState variables written after the call(s):\n\t- [eth_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L26)\n\t[Reentrancy.eth_deposed](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L10) can be used in cross function reentrancies:\n\t- [Reentrancy.deposit_eth(address)](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L13-L15)\n\t- [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L22-L29)\n\t- [token_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L27)\n\t[Reentrancy.token_deposed](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L11) can be used in cross function reentrancies:\n\t- [Reentrancy.deposit_token(address,uint256)](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L17-L20)\n\t- [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L22-L29)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.6.11/reentrancy_indirect.sol#L22-L29",
"id": "592ad3a6f86cbf4b9e9e1c21c6345d8616f0e6e8a85c7e9ab283b5b0a1271c71",
"id": "f892080cd6edb9d73d435cd8c4cea16e1b65098abf2a0df5debcd493787f6654",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"

12
tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol.0.7.6.ReentrancyEth.json
Unescape View File

@ -372,10 +372,10 @@
}
}
],
"description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#55-64):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call{value: amount}() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#60)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = amount (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#62)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L55-L64):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call{value: amount}()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L60)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = amount](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L62)\n",
"description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#55-64):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call{value: amount}() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#60)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = amount (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#62)\n\tReentrancy.userBalance (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#4) can be used in cross function reentrancies:\n\t- Reentrancy.addToBalance() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#10-12)\n\t- Reentrancy.constructor() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#15-23)\n\t- Reentrancy.getBalance(address) (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#6-8)\n\t- Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#25-33)\n\t- Reentrancy.withdrawBalance_fixed() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#35-44)\n\t- Reentrancy.withdrawBalance_fixed_2() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#46-53)\n\t- Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#55-64)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L55-L64):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call{value: amount}()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L60)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = amount](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L62)\n\t[Reentrancy.userBalance](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L4) can be used in cross function reentrancies:\n\t- [Reentrancy.addToBalance()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L10-L12)\n\t- [Reentrancy.constructor()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L15-L23)\n\t- [Reentrancy.getBalance(address)](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L6-L8)\n\t- [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L25-L33)\n\t- [Reentrancy.withdrawBalance_fixed()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L35-L44)\n\t- [Reentrancy.withdrawBalance_fixed_2()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L46-L53)\n\t- [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L55-L64)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L55-L64",
"id": "d68cc7cd493eca1fda517423f6f6ad0a5671d0bbea1d80ec0cb403ca66d5d4b8",
"id": "75d254de1c95646a633659a0bb8c1cd874b1a83f8bdba6fda28e9092be76beeb",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"
@ -749,10 +749,10 @@
}
}
],
"description": "Reentrancy in Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#25-33):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call{value: userBalance[msg.sender]}() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#28)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = 0 (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#32)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L25-L33):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call{value: userBalance[msg.sender]}()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L28)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = 0](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L32)\n",
"description": "Reentrancy in Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#25-33):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call{value: userBalance[msg.sender]}() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#28)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = 0 (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#32)\n\tReentrancy.userBalance (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#4) can be used in cross function reentrancies:\n\t- Reentrancy.addToBalance() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#10-12)\n\t- Reentrancy.constructor() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#15-23)\n\t- Reentrancy.getBalance(address) (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#6-8)\n\t- Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#25-33)\n\t- Reentrancy.withdrawBalance_fixed() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#35-44)\n\t- Reentrancy.withdrawBalance_fixed_2() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#46-53)\n\t- Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#55-64)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L25-L33):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call{value: userBalance[msg.sender]}()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L28)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = 0](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L32)\n\t[Reentrancy.userBalance](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L4) can be used in cross function reentrancies:\n\t- [Reentrancy.addToBalance()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L10-L12)\n\t- [Reentrancy.constructor()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L15-L23)\n\t- [Reentrancy.getBalance(address)](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L6-L8)\n\t- [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L25-L33)\n\t- [Reentrancy.withdrawBalance_fixed()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L35-L44)\n\t- [Reentrancy.withdrawBalance_fixed_2()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L46-L53)\n\t- [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L55-L64)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.7.6/reentrancy.sol#L25-L33",
"id": "df77aefe86b51d596b1dba22bde98d85390038724420e61fb18579fd90af852c",
"id": "a20a04b25c124d64a595c2dec1a37f745f1594c4f0461622c558d66911ea5235",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"

6
tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol.0.7.6.ReentrancyEth.json
Unescape View File

@ -428,10 +428,10 @@
}
}
],
"description": "Reentrancy in Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#22-29):\n\tExternal calls:\n\t- require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender])) (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#24)\n\tExternal calls sending eth:\n\t- msg.sender.transfer(eth_deposed[token][msg.sender]) (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#23)\n\tState variables written after the call(s):\n\t- eth_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#26)\n\t- token_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#27)\n",
"markdown": "Reentrancy in [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L22-L29):\n\tExternal calls:\n\t- [require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender]))](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L24)\n\tExternal calls sending eth:\n\t- [msg.sender.transfer(eth_deposed[token][msg.sender])](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L23)\n\tState variables written after the call(s):\n\t- [eth_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L26)\n\t- [token_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L27)\n",
"description": "Reentrancy in Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#22-29):\n\tExternal calls:\n\t- require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender])) (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#24)\n\tExternal calls sending eth:\n\t- msg.sender.transfer(eth_deposed[token][msg.sender]) (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#23)\n\tState variables written after the call(s):\n\t- eth_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#26)\n\tReentrancy.eth_deposed (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#10) can be used in cross function reentrancies:\n\t- Reentrancy.deposit_eth(address) (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#13-15)\n\t- Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#22-29)\n\t- token_deposed[token][msg.sender] = 0 (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#27)\n\tReentrancy.token_deposed (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#11) can be used in cross function reentrancies:\n\t- Reentrancy.deposit_token(address,uint256) (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#17-20)\n\t- Reentrancy.withdraw(address) (tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#22-29)\n",
"markdown": "Reentrancy in [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L22-L29):\n\tExternal calls:\n\t- [require(bool)(Token(token).transfer(msg.sender,token_deposed[token][msg.sender]))](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L24)\n\tExternal calls sending eth:\n\t- [msg.sender.transfer(eth_deposed[token][msg.sender])](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L23)\n\tState variables written after the call(s):\n\t- [eth_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L26)\n\t[Reentrancy.eth_deposed](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L10) can be used in cross function reentrancies:\n\t- [Reentrancy.deposit_eth(address)](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L13-L15)\n\t- [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L22-L29)\n\t- [token_deposed[token][msg.sender] = 0](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L27)\n\t[Reentrancy.token_deposed](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L11) can be used in cross function reentrancies:\n\t- [Reentrancy.deposit_token(address,uint256)](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L17-L20)\n\t- [Reentrancy.withdraw(address)](tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L22-L29)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.7.6/reentrancy_indirect.sol#L22-L29",
"id": "24fc47678720105e363d9594b5bcec35f854903103c3c4a4ca82d9b4fb5348c3",
"id": "8aacbf836cda179a2f29017ba3fb238dbb3e88837efd207cd07622e5c746f56a",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"

151
tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol
Unescape View File

@ -0,0 +1,151 @@
interface Receiver{
function send_funds() payable external;
}
contract TestWithBug{
mapping(address => uint) balances;
modifier nonReentrant(){
_;
}
function withdraw(uint amount) nonReentrant public{
require(amount <= balances[msg.sender]);
Receiver(msg.sender).send_funds{value: amount}();
balances[msg.sender] -= amount;
}
function withdraw_all() public{
uint amount = balances[msg.sender];
balances[msg.sender] = 0;
Receiver(msg.sender).send_funds{value: amount}();
}
}
contract TestWithoutBug{
mapping(address => uint) balances;
modifier nonReentrant(){
_;
}
function withdraw(uint amount) nonReentrant public{
require(amount <= balances[msg.sender]);
Receiver(msg.sender).send_funds{value: amount}();
balances[msg.sender] -= amount;
}
function withdraw_all() nonReentrant public{
uint amount = balances[msg.sender];
balances[msg.sender] = 0;
Receiver(msg.sender).send_funds{value: amount}();
}
}
contract TestWithBugInternal{
mapping(address => uint) balances;
modifier nonReentrant(){
_;
}
function withdraw(uint amount) nonReentrant public{
withdraw_internal(amount);
}
function withdraw_internal(uint amount) internal{
require(amount <= balances[msg.sender]);
Receiver(msg.sender).send_funds{value: amount}();
balances[msg.sender] -= amount;
}
function withdraw_all() public{
withdraw_all_internal();
}
function withdraw_all_internal() internal {
uint amount = balances[msg.sender];
balances[msg.sender] = 0;
Receiver(msg.sender).send_funds{value: amount}();
}
}
contract TestWithoutBugInternal{
mapping(address => uint) balances;
modifier nonReentrant(){
_;
}
function withdraw(uint amount) nonReentrant public{
withdraw_internal(amount);
}
function withdraw_internal(uint amount) internal{
require(amount <= balances[msg.sender]);
Receiver(msg.sender).send_funds{value: amount}();
balances[msg.sender] -= amount;
}
function withdraw_all() nonReentrant public{
withdraw_all_internal();
}
function withdraw_all_internal() internal {
uint amount = balances[msg.sender];
balances[msg.sender] = 0;
Receiver(msg.sender).send_funds{value: amount}();
}
}
contract TestBugWithPublicVariable{
mapping(address => uint) public balances;
modifier nonReentrant(){
_;
}
function withdraw(uint amount) nonReentrant public{
withdraw_internal(amount);
}
function withdraw_internal(uint amount) internal{
require(amount <= balances[msg.sender]);
Receiver(msg.sender).send_funds{value: amount}();
balances[msg.sender] -= amount;
}
}
contract TestWithBugNonReentrantRead{
mapping(address => uint) balances;
modifier nonReentrant(){
_;
}
function withdraw(uint amount) nonReentrant public{
require(amount <= balances[msg.sender]);
Receiver(msg.sender).send_funds{value: amount}();
balances[msg.sender] -= amount;
}
// Simulate a reentrancy that allows to read variable in a potential incorrect state during a reentrancy
// This is more likely to impact protocol like reentrancy
function read() public returns(uint){
uint amount = balances[msg.sender];
return amount;
}
}

981
tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol.0.8.10.ReentrancyEth.json
Unescape View File

@ -0,0 +1,981 @@
[
[
{
"elements": [
{
"type": "function",
"name": "withdraw",
"source_mapping": {
"start": 3089,
"length": 207,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
138,
139,
140,
141,
142
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "TestWithBugNonReentrantRead",
"source_mapping": {
"start": 2959,
"length": 629,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
130,
131,
132,
133,
134,
135,
136,
137,
138,
139,
140,
141,
142,
143,
144,
145,
146,
147,
148,
149,
150,
151
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "withdraw(uint256)"
}
},
{
"type": "node",
"name": "Receiver(msg.sender).send_funds{value: amount}()",
"source_mapping": {
"start": 3200,
"length": 48,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
140
],
"starting_column": 10,
"ending_column": 58
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdraw",
"source_mapping": {
"start": 3089,
"length": 207,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
138,
139,
140,
141,
142
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "TestWithBugNonReentrantRead",
"source_mapping": {
"start": 2959,
"length": 629,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
130,
131,
132,
133,
134,
135,
136,
137,
138,
139,
140,
141,
142,
143,
144,
145,
146,
147,
148,
149,
150,
151
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "withdraw(uint256)"
}
}
},
"additional_fields": {
"underlying_type": "external_calls"
}
},
{
"type": "node",
"name": "balances[msg.sender] -= amount",
"source_mapping": {
"start": 3259,
"length": 30,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
141
],
"starting_column": 10,
"ending_column": 40
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdraw",
"source_mapping": {
"start": 3089,
"length": 207,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
138,
139,
140,
141,
142
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "TestWithBugNonReentrantRead",
"source_mapping": {
"start": 2959,
"length": 629,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
130,
131,
132,
133,
134,
135,
136,
137,
138,
139,
140,
141,
142,
143,
144,
145,
146,
147,
148,
149,
150,
151
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "withdraw(uint256)"
}
}
},
"additional_fields": {
"underlying_type": "variables_written",
"variable_name": "balances"
}
}
],
"description": "Reentrancy in TestWithBugNonReentrantRead.withdraw(uint256) (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#138-142):\n\tExternal calls:\n\t- Receiver(msg.sender).send_funds{value: amount}() (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#140)\n\tState variables written after the call(s):\n\t- balances[msg.sender] -= amount (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#141)\n\tTestWithBugNonReentrantRead.balances (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#132) can be used in cross function reentrancies:\n\t- TestWithBugNonReentrantRead.read() (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#146-149)\n",
"markdown": "Reentrancy in [TestWithBugNonReentrantRead.withdraw(uint256)](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L138-L142):\n\tExternal calls:\n\t- [Receiver(msg.sender).send_funds{value: amount}()](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L140)\n\tState variables written after the call(s):\n\t- [balances[msg.sender] -= amount](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L141)\n\t[TestWithBugNonReentrantRead.balances](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L132) can be used in cross function reentrancies:\n\t- [TestWithBugNonReentrantRead.read()](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L146-L149)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L138-L142",
"id": "0b2149d8ea8554c24092bad5ce3061d661d4f0447d5d96716893538474bca40f",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "withdraw_internal",
"source_mapping": {
"start": 1320,
"length": 205,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
62,
63,
64,
65,
66
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "TestWithBugInternal",
"source_mapping": {
"start": 1100,
"length": 698,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77,
78
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "withdraw_internal(uint256)"
}
},
{
"type": "node",
"name": "Receiver(msg.sender).send_funds{value: amount}()",
"source_mapping": {
"start": 1429,
"length": 48,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
64
],
"starting_column": 10,
"ending_column": 58
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdraw_internal",
"source_mapping": {
"start": 1320,
"length": 205,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
62,
63,
64,
65,
66
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "TestWithBugInternal",
"source_mapping": {
"start": 1100,
"length": 698,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77,
78
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "withdraw_internal(uint256)"
}
}
},
"additional_fields": {
"underlying_type": "external_calls"
}
},
{
"type": "node",
"name": "balances[msg.sender] -= amount",
"source_mapping": {
"start": 1488,
"length": 30,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
65
],
"starting_column": 10,
"ending_column": 40
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdraw_internal",
"source_mapping": {
"start": 1320,
"length": 205,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
62,
63,
64,
65,
66
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "TestWithBugInternal",
"source_mapping": {
"start": 1100,
"length": 698,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77,
78
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "withdraw_internal(uint256)"
}
}
},
"additional_fields": {
"underlying_type": "variables_written",
"variable_name": "balances"
}
}
],
"description": "Reentrancy in TestWithBugInternal.withdraw_internal(uint256) (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#62-66):\n\tExternal calls:\n\t- Receiver(msg.sender).send_funds{value: amount}() (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#64)\n\tState variables written after the call(s):\n\t- balances[msg.sender] -= amount (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#65)\n\tTestWithBugInternal.balances (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#52) can be used in cross function reentrancies:\n\t- TestWithBugInternal.withdraw_all_internal() (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#72-76)\n",
"markdown": "Reentrancy in [TestWithBugInternal.withdraw_internal(uint256)](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L62-L66):\n\tExternal calls:\n\t- [Receiver(msg.sender).send_funds{value: amount}()](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L64)\n\tState variables written after the call(s):\n\t- [balances[msg.sender] -= amount](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L65)\n\t[TestWithBugInternal.balances](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L52) can be used in cross function reentrancies:\n\t- [TestWithBugInternal.withdraw_all_internal()](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L72-L76)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L62-L66",
"id": "7d618f027540d61d9af79a3a9475677476d1c4d7ad1be68ff8026f6c0d4cdc82",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "withdraw_internal",
"source_mapping": {
"start": 2749,
"length": 205,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
122,
123,
124,
125,
126
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "TestBugWithPublicVariable",
"source_mapping": {
"start": 2516,
"length": 441,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
110,
111,
112,
113,
114,
115,
116,
117,
118,
119,
120,
121,
122,
123,
124,
125,
126,
127,
128
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "withdraw_internal(uint256)"
}
},
{
"type": "node",
"name": "Receiver(msg.sender).send_funds{value: amount}()",
"source_mapping": {
"start": 2858,
"length": 48,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
124
],
"starting_column": 10,
"ending_column": 58
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdraw_internal",
"source_mapping": {
"start": 2749,
"length": 205,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
122,
123,
124,
125,
126
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "TestBugWithPublicVariable",
"source_mapping": {
"start": 2516,
"length": 441,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
110,
111,
112,
113,
114,
115,
116,
117,
118,
119,
120,
121,
122,
123,
124,
125,
126,
127,
128
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "withdraw_internal(uint256)"
}
}
},
"additional_fields": {
"underlying_type": "external_calls"
}
},
{
"type": "node",
"name": "balances[msg.sender] -= amount",
"source_mapping": {
"start": 2917,
"length": 30,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
125
],
"starting_column": 10,
"ending_column": 40
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdraw_internal",
"source_mapping": {
"start": 2749,
"length": 205,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
122,
123,
124,
125,
126
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "TestBugWithPublicVariable",
"source_mapping": {
"start": 2516,
"length": 441,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
110,
111,
112,
113,
114,
115,
116,
117,
118,
119,
120,
121,
122,
123,
124,
125,
126,
127,
128
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "withdraw_internal(uint256)"
}
}
},
"additional_fields": {
"underlying_type": "variables_written",
"variable_name": "balances"
}
}
],
"description": "Reentrancy in TestBugWithPublicVariable.withdraw_internal(uint256) (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#122-126):\n\tExternal calls:\n\t- Receiver(msg.sender).send_funds{value: amount}() (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#124)\n\tState variables written after the call(s):\n\t- balances[msg.sender] -= amount (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#125)\n\tTestBugWithPublicVariable.balances (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#112) can be used in cross function reentrancies:\n\t- TestBugWithPublicVariable.balances (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#112)\n",
"markdown": "Reentrancy in [TestBugWithPublicVariable.withdraw_internal(uint256)](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L122-L126):\n\tExternal calls:\n\t- [Receiver(msg.sender).send_funds{value: amount}()](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L124)\n\tState variables written after the call(s):\n\t- [balances[msg.sender] -= amount](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L125)\n\t[TestBugWithPublicVariable.balances](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L112) can be used in cross function reentrancies:\n\t- [TestBugWithPublicVariable.balances](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L112)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L122-L126",
"id": "a3e52c882aa9fb88119aa3507f4158436bfe3f1abee0828665afa41213587097",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"
},
{
"elements": [
{
"type": "function",
"name": "withdraw",
"source_mapping": {
"start": 181,
"length": 207,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
13,
14,
15,
16,
17
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "TestWithBug",
"source_mapping": {
"start": 67,
"length": 506,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "withdraw(uint256)"
}
},
{
"type": "node",
"name": "Receiver(msg.sender).send_funds{value: amount}()",
"source_mapping": {
"start": 292,
"length": 48,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
15
],
"starting_column": 10,
"ending_column": 58
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdraw",
"source_mapping": {
"start": 181,
"length": 207,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
13,
14,
15,
16,
17
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "TestWithBug",
"source_mapping": {
"start": 67,
"length": 506,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "withdraw(uint256)"
}
}
},
"additional_fields": {
"underlying_type": "external_calls"
}
},
{
"type": "node",
"name": "balances[msg.sender] -= amount",
"source_mapping": {
"start": 351,
"length": 30,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
16
],
"starting_column": 10,
"ending_column": 40
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "withdraw",
"source_mapping": {
"start": 181,
"length": 207,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
13,
14,
15,
16,
17
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "TestWithBug",
"source_mapping": {
"start": 67,
"length": 506,
"filename_relative": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol",
"is_dependency": false,
"lines": [
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "withdraw(uint256)"
}
}
},
"additional_fields": {
"underlying_type": "variables_written",
"variable_name": "balances"
}
}
],
"description": "Reentrancy in TestWithBug.withdraw(uint256) (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#13-17):\n\tExternal calls:\n\t- Receiver(msg.sender).send_funds{value: amount}() (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#15)\n\tState variables written after the call(s):\n\t- balances[msg.sender] -= amount (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#16)\n\tTestWithBug.balances (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#7) can be used in cross function reentrancies:\n\t- TestWithBug.withdraw_all() (tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#19-23)\n",
"markdown": "Reentrancy in [TestWithBug.withdraw(uint256)](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L13-L17):\n\tExternal calls:\n\t- [Receiver(msg.sender).send_funds{value: amount}()](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L15)\n\tState variables written after the call(s):\n\t- [balances[msg.sender] -= amount](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L16)\n\t[TestWithBug.balances](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L7) can be used in cross function reentrancies:\n\t- [TestWithBug.withdraw_all()](tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L19-L23)\n",
"first_markdown_element": "tests/detectors/reentrancy-eth/0.8.10/reentrancy_with_non_reentrant.sol#L13-L17",
"id": "bcfa65e776908d618f202fa48f03dde3fbf8397b752d2e8cc3c8e46019e9e174",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"
}
]
]

9454
tests/detectors/reentrancy-no-eth/0.4.25/DAO.sol.0.4.25.ReentrancyReadBeforeWritten.json
View File

File diff suppressed because one or more lines are too long

354
tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol.0.4.25.ReentrancyReadBeforeWritten.json
Unescape View File

@ -4,22 +4,21 @@
"elements": [
{
"type": "function",
"name": "bad0",
"name": "bad1",
"source_mapping": {
"start": 326,
"length": 153,
"start": 485,
"length": 158,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22
24,
25,
26,
27,
28,
29
],
"starting_column": 5,
"ending_column": 6
@ -78,44 +77,43 @@
"ending_column": 2
}
},
"signature": "bad0()"
"signature": "bad1(address)"
}
},
{
"type": "node",
"name": "! (msg.sender.call())",
"name": "success = msg.sender.call()",
"source_mapping": {
"start": 391,
"length": 20,
"start": 560,
"length": 34,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
18
26
],
"starting_column": 13,
"ending_column": 33
"starting_column": 9,
"ending_column": 43
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad0",
"name": "bad1",
"source_mapping": {
"start": 326,
"length": 153,
"start": 485,
"length": 158,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22
24,
25,
26,
27,
28,
29
],
"starting_column": 5,
"ending_column": 6
@ -174,7 +172,7 @@
"ending_column": 2
}
},
"signature": "bad0()"
"signature": "bad1(address)"
}
}
},
@ -184,39 +182,38 @@
},
{
"type": "node",
"name": "notCalled = false",
"name": "bad0()",
"source_mapping": {
"start": 455,
"length": 17,
"start": 630,
"length": 6,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
21
28
],
"starting_column": 9,
"ending_column": 26
"ending_column": 15
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad0",
"name": "bad1",
"source_mapping": {
"start": 326,
"length": 153,
"start": 485,
"length": 158,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22
24,
25,
26,
27,
28,
29
],
"starting_column": 5,
"ending_column": 6
@ -275,138 +272,49 @@
"ending_column": 2
}
},
"signature": "bad0()"
"signature": "bad1(address)"
}
}
},
"additional_fields": {
"underlying_type": "variables_written",
"variable_name": "notCalled"
"underlying_type": "external_calls"
}
}
],
"description": "Reentrancy in ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#16-22):\n\tExternal calls:\n\t- ! (msg.sender.call()) (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#18)\n\tState variables written after the call(s):\n\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#21)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L16-L22):\n\tExternal calls:\n\t- [! (msg.sender.call())](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L18)\n\tState variables written after the call(s):\n\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L21)\n",
"first_markdown_element": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L16-L22",
"id": "296bbfc5c41b40046e8fc0563e89099df3ff17caf0bd3ff8dde0271aacd8d981",
"check": "reentrancy-no-eth",
"impact": "Medium",
"confidence": "Medium"
},
{
"elements": [
},
{
"type": "function",
"name": "bad1",
"type": "node",
"name": "! (msg.sender.call())",
"source_mapping": {
"start": 485,
"length": 158,
"start": 391,
"length": 20,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28,
29
18
],
"starting_column": 5,
"ending_column": 6
"starting_column": 13,
"ending_column": 33
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "ReentrancyWrite",
"type": "function",
"name": "bad0",
"source_mapping": {
"start": 28,
"length": 776,
"start": 326,
"length": 153,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad1(address)"
}
},
{
"type": "node",
"name": "success = msg.sender.call()",
"source_mapping": {
"start": 560,
"length": 34,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
26
],
"starting_column": 9,
"ending_column": 43
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad1",
"source_mapping": {
"start": 485,
"length": 158,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
24,
25,
26,
27,
28,
29
22
],
"starting_column": 5,
"ending_column": 6
@ -465,12 +373,12 @@
"ending_column": 2
}
},
"signature": "bad1(address)"
"signature": "bad0()"
}
}
},
"additional_fields": {
"underlying_type": "external_calls"
"underlying_type": "external_calls_sending_eth"
}
},
{
@ -570,24 +478,25 @@
}
},
"additional_fields": {
"underlying_type": "external_calls"
"underlying_type": "variables_written",
"variable_name": "notCalled"
}
},
{
"type": "node",
"name": "! (msg.sender.call())",
"name": "notCalled = false",
"source_mapping": {
"start": 391,
"length": 20,
"start": 455,
"length": 17,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
18
21
],
"starting_column": 13,
"ending_column": 33
"starting_column": 9,
"ending_column": 26
},
"type_specific_fields": {
"parent": {
@ -671,43 +580,135 @@
}
},
"additional_fields": {
"underlying_type": "external_calls_sending_eth"
"underlying_type": "variables_written",
"variable_name": "notCalled"
}
},
}
],
"description": "Reentrancy in ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#24-29):\n\tExternal calls:\n\t- success = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#26)\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#28)\n\t\t- ! (msg.sender.call()) (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#18)\n\tState variables written after the call(s):\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#28)\n\t\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#21)\n\tReentrancyWrite.notCalled (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#4) can be used in cross function reentrancies:\n\t- ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#16-22)\n\t- ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#24-29)\n\t- ReentrancyWrite.constructor(address) (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#7-14)\n\t- ReentrancyWrite.good() (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#31-37)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L24-L29):\n\tExternal calls:\n\t- [success = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L26)\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L28)\n\t\t- [! (msg.sender.call())](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L18)\n\tState variables written after the call(s):\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L28)\n\t\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L21)\n\t[ReentrancyWrite.notCalled](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L4) can be used in cross function reentrancies:\n\t- [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L16-L22)\n\t- [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L24-L29)\n\t- [ReentrancyWrite.constructor(address)](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L7-L14)\n\t- [ReentrancyWrite.good()](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L31-L37)\n",
"first_markdown_element": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L24-L29",
"id": "3abbc9e8f73096dd53d7a40513439b00f2bcfb9c594446c25eb8f0845a83f634",
"check": "reentrancy-no-eth",
"impact": "Medium",
"confidence": "Medium"
},
{
"elements": [
{
"type": "node",
"name": "bad0()",
"type": "function",
"name": "bad0",
"source_mapping": {
"start": 630,
"length": 6,
"start": 326,
"length": 153,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
28
16,
17,
18,
19,
20,
21,
22
],
"starting_column": 9,
"ending_column": 15
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad1",
"type": "contract",
"name": "ReentrancyWrite",
"source_mapping": {
"start": 485,
"length": 158,
"start": 28,
"length": 776,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad0()"
}
},
{
"type": "node",
"name": "! (msg.sender.call())",
"source_mapping": {
"start": 391,
"length": 20,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
18
],
"starting_column": 13,
"ending_column": 33
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad0",
"source_mapping": {
"start": 326,
"length": 153,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol",
"is_dependency": false,
"lines": [
16,
17,
18,
19,
20,
21,
22
],
"starting_column": 5,
"ending_column": 6
@ -766,13 +767,12 @@
"ending_column": 2
}
},
"signature": "bad1(address)"
"signature": "bad0()"
}
}
},
"additional_fields": {
"underlying_type": "variables_written",
"variable_name": "notCalled"
"underlying_type": "external_calls"
}
},
{
@ -878,10 +878,10 @@
}
}
],
"description": "Reentrancy in ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#24-29):\n\tExternal calls:\n\t- success = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#26)\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#28)\n\t\t- ! (msg.sender.call()) (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#18)\n\tState variables written after the call(s):\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#28)\n\t\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#21)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L24-L29):\n\tExternal calls:\n\t- [success = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L26)\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L28)\n\t\t- [! (msg.sender.call())](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L18)\n\tState variables written after the call(s):\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L28)\n\t\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L21)\n",
"first_markdown_element": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L24-L29",
"id": "93b771e9737b42c786392b01e24457616ec7e54b5dd7714c96a1e67b9dd535f3",
"description": "Reentrancy in ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#16-22):\n\tExternal calls:\n\t- ! (msg.sender.call()) (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#18)\n\tState variables written after the call(s):\n\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#21)\n\tReentrancyWrite.notCalled (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#4) can be used in cross function reentrancies:\n\t- ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#16-22)\n\t- ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#24-29)\n\t- ReentrancyWrite.constructor(address) (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#7-14)\n\t- ReentrancyWrite.good() (tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#31-37)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L16-L22):\n\tExternal calls:\n\t- [! (msg.sender.call())](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L18)\n\tState variables written after the call(s):\n\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L21)\n\t[ReentrancyWrite.notCalled](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L4) can be used in cross function reentrancies:\n\t- [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L16-L22)\n\t- [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L24-L29)\n\t- [ReentrancyWrite.constructor(address)](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L7-L14)\n\t- [ReentrancyWrite.good()](tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L31-L37)\n",
"first_markdown_element": "tests/detectors/reentrancy-no-eth/0.4.25/reentrancy-write.sol#L16-L22",
"id": "849ca5d32a80a76091f9049ebde3e9267a1c1bc22fd11197246e748b56a31f3b",
"check": "reentrancy-no-eth",
"impact": "Medium",
"confidence": "Medium"

12
tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol.0.5.16.ReentrancyReadBeforeWritten.json
Unescape View File

@ -599,10 +599,10 @@
}
}
],
"description": "Reentrancy in ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#25-30):\n\tExternal calls:\n\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#27)\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#29)\n\t\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#18)\n\tState variables written after the call(s):\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#29)\n\t\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#22)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L25-L30):\n\tExternal calls:\n\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L27)\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L29)\n\t\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L18)\n\tState variables written after the call(s):\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L29)\n\t\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L22)\n",
"description": "Reentrancy in ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#25-30):\n\tExternal calls:\n\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#27)\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#29)\n\t\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#18)\n\tState variables written after the call(s):\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#29)\n\t\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#22)\n\tReentrancyWrite.notCalled (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#4) can be used in cross function reentrancies:\n\t- ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#16-23)\n\t- ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#25-30)\n\t- ReentrancyWrite.constructor(address) (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#7-14)\n\t- ReentrancyWrite.good() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#32-39)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L25-L30):\n\tExternal calls:\n\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L27)\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L29)\n\t\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L18)\n\tState variables written after the call(s):\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L29)\n\t\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L22)\n\t[ReentrancyWrite.notCalled](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L4) can be used in cross function reentrancies:\n\t- [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L16-L23)\n\t- [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L25-L30)\n\t- [ReentrancyWrite.constructor(address)](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L7-L14)\n\t- [ReentrancyWrite.good()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L32-L39)\n",
"first_markdown_element": "tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L25-L30",
"id": "9fbfafd0d47ce4f4ead524570f382093c186c4e9e5e96ce0067fce3ffb6dc74a",
"id": "80cbbc2ca9b1ec618f677d49ad8c55c3e7b458a8f8f2d5083e5388dabf526d6f",
"check": "reentrancy-no-eth",
"impact": "Medium",
"confidence": "Medium"
@ -901,10 +901,10 @@
}
}
],
"description": "Reentrancy in ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#16-23):\n\tExternal calls:\n\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#18)\n\tState variables written after the call(s):\n\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#22)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L16-L23):\n\tExternal calls:\n\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L18)\n\tState variables written after the call(s):\n\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L22)\n",
"description": "Reentrancy in ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#16-23):\n\tExternal calls:\n\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#18)\n\tState variables written after the call(s):\n\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#22)\n\tReentrancyWrite.notCalled (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#4) can be used in cross function reentrancies:\n\t- ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#16-23)\n\t- ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#25-30)\n\t- ReentrancyWrite.constructor(address) (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#7-14)\n\t- ReentrancyWrite.good() (tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#32-39)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L16-L23):\n\tExternal calls:\n\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L18)\n\tState variables written after the call(s):\n\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L22)\n\t[ReentrancyWrite.notCalled](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L4) can be used in cross function reentrancies:\n\t- [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L16-L23)\n\t- [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L25-L30)\n\t- [ReentrancyWrite.constructor(address)](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L7-L14)\n\t- [ReentrancyWrite.good()](tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L32-L39)\n",
"first_markdown_element": "tests/detectors/reentrancy-no-eth/0.5.16/reentrancy-write.sol#L16-L23",
"id": "c9ba81d76d46579f9e78ac96b1aae43b71f2d4a96d4c47b2fab9831bf0f15a8f",
"id": "aec3401a9ebdcd0961e5a0f704379be83fc18e5c8ea5e98641b0ea1783184a3d",
"check": "reentrancy-no-eth",
"impact": "Medium",
"confidence": "Medium"

12
tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol.0.6.11.ReentrancyReadBeforeWritten.json
Unescape View File

@ -294,10 +294,10 @@
}
}
],
"description": "Reentrancy in ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#16-23):\n\tExternal calls:\n\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#18)\n\tState variables written after the call(s):\n\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#22)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L16-L23):\n\tExternal calls:\n\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L18)\n\tState variables written after the call(s):\n\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L22)\n",
"description": "Reentrancy in ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#16-23):\n\tExternal calls:\n\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#18)\n\tState variables written after the call(s):\n\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#22)\n\tReentrancyWrite.notCalled (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#4) can be used in cross function reentrancies:\n\t- ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#16-23)\n\t- ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#25-30)\n\t- ReentrancyWrite.constructor(address) (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#7-14)\n\t- ReentrancyWrite.good() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#32-39)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L16-L23):\n\tExternal calls:\n\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L18)\n\tState variables written after the call(s):\n\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L22)\n\t[ReentrancyWrite.notCalled](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L4) can be used in cross function reentrancies:\n\t- [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L16-L23)\n\t- [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L25-L30)\n\t- [ReentrancyWrite.constructor(address)](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L7-L14)\n\t- [ReentrancyWrite.good()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L32-L39)\n",
"first_markdown_element": "tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L16-L23",
"id": "6d19938cb98129ec5abb0fcde1a08ea92c6ab0125e210a1d4c10f27e9a9419cb",
"id": "92d6df62568c8094a9c5cd5c7e4c7162054281244d3d3a1d4efe7df14d18a35a",
"check": "reentrancy-no-eth",
"impact": "Medium",
"confidence": "Medium"
@ -901,10 +901,10 @@
}
}
],
"description": "Reentrancy in ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#25-30):\n\tExternal calls:\n\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#27)\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#29)\n\t\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#18)\n\tState variables written after the call(s):\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#29)\n\t\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#22)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L25-L30):\n\tExternal calls:\n\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L27)\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L29)\n\t\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L18)\n\tState variables written after the call(s):\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L29)\n\t\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L22)\n",
"description": "Reentrancy in ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#25-30):\n\tExternal calls:\n\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#27)\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#29)\n\t\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#18)\n\tState variables written after the call(s):\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#29)\n\t\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#22)\n\tReentrancyWrite.notCalled (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#4) can be used in cross function reentrancies:\n\t- ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#16-23)\n\t- ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#25-30)\n\t- ReentrancyWrite.constructor(address) (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#7-14)\n\t- ReentrancyWrite.good() (tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#32-39)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L25-L30):\n\tExternal calls:\n\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L27)\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L29)\n\t\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L18)\n\tState variables written after the call(s):\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L29)\n\t\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L22)\n\t[ReentrancyWrite.notCalled](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L4) can be used in cross function reentrancies:\n\t- [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L16-L23)\n\t- [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L25-L30)\n\t- [ReentrancyWrite.constructor(address)](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L7-L14)\n\t- [ReentrancyWrite.good()](tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L32-L39)\n",
"first_markdown_element": "tests/detectors/reentrancy-no-eth/0.6.11/reentrancy-write.sol#L25-L30",
"id": "dfc70c3670d28f163af1fd624da8ace78193a8309e4c442462e7bc96e88eeae1",
"id": "b0372b9d2879e62eb13c185a89ae1e80653ef3339cb5521630a9717e1592100e",
"check": "reentrancy-no-eth",
"impact": "Medium",
"confidence": "Medium"

352
tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol.0.7.6.ReentrancyReadBeforeWritten.json
Unescape View File

@ -4,21 +4,23 @@
"elements": [
{
"type": "function",
"name": "bad1",
"name": "bad0",
"source_mapping": {
"start": 577,
"length": 161,
"start": 383,
"length": 188,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
29,
30,
31,
32,
33,
34
20,
21,
22,
23,
24,
25,
26,
27
],
"starting_column": 5,
"ending_column": 6
@ -79,21 +81,21 @@
"ending_column": 2
}
},
"signature": "bad1(address)"
"signature": "bad0()"
}
},
{
"type": "node",
"name": "(success) = msg.sender.call()",
"source_mapping": {
"start": 652,
"start": 444,
"length": 37,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
31
22
],
"starting_column": 9,
"ending_column": 46
@ -101,21 +103,23 @@
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad1",
"name": "bad0",
"source_mapping": {
"start": 577,
"length": 161,
"start": 383,
"length": 188,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
29,
30,
31,
32,
33,
34
20,
21,
22,
23,
24,
25,
26,
27
],
"starting_column": 5,
"ending_column": 6
@ -176,7 +180,7 @@
"ending_column": 2
}
},
"signature": "bad1(address)"
"signature": "bad0()"
}
}
},
@ -186,38 +190,40 @@
},
{
"type": "node",
"name": "bad0()",
"name": "notCalled = false",
"source_mapping": {
"start": 725,
"length": 6,
"start": 547,
"length": 17,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
33
26
],
"starting_column": 9,
"ending_column": 15
"ending_column": 26
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad1",
"name": "bad0",
"source_mapping": {
"start": 577,
"length": 161,
"start": 383,
"length": 188,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
29,
30,
31,
32,
33,
34
20,
21,
22,
23,
24,
25,
26,
27
],
"starting_column": 5,
"ending_column": 6
@ -278,42 +284,72 @@
"ending_column": 2
}
},
"signature": "bad1(address)"
"signature": "bad0()"
}
}
},
"additional_fields": {
"underlying_type": "external_calls"
"underlying_type": "variables_written",
"variable_name": "notCalled"
}
},
}
],
"description": "Reentrancy in ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#20-27):\n\tExternal calls:\n\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#22)\n\tState variables written after the call(s):\n\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#26)\n\tReentrancyWrite.notCalled (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#8) can be used in cross function reentrancies:\n\t- ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#20-27)\n\t- ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#29-34)\n\t- ReentrancyWrite.constructor(address) (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#11-18)\n\t- ReentrancyWrite.good() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#36-43)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L20-L27):\n\tExternal calls:\n\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L22)\n\tState variables written after the call(s):\n\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L26)\n\t[ReentrancyWrite.notCalled](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L8) can be used in cross function reentrancies:\n\t- [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L20-L27)\n\t- [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L29-L34)\n\t- [ReentrancyWrite.constructor(address)](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L11-L18)\n\t- [ReentrancyWrite.good()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L36-L43)\n",
"first_markdown_element": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L20-L27",
"id": "24a6dbb0286f86f1dac424bdc447262dcbfda1a1c637c4c0f21885b82eb9af24",
"check": "reentrancy-no-eth",
"impact": "Medium",
"confidence": "Medium"
},
{
"elements": [
{
"type": "node",
"name": "(success) = msg.sender.call()",
"type": "function",
"name": "bad1",
"source_mapping": {
"start": 444,
"length": 37,
"start": 577,
"length": 161,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
22
29,
30,
31,
32,
33,
34
],
"starting_column": 9,
"ending_column": 46
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad0",
"type": "contract",
"name": "ReentrancyWrite",
"source_mapping": {
"start": 383,
"length": 188,
"start": 82,
"length": 852,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
@ -321,7 +357,67 @@
24,
25,
26,
27
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad1(address)"
}
},
{
"type": "node",
"name": "(success) = msg.sender.call()",
"source_mapping": {
"start": 652,
"length": 37,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
31
],
"starting_column": 9,
"ending_column": 46
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad1",
"source_mapping": {
"start": 577,
"length": 161,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
29,
30,
31,
32,
33,
34
],
"starting_column": 5,
"ending_column": 6
@ -382,12 +478,12 @@
"ending_column": 2
}
},
"signature": "bad0()"
"signature": "bad1(address)"
}
}
},
"additional_fields": {
"underlying_type": "external_calls_sending_eth"
"underlying_type": "external_calls"
}
},
{
@ -489,25 +585,24 @@
}
},
"additional_fields": {
"underlying_type": "variables_written",
"variable_name": "notCalled"
"underlying_type": "external_calls"
}
},
{
"type": "node",
"name": "notCalled = false",
"name": "(success) = msg.sender.call()",
"source_mapping": {
"start": 547,
"length": 17,
"start": 444,
"length": 37,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
26
22
],
"starting_column": 9,
"ending_column": 26
"ending_column": 46
},
"type_specific_fields": {
"parent": {
@ -594,139 +689,43 @@
}
},
"additional_fields": {
"underlying_type": "variables_written",
"variable_name": "notCalled"
"underlying_type": "external_calls_sending_eth"
}
}
],
"description": "Reentrancy in ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#29-34):\n\tExternal calls:\n\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#31)\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#33)\n\t\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#22)\n\tState variables written after the call(s):\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#33)\n\t\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#26)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L29-L34):\n\tExternal calls:\n\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L31)\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L33)\n\t\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L22)\n\tState variables written after the call(s):\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L33)\n\t\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L26)\n",
"first_markdown_element": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L29-L34",
"id": "11273f8e5ccbb848ea0de9b7c15e3fb66deb7c061265f88b8aa7646eed935c0e",
"check": "reentrancy-no-eth",
"impact": "Medium",
"confidence": "Medium"
},
{
"elements": [
},
{
"type": "function",
"name": "bad0",
"type": "node",
"name": "bad0()",
"source_mapping": {
"start": 383,
"length": 188,
"start": 725,
"length": 6,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
20,
21,
22,
23,
24,
25,
26,
27
33
],
"starting_column": 5,
"ending_column": 6
"starting_column": 9,
"ending_column": 15
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "ReentrancyWrite",
"type": "function",
"name": "bad1",
"source_mapping": {
"start": 82,
"length": 852,
"start": 577,
"length": 161,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad0()"
}
},
{
"type": "node",
"name": "(success) = msg.sender.call()",
"source_mapping": {
"start": 444,
"length": 37,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
22
],
"starting_column": 9,
"ending_column": 46
},
"type_specific_fields": {
"parent": {
"type": "function",
"name": "bad0",
"source_mapping": {
"start": 383,
"length": 188,
"filename_relative": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"filename_absolute": "/GENERIC_PATH",
"filename_short": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol",
"is_dependency": false,
"lines": [
20,
21,
22,
23,
24,
25,
26,
27
34
],
"starting_column": 5,
"ending_column": 6
@ -787,12 +786,13 @@
"ending_column": 2
}
},
"signature": "bad0()"
"signature": "bad1(address)"
}
}
},
"additional_fields": {
"underlying_type": "external_calls"
"underlying_type": "variables_written",
"variable_name": "notCalled"
}
},
{
@ -901,10 +901,10 @@
}
}
],
"description": "Reentrancy in ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#20-27):\n\tExternal calls:\n\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#22)\n\tState variables written after the call(s):\n\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#26)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L20-L27):\n\tExternal calls:\n\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L22)\n\tState variables written after the call(s):\n\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L26)\n",
"first_markdown_element": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L20-L27",
"id": "ef995e89d54c7b577af2ca26540e01da65ac0e2466d6d7a58e4d11e9211b12a4",
"description": "Reentrancy in ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#29-34):\n\tExternal calls:\n\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#31)\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#33)\n\t\t- (success) = msg.sender.call() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#22)\n\tState variables written after the call(s):\n\t- bad0() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#33)\n\t\t- notCalled = false (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#26)\n\tReentrancyWrite.notCalled (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#8) can be used in cross function reentrancies:\n\t- ReentrancyWrite.bad0() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#20-27)\n\t- ReentrancyWrite.bad1(address) (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#29-34)\n\t- ReentrancyWrite.constructor(address) (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#11-18)\n\t- ReentrancyWrite.good() (tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#36-43)\n",
"markdown": "Reentrancy in [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L29-L34):\n\tExternal calls:\n\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L31)\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L33)\n\t\t- [(success) = msg.sender.call()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L22)\n\tState variables written after the call(s):\n\t- [bad0()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L33)\n\t\t- [notCalled = false](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L26)\n\t[ReentrancyWrite.notCalled](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L8) can be used in cross function reentrancies:\n\t- [ReentrancyWrite.bad0()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L20-L27)\n\t- [ReentrancyWrite.bad1(address)](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L29-L34)\n\t- [ReentrancyWrite.constructor(address)](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L11-L18)\n\t- [ReentrancyWrite.good()](tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L36-L43)\n",
"first_markdown_element": "tests/detectors/reentrancy-no-eth/0.7.6/reentrancy-write.sol#L29-L34",
"id": "e8259d1bbe21b2c12ea23f8ed1c67b9a8f63a1828d3b91db1f7b78ddd43ef7d6",
"check": "reentrancy-no-eth",
"impact": "Medium",
"confidence": "Medium"

1
tests/test_detectors.py
Unescape View File

@ -362,6 +362,7 @@ ALL_TEST_OBJECTS = [
"DAO.sol",
"0.4.25",
),
Test(all_detectors.ReentrancyEth, "reentrancy_with_non_reentrant.sol", "0.8.10"),
Test(
all_detectors.UninitializedStorageVars,
"uninitialized_storage_pointer.sol",

17
tests/test_function.py
Unescape View File

@ -244,6 +244,7 @@ def test_functions():
def test_function_can_send_eth():
solc_select.switch_global_version("0.6.12", always_install=True)
slither = Slither("tests/test_function.sol")
compilation_unit = slither.compilation_units[0]
functions = compilation_unit.get_contract_from_name("TestFunctionCanSendEth")[
@ -266,6 +267,22 @@ def test_function_can_send_eth():
assert functions["highlevel_call_via_external()"].can_send_eth() is False
def test_reentrant():
solc_select.switch_global_version("0.8.10", always_install=True)
slither = Slither("tests/test_function_reentrant.sol")
compilation_unit = slither.compilation_units[0]
functions = compilation_unit.get_contract_from_name("TestReentrant")[
0
].available_functions_as_dict()
assert functions["is_reentrant()"].is_reentrant
assert not functions["is_non_reentrant()"].is_reentrant
assert not functions["internal_and_not_reentrant()"].is_reentrant
assert not functions["internal_and_not_reentrant2()"].is_reentrant
assert functions["internal_and_could_be_reentrant()"].is_reentrant
assert functions["internal_and_reentrant()"].is_reentrant
def test_public_variable() -> None:
solc_select.switch_global_version("0.6.12", always_install=True)
slither = Slither("tests/test_function.sol")

36
tests/test_function_reentrant.sol
Unescape View File

@ -0,0 +1,36 @@
contract TestReentrant{
modifier nonReentrant(){
_;
}
function is_reentrant() public{
internal_and_could_be_reentrant();
internal_and_reentrant();
}
function is_non_reentrant() nonReentrant() public{
internal_and_could_be_reentrant();
internal_and_not_reentrant2();
}
function internal_and_not_reentrant() nonReentrant() internal{
}
function internal_and_not_reentrant2() internal{
}
// Called by a protected and unprotected function
function internal_and_could_be_reentrant() internal{
}
// Called by a protected and unprotected function
function internal_and_reentrant() internal{
}
}
Write Preview
Loading…
Cancel
Save