API break: generate_json_result takes a list as input, instead of a str

The list can contains str, or any elements that can be converted to a str with source mapping
Ex: Variable, Contract, Event, Function, ..
generate_json_result will automatically add the elements to the json.
As a result, detectors only need to add the elements to the info list, and do not need to add the element
to the json.

AbstractDetectors has a STANDARD_JSON parameter, if set to False, generate_json_result will not add the elements to the json
pull/362/head
Josselin 5 years ago
parent ec00646cb3
commit e364ba208e
  1. 5
      slither/__main__.py
  2. 4
      slither/core/declarations/pragma_directive.py
  3. 6
      slither/core/slither_core.py
  4. 20
      slither/core/source_mapping/source_mapping.py
  5. 2
      slither/core/variables/local_variable.py
  6. 7
      slither/detectors/abstract_detector.py
  7. 16
      slither/detectors/attributes/const_functions.py
  8. 10
      slither/detectors/attributes/constant_pragma.py
  9. 4
      slither/detectors/attributes/incorrect_solc.py
  10. 14
      slither/detectors/attributes/locked_ether.py
  11. 7
      slither/detectors/erc/incorrect_erc20_interface.py
  12. 7
      slither/detectors/erc/incorrect_erc721_interface.py
  13. 5
      slither/detectors/erc/unindexed_event_parameters.py
  14. 6
      slither/detectors/examples/backdoor.py
  15. 11
      slither/detectors/functions/arbitrary_send.py
  16. 13
      slither/detectors/functions/external_function.py
  17. 6
      slither/detectors/functions/suicidal.py
  18. 34
      slither/detectors/naming_convention/naming_convention.py
  19. 12
      slither/detectors/operations/block_timestamp.py
  20. 9
      slither/detectors/operations/low_level_calls.py
  21. 10
      slither/detectors/operations/unused_return_values.py
  22. 8
      slither/detectors/operations/void_constructor.py
  23. 19
      slither/detectors/reentrancy/reentrancy_benign.py
  24. 18
      slither/detectors/reentrancy/reentrancy_eth.py
  25. 13
      slither/detectors/reentrancy/reentrancy_read_before_write.py
  26. 8
      slither/detectors/shadowing/abstract.py
  27. 29
      slither/detectors/shadowing/builtin_symbols.py
  28. 34
      slither/detectors/shadowing/local.py
  29. 8
      slither/detectors/shadowing/state.py
  30. 1
      slither/detectors/source/rtlo.py
  31. 7
      slither/detectors/statements/assembly.py
  32. 5
      slither/detectors/statements/calls_in_loop.py
  33. 9
      slither/detectors/statements/controlled_delegatecall.py
  34. 12
      slither/detectors/statements/deprecated_calls.py
  35. 7
      slither/detectors/statements/incorrect_strict_equality.py
  36. 7
      slither/detectors/statements/too_many_digits.py
  37. 7
      slither/detectors/statements/tx_origin.py
  38. 5
      slither/detectors/variables/possible_const_state_variables.py
  39. 10
      slither/detectors/variables/uninitialized_local_variables.py
  40. 13
      slither/detectors/variables/uninitialized_state_variables.py
  41. 8
      slither/detectors/variables/uninitialized_storage_variables.py
  42. 7
      slither/detectors/variables/unused_state_variables.py
  43. 2
      slither/slither.py
  44. 75
      slither/utils/json_utils.py
  45. 22
      tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.json
  46. 4
      tests/expected_json/arbitrary_send-0.5.1.arbitrary-send.txt
  47. 22
      tests/expected_json/arbitrary_send.arbitrary-send.json
  48. 4
      tests/expected_json/arbitrary_send.arbitrary-send.txt
  49. 11
      tests/expected_json/backdoor.backdoor.json
  50. 6
      tests/expected_json/backdoor.backdoor.txt
  51. 11
      tests/expected_json/backdoor.suicidal.json
  52. 4
      tests/expected_json/backdoor.suicidal.txt
  53. 66
      tests/expected_json/const_state_variables.constable-states.json
  54. 16
      tests/expected_json/const_state_variables.constable-states.txt
  55. 11
      tests/expected_json/constant-0.5.1.constant-function.json
  56. 4
      tests/expected_json/constant-0.5.1.constant-function.txt
  57. 33
      tests/expected_json/constant.constant-function.json
  58. 8
      tests/expected_json/constant.constant-function.txt
  59. 178
      tests/expected_json/controlled_delegatecall.controlled-delegatecall.json
  60. 8
      tests/expected_json/controlled_delegatecall.controlled-delegatecall.txt
  61. 88
      tests/expected_json/deprecated_calls.deprecated-standards.json
  62. 20
      tests/expected_json/deprecated_calls.deprecated-standards.txt
  63. 44
      tests/expected_json/erc20_indexed.erc20-indexed.json
  64. 12
      tests/expected_json/erc20_indexed.erc20-indexed.txt
  65. 55
      tests/expected_json/external_function.external-function.json
  66. 756
      tests/expected_json/incorrect_equality.incorrect-equality.json
  67. 28
      tests/expected_json/incorrect_equality.incorrect-equality.txt
  68. 216
      tests/expected_json/incorrect_erc20_interface.erc20-interface.json
  69. 16
      tests/expected_json/incorrect_erc20_interface.erc20-interface.txt
  70. 390
      tests/expected_json/incorrect_erc721_interface.erc721-interface.json
  71. 24
      tests/expected_json/incorrect_erc721_interface.erc721-interface.txt
  72. 11
      tests/expected_json/inline_assembly_contract-0.5.1.assembly.json
  73. 8
      tests/expected_json/inline_assembly_contract-0.5.1.assembly.txt
  74. 11
      tests/expected_json/inline_assembly_contract.assembly.json
  75. 8
      tests/expected_json/inline_assembly_contract.assembly.txt
  76. 22
      tests/expected_json/inline_assembly_library-0.5.1.assembly.json
  77. 12
      tests/expected_json/inline_assembly_library-0.5.1.assembly.txt
  78. 22
      tests/expected_json/inline_assembly_library.assembly.json
  79. 12
      tests/expected_json/inline_assembly_library.assembly.txt
  80. 11
      tests/expected_json/locked_ether-0.5.1.locked-ether.json
  81. 8
      tests/expected_json/locked_ether-0.5.1.locked-ether.txt
  82. 11
      tests/expected_json/locked_ether.locked-ether.json
  83. 8
      tests/expected_json/locked_ether.locked-ether.txt
  84. 11
      tests/expected_json/low_level_calls.low-level-calls.json
  85. 6
      tests/expected_json/low_level_calls.low-level-calls.txt
  86. 68
      tests/expected_json/multiple_calls_in_loop.calls-loop.json
  87. 8
      tests/expected_json/multiple_calls_in_loop.calls-loop.txt
  88. 132
      tests/expected_json/naming_convention.naming-convention.json
  89. 28
      tests/expected_json/naming_convention.naming-convention.txt
  90. 11
      tests/expected_json/old_solc.sol.json.solc-version.json
  91. 6
      tests/expected_json/old_solc.sol.json.solc-version.txt
  92. 11
      tests/expected_json/pragma.0.4.24.pragma.json
  93. 8
      tests/expected_json/pragma.0.4.24.pragma.txt
  94. 22
      tests/expected_json/reentrancy-0.5.1.reentrancy-eth.json
  95. 8
      tests/expected_json/reentrancy-0.5.1.reentrancy-eth.txt
  96. 22
      tests/expected_json/reentrancy.reentrancy-eth.json
  97. 8
      tests/expected_json/reentrancy.reentrancy-eth.txt
  98. 11
      tests/expected_json/right_to_left_override.rtlo.json
  99. 4
      tests/expected_json/right_to_left_override.rtlo.txt
  100. 11
      tests/expected_json/shadowing_abstract.shadowing-abstract.json
  101. Some files were not shown because too many files have changed in this diff Show More

@ -331,6 +331,11 @@ def parse_args(detector_classes, printer_classes):
action='store', action='store',
default=defaults_flag_in_config['json-types']) default=defaults_flag_in_config['json-types'])
group_misc.add_argument('--markdown-root',
help='URL for markdown generation',
action='store',
default="")
group_misc.add_argument('--disable-color', group_misc.add_argument('--disable-color',
help='Disable output colorization', help='Disable output colorization',
action='store_true', action='store_true',

@ -17,5 +17,9 @@ class Pragma(SourceMapping):
def version(self): def version(self):
return ''.join(self.directive[1:]) return ''.join(self.directive[1:])
@property
def name(self):
return self.version
def __str__(self): def __str__(self):
return 'pragma '+''.join(self.directive) return 'pragma '+''.join(self.directive)

@ -37,6 +37,8 @@ class Slither(Context):
self._generate_patches = False self._generate_patches = False
self._markdown_root = ""
################################################################################### ###################################################################################
################################################################################### ###################################################################################
# region Source code # region Source code
@ -68,6 +70,10 @@ class Slither(Context):
with open(path, encoding='utf8', newline='') as f: with open(path, encoding='utf8', newline='') as f:
self.source_code[path] = f.read() self.source_code[path] = f.read()
@property
def markdown_root(self):
return self._markdown_root
# endregion # endregion
################################################################################### ###################################################################################
################################################################################### ###################################################################################

@ -132,16 +132,22 @@ class SourceMapping(Context):
else: else:
self._source_mapping = self._convert_source_mapping(offset, slither) self._source_mapping = self._convert_source_mapping(offset, slither)
def _get_lines_str(self, line_descr=""):
@property
def source_mapping_str(self):
lines = self.source_mapping.get('lines', None) lines = self.source_mapping.get('lines', None)
if not lines: if not lines:
lines = '' lines = ''
elif len(lines) == 1: elif len(lines) == 1:
lines = '#{}'.format(lines[0]) lines = '#{}{}'.format(line_descr, lines[0])
else: else:
lines = '#{}-{}'.format(lines[0], lines[-1]) lines = '#{}{}-{}{}'.format(line_descr, lines[0], line_descr, lines[-1])
return '{}{}'.format(self.source_mapping['filename_short'], lines) return lines
def source_mapping_to_markdown(self, markdown_root):
lines = self._get_lines_str(line_descr="L")
return f'{markdown_root}{self.source_mapping["filename_relative"]}{lines}'
@property
def source_mapping_str(self):
lines = self._get_lines_str()
return f'{self.source_mapping["filename_short"]}{lines}'

@ -52,6 +52,6 @@ class LocalVariable(ChildFunction, Variable):
@property @property
def canonical_name(self): def canonical_name(self):
return self.name return '{}.{}'.format(self.function.canonical_name, self.name)

@ -49,6 +49,8 @@ class AbstractDetector(metaclass=abc.ABCMeta):
WIKI_EXPLOIT_SCENARIO = '' WIKI_EXPLOIT_SCENARIO = ''
WIKI_RECOMMENDATION = '' WIKI_RECOMMENDATION = ''
STANDARD_JSON = True
def __init__(self, slither, logger): def __init__(self, slither, logger):
self.slither = slither self.slither = slither
self.contracts = slither.contracts self.contracts = slither.contracts
@ -169,7 +171,10 @@ class AbstractDetector(metaclass=abc.ABCMeta):
return classification_colors[self.IMPACT] return classification_colors[self.IMPACT]
def generate_json_result(self, info, additional_fields=None): def generate_json_result(self, info, additional_fields=None):
d = json_utils.generate_json_result(info, additional_fields) d = json_utils.generate_json_result(info,
additional_fields,
standard_format=self.STANDARD_JSON,
markdown_root=self.slither.markdown_root)
d['check'] = self.ARGUMENT d['check'] = self.ARGUMENT
d['impact'] = classification_txt[self.IMPACT] d['impact'] = classification_txt[self.IMPACT]

@ -57,23 +57,23 @@ All the calls to `get` revert, breaking Bob's smart contract execution.'''
if f.view or f.pure: if f.view or f.pure:
if f.contains_assembly: if f.contains_assembly:
attr = 'view' if f.view else 'pure' attr = 'view' if f.view else 'pure'
info = '{} ({}) is declared {} but contains assembly code\n'
info = info.format(f.canonical_name, f.source_mapping_str, attr) info = [f, f' is declared {attr} but contains assembly code\n']
json = self.generate_json_result(info, {'contains_assembly': True}) json = self.generate_json_result(info, {'contains_assembly': True})
self.add_function_to_json(f, json)
results.append(json) results.append(json)
variables_written = f.all_state_variables_written() variables_written = f.all_state_variables_written()
if variables_written: if variables_written:
attr = 'view' if f.view else 'pure' attr = 'view' if f.view else 'pure'
info = '{} ({}) is declared {} but changes state variables:\n'
info = info.format(f.canonical_name, f.source_mapping_str, attr) info = [f, f' is declared {attr} but changes state variables:\n']
for variable_written in variables_written: for variable_written in variables_written:
info += '\t- {}\n'.format(variable_written.canonical_name) info += ['\t- ', variable_written, '\n']
json = self.generate_json_result(info, {'contains_assembly': False}) json = self.generate_json_result(info, {'contains_assembly': False})
self.add_function_to_json(f, json)
self.add_variables_to_json(variables_written, json)
results.append(json) results.append(json)
return results return results

@ -30,16 +30,14 @@ class ConstantPragma(AbstractDetector):
versions = sorted(list(set(versions))) versions = sorted(list(set(versions)))
if len(versions) > 1: if len(versions) > 1:
info = "Different versions of Solidity is used in {}:\n".format(self.filename) info = [f"Different versions of Solidity is used in {self.filename}:\n"]
info += "\t- Version used: {}\n".format([str(v) for v in versions]) info += [f"\t- Version used: {[str(v) for v in versions]}\n"]
for p in pragma: for p in pragma:
info += "\t- {} declares {}\n".format(p.source_mapping_str, str(p)) info += ["\t- ", p, "\n"]
json = self.generate_json_result(info) json = self.generate_json_result(info)
# Add each pragma to our elements
for p in pragma:
self.add_pragma_to_json(p, json)
results.append(json) results.append(json)
return results return results

@ -100,10 +100,10 @@ Use Solidity 0.4.25 or 0.5.3. Consider using the latest version of Solidity for
# If we found any disallowed pragmas, we output our findings. # If we found any disallowed pragmas, we output our findings.
if disallowed_pragmas: if disallowed_pragmas:
for (reason, p) in disallowed_pragmas: for (reason, p) in disallowed_pragmas:
info = f"Pragma version \"{p.version}\" {reason} ({p.source_mapping_str})\n" info = ["Pragma version", p, f" {reason}\n"]
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_pragma_to_json(p, json)
results.append(json) results.append(json)
return results return results

@ -74,18 +74,14 @@ Every ether sent to `Locked` will be lost.'''
funcs_payable = [function for function in contract.functions if function.payable] funcs_payable = [function for function in contract.functions if function.payable]
if funcs_payable: if funcs_payable:
if self.do_no_send_ether(contract): if self.do_no_send_ether(contract):
txt = "Contract locking ether found in {}:\n".format(self.filename) info = [f"Contract locking ether found in {self.filename}:\n"]
txt += "\tContract {} has payable functions:\n".format(contract.name) info += ["\tContract ", contract, " has payable functions:\n"]
for function in funcs_payable: for function in funcs_payable:
txt += "\t - {} ({})\n".format(function.name, function.source_mapping_str) info += [f"\t - ", function, "\n"]
txt += "\tBut does not have a function to withdraw the ether\n" info += "\tBut does not have a function to withdraw the ether\n"
info = txt.format(self.filename,
contract.name,
[f.name for f in funcs_payable])
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_contract_to_json(contract, json)
self.add_functions_to_json(funcs_payable, json)
results.append(json) results.append(json)
return results return results

@ -87,12 +87,9 @@ contract Token{
functions = IncorrectERC20InterfaceDetection.detect_incorrect_erc20_interface(c) functions = IncorrectERC20InterfaceDetection.detect_incorrect_erc20_interface(c)
if functions: if functions:
for function in functions: for function in functions:
info = "{} ({}) has incorrect ERC20 function interface: {} ({})\n".format(c.name, info = [c, " has incorrect ERC20 function interface:", function, "\n"]
c.source_mapping_str,
function.full_name,
function.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_function_to_json(function, json)
results.append(json) results.append(json)
return results return results

@ -86,12 +86,9 @@ contract Token{
functions = IncorrectERC721InterfaceDetection.detect_incorrect_erc721_interface(c) functions = IncorrectERC721InterfaceDetection.detect_incorrect_erc721_interface(c)
if functions: if functions:
for function in functions: for function in functions:
info = "{} ({}) has incorrect ERC721 function interface: {} ({})\n".format(c.name, info = [c, " has incorrect ERC721 function interface:", function, "\n"]
c.source_mapping_str,
function.full_name,
function.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_function_to_json(function, json)
results.append(json) results.append(json)
return results return results

@ -32,6 +32,8 @@ In this case, Transfer and Approval events should have the 'indexed' keyword on
WIKI_RECOMMENDATION = 'Add the `indexed` keyword to event parameters which should include it, according to the ERC20 specification.' WIKI_RECOMMENDATION = 'Add the `indexed` keyword to event parameters which should include it, according to the ERC20 specification.'
STANDARD_JSON = False
@staticmethod @staticmethod
def detect_erc20_unindexed_event_params(contract): def detect_erc20_unindexed_event_params(contract):
""" """
@ -71,10 +73,11 @@ In this case, Transfer and Approval events should have the 'indexed' keyword on
# Add each problematic event definition to our result list # Add each problematic event definition to our result list
for (event, parameter) in unindexed_params: for (event, parameter) in unindexed_params:
info = "ERC20 event {}.{} ({}) does not index parameter '{}'\n".format(c.name, event.name, event.source_mapping_str, parameter.name) info = ["ERC20 event ", event, f"does not index parameter {parameter}\n"]
# Add the events to the JSON (note: we do not add the params/vars as they have no source mapping). # Add the events to the JSON (note: we do not add the params/vars as they have no source mapping).
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_event_to_json(event, json, { self.add_event_to_json(event, json, {
"parameter_name": parameter.name "parameter_name": parameter.name
}) })

@ -26,11 +26,11 @@ class Backdoor(AbstractDetector):
for f in contract.functions: for f in contract.functions:
if 'backdoor' in f.name: if 'backdoor' in f.name:
# Info to be printed # Info to be printed
info = 'Backdoor function found in {}.{} ({})\n' info = ['Backdoor function found in ', f, '\n']
info = info.format(contract.name, f.name, f.source_mapping_str)
# Add the result in result # Add the result in result
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_function_to_json(f, json)
results.append(json) results.append(json)
return results return results

@ -109,16 +109,13 @@ Bob calls `setDestination` and `withdraw`. As a result he withdraws the contract
arbitrary_send = self.detect_arbitrary_send(c) arbitrary_send = self.detect_arbitrary_send(c)
for (func, nodes) in arbitrary_send: for (func, nodes) in arbitrary_send:
info = "{} ({}) sends eth to arbitrary user\n" info = [func, " sends eth to arbitrary user\n"]
info = info.format(func.canonical_name, info += ['\tDangerous calls:\n']
func.source_mapping_str)
info += '\tDangerous calls:\n'
for node in nodes: for node in nodes:
info += '\t- {} ({})\n'.format(node.expression, node.source_mapping_str) info += ['\t- ', node, '\n']
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_function_to_json(func, json)
self.add_nodes_to_json(nodes, json)
results.append(json) results.append(json)
return results return results

@ -182,16 +182,13 @@ class ExternalFunction(AbstractDetector):
function_definition = all_function_definitions[0] function_definition = all_function_definitions[0]
all_function_definitions = all_function_definitions[1:] all_function_definitions = all_function_definitions[1:]
txt = f"{function_definition.full_name} should be declared external:\n" info = [f"{function_definition.full_name} should be declared external:\n"]
txt += f"\t- {function_definition.canonical_name} ({function_definition.source_mapping_str})\n" info += [f"\t- ", function_definition, "\n"]
for other_function_definition in all_function_definitions: for other_function_definition in all_function_definitions:
txt += f"\t- {other_function_definition.canonical_name}" info += [f"\t- ", other_function_definition, "\n"]
txt += f" ({other_function_definition.source_mapping_str})\n"
json = self.generate_json_result(info)
json = self.generate_json_result(txt)
self.add_function_to_json(function_definition, json)
for other_function_definition in all_function_definitions:
self.add_function_to_json(other_function_definition, json)
results.append(json) results.append(json)
return results return results

@ -73,12 +73,10 @@ Bob calls `kill` and destructs the contract.'''
functions = self.detect_suicidal(c) functions = self.detect_suicidal(c)
for func in functions: for func in functions:
txt = "{} ({}) allows anyone to destruct the contract\n" info = [func, " allows anyone to destruct the contract\n"]
info = txt.format(func.canonical_name,
func.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_function_to_json(func, json)
results.append(json) results.append(json)
return results return results

@ -30,6 +30,7 @@ Solidity defines a [naming convention](https://solidity.readthedocs.io/en/v0.4.2
WIKI_RECOMMENDATION = 'Follow the Solidity [naming convention](https://solidity.readthedocs.io/en/v0.4.25/style-guide.html#naming-conventions).' WIKI_RECOMMENDATION = 'Follow the Solidity [naming convention](https://solidity.readthedocs.io/en/v0.4.25/style-guide.html#naming-conventions).'
STANDARD_JSON = False
@staticmethod @staticmethod
def is_cap_words(name): def is_cap_words(name):
@ -59,8 +60,7 @@ Solidity defines a [naming convention](https://solidity.readthedocs.io/en/v0.4.2
for contract in self.contracts: for contract in self.contracts:
if not self.is_cap_words(contract.name): if not self.is_cap_words(contract.name):
info = "Contract '{}' ({}) is not in CapWords\n".format(contract.name, info = ["Contract ", contract, " is not in CapWords\n"]
contract.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_contract_to_json(contract, json, { self.add_contract_to_json(contract, json, {
@ -71,8 +71,7 @@ Solidity defines a [naming convention](https://solidity.readthedocs.io/en/v0.4.2
for struct in contract.structures_declared: for struct in contract.structures_declared:
if not self.is_cap_words(struct.name): if not self.is_cap_words(struct.name):
info = "Struct '{}' ({}) is not in CapWords\n" info = ["Struct ", struct, " is not in CapWords\n"]
info = info.format(struct.canonical_name, struct.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_struct_to_json(struct, json, { self.add_struct_to_json(struct, json, {
@ -83,8 +82,7 @@ Solidity defines a [naming convention](https://solidity.readthedocs.io/en/v0.4.2
for event in contract.events_declared: for event in contract.events_declared:
if not self.is_cap_words(event.name): if not self.is_cap_words(event.name):
info = "Event '{}' ({}) is not in CapWords\n" info = ["Event ", event, " is not in CapWords\n"]
info = info.format(event.canonical_name, event.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_event_to_json(event, json, { self.add_event_to_json(event, json, {
@ -101,8 +99,7 @@ Solidity defines a [naming convention](https://solidity.readthedocs.io/en/v0.4.2
continue continue
if func.name.startswith("echidna_") or func.name.startswith("crytic_"): if func.name.startswith("echidna_") or func.name.startswith("crytic_"):
continue continue
info = "Function '{}' ({}) is not in mixedCase\n" info = ["Function ", func, " is not in mixedCase\n"]
info = info.format(func.canonical_name, func.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_function_to_json(func, json, { self.add_function_to_json(func, json, {
@ -120,10 +117,7 @@ Solidity defines a [naming convention](https://solidity.readthedocs.io/en/v0.4.2
else: else:
correct_naming = self.is_mixed_case_with_underscore(argument.name) correct_naming = self.is_mixed_case_with_underscore(argument.name)
if not correct_naming: if not correct_naming:
info = "Parameter '{}' of {} ({}) is not in mixedCase\n" info = ["Parameter ", argument, " is not in mixedCase\n"]
info = info.format(argument.name,
argument.canonical_name,
argument.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_variable_to_json(argument, json, { self.add_variable_to_json(argument, json, {
@ -135,8 +129,7 @@ Solidity defines a [naming convention](https://solidity.readthedocs.io/en/v0.4.2
for var in contract.state_variables_declared: for var in contract.state_variables_declared:
if self.should_avoid_name(var.name): if self.should_avoid_name(var.name):
if not self.is_upper_case_with_underscores(var.name): if not self.is_upper_case_with_underscores(var.name):
info = "Variable '{}' ({}) used l, O, I, which should not be used\n" info = ["Variable ", var," used l, O, I, which should not be used\n"]
info = info.format(var.canonical_name, var.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_variable_to_json(var, json, { self.add_variable_to_json(var, json, {
@ -151,8 +144,7 @@ Solidity defines a [naming convention](https://solidity.readthedocs.io/en/v0.4.2
continue continue
if not self.is_upper_case_with_underscores(var.name): if not self.is_upper_case_with_underscores(var.name):
info = "Constant '{}' ({}) is not in UPPER_CASE_WITH_UNDERSCORES\n" info = ["Constant ", var," is not in UPPER_CASE_WITH_UNDERSCORES\n"]
info = info.format(var.canonical_name, var.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_variable_to_json(var, json, { self.add_variable_to_json(var, json, {
@ -167,8 +159,7 @@ Solidity defines a [naming convention](https://solidity.readthedocs.io/en/v0.4.2
else: else:
correct_naming = self.is_mixed_case(var.name) correct_naming = self.is_mixed_case(var.name)
if not correct_naming: if not correct_naming:
info = "Variable '{}' ({}) is not in mixedCase\n" info = ["Variable ", var, " is not in mixedCase\n"]
info = info.format(var.canonical_name, var.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_variable_to_json(var, json, { self.add_variable_to_json(var, json, {
@ -179,8 +170,7 @@ Solidity defines a [naming convention](https://solidity.readthedocs.io/en/v0.4.2
for enum in contract.enums_declared: for enum in contract.enums_declared:
if not self.is_cap_words(enum.name): if not self.is_cap_words(enum.name):
info = "Enum '{}' ({}) is not in CapWords\n" info = ["Enum ", enum, " is not in CapWords\n"]
info = info.format(enum.canonical_name, enum.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_enum_to_json(enum, json, { self.add_enum_to_json(enum, json, {
@ -191,9 +181,7 @@ Solidity defines a [naming convention](https://solidity.readthedocs.io/en/v0.4.2
for modifier in contract.modifiers_declared: for modifier in contract.modifiers_declared:
if not self.is_mixed_case(modifier.name): if not self.is_mixed_case(modifier.name):
info = "Modifier '{}' ({}) is not in mixedCase\n" info = ["Modifier ", modifier, " is not in mixedCase\n"]
info = info.format(modifier.canonical_name,
modifier.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_function_to_json(modifier, json, { self.add_function_to_json(modifier, json, {

@ -69,16 +69,14 @@ class Timestamp(AbstractDetector):
dangerous_timestamp = self.detect_dangerous_timestamp(c) dangerous_timestamp = self.detect_dangerous_timestamp(c)
for (func, nodes) in dangerous_timestamp: for (func, nodes) in dangerous_timestamp:
info = "{} ({}) uses timestamp for comparisons\n" info = [func, " uses timestamp for comparisons\n"]
info = info.format(func.canonical_name,
func.source_mapping_str) info += ['\tDangerous comparisons:\n']
info += '\tDangerous comparisons:\n'
for node in nodes: for node in nodes:
info += '\t- {} ({})\n'.format(node.expression, node.source_mapping_str) info += ['\t- ', node, '\n']
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_function_to_json(func, json)
self.add_nodes_to_json(nodes, json)
results.append(json) results.append(json)
return results return results

@ -48,14 +48,13 @@ class LowLevelCalls(AbstractDetector):
for c in self.contracts: for c in self.contracts:
values = self.detect_low_level_calls(c) values = self.detect_low_level_calls(c)
for func, nodes in values: for func, nodes in values:
info = "Low level call in {} ({}):\n" info = ["Low level call in ", func,":\n"]
info = info.format(func.canonical_name, func.source_mapping_str)
for node in nodes: for node in nodes:
info += "\t-{} {}\n".format(str(node.expression), node.source_mapping_str) info += ['\t- ', node, '\n']
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_function_to_json(func, json)
self.add_nodes_to_json(nodes, json)
results.append(json) results.append(json)
return results return results

@ -74,16 +74,10 @@ contract MyConc{
if unused_return: if unused_return:
for node in unused_return: for node in unused_return:
info = "{} ({}) ignores return value by {} \"{}\" ({})\n" info = [f, f" ignores return value by ", node, "\n"]
info = info.format(f.canonical_name,
f.source_mapping_str,
self._txt_description,
node.expression,
node.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_node_to_json(node, json)
self.add_function_to_json(f, json)
results.append(json) results.append(json)
return results return results

@ -36,12 +36,10 @@ By reading B's constructor definition, the reader might assume that `A()` initia
for constructor_call in cst.explicit_base_constructor_calls_statements: for constructor_call in cst.explicit_base_constructor_calls_statements:
for node in constructor_call.nodes: for node in constructor_call.nodes:
if any(isinstance(ir, Nop) for ir in node.irs): if any(isinstance(ir, Nop) for ir in node.irs):
info = "Void constructor called in {} ({}):\n" info = ["Void constructor called in ", cst, ":\n"]
info = info.format(cst.canonical_name, cst.source_mapping_str) info += ["\t- ", node, "\n"]
info += "\t-{} {}\n".format(str(node.expression), node.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_function_to_json(cst, json)
self.add_nodes_to_json([node], json)
results.append(json) results.append(json)
return results return results

@ -36,6 +36,8 @@ Only report reentrancy that acts as a double call (see `reentrancy-eth`, `reentr
WIKI_RECOMMENDATION = 'Apply the [check-effects-interactions pattern](http://solidity.readthedocs.io/en/v0.4.21/security-considerations.html#re-entrancy).' WIKI_RECOMMENDATION = 'Apply the [check-effects-interactions pattern](http://solidity.readthedocs.io/en/v0.4.21/security-considerations.html#re-entrancy).'
STANDARD_JSON = False
def find_reentrancies(self): def find_reentrancies(self):
result = {} result = {}
for contract in self.contracts: for contract in self.contracts:
@ -78,18 +80,19 @@ Only report reentrancy that acts as a double call (see `reentrancy-eth`, `reentr
for (func, calls, send_eth), varsWritten in result_sorted: for (func, calls, send_eth), varsWritten in result_sorted:
calls = sorted(list(set(calls)), key=lambda x: x.node_id) calls = sorted(list(set(calls)), key=lambda x: x.node_id)
send_eth = sorted(list(set(send_eth)), key=lambda x: x.node_id) send_eth = sorted(list(set(send_eth)), key=lambda x: x.node_id)
info = 'Reentrancy in {} ({}):\n' info = ['Reentrancy in ', func, ':\n']
info = info.format(func.canonical_name, func.source_mapping_str)
info += '\tExternal calls:\n' info += ['\tExternal calls:\n']
for call_info in calls: for call_info in calls:
info += '\t- {} ({})\n'.format(call_info.expression, call_info.source_mapping_str) info += ['\t- ' , call_info, '\n']
if calls != send_eth and send_eth: if calls != send_eth and send_eth:
info += '\tExternal calls sending eth:\n' info += ['\tExternal calls sending eth:\n']
for call_info in send_eth: for call_info in send_eth:
info += '\t- {} ({})\n'.format(call_info.expression, call_info.source_mapping_str) info += ['\t- ', call_info, '\n']
info += '\tState variables written after the call(s):\n' info += ['\tState variables written after the call(s):\n']
for (v, node) in sorted(varsWritten, key=lambda x: (x[0].name, x[1].node_id)): for (v, node) in sorted(varsWritten, key=lambda x: (x[0].name, x[1].node_id)):
info += '\t- {} ({})\n'.format(v, node.source_mapping_str) info += ['\t- ', v, ' in ', node, '\n']
# Create our JSON result # Create our JSON result
json = self.generate_json_result(info) json = self.generate_json_result(info)

@ -37,6 +37,7 @@ Bob uses the re-entrancy bug to call `withdrawBalance` two times, and withdraw m
WIKI_RECOMMENDATION = 'Apply the [check-effects-interactions pattern](http://solidity.readthedocs.io/en/v0.4.21/security-considerations.html#re-entrancy).' WIKI_RECOMMENDATION = 'Apply the [check-effects-interactions pattern](http://solidity.readthedocs.io/en/v0.4.21/security-considerations.html#re-entrancy).'
STANDARD_JSON = False
def find_reentrancies(self): def find_reentrancies(self):
result = {} result = {}
@ -81,18 +82,17 @@ Bob uses the re-entrancy bug to call `withdrawBalance` two times, and withdraw m
calls = sorted(list(set(calls)), key=lambda x: x.node_id) calls = sorted(list(set(calls)), key=lambda x: x.node_id)
send_eth = sorted(list(set(send_eth)), key=lambda x: x.node_id) send_eth = sorted(list(set(send_eth)), key=lambda x: x.node_id)
info = 'Reentrancy in {} ({}):\n' info = ['Reentrancy in ', func, ':\n']
info = info.format(func.canonical_name, func.source_mapping_str) info += ['\tExternal calls:\n']
info += '\tExternal calls:\n'
for call_info in calls: for call_info in calls:
info += '\t- {} ({})\n'.format(call_info.expression, call_info.source_mapping_str) info += ['\t- ' , call_info, '\n']
if calls != send_eth: if calls != send_eth and send_eth:
info += '\tExternal calls sending eth:\n' info += ['\tExternal calls sending eth:\n']
for call_info in send_eth: for call_info in send_eth:
info += '\t- {} ({})\n'.format(call_info.expression, call_info.source_mapping_str) info += ['\t- ', call_info, '\n']
info += '\tState variables written after the call(s):\n' info += ['\tState variables written after the call(s):\n']
for (v, node) in sorted(varsWritten, key=lambda x: (x[0].name, x[1].node_id)): for (v, node) in sorted(varsWritten, key=lambda x: (x[0].name, x[1].node_id)):
info += '\t- {} ({})\n'.format(v, node.source_mapping_str) info += ['\t- ', v, ' in ', node, '\n']
# Create our JSON result # Create our JSON result
json = self.generate_json_result(info) json = self.generate_json_result(info)

@ -36,6 +36,8 @@ Do not report reentrancies that involve ethers (see `reentrancy-eth`)'''
''' '''
WIKI_RECOMMENDATION = 'Apply the [check-effects-interactions pattern](http://solidity.readthedocs.io/en/v0.4.21/security-considerations.html#re-entrancy).' WIKI_RECOMMENDATION = 'Apply the [check-effects-interactions pattern](http://solidity.readthedocs.io/en/v0.4.21/security-considerations.html#re-entrancy).'
STANDARD_JSON = False
def find_reentrancies(self): def find_reentrancies(self):
result = {} result = {}
for contract in self.contracts: for contract in self.contracts:
@ -75,14 +77,15 @@ Do not report reentrancies that involve ethers (see `reentrancy-eth`)'''
result_sorted = sorted(list(reentrancies.items()), key=lambda x:x[0][0].name) result_sorted = sorted(list(reentrancies.items()), key=lambda x:x[0][0].name)
for (func, calls), varsWritten in result_sorted: for (func, calls), varsWritten in result_sorted:
calls = sorted(list(set(calls)), key=lambda x: x.node_id) calls = sorted(list(set(calls)), key=lambda x: x.node_id)
info = 'Reentrancy in {} ({}):\n'
info = info.format(func.canonical_name, func.source_mapping_str) info = ['Reentrancy in ', func, ':\n']
info += '\tExternal calls:\n'
info += ['\tExternal calls:\n']
for call_info in calls: for call_info in calls:
info += '\t- {} ({})\n'.format(call_info.expression, call_info.source_mapping_str) info += ['\t- ', call_info, '\n']
info += '\tState variables written after the call(s):\n' info += '\tState variables written after the call(s):\n'
for (v, node) in sorted(varsWritten, key=lambda x: (x[0].name, x[1].node_id)): for (v, node) in sorted(varsWritten, key=lambda x: (x[0].name, x[1].node_id)):
info += '\t- {} ({})\n'.format(v, node.source_mapping_str) info += ['\t- ', v, ' in ', node, '\n']
# Create our JSON result # Create our JSON result
json = self.generate_json_result(info) json = self.generate_json_result(info)

@ -65,14 +65,12 @@ contract DerivedContract is BaseContract{
for all_variables in shadowing: for all_variables in shadowing:
shadow = all_variables[0] shadow = all_variables[0]
variables = all_variables[1:] variables = all_variables[1:]
info = '{} ({}) shadows:\n'.format(shadow.canonical_name, info = [shadow, ' shadows:\n']
shadow.source_mapping_str)
for var in variables: for var in variables:
info += "\t- {} ({})\n".format(var.canonical_name, info += ["\t- ", var, "\n"]
var.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_variables_to_json(all_variables, json)
results.append(json) results.append(json)
return results return results

@ -77,7 +77,7 @@ contract Bug {
results = [] results = []
for local in function_or_modifier.variables: for local in function_or_modifier.variables:
if self.is_builtin_symbol(local.name): if self.is_builtin_symbol(local.name):
results.append((self.SHADOWING_LOCAL_VARIABLE, local, function_or_modifier)) results.append((self.SHADOWING_LOCAL_VARIABLE, local))
return results return results
def detect_builtin_shadowing_definitions(self, contract): def detect_builtin_shadowing_definitions(self, contract):
@ -92,18 +92,18 @@ contract Bug {
# Loop through all functions, modifiers, variables (state and local) to detect any built-in symbol keywords. # Loop through all functions, modifiers, variables (state and local) to detect any built-in symbol keywords.
for function in contract.functions_declared: for function in contract.functions_declared:
if self.is_builtin_symbol(function.name): if self.is_builtin_symbol(function.name):
result.append((self.SHADOWING_FUNCTION, function, None)) result.append((self.SHADOWING_FUNCTION, function))
result += self.detect_builtin_shadowing_locals(function) result += self.detect_builtin_shadowing_locals(function)
for modifier in contract.modifiers_declared: for modifier in contract.modifiers_declared:
if self.is_builtin_symbol(modifier.name): if self.is_builtin_symbol(modifier.name):
result.append((self.SHADOWING_MODIFIER, modifier, None)) result.append((self.SHADOWING_MODIFIER, modifier))
result += self.detect_builtin_shadowing_locals(modifier) result += self.detect_builtin_shadowing_locals(modifier)
for variable in contract.state_variables_declared: for variable in contract.state_variables_declared:
if self.is_builtin_symbol(variable.name): if self.is_builtin_symbol(variable.name):
result.append((self.SHADOWING_STATE_VARIABLE, variable, None)) result.append((self.SHADOWING_STATE_VARIABLE, variable))
for event in contract.events_declared: for event in contract.events_declared:
if self.is_builtin_symbol(event.name): if self.is_builtin_symbol(event.name):
result.append((self.SHADOWING_EVENT, event, None)) result.append((self.SHADOWING_EVENT, event))
return result return result
@ -124,27 +124,10 @@ contract Bug {
# Obtain components # Obtain components
shadow_type = shadow[0] shadow_type = shadow[0]
shadow_object = shadow[1] shadow_object = shadow[1]
local_variable_parent = shadow[2]
# Build the path for our info string info = [shadow_object, f' ({shadow_type}) shadows built-in symbol"\n']
local_variable_path = contract.name + "."
if local_variable_parent is not None:
local_variable_path += local_variable_parent.name + "."
local_variable_path += shadow_object.name
info = '{} ({} @ {}) shadows built-in symbol \"{}"\n'.format(local_variable_path,
shadow_type,
shadow_object.source_mapping_str,
shadow_object.name)
# Generate relevant JSON data for this shadowing definition.
json = self.generate_json_result(info) json = self.generate_json_result(info)
if shadow_type in [self.SHADOWING_FUNCTION, self.SHADOWING_MODIFIER]:
self.add_function_to_json(shadow_object, json)
elif shadow_type == self.SHADOWING_EVENT:
self.add_event_to_json(shadow_object, json)
elif shadow_type in [self.SHADOWING_STATE_VARIABLE, self.SHADOWING_LOCAL_VARIABLE]:
self.add_variable_to_json(shadow_object, json)
results.append(json) results.append(json)
return results return results

@ -68,23 +68,23 @@ contract Bug {
# Check functions # Check functions
for scope_function in scope_contract.functions_declared: for scope_function in scope_contract.functions_declared:
if variable.name == scope_function.name: if variable.name == scope_function.name:
overshadowed.append((self.OVERSHADOWED_FUNCTION, scope_contract.name, scope_function)) overshadowed.append((self.OVERSHADOWED_FUNCTION, scope_function))
# Check modifiers # Check modifiers
for scope_modifier in scope_contract.modifiers_declared: for scope_modifier in scope_contract.modifiers_declared:
if variable.name == scope_modifier.name: if variable.name == scope_modifier.name:
overshadowed.append((self.OVERSHADOWED_MODIFIER, scope_contract.name, scope_modifier)) overshadowed.append((self.OVERSHADOWED_MODIFIER, scope_modifier))
# Check events # Check events
for scope_event in scope_contract.events_declared: for scope_event in scope_contract.events_declared:
if variable.name == scope_event.name: if variable.name == scope_event.name:
overshadowed.append((self.OVERSHADOWED_EVENT, scope_contract.name, scope_event)) overshadowed.append((self.OVERSHADOWED_EVENT, scope_event))
# Check state variables # Check state variables
for scope_state_variable in scope_contract.state_variables_declared: for scope_state_variable in scope_contract.state_variables_declared:
if variable.name == scope_state_variable.name: if variable.name == scope_state_variable.name:
overshadowed.append((self.OVERSHADOWED_STATE_VARIABLE, scope_contract.name, scope_state_variable)) overshadowed.append((self.OVERSHADOWED_STATE_VARIABLE, scope_state_variable))
# If we have found any overshadowed objects, we'll want to add it to our result list. # If we have found any overshadowed objects, we'll want to add it to our result list.
if overshadowed: if overshadowed:
result.append((contract.name, function.name, variable, overshadowed)) result.append((variable, overshadowed))
return result return result
@ -102,29 +102,15 @@ contract Bug {
shadows = self.detect_shadowing_definitions(contract) shadows = self.detect_shadowing_definitions(contract)
if shadows: if shadows:
for shadow in shadows: for shadow in shadows:
local_parent_name = shadow[1] local_variable = shadow[0]
local_variable = shadow[2] overshadowed = shadow[1]
overshadowed = shadow[3] info = [local_variable, ' shadows:\n']
info = '{}.{}.{} (local variable @ {}) shadows:\n'.format(contract.name,
local_parent_name,
local_variable.name,
local_variable.source_mapping_str)
for overshadowed_entry in overshadowed: for overshadowed_entry in overshadowed:
info += "\t- {}.{} ({} @ {})\n".format(overshadowed_entry[1], info += ["\t- ", overshadowed_entry[1], f" ({overshadowed_entry[0]})\n"]
overshadowed_entry[2],
overshadowed_entry[0],
overshadowed_entry[2].source_mapping_str)
# Generate relevant JSON data for this shadowing definition. # Generate relevant JSON data for this shadowing definition.
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_variable_to_json(local_variable, json)
for overshadowed_entry in overshadowed:
if overshadowed_entry[0] in [self.OVERSHADOWED_FUNCTION, self.OVERSHADOWED_MODIFIER]:
self.add_function_to_json(overshadowed_entry[2], json)
elif overshadowed_entry[0] == self.OVERSHADOWED_EVENT:
self.add_event_to_json(overshadowed_entry[2], json)
elif overshadowed_entry[0] == self.OVERSHADOWED_STATE_VARIABLE:
self.add_variable_to_json(overshadowed_entry[2], json)
results.append(json) results.append(json)
return results return results

@ -76,14 +76,12 @@ contract DerivedContract is BaseContract{
for all_variables in shadowing: for all_variables in shadowing:
shadow = all_variables[0] shadow = all_variables[0]
variables = all_variables[1:] variables = all_variables[1:]
info = '{} ({}) shadows:\n'.format(shadow.canonical_name, info = [shadow, ' shadows:\n']
shadow.source_mapping_str)
for var in variables: for var in variables:
info += "\t- {} ({})\n".format(var.canonical_name, info += ["\t- ", var, "\n"]
var.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_variables_to_json(all_variables, json)
results.append(json) results.append(json)

@ -46,6 +46,7 @@ contract Token
WIKI_RECOMMENDATION = 'Special control characters must not be allowed.' WIKI_RECOMMENDATION = 'Special control characters must not be allowed.'
RTLO_CHARACTER_ENCODED = "\u202e".encode('utf-8') RTLO_CHARACTER_ENCODED = "\u202e".encode('utf-8')
STANDARD_JSON = False
def _detect(self): def _detect(self):
results = [] results = []

@ -51,15 +51,12 @@ class Assembly(AbstractDetector):
for c in self.contracts: for c in self.contracts:
values = self.detect_assembly(c) values = self.detect_assembly(c)
for func, nodes in values: for func, nodes in values:
info = "{} uses assembly ({})\n" info = [func, " uses assembly\n"]
info = info.format(func.canonical_name, func.source_mapping_str)
for node in nodes: for node in nodes:
info += "\t- {}\n".format(node.source_mapping_str) info += ["\t- ", node, "\n"]
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_function_to_json(func, json)
self.add_nodes_to_json(nodes, json)
results.append(json) results.append(json)
return results return results

@ -87,11 +87,8 @@ If one of the destinations has a fallback function which reverts, `bad` will alw
for node in values: for node in values:
func = node.function func = node.function
info = "{} has external calls inside a loop: \"{}\" ({})\n" info = [func, " has external calls inside a loop: ", node, "\n"]
info = info.format(func.canonical_name, node.expression, node.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_node_to_json(node, json)
results.append(json) results.append(json)
return results return results

@ -47,14 +47,11 @@ Bob calls `delegate` and delegates the execution to its malicious contract. As a
continue continue
nodes = self.controlled_delegatecall(f) nodes = self.controlled_delegatecall(f)
if nodes: if nodes:
func_info = '{}.{} ({}) uses delegatecall to a input-controlled function id\n' func_info = [f, ' uses delegatecall to a input-controlled function id\n']
func_info = func_info.format(contract.name, f.name, f.source_mapping_str)
for node in nodes:
node_info = func_info + '\t- {} ({})\n'.format(node.expression, node.source_mapping_str)
for node in nodes:
node_info = func_info + ['\t- ', node,'\n']
json = self.generate_json_result(node_info) json = self.generate_json_result(node_info)
self.add_node_to_json(node, json)
self.add_function_to_json(f, json)
results.append(json) results.append(json)
return results return results

@ -152,20 +152,12 @@ contract ContractWithDeprecatedReferences {
for deprecated_reference in deprecated_references: for deprecated_reference in deprecated_references:
source_object = deprecated_reference[0] source_object = deprecated_reference[0]
deprecated_entries = deprecated_reference[1] deprecated_entries = deprecated_reference[1]
info = 'Deprecated standard detected @ {}:\n'.format(source_object.source_mapping_str) info = ['Deprecated standard detected ', source_object, ':\n']
for (dep_id, original_desc, recommended_disc) in deprecated_entries: for (dep_id, original_desc, recommended_disc) in deprecated_entries:
info += "\t- Usage of \"{}\" should be replaced with \"{}\"\n".format(original_desc, info += [f"\t- Usage of \"{original_desc}\" should be replaced with \"{recommended_disc}\"\n"]
recommended_disc)
# Generate relevant JSON data for this deprecated standard.
json = self.generate_json_result(info) json = self.generate_json_result(info)
if isinstance(source_object, StateVariableSolc) or isinstance(source_object, StateVariable):
self.add_variable_to_json(source_object, json)
else:
self.add_nodes_to_json([source_object], json)
results.append(json) results.append(json)
return results return results

@ -111,19 +111,16 @@ contract Crowdsale{
ret = sorted(list(ret.items()), key=lambda x:x[0].name) ret = sorted(list(ret.items()), key=lambda x:x[0].name)
for f, nodes in ret: for f, nodes in ret:
func_info = "{} ({}) uses a dangerous strict equality:\n".format(f.canonical_name, func_info = [f, " uses a dangerous strict equality:\n"]
f.source_mapping_str)
# sort the nodes to get deterministic results # sort the nodes to get deterministic results
nodes.sort(key=lambda x: x.node_id) nodes.sort(key=lambda x: x.node_id)
# Output each node with the function info header as a separate result. # Output each node with the function info header as a separate result.
for node in nodes: for node in nodes:
node_info = func_info + f"\t- {str(node.expression)}\n" node_info = func_info + [f"\t- ", node, "\n"]
json = self.generate_json_result(node_info) json = self.generate_json_result(node_info)
self.add_node_to_json(node, json)
self.add_function_to_json(f, json)
results.append(json) results.append(json)
return results return results

@ -64,15 +64,12 @@ Use:
# iterate over all the nodes # iterate over all the nodes
ret = self._detect_too_many_digits(f) ret = self._detect_too_many_digits(f)
if ret: if ret:
func_info = '{}.{} ({}) uses literals with too many digits:'.format(f.contract.name, func_info = [f, ' uses literals with too many digits:']
f.name,
f.source_mapping_str)
for node in ret: for node in ret:
node_info = func_info + '\n\t- {}\n'.format(node.expression) node_info = func_info + ['\n\t- ', node,'\n']
# Add the result in result # Add the result in result
json = self.generate_json_result(node_info) json = self.generate_json_result(node_info)
self.add_node_to_json(node, json)
results.append(json) results.append(json)
return results return results

@ -68,12 +68,9 @@ Bob is the owner of `TxOrigin`. Bob calls Eve's contract. Eve's contract calls `
for func, nodes in values: for func, nodes in values:
for node in nodes: for node in nodes:
info = "{} uses tx.origin for authorization: \"{}\" ({})\n".format(func.canonical_name, info = [func, " uses tx.origin for authorization: ", node, "\n"]
node.expression,
node.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_node_to_json(node, json)
results.append(json) results.append(json)
return results return results

@ -88,11 +88,8 @@ class ConstCandidateStateVars(AbstractDetector):
# Create a result for each finding # Create a result for each finding
for v in constable_variables: for v in constable_variables:
info = "{} should be constant ({})\n".format(v.canonical_name, info = [v, " should be constant\n"]
v.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_variable_to_json(v, json)
results.append(json) results.append(json)
return results return results

@ -97,17 +97,9 @@ Bob calls `transfer`. As a result, the ethers are sent to the address 0x0 and ar
self._detect_uninitialized(function, function.entry_point, []) self._detect_uninitialized(function, function.entry_point, [])
all_results = list(set(self.results)) all_results = list(set(self.results))
for(function, uninitialized_local_variable) in all_results: for(function, uninitialized_local_variable) in all_results:
var_name = uninitialized_local_variable.name
info = "{} in {} ({}) is a local variable never initialiazed\n"
info = info.format(var_name,
function.canonical_name,
uninitialized_local_variable.source_mapping_str)
info = [uninitialized_local_variable, " is a local variable never initialiazed\n"]
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_variable_to_json(uninitialized_local_variable, json)
self.add_function_to_json(function, json)
results.append(json) results.append(json)
return results return results

@ -87,18 +87,13 @@ Initialize all the variables. If a variable is meant to be initialized to zero,
for c in self.slither.contracts_derived: for c in self.slither.contracts_derived:
ret = self.detect_uninitialized(c) ret = self.detect_uninitialized(c)
for variable, functions in ret: for variable, functions in ret:
info = "{} ({}) is never initialized. It is used in:\n"
info = info.format(variable.canonical_name,
variable.source_mapping_str)
for f in functions:
info += "\t- {} ({})\n".format(f.name, f.source_mapping_str)
source = [variable.source_mapping] info = [variable, " is never initialized. It is used in:\n"]
source += [f.source_mapping for f in functions]
for f in functions:
info += ["\t- ", f, "\n"]
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_variable_to_json(variable, json)
self.add_functions_to_json(functions, json)
results.append(json) results.append(json)
return results return results

@ -101,14 +101,8 @@ Bob calls `func`. As a result, `owner` is override to 0.
self._detect_uninitialized(function, function.entry_point, []) self._detect_uninitialized(function, function.entry_point, [])
for(function, uninitialized_storage_variable) in self.results: for(function, uninitialized_storage_variable) in self.results:
var_name = uninitialized_storage_variable.name info = [uninitialized_storage_variable, " is a storage variable never initialiazed\n"]
info = "{} in {} ({}) is a storage variable never initialiazed\n"
info = info.format(var_name, function.canonical_name, uninitialized_storage_variable.source_mapping_str)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_variable_to_json(uninitialized_storage_variable, json)
self.add_function_to_json(function, json)
results.append(json) results.append(json)
return results return results

@ -60,13 +60,8 @@ class UnusedStateVars(AbstractDetector):
unusedVars = self.detect_unused(c) unusedVars = self.detect_unused(c)
if unusedVars: if unusedVars:
for var in unusedVars: for var in unusedVars:
info = "{} ({}) is never used in {}\n".format(var.canonical_name, info = [var, " is never used in ", c, "\n"]
var.source_mapping_str,
c.name)
json = self.generate_json_result(info) json = self.generate_json_result(info)
self.add_variable_to_json(var, json)
self.add_contract_to_json(c, json)
results.append(json) results.append(json)
return results return results

@ -68,6 +68,8 @@ class Slither(SlitherSolc):
if kwargs.get('generate_patches', False): if kwargs.get('generate_patches', False):
self.generate_patches = True self.generate_patches = True
self._markdown_root = kwargs.get('markdown_root', "")
self._detectors = [] self._detectors = []
self._printers = [] self._printers = []

@ -3,7 +3,11 @@ import json
import logging import logging
from collections import OrderedDict from collections import OrderedDict
from slither.core.cfg.node import Node
from slither.core.declarations import Contract, Function, Enum, Event, Structure, Pragma
from slither.core.source_mapping.source_mapping import SourceMapping from slither.core.source_mapping.source_mapping import SourceMapping
from slither.core.variables.variable import Variable
from slither.exceptions import SlitherError
from slither.utils.colors import yellow from slither.utils.colors import yellow
logger = logging.getLogger("Slither") logger = logging.getLogger("Slither")
@ -54,12 +58,79 @@ def output_json(filename, error, results):
################################################################################### ###################################################################################
################################################################################### ###################################################################################
def generate_json_result(info, additional_fields=None): def _convert_to_description(d):
if isinstance(d, str):
return d
if not isinstance(d, SourceMapping):
raise SlitherError(f'{d} does not inherit from SourceMapping, conversion impossible')
if isinstance(d, Node):
if d.expression:
return f'{d.expression} ({d.source_mapping_str})'
else:
return f'{str(d)} ({d.source_mapping_str})'
if hasattr(d, 'canonical_name'):
return f'{d.canonical_name} ({d.source_mapping_str})'
if hasattr(d, 'name'):
return f'{d.name} ({d.source_mapping_str})'
raise SlitherError(f'{type(d)} cannot be converted (no name, or canonical_name')
def _convert_to_markdown(d, markdown_root):
if isinstance(d, str):
return d
if not isinstance(d, SourceMapping):
raise SlitherError(f'{d} does not inherit from SourceMapping, conversion impossible')
if isinstance(d, Node):
if d.expression:
return f'[{d.expression}]({d.source_mapping_to_markdown(markdown_root)})'
else:
return f'[{str(d)}]({d.source_mapping_to_markdown(markdown_root)})'
if hasattr(d, 'canonical_name'):
return f'[{d.canonical_name}]({d.source_mapping_to_markdown(markdown_root)})'
if hasattr(d, 'name'):
return f'[{d.name}]({d.source_mapping_to_markdown(markdown_root)})'
raise SlitherError(f'{type(d)} cannot be converted (no name, or canonical_name')
def generate_json_result(info, additional_fields=None, markdown_root='', standard_format=False):
if additional_fields is None: if additional_fields is None:
additional_fields = {} additional_fields = {}
d = OrderedDict() d = OrderedDict()
d['elements'] = [] d['elements'] = []
d['description'] = info d['description'] = ''.join(_convert_to_description(d) for d in info)
d['markdown'] = ''.join(_convert_to_markdown(d, markdown_root) for d in info)
if standard_format:
to_add = [i for i in info if not isinstance(i, str)]
for add in to_add:
if isinstance(add, Variable):
add_variable_to_json(add, d)
elif isinstance(add, Contract):
add_contract_to_json(add, d)
elif isinstance(add, Function):
add_function_to_json(add, d)
elif isinstance(add, Enum):
add_enum_to_json(add, d)
elif isinstance(add, Event):
add_event_to_json(add, d)
elif isinstance(add, Structure):
add_struct_to_json(add, d)
elif isinstance(add, Pragma):
add_pragma_to_json(add, d)
elif isinstance(add, Node):
add_node_to_json(add, d)
else:
raise SlitherError(f'Impossible to add {type(add)} to the json')
if additional_fields: if additional_fields:
d['additional_fields'] = additional_fields d['additional_fields'] = additional_fields

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "arbitrary-send",
"impact": "High",
"confidence": "Medium",
"description": "Test.direct() (tests/arbitrary_send-0.5.1.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#12)\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -191,13 +187,14 @@
} }
} }
} }
] ],
}, "description": "Test.direct() (tests/arbitrary_send-0.5.1.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#12)\n",
{ "markdown": "[Test.direct()](tests/arbitrary_send-0.5.1.sol#L11-L13) sends eth to arbitrary user\n\tDangerous calls:\n\t- [msg.sender.send(address(this).balance)](tests/arbitrary_send-0.5.1.sol#L12)\n",
"check": "arbitrary-send", "check": "arbitrary-send",
"impact": "High", "impact": "High",
"confidence": "Medium", "confidence": "Medium"
"description": "Test.indirect() (tests/arbitrary_send-0.5.1.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#20)\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -381,7 +378,12 @@
} }
} }
} }
] ],
"description": "Test.indirect() (tests/arbitrary_send-0.5.1.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#20)\n",
"markdown": "[Test.indirect()](tests/arbitrary_send-0.5.1.sol#L19-L21) sends eth to arbitrary user\n\tDangerous calls:\n\t- [destination.send(address(this).balance)](tests/arbitrary_send-0.5.1.sol#L20)\n",
"check": "arbitrary-send",
"impact": "High",
"confidence": "Medium"
} }
] ]
} }

@ -1,4 +1,4 @@
INFO:Detectors: 
Test.direct() (tests/arbitrary_send-0.5.1.sol#11-13) sends eth to arbitrary user Test.direct() (tests/arbitrary_send-0.5.1.sol#11-13) sends eth to arbitrary user
Dangerous calls: Dangerous calls:
- msg.sender.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#12) - msg.sender.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#12)
@ -6,4 +6,4 @@ Test.indirect() (tests/arbitrary_send-0.5.1.sol#19-21) sends eth to arbitrary us
Dangerous calls: Dangerous calls:
- destination.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#20) - destination.send(address(this).balance) (tests/arbitrary_send-0.5.1.sol#20)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#functions-that-send-ether-to-arbitrary-destinations Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#functions-that-send-ether-to-arbitrary-destinations
INFO:Slither:tests/arbitrary_send-0.5.1.sol analyzed (1 contracts), 2 result(s) found tests/arbitrary_send-0.5.1.sol analyzed (1 contracts with 1 detectors), 2 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "arbitrary-send",
"impact": "High",
"confidence": "Medium",
"description": "Test.direct() (tests/arbitrary_send.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/arbitrary_send.sol#12)\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -191,13 +187,14 @@
} }
} }
} }
] ],
}, "description": "Test.direct() (tests/arbitrary_send.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/arbitrary_send.sol#12)\n",
{ "markdown": "[Test.direct()](tests/arbitrary_send.sol#L11-L13) sends eth to arbitrary user\n\tDangerous calls:\n\t- [msg.sender.send(address(this).balance)](tests/arbitrary_send.sol#L12)\n",
"check": "arbitrary-send", "check": "arbitrary-send",
"impact": "High", "impact": "High",
"confidence": "Medium", "confidence": "Medium"
"description": "Test.indirect() (tests/arbitrary_send.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/arbitrary_send.sol#20)\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -381,7 +378,12 @@
} }
} }
} }
] ],
"description": "Test.indirect() (tests/arbitrary_send.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/arbitrary_send.sol#20)\n",
"markdown": "[Test.indirect()](tests/arbitrary_send.sol#L19-L21) sends eth to arbitrary user\n\tDangerous calls:\n\t- [destination.send(address(this).balance)](tests/arbitrary_send.sol#L20)\n",
"check": "arbitrary-send",
"impact": "High",
"confidence": "Medium"
} }
] ]
} }

@ -1,4 +1,4 @@
INFO:Detectors: 
Test.direct() (tests/arbitrary_send.sol#11-13) sends eth to arbitrary user Test.direct() (tests/arbitrary_send.sol#11-13) sends eth to arbitrary user
Dangerous calls: Dangerous calls:
- msg.sender.send(address(this).balance) (tests/arbitrary_send.sol#12) - msg.sender.send(address(this).balance) (tests/arbitrary_send.sol#12)
@ -6,4 +6,4 @@ Test.indirect() (tests/arbitrary_send.sol#19-21) sends eth to arbitrary user
Dangerous calls: Dangerous calls:
- destination.send(address(this).balance) (tests/arbitrary_send.sol#20) - destination.send(address(this).balance) (tests/arbitrary_send.sol#20)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#functions-that-send-ether-to-arbitrary-destinations Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#functions-that-send-ether-to-arbitrary-destinations
INFO:Slither:tests/arbitrary_send.sol analyzed (1 contracts), 2 result(s) found tests/arbitrary_send.sol analyzed (1 contracts with 1 detectors), 2 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "backdoor",
"impact": "High",
"confidence": "High",
"description": "Backdoor function found in C.i_am_a_backdoor (tests/backdoor.sol#4-6)\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -56,7 +52,12 @@
"signature": "i_am_a_backdoor()" "signature": "i_am_a_backdoor()"
} }
} }
] ],
"description": "Backdoor function found in C.i_am_a_backdoor() (tests/backdoor.sol#4-6)\n",
"markdown": "Backdoor function found in [C.i_am_a_backdoor()](tests/backdoor.sol#L4-L6)\n",
"check": "backdoor",
"impact": "High",
"confidence": "High"
} }
] ]
} }

@ -1,5 +1,5 @@
INFO:Detectors: 
Backdoor function found in C.i_am_a_backdoor (tests/backdoor.sol#4-6) Backdoor function found in C.i_am_a_backdoor() (tests/backdoor.sol#4-6)
Reference: https://github.com/trailofbits/slither/wiki/Adding-a-new-detector Reference: https://github.com/trailofbits/slither/wiki/Adding-a-new-detector
tests/backdoor.sol analyzed (1 contracts with 1 detectors), 1 result(s) found
INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/backdoor.backdoor.json exists already, the overwrite is prevented INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/backdoor.backdoor.json exists already, the overwrite is prevented
INFO:Slither:tests/backdoor.sol analyzed (1 contracts), 1 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "suicidal",
"impact": "High",
"confidence": "High",
"description": "C.i_am_a_backdoor() (tests/backdoor.sol#4-6) allows anyone to destruct the contract\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -56,7 +52,12 @@
"signature": "i_am_a_backdoor()" "signature": "i_am_a_backdoor()"
} }
} }
] ],
"description": "C.i_am_a_backdoor() (tests/backdoor.sol#4-6) allows anyone to destruct the contract\n",
"markdown": "[C.i_am_a_backdoor()](tests/backdoor.sol#L4-L6) allows anyone to destruct the contract\n",
"check": "suicidal",
"impact": "High",
"confidence": "High"
} }
] ]
} }

@ -1,5 +1,5 @@
INFO:Detectors: 
C.i_am_a_backdoor() (tests/backdoor.sol#4-6) allows anyone to destruct the contract C.i_am_a_backdoor() (tests/backdoor.sol#4-6) allows anyone to destruct the contract
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#suicidal Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#suicidal
tests/backdoor.sol analyzed (1 contracts with 1 detectors), 1 result(s) found
INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/backdoor.suicidal.json exists already, the overwrite is prevented INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/backdoor.suicidal.json exists already, the overwrite is prevented
INFO:Slither:tests/backdoor.sol analyzed (1 contracts), 1 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "constable-states",
"impact": "Optimization",
"confidence": "High",
"description": "A.myFriendsAddress should be constant (tests/const_state_variables.sol#7)\n",
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -64,13 +60,14 @@
} }
} }
} }
] ],
}, "description": "A.myFriendsAddress (tests/const_state_variables.sol#7) should be constant\n",
{ "markdown": "[A.myFriendsAddress](tests/const_state_variables.sol#L7) should be constant\n",
"check": "constable-states", "check": "constable-states",
"impact": "Optimization", "impact": "Optimization",
"confidence": "High", "confidence": "High"
"description": "A.test should be constant (tests/const_state_variables.sol#10)\n", },
{
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -127,13 +124,14 @@
} }
} }
} }
] ],
}, "description": "A.test (tests/const_state_variables.sol#10) should be constant\n",
{ "markdown": "[A.test](tests/const_state_variables.sol#L10) should be constant\n",
"check": "constable-states", "check": "constable-states",
"impact": "Optimization", "impact": "Optimization",
"confidence": "High", "confidence": "High"
"description": "A.text2 should be constant (tests/const_state_variables.sol#14)\n", },
{
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -190,13 +188,14 @@
} }
} }
} }
] ],
}, "description": "A.text2 (tests/const_state_variables.sol#14) should be constant\n",
{ "markdown": "[A.text2](tests/const_state_variables.sol#L14) should be constant\n",
"check": "constable-states", "check": "constable-states",
"impact": "Optimization", "impact": "Optimization",
"confidence": "High", "confidence": "High"
"description": "B.mySistersAddress should be constant (tests/const_state_variables.sol#26)\n", },
{
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -249,13 +248,14 @@
} }
} }
} }
] ],
}, "description": "B.mySistersAddress (tests/const_state_variables.sol#26) should be constant\n",
{ "markdown": "[B.mySistersAddress](tests/const_state_variables.sol#L26) should be constant\n",
"check": "constable-states", "check": "constable-states",
"impact": "Optimization", "impact": "Optimization",
"confidence": "High", "confidence": "High"
"description": "MyConc.should_be_constant should be constant (tests/const_state_variables.sol#42)\n", },
{
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -308,13 +308,14 @@
} }
} }
} }
] ],
}, "description": "MyConc.should_be_constant (tests/const_state_variables.sol#42) should be constant\n",
{ "markdown": "[MyConc.should_be_constant](tests/const_state_variables.sol#L42) should be constant\n",
"check": "constable-states", "check": "constable-states",
"impact": "Optimization", "impact": "Optimization",
"confidence": "High", "confidence": "High"
"description": "MyConc.should_be_constant_2 should be constant (tests/const_state_variables.sol#43)\n", },
{
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -367,7 +368,12 @@
} }
} }
} }
] ],
"description": "MyConc.should_be_constant_2 (tests/const_state_variables.sol#43) should be constant\n",
"markdown": "[MyConc.should_be_constant_2](tests/const_state_variables.sol#L43) should be constant\n",
"check": "constable-states",
"impact": "Optimization",
"confidence": "High"
} }
] ]
} }

@ -1,9 +1,9 @@
INFO:Detectors: 
A.myFriendsAddress should be constant (tests/const_state_variables.sol#7) A.myFriendsAddress (tests/const_state_variables.sol#7) should be constant
A.test should be constant (tests/const_state_variables.sol#10) A.test (tests/const_state_variables.sol#10) should be constant
A.text2 should be constant (tests/const_state_variables.sol#14) A.text2 (tests/const_state_variables.sol#14) should be constant
B.mySistersAddress should be constant (tests/const_state_variables.sol#26) B.mySistersAddress (tests/const_state_variables.sol#26) should be constant
MyConc.should_be_constant should be constant (tests/const_state_variables.sol#42) MyConc.should_be_constant (tests/const_state_variables.sol#42) should be constant
MyConc.should_be_constant_2 should be constant (tests/const_state_variables.sol#43) MyConc.should_be_constant_2 (tests/const_state_variables.sol#43) should be constant
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-constant Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-constant
INFO:Slither:tests/const_state_variables.sol analyzed (3 contracts), 6 result(s) found tests/const_state_variables.sol analyzed (3 contracts with 1 detectors), 6 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "constant-function",
"impact": "Medium",
"confidence": "Medium",
"description": "Constant.test_assembly_bug() (tests/constant-0.5.1.sol#15-17) is declared view but contains assembly code\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -68,9 +64,14 @@
} }
} }
], ],
"description": "Constant.test_assembly_bug() (tests/constant-0.5.1.sol#15-17) is declared view but contains assembly code\n",
"markdown": "[Constant.test_assembly_bug()](tests/constant-0.5.1.sol#L15-L17) is declared view but contains assembly code\n",
"additional_fields": { "additional_fields": {
"contains_assembly": true "contains_assembly": true
} },
"check": "constant-function",
"impact": "Medium",
"confidence": "Medium"
} }
] ]
} }

@ -1,4 +1,4 @@
INFO:Detectors: 
Constant.test_assembly_bug() (tests/constant-0.5.1.sol#15-17) is declared view but contains assembly code Constant.test_assembly_bug() (tests/constant-0.5.1.sol#15-17) is declared view but contains assembly code
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#constant-functions-changing-the-state Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#constant-functions-changing-the-state
INFO:Slither:tests/constant-0.5.1.sol analyzed (1 contracts), 1 result(s) found tests/constant-0.5.1.sol analyzed (1 contracts with 1 detectors), 1 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "constant-function",
"impact": "Medium",
"confidence": "Medium",
"description": "Constant.test_view_bug() (tests/constant.sol#5-7) is declared view but changes state variables:\n\t- Constant.a\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -137,15 +133,16 @@
} }
} }
], ],
"description": "Constant.test_view_bug() (tests/constant.sol#5-7) is declared view but changes state variables:\n\t- Constant.a (tests/constant.sol#3)\n",
"markdown": "[Constant.test_view_bug()](tests/constant.sol#L5-L7) is declared view but changes state variables:\n\t- [Constant.a](tests/constant.sol#L3)\n",
"additional_fields": { "additional_fields": {
"contains_assembly": false "contains_assembly": false
} },
},
{
"check": "constant-function", "check": "constant-function",
"impact": "Medium", "impact": "Medium",
"confidence": "Medium", "confidence": "Medium"
"description": "Constant.test_constant_bug() (tests/constant.sol#9-11) is declared view but changes state variables:\n\t- Constant.a\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -275,15 +272,16 @@
} }
} }
], ],
"description": "Constant.test_constant_bug() (tests/constant.sol#9-11) is declared view but changes state variables:\n\t- Constant.a (tests/constant.sol#3)\n",
"markdown": "[Constant.test_constant_bug()](tests/constant.sol#L9-L11) is declared view but changes state variables:\n\t- [Constant.a](tests/constant.sol#L3)\n",
"additional_fields": { "additional_fields": {
"contains_assembly": false "contains_assembly": false
} },
},
{
"check": "constant-function", "check": "constant-function",
"impact": "Medium", "impact": "Medium",
"confidence": "Medium", "confidence": "Medium"
"description": "Constant.test_assembly_bug() (tests/constant.sol#22-24) is declared view but contains assembly code\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -351,9 +349,14 @@
} }
} }
], ],
"description": "Constant.test_assembly_bug() (tests/constant.sol#22-24) is declared view but contains assembly code\n",
"markdown": "[Constant.test_assembly_bug()](tests/constant.sol#L22-L24) is declared view but contains assembly code\n",
"additional_fields": { "additional_fields": {
"contains_assembly": true "contains_assembly": true
} },
"check": "constant-function",
"impact": "Medium",
"confidence": "Medium"
} }
] ]
} }

@ -1,8 +1,8 @@
INFO:Detectors: 
Constant.test_view_bug() (tests/constant.sol#5-7) is declared view but changes state variables: Constant.test_view_bug() (tests/constant.sol#5-7) is declared view but changes state variables:
- Constant.a - Constant.a (tests/constant.sol#3)
Constant.test_constant_bug() (tests/constant.sol#9-11) is declared view but changes state variables: Constant.test_constant_bug() (tests/constant.sol#9-11) is declared view but changes state variables:
- Constant.a - Constant.a (tests/constant.sol#3)
Constant.test_assembly_bug() (tests/constant.sol#22-24) is declared view but contains assembly code Constant.test_assembly_bug() (tests/constant.sol#22-24) is declared view but contains assembly code
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#constant-functions-changing-the-state Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#constant-functions-changing-the-state
INFO:Slither:tests/constant.sol analyzed (1 contracts), 3 result(s) found tests/constant.sol analyzed (1 contracts with 1 detectors), 3 result(s) found

@ -4,11 +4,73 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "controlled-delegatecall",
"impact": "High",
"confidence": "Medium",
"description": "C.bad_delegate_call (tests/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id\n\t- addr_bad.delegatecall(data) (tests/controlled_delegatecall.sol#10)\n",
"elements": [ "elements": [
{
"type": "function",
"name": "bad_delegate_call",
"source_mapping": {
"start": 101,
"length": 134,
"filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_relative": "tests/controlled_delegatecall.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_short": "tests/controlled_delegatecall.sol",
"is_dependency": false,
"lines": [
8,
9,
10,
11
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 0,
"length": 585,
"filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_relative": "tests/controlled_delegatecall.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_short": "tests/controlled_delegatecall.sol",
"is_dependency": false,
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad_delegate_call(bytes)"
}
},
{ {
"type": "node", "type": "node",
"name": "addr_bad.delegatecall(data)", "name": "addr_bad.delegatecall(data)",
@ -94,23 +156,31 @@
} }
} }
} }
}, }
],
"description": "C.bad_delegate_call(bytes) (tests/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id\n\t- addr_bad.delegatecall(data) (tests/controlled_delegatecall.sol#10)\n",
"markdown": "[C.bad_delegate_call(bytes)](tests/controlled_delegatecall.sol#L8-L11) uses delegatecall to a input-controlled function id\n\t- [addr_bad.delegatecall(data)](tests/controlled_delegatecall.sol#L10)\n",
"check": "controlled-delegatecall",
"impact": "High",
"confidence": "Medium"
},
{
"elements": [
{ {
"type": "function", "type": "function",
"name": "bad_delegate_call", "name": "bad_delegate_call2",
"source_mapping": { "source_mapping": {
"start": 101, "start": 337,
"length": 134, "length": 118,
"filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_relative": "tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_short": "tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol",
"is_dependency": false, "is_dependency": false,
"lines": [ "lines": [
8, 18,
9, 19,
10, 20
11
], ],
"starting_column": 5, "starting_column": 5,
"ending_column": 6 "ending_column": 6
@ -158,17 +228,9 @@
"ending_column": 2 "ending_column": 2
} }
}, },
"signature": "bad_delegate_call(bytes)" "signature": "bad_delegate_call2(bytes)"
} }
} },
]
},
{
"check": "controlled-delegatecall",
"impact": "High",
"confidence": "Medium",
"description": "C.bad_delegate_call2 (tests/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id\n\t- addr_bad.delegatecall(abi.encode(func_id,data)) (tests/controlled_delegatecall.sol#19)\n",
"elements": [
{ {
"type": "node", "type": "node",
"name": "addr_bad.delegatecall(abi.encode(func_id,data))", "name": "addr_bad.delegatecall(abi.encode(func_id,data))",
@ -253,73 +315,13 @@
} }
} }
} }
},
{
"type": "function",
"name": "bad_delegate_call2",
"source_mapping": {
"start": 337,
"length": 118,
"filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_relative": "tests/controlled_delegatecall.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_short": "tests/controlled_delegatecall.sol",
"is_dependency": false,
"lines": [
18,
19,
20
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "C",
"source_mapping": {
"start": 0,
"length": 585,
"filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_relative": "tests/controlled_delegatecall.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol",
"filename_short": "tests/controlled_delegatecall.sol",
"is_dependency": false,
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad_delegate_call2(bytes)"
}
} }
] ],
"description": "C.bad_delegate_call2(bytes) (tests/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id\n\t- addr_bad.delegatecall(abi.encode(func_id,data)) (tests/controlled_delegatecall.sol#19)\n",
"markdown": "[C.bad_delegate_call2(bytes)](tests/controlled_delegatecall.sol#L18-L20) uses delegatecall to a input-controlled function id\n\t- [addr_bad.delegatecall(abi.encode(func_id,data))](tests/controlled_delegatecall.sol#L19)\n",
"check": "controlled-delegatecall",
"impact": "High",
"confidence": "Medium"
} }
] ]
} }

@ -1,7 +1,7 @@
INFO:Detectors: 
C.bad_delegate_call (tests/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id C.bad_delegate_call(bytes) (tests/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id
- addr_bad.delegatecall(data) (tests/controlled_delegatecall.sol#10) - addr_bad.delegatecall(data) (tests/controlled_delegatecall.sol#10)
C.bad_delegate_call2 (tests/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id C.bad_delegate_call2(bytes) (tests/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id
- addr_bad.delegatecall(abi.encode(func_id,data)) (tests/controlled_delegatecall.sol#19) - addr_bad.delegatecall(abi.encode(func_id,data)) (tests/controlled_delegatecall.sol#19)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall
INFO:Slither:tests/controlled_delegatecall.sol analyzed (1 contracts), 2 result(s) found tests/controlled_delegatecall.sol analyzed (1 contracts with 1 detectors), 2 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "deprecated-standards",
"impact": "Informational",
"confidence": "High",
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#2:\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n",
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -73,13 +69,14 @@
} }
} }
} }
] ],
}, "description": "Deprecated standard detected ContractWithDeprecatedReferences.globalBlockHash (tests/deprecated_calls.sol#2):\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n",
{ "markdown": "Deprecated standard detected [ContractWithDeprecatedReferences.globalBlockHash](tests/deprecated_calls.sol#L2):\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n",
"check": "deprecated-standards", "check": "deprecated-standards",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#7:\n\t- Usage of \"msg.gas\" should be replaced with \"gasleft()\"\n", },
{
"elements": [ "elements": [
{ {
"type": "node", "type": "node",
@ -172,13 +169,14 @@
} }
} }
} }
] ],
}, "description": "Deprecated standard detected msg.gas == msg.value (tests/deprecated_calls.sol#7):\n\t- Usage of \"msg.gas\" should be replaced with \"gasleft()\"\n",
{ "markdown": "Deprecated standard detected [msg.gas == msg.value](tests/deprecated_calls.sol#L7):\n\t- Usage of \"msg.gas\" should be replaced with \"gasleft()\"\n",
"check": "deprecated-standards", "check": "deprecated-standards",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#9:\n\t- Usage of \"throw\" should be replaced with \"revert()\"\n", },
{
"elements": [ "elements": [
{ {
"type": "node", "type": "node",
@ -271,13 +269,14 @@
} }
} }
} }
] ],
}, "description": "Deprecated standard detected THROW None (tests/deprecated_calls.sol#9):\n\t- Usage of \"throw\" should be replaced with \"revert()\"\n",
{ "markdown": "Deprecated standard detected [THROW None](tests/deprecated_calls.sol#L9):\n\t- Usage of \"throw\" should be replaced with \"revert()\"\n",
"check": "deprecated-standards", "check": "deprecated-standards",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#16:\n\t- Usage of \"sha3()\" should be replaced with \"keccak256()\"\n", },
{
"elements": [ "elements": [
{ {
"type": "node", "type": "node",
@ -376,13 +375,14 @@
} }
} }
} }
] ],
}, "description": "Deprecated standard detected sha3Result = sha3()(test deprecated sha3 usage) (tests/deprecated_calls.sol#16):\n\t- Usage of \"sha3()\" should be replaced with \"keccak256()\"\n",
{ "markdown": "Deprecated standard detected [sha3Result = sha3()(test deprecated sha3 usage)](tests/deprecated_calls.sol#L16):\n\t- Usage of \"sha3()\" should be replaced with \"keccak256()\"\n",
"check": "deprecated-standards", "check": "deprecated-standards",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#19:\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n", },
{
"elements": [ "elements": [
{ {
"type": "node", "type": "node",
@ -481,13 +481,14 @@
} }
} }
} }
] ],
}, "description": "Deprecated standard detected blockHashResult = block.blockhash(0) (tests/deprecated_calls.sol#19):\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n",
{ "markdown": "Deprecated standard detected [blockHashResult = block.blockhash(0)](tests/deprecated_calls.sol#L19):\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n",
"check": "deprecated-standards", "check": "deprecated-standards",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#22:\n\t- Usage of \"callcode\" should be replaced with \"delegatecall\"\n", },
{
"elements": [ "elements": [
{ {
"type": "node", "type": "node",
@ -586,13 +587,14 @@
} }
} }
} }
] ],
}, "description": "Deprecated standard detected address(this).callcode() (tests/deprecated_calls.sol#22):\n\t- Usage of \"callcode\" should be replaced with \"delegatecall\"\n",
{ "markdown": "Deprecated standard detected [address(this).callcode()](tests/deprecated_calls.sol#L22):\n\t- Usage of \"callcode\" should be replaced with \"delegatecall\"\n",
"check": "deprecated-standards", "check": "deprecated-standards",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#25:\n\t- Usage of \"suicide()\" should be replaced with \"selfdestruct()\"\n", },
{
"elements": [ "elements": [
{ {
"type": "node", "type": "node",
@ -691,13 +693,14 @@
} }
} }
} }
] ],
}, "description": "Deprecated standard detected suicide(address)(address(0)) (tests/deprecated_calls.sol#25):\n\t- Usage of \"suicide()\" should be replaced with \"selfdestruct()\"\n",
{ "markdown": "Deprecated standard detected [suicide(address)(address(0))](tests/deprecated_calls.sol#L25):\n\t- Usage of \"suicide()\" should be replaced with \"selfdestruct()\"\n",
"check": "deprecated-standards", "check": "deprecated-standards",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Deprecated standard detected @ tests/deprecated_calls.sol#2:\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n", },
{
"elements": [ "elements": [
{ {
"type": "node", "type": "node",
@ -810,7 +813,12 @@
} }
} }
} }
] ],
"description": "Deprecated standard detected globalBlockHash = block.blockhash(0) (tests/deprecated_calls.sol#2):\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n",
"markdown": "Deprecated standard detected [globalBlockHash = block.blockhash(0)](tests/deprecated_calls.sol#L2):\n\t- Usage of \"block.blockhash()\" should be replaced with \"blockhash()\"\n",
"check": "deprecated-standards",
"impact": "Informational",
"confidence": "High"
} }
] ]
} }

@ -1,19 +1,19 @@
INFO:Detectors: 
Deprecated standard detected @ tests/deprecated_calls.sol#2: Deprecated standard detected ContractWithDeprecatedReferences.globalBlockHash (tests/deprecated_calls.sol#2):
- Usage of "block.blockhash()" should be replaced with "blockhash()" - Usage of "block.blockhash()" should be replaced with "blockhash()"
Deprecated standard detected @ tests/deprecated_calls.sol#7: Deprecated standard detected msg.gas == msg.value (tests/deprecated_calls.sol#7):
- Usage of "msg.gas" should be replaced with "gasleft()" - Usage of "msg.gas" should be replaced with "gasleft()"
Deprecated standard detected @ tests/deprecated_calls.sol#9: Deprecated standard detected THROW None (tests/deprecated_calls.sol#9):
- Usage of "throw" should be replaced with "revert()" - Usage of "throw" should be replaced with "revert()"
Deprecated standard detected @ tests/deprecated_calls.sol#16: Deprecated standard detected sha3Result = sha3()(test deprecated sha3 usage) (tests/deprecated_calls.sol#16):
- Usage of "sha3()" should be replaced with "keccak256()" - Usage of "sha3()" should be replaced with "keccak256()"
Deprecated standard detected @ tests/deprecated_calls.sol#19: Deprecated standard detected blockHashResult = block.blockhash(0) (tests/deprecated_calls.sol#19):
- Usage of "block.blockhash()" should be replaced with "blockhash()" - Usage of "block.blockhash()" should be replaced with "blockhash()"
Deprecated standard detected @ tests/deprecated_calls.sol#22: Deprecated standard detected address(this).callcode() (tests/deprecated_calls.sol#22):
- Usage of "callcode" should be replaced with "delegatecall" - Usage of "callcode" should be replaced with "delegatecall"
Deprecated standard detected @ tests/deprecated_calls.sol#25: Deprecated standard detected suicide(address)(address(0)) (tests/deprecated_calls.sol#25):
- Usage of "suicide()" should be replaced with "selfdestruct()" - Usage of "suicide()" should be replaced with "selfdestruct()"
Deprecated standard detected @ tests/deprecated_calls.sol#2: Deprecated standard detected globalBlockHash = block.blockhash(0) (tests/deprecated_calls.sol#2):
- Usage of "block.blockhash()" should be replaced with "blockhash()" - Usage of "block.blockhash()" should be replaced with "blockhash()"
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#deprecated-standards Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#deprecated-standards
INFO:Slither:tests/deprecated_calls.sol analyzed (1 contracts), 8 result(s) found tests/deprecated_calls.sol analyzed (1 contracts with 1 detectors), 8 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "erc20-indexed",
"impact": "Informational",
"confidence": "High",
"description": "ERC20 event IERC20Bad.Transfer (tests/erc20_indexed.sol#19) does not index parameter 'from'\n",
"elements": [ "elements": [
{ {
"type": "event", "type": "event",
@ -60,13 +56,14 @@
"parameter_name": "from" "parameter_name": "from"
} }
} }
] ],
}, "description": "ERC20 event IERC20BadTransfer(address,address,uint256) (tests/erc20_indexed.sol#19)does not index parameter from\n",
{ "markdown": "ERC20 event [IERC20BadTransfer(address,address,uint256)](tests/erc20_indexed.sol#L19)does not index parameter from\n",
"check": "erc20-indexed", "check": "erc20-indexed",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "ERC20 event IERC20Bad.Transfer (tests/erc20_indexed.sol#19) does not index parameter 'to'\n", },
{
"elements": [ "elements": [
{ {
"type": "event", "type": "event",
@ -119,13 +116,14 @@
"parameter_name": "to" "parameter_name": "to"
} }
} }
] ],
}, "description": "ERC20 event IERC20BadTransfer(address,address,uint256) (tests/erc20_indexed.sol#19)does not index parameter to\n",
{ "markdown": "ERC20 event [IERC20BadTransfer(address,address,uint256)](tests/erc20_indexed.sol#L19)does not index parameter to\n",
"check": "erc20-indexed", "check": "erc20-indexed",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "ERC20 event IERC20Bad.Approval (tests/erc20_indexed.sol#20) does not index parameter 'owner'\n", },
{
"elements": [ "elements": [
{ {
"type": "event", "type": "event",
@ -178,13 +176,14 @@
"parameter_name": "owner" "parameter_name": "owner"
} }
} }
] ],
}, "description": "ERC20 event IERC20BadApproval(address,address,uint256) (tests/erc20_indexed.sol#20)does not index parameter owner\n",
{ "markdown": "ERC20 event [IERC20BadApproval(address,address,uint256)](tests/erc20_indexed.sol#L20)does not index parameter owner\n",
"check": "erc20-indexed", "check": "erc20-indexed",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "ERC20 event IERC20Bad.Approval (tests/erc20_indexed.sol#20) does not index parameter 'spender'\n", },
{
"elements": [ "elements": [
{ {
"type": "event", "type": "event",
@ -237,7 +236,12 @@
"parameter_name": "spender" "parameter_name": "spender"
} }
} }
] ],
"description": "ERC20 event IERC20BadApproval(address,address,uint256) (tests/erc20_indexed.sol#20)does not index parameter spender\n",
"markdown": "ERC20 event [IERC20BadApproval(address,address,uint256)](tests/erc20_indexed.sol#L20)does not index parameter spender\n",
"check": "erc20-indexed",
"impact": "Informational",
"confidence": "High"
} }
] ]
} }

@ -1,7 +1,7 @@
INFO:Detectors: 
ERC20 event IERC20Bad.Transfer (tests/erc20_indexed.sol#19) does not index parameter 'from' ERC20 event IERC20BadTransfer(address,address,uint256) (tests/erc20_indexed.sol#19)does not index parameter from
ERC20 event IERC20Bad.Transfer (tests/erc20_indexed.sol#19) does not index parameter 'to' ERC20 event IERC20BadTransfer(address,address,uint256) (tests/erc20_indexed.sol#19)does not index parameter to
ERC20 event IERC20Bad.Approval (tests/erc20_indexed.sol#20) does not index parameter 'owner' ERC20 event IERC20BadApproval(address,address,uint256) (tests/erc20_indexed.sol#20)does not index parameter owner
ERC20 event IERC20Bad.Approval (tests/erc20_indexed.sol#20) does not index parameter 'spender' ERC20 event IERC20BadApproval(address,address,uint256) (tests/erc20_indexed.sol#20)does not index parameter spender
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unindexed-erc20-event-parameters Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unindexed-erc20-event-parameters
INFO:Slither:tests/erc20_indexed.sol analyzed (3 contracts), 4 result(s) found tests/erc20_indexed.sol analyzed (3 contracts with 1 detectors), 4 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "external-function",
"impact": "Optimization",
"confidence": "High",
"description": "funcNotCalled3() should be declared external:\n\t- ContractWithFunctionNotCalled.funcNotCalled3() (tests/external_function.sol#13-15)\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -68,13 +64,14 @@
"signature": "funcNotCalled3()" "signature": "funcNotCalled3()"
} }
} }
] ],
}, "description": "funcNotCalled3() should be declared external:\n\t- ContractWithFunctionNotCalled.funcNotCalled3() (tests/external_function.sol#13-15)\n",
{ "markdown": "funcNotCalled3() should be declared external:\n\t- [ContractWithFunctionNotCalled.funcNotCalled3()](tests/external_function.sol#L13-L15)\n",
"check": "external-function", "check": "external-function",
"impact": "Optimization", "impact": "Optimization",
"confidence": "High", "confidence": "High"
"description": "funcNotCalled2() should be declared external:\n\t- ContractWithFunctionNotCalled.funcNotCalled2() (tests/external_function.sol#17-19)\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -135,13 +132,14 @@
"signature": "funcNotCalled2()" "signature": "funcNotCalled2()"
} }
} }
] ],
}, "description": "funcNotCalled2() should be declared external:\n\t- ContractWithFunctionNotCalled.funcNotCalled2() (tests/external_function.sol#17-19)\n",
{ "markdown": "funcNotCalled2() should be declared external:\n\t- [ContractWithFunctionNotCalled.funcNotCalled2()](tests/external_function.sol#L17-L19)\n",
"check": "external-function", "check": "external-function",
"impact": "Optimization", "impact": "Optimization",
"confidence": "High", "confidence": "High"
"description": "funcNotCalled() should be declared external:\n\t- ContractWithFunctionNotCalled.funcNotCalled() (tests/external_function.sol#21-23)\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -202,13 +200,14 @@
"signature": "funcNotCalled()" "signature": "funcNotCalled()"
} }
} }
] ],
}, "description": "funcNotCalled() should be declared external:\n\t- ContractWithFunctionNotCalled.funcNotCalled() (tests/external_function.sol#21-23)\n",
{ "markdown": "funcNotCalled() should be declared external:\n\t- [ContractWithFunctionNotCalled.funcNotCalled()](tests/external_function.sol#L21-L23)\n",
"check": "external-function", "check": "external-function",
"impact": "Optimization", "impact": "Optimization",
"confidence": "High", "confidence": "High"
"description": "funcNotCalled() should be declared external:\n\t- ContractWithFunctionNotCalled2.funcNotCalled() (tests/external_function.sol#32-39)\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -265,13 +264,14 @@
"signature": "funcNotCalled()" "signature": "funcNotCalled()"
} }
} }
] ],
}, "description": "funcNotCalled() should be declared external:\n\t- ContractWithFunctionNotCalled2.funcNotCalled() (tests/external_function.sol#32-39)\n",
{ "markdown": "funcNotCalled() should be declared external:\n\t- [ContractWithFunctionNotCalled2.funcNotCalled()](tests/external_function.sol#L32-L39)\n",
"check": "external-function", "check": "external-function",
"impact": "Optimization", "impact": "Optimization",
"confidence": "High", "confidence": "High"
"description": "parameter_read_ok_for_external(uint256) should be declared external:\n\t- FunctionParameterWrite.parameter_read_ok_for_external(uint256) (tests/external_function.sol#74-76)\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -324,7 +324,12 @@
"signature": "parameter_read_ok_for_external(uint256)" "signature": "parameter_read_ok_for_external(uint256)"
} }
} }
] ],
"description": "parameter_read_ok_for_external(uint256) should be declared external:\n\t- FunctionParameterWrite.parameter_read_ok_for_external(uint256) (tests/external_function.sol#74-76)\n",
"markdown": "parameter_read_ok_for_external(uint256) should be declared external:\n\t- [FunctionParameterWrite.parameter_read_ok_for_external(uint256)](tests/external_function.sol#L74-L76)\n",
"check": "external-function",
"impact": "Optimization",
"confidence": "High"
} }
] ]
} }

@ -1,27 +1,27 @@
INFO:Detectors: 
ERC20TestBalance.bad0(ERC20Function) (tests/incorrect_equality.sol#21-23) uses a dangerous strict equality: ERC20TestBalance.bad0(ERC20Function) (tests/incorrect_equality.sol#21-23) uses a dangerous strict equality:
- require(bool)(erc.balanceOf(address(this)) == 10) - require(bool)(erc.balanceOf(address(this)) == 10) (tests/incorrect_equality.sol#22)
ERC20TestBalance.bad1(ERC20Variable) (tests/incorrect_equality.sol#25-27) uses a dangerous strict equality: ERC20TestBalance.bad1(ERC20Variable) (tests/incorrect_equality.sol#25-27) uses a dangerous strict equality:
- require(bool)(erc.balanceOf(msg.sender) == 10) - require(bool)(erc.balanceOf(msg.sender) == 10) (tests/incorrect_equality.sol#26)
TestContractBalance.bad0() (tests/incorrect_equality.sol#32-35) uses a dangerous strict equality: TestContractBalance.bad0() (tests/incorrect_equality.sol#32-35) uses a dangerous strict equality:
- require(bool)(address(address(this)).balance == 10000000000000000000) - require(bool)(address(address(this)).balance == 10000000000000000000) (tests/incorrect_equality.sol#33)
TestContractBalance.bad1() (tests/incorrect_equality.sol#37-40) uses a dangerous strict equality: TestContractBalance.bad1() (tests/incorrect_equality.sol#37-40) uses a dangerous strict equality:
- require(bool)(10000000000000000000 == address(address(this)).balance) - require(bool)(10000000000000000000 == address(address(this)).balance) (tests/incorrect_equality.sol#38)
TestContractBalance.bad2() (tests/incorrect_equality.sol#42-45) uses a dangerous strict equality: TestContractBalance.bad2() (tests/incorrect_equality.sol#42-45) uses a dangerous strict equality:
- require(bool)(address(this).balance == 10000000000000000000) - require(bool)(address(this).balance == 10000000000000000000) (tests/incorrect_equality.sol#43)
TestContractBalance.bad3() (tests/incorrect_equality.sol#47-50) uses a dangerous strict equality: TestContractBalance.bad3() (tests/incorrect_equality.sol#47-50) uses a dangerous strict equality:
- require(bool)(10000000000000000000 == address(this).balance) - require(bool)(10000000000000000000 == address(this).balance) (tests/incorrect_equality.sol#48)
TestContractBalance.bad4() (tests/incorrect_equality.sol#52-57) uses a dangerous strict equality: TestContractBalance.bad4() (tests/incorrect_equality.sol#52-57) uses a dangerous strict equality:
- balance == 10000000000000000000 - balance == 10000000000000000000 (tests/incorrect_equality.sol#54)
TestContractBalance.bad5() (tests/incorrect_equality.sol#59-64) uses a dangerous strict equality: TestContractBalance.bad5() (tests/incorrect_equality.sol#59-64) uses a dangerous strict equality:
- 10000000000000000000 == balance - 10000000000000000000 == balance (tests/incorrect_equality.sol#61)
TestContractBalance.bad6() (tests/incorrect_equality.sol#66-71) uses a dangerous strict equality: TestContractBalance.bad6() (tests/incorrect_equality.sol#66-71) uses a dangerous strict equality:
- balance == 10000000000000000000 - balance == 10000000000000000000 (tests/incorrect_equality.sol#68)
TestSolidityKeyword.bad0() (tests/incorrect_equality.sol#123-125) uses a dangerous strict equality: TestSolidityKeyword.bad0() (tests/incorrect_equality.sol#123-125) uses a dangerous strict equality:
- require(bool)(now == 0) - require(bool)(now == 0) (tests/incorrect_equality.sol#124)
TestSolidityKeyword.bad1() (tests/incorrect_equality.sol#127-129) uses a dangerous strict equality: TestSolidityKeyword.bad1() (tests/incorrect_equality.sol#127-129) uses a dangerous strict equality:
- require(bool)(block.number == 0) - require(bool)(block.number == 0) (tests/incorrect_equality.sol#128)
TestSolidityKeyword.bad2() (tests/incorrect_equality.sol#131-133) uses a dangerous strict equality: TestSolidityKeyword.bad2() (tests/incorrect_equality.sol#131-133) uses a dangerous strict equality:
- require(bool)(block.number == 0) - require(bool)(block.number == 0) (tests/incorrect_equality.sol#132)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities
INFO:Slither:tests/incorrect_equality.sol analyzed (5 contracts), 12 result(s) found tests/incorrect_equality.sol analyzed (5 contracts with 1 detectors), 12 result(s) found

@ -4,11 +4,32 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "erc20-interface",
"impact": "Medium",
"confidence": "High",
"description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface: transfer(address,uint256) (tests/incorrect_erc20_interface.sol#4)\n",
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 26,
"length": 355,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "transfer", "name": "transfer",
@ -55,14 +76,40 @@
"signature": "transfer(address,uint256)" "signature": "transfer(address,uint256)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface:Token.transfer(address,uint256) (tests/incorrect_erc20_interface.sol#4)\n",
{ "markdown": "[Token](tests/incorrect_erc20_interface.sol#L3-L10) has incorrect ERC20 function interface:[Token.transfer(address,uint256)](tests/incorrect_erc20_interface.sol#L4)\n",
"check": "erc20-interface", "check": "erc20-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface: approve(address,uint256) (tests/incorrect_erc20_interface.sol#5)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 26,
"length": 355,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "approve", "name": "approve",
@ -109,14 +156,40 @@
"signature": "approve(address,uint256)" "signature": "approve(address,uint256)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface:Token.approve(address,uint256) (tests/incorrect_erc20_interface.sol#5)\n",
{ "markdown": "[Token](tests/incorrect_erc20_interface.sol#L3-L10) has incorrect ERC20 function interface:[Token.approve(address,uint256)](tests/incorrect_erc20_interface.sol#L5)\n",
"check": "erc20-interface", "check": "erc20-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface: transferFrom(address,address,uint256) (tests/incorrect_erc20_interface.sol#6)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 26,
"length": 355,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "transferFrom", "name": "transferFrom",
@ -163,14 +236,40 @@
"signature": "transferFrom(address,address,uint256)" "signature": "transferFrom(address,address,uint256)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface:Token.transferFrom(address,address,uint256) (tests/incorrect_erc20_interface.sol#6)\n",
{ "markdown": "[Token](tests/incorrect_erc20_interface.sol#L3-L10) has incorrect ERC20 function interface:[Token.transferFrom(address,address,uint256)](tests/incorrect_erc20_interface.sol#L6)\n",
"check": "erc20-interface", "check": "erc20-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface: totalSupply() (tests/incorrect_erc20_interface.sol#7)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 26,
"length": 355,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "totalSupply", "name": "totalSupply",
@ -217,14 +316,40 @@
"signature": "totalSupply()" "signature": "totalSupply()"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface:Token.totalSupply() (tests/incorrect_erc20_interface.sol#7)\n",
{ "markdown": "[Token](tests/incorrect_erc20_interface.sol#L3-L10) has incorrect ERC20 function interface:[Token.totalSupply()](tests/incorrect_erc20_interface.sol#L7)\n",
"check": "erc20-interface", "check": "erc20-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface: balanceOf(address) (tests/incorrect_erc20_interface.sol#8)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 26,
"length": 355,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "balanceOf", "name": "balanceOf",
@ -271,14 +396,40 @@
"signature": "balanceOf(address)" "signature": "balanceOf(address)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface:Token.balanceOf(address) (tests/incorrect_erc20_interface.sol#8)\n",
{ "markdown": "[Token](tests/incorrect_erc20_interface.sol#L3-L10) has incorrect ERC20 function interface:[Token.balanceOf(address)](tests/incorrect_erc20_interface.sol#L8)\n",
"check": "erc20-interface", "check": "erc20-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface: allowance(address,address) (tests/incorrect_erc20_interface.sol#9)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 26,
"length": 355,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_relative": "tests/incorrect_erc20_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc20_interface.sol",
"filename_short": "tests/incorrect_erc20_interface.sol",
"is_dependency": false,
"lines": [
3,
4,
5,
6,
7,
8,
9,
10
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "allowance", "name": "allowance",
@ -325,7 +476,12 @@
"signature": "allowance(address,address)" "signature": "allowance(address,address)"
} }
} }
] ],
"description": "Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface:Token.allowance(address,address) (tests/incorrect_erc20_interface.sol#9)\n",
"markdown": "[Token](tests/incorrect_erc20_interface.sol#L3-L10) has incorrect ERC20 function interface:[Token.allowance(address,address)](tests/incorrect_erc20_interface.sol#L9)\n",
"check": "erc20-interface",
"impact": "Medium",
"confidence": "High"
} }
] ]
} }

@ -1,9 +1,9 @@
INFO:Detectors: 
Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface: transfer(address,uint256) (tests/incorrect_erc20_interface.sol#4) Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface:Token.transfer(address,uint256) (tests/incorrect_erc20_interface.sol#4)
Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface: approve(address,uint256) (tests/incorrect_erc20_interface.sol#5) Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface:Token.approve(address,uint256) (tests/incorrect_erc20_interface.sol#5)
Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface: transferFrom(address,address,uint256) (tests/incorrect_erc20_interface.sol#6) Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface:Token.transferFrom(address,address,uint256) (tests/incorrect_erc20_interface.sol#6)
Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface: totalSupply() (tests/incorrect_erc20_interface.sol#7) Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface:Token.totalSupply() (tests/incorrect_erc20_interface.sol#7)
Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface: balanceOf(address) (tests/incorrect_erc20_interface.sol#8) Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface:Token.balanceOf(address) (tests/incorrect_erc20_interface.sol#8)
Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface: allowance(address,address) (tests/incorrect_erc20_interface.sol#9) Token (tests/incorrect_erc20_interface.sol#3-10) has incorrect ERC20 function interface:Token.allowance(address,address) (tests/incorrect_erc20_interface.sol#9)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc20-interface Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc20-interface
INFO:Slither:tests/incorrect_erc20_interface.sol analyzed (1 contracts), 6 result(s) found tests/incorrect_erc20_interface.sol analyzed (1 contracts with 1 detectors), 6 result(s) found

@ -4,11 +4,35 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "erc721-interface",
"impact": "Medium",
"confidence": "High",
"description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: supportsInterface(bytes4) (tests/incorrect_erc721_interface.sol#4)\n",
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"is_dependency": false,
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "supportsInterface", "name": "supportsInterface",
@ -50,14 +74,43 @@
"signature": "supportsInterface(bytes4)" "signature": "supportsInterface(bytes4)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:IERC165.supportsInterface(bytes4) (tests/incorrect_erc721_interface.sol#4)\n",
{ "markdown": "[Token](tests/incorrect_erc721_interface.sol#L6-L16) has incorrect ERC721 function interface:[IERC165.supportsInterface(bytes4)](tests/incorrect_erc721_interface.sol#L4)\n",
"check": "erc721-interface", "check": "erc721-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: balanceOf(address) (tests/incorrect_erc721_interface.sol#7)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"is_dependency": false,
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "balanceOf", "name": "balanceOf",
@ -107,14 +160,43 @@
"signature": "balanceOf(address)" "signature": "balanceOf(address)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.balanceOf(address) (tests/incorrect_erc721_interface.sol#7)\n",
{ "markdown": "[Token](tests/incorrect_erc721_interface.sol#L6-L16) has incorrect ERC721 function interface:[Token.balanceOf(address)](tests/incorrect_erc721_interface.sol#L7)\n",
"check": "erc721-interface", "check": "erc721-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: ownerOf(uint256) (tests/incorrect_erc721_interface.sol#8)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"is_dependency": false,
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "ownerOf", "name": "ownerOf",
@ -164,14 +246,43 @@
"signature": "ownerOf(uint256)" "signature": "ownerOf(uint256)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.ownerOf(uint256) (tests/incorrect_erc721_interface.sol#8)\n",
{ "markdown": "[Token](tests/incorrect_erc721_interface.sol#L6-L16) has incorrect ERC721 function interface:[Token.ownerOf(uint256)](tests/incorrect_erc721_interface.sol#L8)\n",
"check": "erc721-interface", "check": "erc721-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: safeTransferFrom(address,address,uint256,bytes) (tests/incorrect_erc721_interface.sol#9)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"is_dependency": false,
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "safeTransferFrom", "name": "safeTransferFrom",
@ -221,14 +332,43 @@
"signature": "safeTransferFrom(address,address,uint256,bytes)" "signature": "safeTransferFrom(address,address,uint256,bytes)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.safeTransferFrom(address,address,uint256,bytes) (tests/incorrect_erc721_interface.sol#9)\n",
{ "markdown": "[Token](tests/incorrect_erc721_interface.sol#L6-L16) has incorrect ERC721 function interface:[Token.safeTransferFrom(address,address,uint256,bytes)](tests/incorrect_erc721_interface.sol#L9)\n",
"check": "erc721-interface", "check": "erc721-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: safeTransferFrom(address,address,uint256) (tests/incorrect_erc721_interface.sol#10)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"is_dependency": false,
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "safeTransferFrom", "name": "safeTransferFrom",
@ -278,14 +418,43 @@
"signature": "safeTransferFrom(address,address,uint256)" "signature": "safeTransferFrom(address,address,uint256)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.safeTransferFrom(address,address,uint256) (tests/incorrect_erc721_interface.sol#10)\n",
{ "markdown": "[Token](tests/incorrect_erc721_interface.sol#L6-L16) has incorrect ERC721 function interface:[Token.safeTransferFrom(address,address,uint256)](tests/incorrect_erc721_interface.sol#L10)\n",
"check": "erc721-interface", "check": "erc721-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: transferFrom(address,address,uint256) (tests/incorrect_erc721_interface.sol#11)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"is_dependency": false,
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "transferFrom", "name": "transferFrom",
@ -335,14 +504,43 @@
"signature": "transferFrom(address,address,uint256)" "signature": "transferFrom(address,address,uint256)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.transferFrom(address,address,uint256) (tests/incorrect_erc721_interface.sol#11)\n",
{ "markdown": "[Token](tests/incorrect_erc721_interface.sol#L6-L16) has incorrect ERC721 function interface:[Token.transferFrom(address,address,uint256)](tests/incorrect_erc721_interface.sol#L11)\n",
"check": "erc721-interface", "check": "erc721-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: approve(address,uint256) (tests/incorrect_erc721_interface.sol#12)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"is_dependency": false,
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "approve", "name": "approve",
@ -392,14 +590,43 @@
"signature": "approve(address,uint256)" "signature": "approve(address,uint256)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.approve(address,uint256) (tests/incorrect_erc721_interface.sol#12)\n",
{ "markdown": "[Token](tests/incorrect_erc721_interface.sol#L6-L16) has incorrect ERC721 function interface:[Token.approve(address,uint256)](tests/incorrect_erc721_interface.sol#L12)\n",
"check": "erc721-interface", "check": "erc721-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: setApprovalForAll(address,bool) (tests/incorrect_erc721_interface.sol#13)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"is_dependency": false,
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "setApprovalForAll", "name": "setApprovalForAll",
@ -449,14 +676,43 @@
"signature": "setApprovalForAll(address,bool)" "signature": "setApprovalForAll(address,bool)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.setApprovalForAll(address,bool) (tests/incorrect_erc721_interface.sol#13)\n",
{ "markdown": "[Token](tests/incorrect_erc721_interface.sol#L6-L16) has incorrect ERC721 function interface:[Token.setApprovalForAll(address,bool)](tests/incorrect_erc721_interface.sol#L13)\n",
"check": "erc721-interface", "check": "erc721-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: getApproved(uint256) (tests/incorrect_erc721_interface.sol#14)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"is_dependency": false,
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "getApproved", "name": "getApproved",
@ -506,14 +762,43 @@
"signature": "getApproved(uint256)" "signature": "getApproved(uint256)"
} }
} }
] ],
}, "description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.getApproved(uint256) (tests/incorrect_erc721_interface.sol#14)\n",
{ "markdown": "[Token](tests/incorrect_erc721_interface.sol#L6-L16) has incorrect ERC721 function interface:[Token.getApproved(uint256)](tests/incorrect_erc721_interface.sol#L14)\n",
"check": "erc721-interface", "check": "erc721-interface",
"impact": "Medium", "impact": "Medium",
"confidence": "High", "confidence": "High"
"description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: isApprovedForAll(address,address) (tests/incorrect_erc721_interface.sol#15)\n", },
{
"elements": [ "elements": [
{
"type": "contract",
"name": "Token",
"source_mapping": {
"start": 109,
"length": 739,
"filename_used": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_relative": "tests/incorrect_erc721_interface.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/incorrect_erc721_interface.sol",
"filename_short": "tests/incorrect_erc721_interface.sol",
"is_dependency": false,
"lines": [
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16
],
"starting_column": 1,
"ending_column": 2
}
},
{ {
"type": "function", "type": "function",
"name": "isApprovedForAll", "name": "isApprovedForAll",
@ -563,7 +848,12 @@
"signature": "isApprovedForAll(address,address)" "signature": "isApprovedForAll(address,address)"
} }
} }
] ],
"description": "Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.isApprovedForAll(address,address) (tests/incorrect_erc721_interface.sol#15)\n",
"markdown": "[Token](tests/incorrect_erc721_interface.sol#L6-L16) has incorrect ERC721 function interface:[Token.isApprovedForAll(address,address)](tests/incorrect_erc721_interface.sol#L15)\n",
"check": "erc721-interface",
"impact": "Medium",
"confidence": "High"
} }
] ]
} }

@ -1,13 +1,13 @@
INFO:Detectors: 
Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: supportsInterface(bytes4) (tests/incorrect_erc721_interface.sol#4) Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:IERC165.supportsInterface(bytes4) (tests/incorrect_erc721_interface.sol#4)
Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: balanceOf(address) (tests/incorrect_erc721_interface.sol#7) Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.balanceOf(address) (tests/incorrect_erc721_interface.sol#7)
Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: ownerOf(uint256) (tests/incorrect_erc721_interface.sol#8) Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.ownerOf(uint256) (tests/incorrect_erc721_interface.sol#8)
Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: safeTransferFrom(address,address,uint256,bytes) (tests/incorrect_erc721_interface.sol#9) Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.safeTransferFrom(address,address,uint256,bytes) (tests/incorrect_erc721_interface.sol#9)
Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: safeTransferFrom(address,address,uint256) (tests/incorrect_erc721_interface.sol#10) Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.safeTransferFrom(address,address,uint256) (tests/incorrect_erc721_interface.sol#10)
Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: transferFrom(address,address,uint256) (tests/incorrect_erc721_interface.sol#11) Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.transferFrom(address,address,uint256) (tests/incorrect_erc721_interface.sol#11)
Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: approve(address,uint256) (tests/incorrect_erc721_interface.sol#12) Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.approve(address,uint256) (tests/incorrect_erc721_interface.sol#12)
Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: setApprovalForAll(address,bool) (tests/incorrect_erc721_interface.sol#13) Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.setApprovalForAll(address,bool) (tests/incorrect_erc721_interface.sol#13)
Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: getApproved(uint256) (tests/incorrect_erc721_interface.sol#14) Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.getApproved(uint256) (tests/incorrect_erc721_interface.sol#14)
Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface: isApprovedForAll(address,address) (tests/incorrect_erc721_interface.sol#15) Token (tests/incorrect_erc721_interface.sol#6-16) has incorrect ERC721 function interface:Token.isApprovedForAll(address,address) (tests/incorrect_erc721_interface.sol#15)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc721-interface Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-erc721-interface
INFO:Slither:tests/incorrect_erc721_interface.sol analyzed (2 contracts), 10 result(s) found tests/incorrect_erc721_interface.sol analyzed (2 contracts with 1 detectors), 10 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "assembly",
"impact": "Informational",
"confidence": "High",
"description": "GetCode.at(address) uses assembly (tests/inline_assembly_contract-0.5.1.sol#6-20)\n\t- tests/inline_assembly_contract-0.5.1.sol#7-20\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -180,7 +176,12 @@
} }
} }
} }
] ],
"description": "GetCode.at(address) (tests/inline_assembly_contract-0.5.1.sol#6-20) uses assembly\n\t- INLINE ASM None (tests/inline_assembly_contract-0.5.1.sol#7-20)\n",
"markdown": "[GetCode.at(address)](tests/inline_assembly_contract-0.5.1.sol#L6-L20) uses assembly\n\t- [INLINE ASM None](tests/inline_assembly_contract-0.5.1.sol#L7-L20)\n",
"check": "assembly",
"impact": "Informational",
"confidence": "High"
} }
] ]
} }

@ -1,5 +1,5 @@
INFO:Detectors: 
GetCode.at(address) uses assembly (tests/inline_assembly_contract-0.5.1.sol#6-20) GetCode.at(address) (tests/inline_assembly_contract-0.5.1.sol#6-20) uses assembly
- tests/inline_assembly_contract-0.5.1.sol#7-20 - INLINE ASM None (tests/inline_assembly_contract-0.5.1.sol#7-20)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Slither:tests/inline_assembly_contract-0.5.1.sol analyzed (1 contracts), 1 result(s) found tests/inline_assembly_contract-0.5.1.sol analyzed (1 contracts with 1 detectors), 1 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "assembly",
"impact": "Informational",
"confidence": "High",
"description": "GetCode.at(address) uses assembly (tests/inline_assembly_contract.sol#6-20)\n\t- tests/inline_assembly_contract.sol#7-20\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -180,7 +176,12 @@
} }
} }
} }
] ],
"description": "GetCode.at(address) (tests/inline_assembly_contract.sol#6-20) uses assembly\n\t- INLINE ASM None (tests/inline_assembly_contract.sol#7-20)\n",
"markdown": "[GetCode.at(address)](tests/inline_assembly_contract.sol#L6-L20) uses assembly\n\t- [INLINE ASM None](tests/inline_assembly_contract.sol#L7-L20)\n",
"check": "assembly",
"impact": "Informational",
"confidence": "High"
} }
] ]
} }

@ -1,5 +1,5 @@
INFO:Detectors: 
GetCode.at(address) uses assembly (tests/inline_assembly_contract.sol#6-20) GetCode.at(address) (tests/inline_assembly_contract.sol#6-20) uses assembly
- tests/inline_assembly_contract.sol#7-20 - INLINE ASM None (tests/inline_assembly_contract.sol#7-20)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Slither:tests/inline_assembly_contract.sol analyzed (1 contracts), 1 result(s) found tests/inline_assembly_contract.sol analyzed (1 contracts with 1 detectors), 1 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "assembly",
"impact": "Informational",
"confidence": "High",
"description": "VectorSum.sumAsm(uint256[]) uses assembly (tests/inline_assembly_library-0.5.1.sol#16-22)\n\t- tests/inline_assembly_library-0.5.1.sol#18-21\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -208,13 +204,14 @@
} }
} }
} }
] ],
}, "description": "VectorSum.sumAsm(uint256[]) (tests/inline_assembly_library-0.5.1.sol#16-22) uses assembly\n\t- INLINE ASM None (tests/inline_assembly_library-0.5.1.sol#18-21)\n",
{ "markdown": "[VectorSum.sumAsm(uint256[])](tests/inline_assembly_library-0.5.1.sol#L16-L22) uses assembly\n\t- [INLINE ASM None](tests/inline_assembly_library-0.5.1.sol#L18-L21)\n",
"check": "assembly", "check": "assembly",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "VectorSum.sumPureAsm(uint256[]) uses assembly (tests/inline_assembly_library-0.5.1.sol#25-47)\n\t- tests/inline_assembly_library-0.5.1.sol#26-47\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -465,7 +462,12 @@
} }
} }
} }
] ],
"description": "VectorSum.sumPureAsm(uint256[]) (tests/inline_assembly_library-0.5.1.sol#25-47) uses assembly\n\t- INLINE ASM None (tests/inline_assembly_library-0.5.1.sol#26-47)\n",
"markdown": "[VectorSum.sumPureAsm(uint256[])](tests/inline_assembly_library-0.5.1.sol#L25-L47) uses assembly\n\t- [INLINE ASM None](tests/inline_assembly_library-0.5.1.sol#L26-L47)\n",
"check": "assembly",
"impact": "Informational",
"confidence": "High"
} }
] ]
} }

@ -1,7 +1,7 @@
INFO:Detectors: 
VectorSum.sumAsm(uint256[]) uses assembly (tests/inline_assembly_library-0.5.1.sol#16-22) VectorSum.sumAsm(uint256[]) (tests/inline_assembly_library-0.5.1.sol#16-22) uses assembly
- tests/inline_assembly_library-0.5.1.sol#18-21 - INLINE ASM None (tests/inline_assembly_library-0.5.1.sol#18-21)
VectorSum.sumPureAsm(uint256[]) uses assembly (tests/inline_assembly_library-0.5.1.sol#25-47) VectorSum.sumPureAsm(uint256[]) (tests/inline_assembly_library-0.5.1.sol#25-47) uses assembly
- tests/inline_assembly_library-0.5.1.sol#26-47 - INLINE ASM None (tests/inline_assembly_library-0.5.1.sol#26-47)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Slither:tests/inline_assembly_library-0.5.1.sol analyzed (1 contracts), 2 result(s) found tests/inline_assembly_library-0.5.1.sol analyzed (1 contracts with 1 detectors), 2 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "assembly",
"impact": "Informational",
"confidence": "High",
"description": "VectorSum.sumAsm(uint256[]) uses assembly (tests/inline_assembly_library.sol#16-22)\n\t- tests/inline_assembly_library.sol#18-21\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -208,13 +204,14 @@
} }
} }
} }
] ],
}, "description": "VectorSum.sumAsm(uint256[]) (tests/inline_assembly_library.sol#16-22) uses assembly\n\t- INLINE ASM None (tests/inline_assembly_library.sol#18-21)\n",
{ "markdown": "[VectorSum.sumAsm(uint256[])](tests/inline_assembly_library.sol#L16-L22) uses assembly\n\t- [INLINE ASM None](tests/inline_assembly_library.sol#L18-L21)\n",
"check": "assembly", "check": "assembly",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "VectorSum.sumPureAsm(uint256[]) uses assembly (tests/inline_assembly_library.sol#25-47)\n\t- tests/inline_assembly_library.sol#26-47\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -465,7 +462,12 @@
} }
} }
} }
] ],
"description": "VectorSum.sumPureAsm(uint256[]) (tests/inline_assembly_library.sol#25-47) uses assembly\n\t- INLINE ASM None (tests/inline_assembly_library.sol#26-47)\n",
"markdown": "[VectorSum.sumPureAsm(uint256[])](tests/inline_assembly_library.sol#L25-L47) uses assembly\n\t- [INLINE ASM None](tests/inline_assembly_library.sol#L26-L47)\n",
"check": "assembly",
"impact": "Informational",
"confidence": "High"
} }
] ]
} }

@ -1,7 +1,7 @@
INFO:Detectors: 
VectorSum.sumAsm(uint256[]) uses assembly (tests/inline_assembly_library.sol#16-22) VectorSum.sumAsm(uint256[]) (tests/inline_assembly_library.sol#16-22) uses assembly
- tests/inline_assembly_library.sol#18-21 - INLINE ASM None (tests/inline_assembly_library.sol#18-21)
VectorSum.sumPureAsm(uint256[]) uses assembly (tests/inline_assembly_library.sol#25-47) VectorSum.sumPureAsm(uint256[]) (tests/inline_assembly_library.sol#25-47) uses assembly
- tests/inline_assembly_library.sol#26-47 - INLINE ASM None (tests/inline_assembly_library.sol#26-47)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Slither:tests/inline_assembly_library.sol analyzed (1 contracts), 2 result(s) found tests/inline_assembly_library.sol analyzed (1 contracts with 1 detectors), 2 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "locked-ether",
"impact": "Medium",
"confidence": "High",
"description": "Contract locking ether found in :\n\tContract OnlyLocked has payable functions:\n\t - receive (tests/locked_ether-0.5.1.sol#4-6)\n\tBut does not have a function to withdraw the ether\n",
"elements": [ "elements": [
{ {
"type": "contract", "type": "contract",
@ -74,7 +70,12 @@
"signature": "receive()" "signature": "receive()"
} }
} }
] ],
"description": "Contract locking ether found in :\n\tContract OnlyLocked (tests/locked_ether-0.5.1.sol#26) has payable functions:\n\t - Locked.receive() (tests/locked_ether-0.5.1.sol#4-6)\n\tBut does not have a function to withdraw the ether\n",
"markdown": "Contract locking ether found in :\n\tContract [OnlyLocked](tests/locked_ether-0.5.1.sol#L26) has payable functions:\n\t - [Locked.receive()](tests/locked_ether-0.5.1.sol#L4-L6)\n\tBut does not have a function to withdraw the ether\n",
"check": "locked-ether",
"impact": "Medium",
"confidence": "High"
} }
] ]
} }

@ -1,7 +1,7 @@
INFO:Detectors: 
Contract locking ether found in : Contract locking ether found in :
Contract OnlyLocked has payable functions: Contract OnlyLocked (tests/locked_ether-0.5.1.sol#26) has payable functions:
- receive (tests/locked_ether-0.5.1.sol#4-6) - Locked.receive() (tests/locked_ether-0.5.1.sol#4-6)
But does not have a function to withdraw the ether But does not have a function to withdraw the ether
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether
INFO:Slither:tests/locked_ether-0.5.1.sol analyzed (4 contracts), 1 result(s) found tests/locked_ether-0.5.1.sol analyzed (4 contracts with 1 detectors), 1 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "locked-ether",
"impact": "Medium",
"confidence": "High",
"description": "Contract locking ether found in :\n\tContract OnlyLocked has payable functions:\n\t - receive (tests/locked_ether.sol#4-6)\n\tBut does not have a function to withdraw the ether\n",
"elements": [ "elements": [
{ {
"type": "contract", "type": "contract",
@ -74,7 +70,12 @@
"signature": "receive()" "signature": "receive()"
} }
} }
] ],
"description": "Contract locking ether found in :\n\tContract OnlyLocked (tests/locked_ether.sol#26) has payable functions:\n\t - Locked.receive() (tests/locked_ether.sol#4-6)\n\tBut does not have a function to withdraw the ether\n",
"markdown": "Contract locking ether found in :\n\tContract [OnlyLocked](tests/locked_ether.sol#L26) has payable functions:\n\t - [Locked.receive()](tests/locked_ether.sol#L4-L6)\n\tBut does not have a function to withdraw the ether\n",
"check": "locked-ether",
"impact": "Medium",
"confidence": "High"
} }
] ]
} }

@ -1,7 +1,7 @@
INFO:Detectors: 
Contract locking ether found in : Contract locking ether found in :
Contract OnlyLocked has payable functions: Contract OnlyLocked (tests/locked_ether.sol#26) has payable functions:
- receive (tests/locked_ether.sol#4-6) - Locked.receive() (tests/locked_ether.sol#4-6)
But does not have a function to withdraw the ether But does not have a function to withdraw the ether
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#contracts-that-lock-ether
INFO:Slither:tests/locked_ether.sol analyzed (4 contracts), 1 result(s) found tests/locked_ether.sol analyzed (4 contracts with 1 detectors), 1 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "low-level-calls",
"impact": "Informational",
"confidence": "High",
"description": "Low level call in Sender.send(address) (tests/low_level_calls.sol#5-7):\n\t-_receiver.call.value(msg.value).gas(7777)() tests/low_level_calls.sol#6\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -119,7 +115,12 @@
} }
} }
} }
] ],
"description": "Low level call in Sender.send(address) (tests/low_level_calls.sol#5-7):\n\t- _receiver.call.value(msg.value).gas(7777)() (tests/low_level_calls.sol#6)\n",
"markdown": "Low level call in [Sender.send(address)](tests/low_level_calls.sol#L5-L7):\n\t- [_receiver.call.value(msg.value).gas(7777)()](tests/low_level_calls.sol#L6)\n",
"check": "low-level-calls",
"impact": "Informational",
"confidence": "High"
} }
] ]
} }

@ -1,5 +1,5 @@
INFO:Detectors: 
Low level call in Sender.send(address) (tests/low_level_calls.sol#5-7): Low level call in Sender.send(address) (tests/low_level_calls.sol#5-7):
-_receiver.call.value(msg.value).gas(7777)() tests/low_level_calls.sol#6 - _receiver.call.value(msg.value).gas(7777)() (tests/low_level_calls.sol#6)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Slither:tests/low_level_calls.sol analyzed (2 contracts), 1 result(s) found tests/low_level_calls.sol analyzed (2 contracts with 1 detectors), 1 result(s) found

@ -4,11 +4,64 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium",
"description": "CallInLoop.bad() has external calls inside a loop: \"destinations[i].transfer(i)\" (tests/multiple_calls_in_loop.sol#11)\n",
"elements": [ "elements": [
{
"type": "function",
"name": "bad",
"source_mapping": {
"start": 153,
"length": 135,
"filename_used": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol",
"filename_relative": "tests/multiple_calls_in_loop.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol",
"filename_short": "tests/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
9,
10,
11,
12,
13
],
"starting_column": 5,
"ending_column": 6
},
"type_specific_fields": {
"parent": {
"type": "contract",
"name": "CallInLoop",
"source_mapping": {
"start": 0,
"length": 291,
"filename_used": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol",
"filename_relative": "tests/multiple_calls_in_loop.sol",
"filename_absolute": "/home/travis/build/crytic/slither/tests/multiple_calls_in_loop.sol",
"filename_short": "tests/multiple_calls_in_loop.sol",
"is_dependency": false,
"lines": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15
],
"starting_column": 1,
"ending_column": 2
}
},
"signature": "bad()"
}
},
{ {
"type": "node", "type": "node",
"name": "destinations[i].transfer(i)", "name": "destinations[i].transfer(i)",
@ -86,7 +139,12 @@
} }
} }
} }
] ],
"description": "CallInLoop.bad() (tests/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: destinations[i].transfer(i) (tests/multiple_calls_in_loop.sol#11)\n",
"markdown": "[CallInLoop.bad()](tests/multiple_calls_in_loop.sol#L9-L13) has external calls inside a loop: [destinations[i].transfer(i)](tests/multiple_calls_in_loop.sol#L11)\n",
"check": "calls-loop",
"impact": "Low",
"confidence": "Medium"
} }
] ]
} }

@ -1,4 +1,4 @@
INFO:Detectors: 
CallInLoop.bad() has external calls inside a loop: "destinations[i].transfer(i)" (tests/multiple_calls_in_loop.sol#11) CallInLoop.bad() (tests/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: destinations[i].transfer(i) (tests/multiple_calls_in_loop.sol#11)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation/_edit#calls-inside-a-loop Reference: https://github.com/crytic/slither/wiki/Detector-Documentation/#calls-inside-a-loop
INFO:Slither:tests/multiple_calls_in_loop.sol analyzed (1 contracts), 1 result(s) found tests/multiple_calls_in_loop.sol analyzed (1 contracts with 1 detectors), 1 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "naming-convention",
"impact": "Informational",
"confidence": "High",
"description": "Contract 'naming' (tests/naming_convention.sol#3-48) is not in CapWords\n",
"elements": [ "elements": [
{ {
"type": "contract", "type": "contract",
@ -76,13 +72,14 @@
"convention": "CapWords" "convention": "CapWords"
} }
} }
] ],
}, "description": "Contract naming (tests/naming_convention.sol#3-48) is not in CapWords\n",
{ "markdown": "Contract [naming](tests/naming_convention.sol#L3-L48) is not in CapWords\n",
"check": "naming-convention", "check": "naming-convention",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Struct 'naming.test' (tests/naming_convention.sol#14-16) is not in CapWords\n", },
{
"elements": [ "elements": [
{ {
"type": "struct", "type": "struct",
@ -173,13 +170,14 @@
"convention": "CapWords" "convention": "CapWords"
} }
} }
] ],
}, "description": "Struct naming.test (tests/naming_convention.sol#14-16) is not in CapWords\n",
{ "markdown": "Struct [naming.test](tests/naming_convention.sol#L14-L16) is not in CapWords\n",
"check": "naming-convention", "check": "naming-convention",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Event 'namingevent_(uint256)' (tests/naming_convention.sol#23) is not in CapWords\n", },
{
"elements": [ "elements": [
{ {
"type": "event", "type": "event",
@ -269,13 +267,14 @@
"convention": "CapWords" "convention": "CapWords"
} }
} }
] ],
}, "description": "Event namingevent_(uint256) (tests/naming_convention.sol#23) is not in CapWords\n",
{ "markdown": "Event [namingevent_(uint256)](tests/naming_convention.sol#L23) is not in CapWords\n",
"check": "naming-convention", "check": "naming-convention",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Function 'naming.GetOne()' (tests/naming_convention.sol#30-33) is not in mixedCase\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -368,13 +367,14 @@
"convention": "mixedCase" "convention": "mixedCase"
} }
} }
] ],
}, "description": "Function naming.GetOne() (tests/naming_convention.sol#30-33) is not in mixedCase\n",
{ "markdown": "Function [naming.GetOne()](tests/naming_convention.sol#L30-L33) is not in mixedCase\n",
"check": "naming-convention", "check": "naming-convention",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Parameter 'Number2' of Number2 (tests/naming_convention.sol#35) is not in mixedCase\n", },
{
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -487,13 +487,14 @@
"convention": "mixedCase" "convention": "mixedCase"
} }
} }
] ],
}, "description": "Parameter naming.setInt(uint256,uint256).Number2 (tests/naming_convention.sol#35) is not in mixedCase\n",
{ "markdown": "Parameter [naming.setInt(uint256,uint256).Number2](tests/naming_convention.sol#L35) is not in mixedCase\n",
"check": "naming-convention", "check": "naming-convention",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Constant 'naming.MY_other_CONSTANT' (tests/naming_convention.sol#9) is not in UPPER_CASE_WITH_UNDERSCORES\n", },
{
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -582,13 +583,14 @@
"convention": "UPPER_CASE_WITH_UNDERSCORES" "convention": "UPPER_CASE_WITH_UNDERSCORES"
} }
} }
] ],
}, "description": "Constant naming.MY_other_CONSTANT (tests/naming_convention.sol#9) is not in UPPER_CASE_WITH_UNDERSCORES\n",
{ "markdown": "Constant [naming.MY_other_CONSTANT](tests/naming_convention.sol#L9) is not in UPPER_CASE_WITH_UNDERSCORES\n",
"check": "naming-convention", "check": "naming-convention",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Variable 'naming.Var_One' (tests/naming_convention.sol#11) is not in mixedCase\n", },
{
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -677,13 +679,14 @@
"convention": "mixedCase" "convention": "mixedCase"
} }
} }
] ],
}, "description": "Variable naming.Var_One (tests/naming_convention.sol#11) is not in mixedCase\n",
{ "markdown": "Variable [naming.Var_One](tests/naming_convention.sol#L11) is not in mixedCase\n",
"check": "naming-convention", "check": "naming-convention",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Enum 'naming.numbers' (tests/naming_convention.sol#6) is not in CapWords\n", },
{
"elements": [ "elements": [
{ {
"type": "enum", "type": "enum",
@ -772,13 +775,14 @@
"convention": "CapWords" "convention": "CapWords"
} }
} }
] ],
}, "description": "Enum naming.numbers (tests/naming_convention.sol#6) is not in CapWords\n",
{ "markdown": "Enum [naming.numbers](tests/naming_convention.sol#L6) is not in CapWords\n",
"check": "naming-convention", "check": "naming-convention",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Modifier 'naming.CantDo()' (tests/naming_convention.sol#41-43) is not in mixedCase\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -870,13 +874,14 @@
"convention": "mixedCase" "convention": "mixedCase"
} }
} }
] ],
}, "description": "Modifier naming.CantDo() (tests/naming_convention.sol#41-43) is not in mixedCase\n",
{ "markdown": "Modifier [naming.CantDo()](tests/naming_convention.sol#L41-L43) is not in mixedCase\n",
"check": "naming-convention", "check": "naming-convention",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Parameter '_used' of _used (tests/naming_convention.sol#59) is not in mixedCase\n", },
{
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -956,13 +961,14 @@
"convention": "mixedCase" "convention": "mixedCase"
} }
} }
] ],
}, "description": "Parameter T.test(uint256,uint256)._used (tests/naming_convention.sol#59) is not in mixedCase\n",
{ "markdown": "Parameter [T.test(uint256,uint256)._used](tests/naming_convention.sol#L59) is not in mixedCase\n",
"check": "naming-convention", "check": "naming-convention",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Variable 'T._myPublicVar' (tests/naming_convention.sol#56) is not in mixedCase\n", },
{
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -1020,13 +1026,14 @@
"convention": "mixedCase" "convention": "mixedCase"
} }
} }
] ],
}, "description": "Variable T._myPublicVar (tests/naming_convention.sol#56) is not in mixedCase\n",
{ "markdown": "Variable [T._myPublicVar](tests/naming_convention.sol#L56) is not in mixedCase\n",
"check": "naming-convention", "check": "naming-convention",
"impact": "Informational", "impact": "Informational",
"confidence": "High", "confidence": "High"
"description": "Variable 'T.l' (tests/naming_convention.sol#67) used l, O, I, which should not be used\n", },
{
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -1084,7 +1091,12 @@
"convention": "l_O_I_should_not_be_used" "convention": "l_O_I_should_not_be_used"
} }
} }
] ],
"description": "Variable T.l (tests/naming_convention.sol#67) used l, O, I, which should not be used\n",
"markdown": "Variable [T.l](tests/naming_convention.sol#L67) used l, O, I, which should not be used\n",
"check": "naming-convention",
"impact": "Informational",
"confidence": "High"
} }
] ]
} }

@ -1,15 +1,15 @@
INFO:Detectors: 
Contract 'naming' (tests/naming_convention.sol#3-48) is not in CapWords Contract naming (tests/naming_convention.sol#3-48) is not in CapWords
Struct 'naming.test' (tests/naming_convention.sol#14-16) is not in CapWords Struct naming.test (tests/naming_convention.sol#14-16) is not in CapWords
Event 'namingevent_(uint256)' (tests/naming_convention.sol#23) is not in CapWords Event namingevent_(uint256) (tests/naming_convention.sol#23) is not in CapWords
Function 'naming.GetOne()' (tests/naming_convention.sol#30-33) is not in mixedCase Function naming.GetOne() (tests/naming_convention.sol#30-33) is not in mixedCase
Parameter 'Number2' of Number2 (tests/naming_convention.sol#35) is not in mixedCase Parameter naming.setInt(uint256,uint256).Number2 (tests/naming_convention.sol#35) is not in mixedCase
Constant 'naming.MY_other_CONSTANT' (tests/naming_convention.sol#9) is not in UPPER_CASE_WITH_UNDERSCORES Constant naming.MY_other_CONSTANT (tests/naming_convention.sol#9) is not in UPPER_CASE_WITH_UNDERSCORES
Variable 'naming.Var_One' (tests/naming_convention.sol#11) is not in mixedCase Variable naming.Var_One (tests/naming_convention.sol#11) is not in mixedCase
Enum 'naming.numbers' (tests/naming_convention.sol#6) is not in CapWords Enum naming.numbers (tests/naming_convention.sol#6) is not in CapWords
Modifier 'naming.CantDo()' (tests/naming_convention.sol#41-43) is not in mixedCase Modifier naming.CantDo() (tests/naming_convention.sol#41-43) is not in mixedCase
Parameter '_used' of _used (tests/naming_convention.sol#59) is not in mixedCase Parameter T.test(uint256,uint256)._used (tests/naming_convention.sol#59) is not in mixedCase
Variable 'T._myPublicVar' (tests/naming_convention.sol#56) is not in mixedCase Variable T._myPublicVar (tests/naming_convention.sol#56) is not in mixedCase
Variable 'T.l' (tests/naming_convention.sol#67) used l, O, I, which should not be used Variable T.l (tests/naming_convention.sol#67) used l, O, I, which should not be used
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:tests/naming_convention.sol analyzed (4 contracts), 12 result(s) found tests/naming_convention.sol analyzed (4 contracts with 1 detectors), 12 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "solc-version",
"impact": "Informational",
"confidence": "High",
"description": "Pragma version \"0.4.21\" allows old versions (None)\n",
"elements": [ "elements": [
{ {
"type": "pragma", "type": "pragma",
@ -32,7 +28,12 @@
] ]
} }
} }
] ],
"description": "Pragma version0.4.21 (None) allows old versions\n",
"markdown": "Pragma version[0.4.21](None) allows old versions\n",
"check": "solc-version",
"impact": "Informational",
"confidence": "High"
} }
] ]
} }

@ -1,5 +1,5 @@
INFO:Detectors: 
Pragma version "0.4.21" allows old versions (None) Pragma version0.4.21 (None) allows old versions
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-versions-of-solidity Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-versions-of-solidity
tests/old_solc.sol.json analyzed (1 contracts with 1 detectors), 1 result(s) found
INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/old_solc.sol.json.solc-version.json exists already, the overwrite is prevented INFO:Slither:/home/travis/build/crytic/slither/scripts/../tests/expected_json/old_solc.sol.json.solc-version.json exists already, the overwrite is prevented
INFO:Slither:tests/old_solc.sol.json analyzed (1 contracts), 1 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "pragma",
"impact": "Informational",
"confidence": "High",
"description": "Different versions of Solidity is used in :\n\t- Version used: ['^0.4.23', '^0.4.24']\n\t- tests/pragma.0.4.23.sol#1 declares pragma solidity^0.4.23\n\t- tests/pragma.0.4.24.sol#1 declares pragma solidity^0.4.24\n",
"elements": [ "elements": [
{ {
"type": "pragma", "type": "pragma",
@ -61,7 +57,12 @@
] ]
} }
} }
] ],
"description": "Different versions of Solidity is used in :\n\t- Version used: ['^0.4.23', '^0.4.24']\n\t- ^0.4.23 (tests/pragma.0.4.23.sol#1)\n\t- ^0.4.24 (tests/pragma.0.4.24.sol#1)\n",
"markdown": "Different versions of Solidity is used in :\n\t- Version used: ['^0.4.23', '^0.4.24']\n\t- [^0.4.23](tests/pragma.0.4.23.sol#L1)\n\t- [^0.4.24](tests/pragma.0.4.24.sol#L1)\n",
"check": "pragma",
"impact": "Informational",
"confidence": "High"
} }
] ]
} }

@ -1,7 +1,7 @@
INFO:Detectors: 
Different versions of Solidity is used in : Different versions of Solidity is used in :
- Version used: ['^0.4.23', '^0.4.24'] - Version used: ['^0.4.23', '^0.4.24']
- tests/pragma.0.4.23.sol#1 declares pragma solidity^0.4.23 - ^0.4.23 (tests/pragma.0.4.23.sol#1)
- tests/pragma.0.4.24.sol#1 declares pragma solidity^0.4.24 - ^0.4.24 (tests/pragma.0.4.24.sol#1)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#different-pragma-directives-are-used Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#different-pragma-directives-are-used
INFO:Slither:tests/pragma.0.4.24.sol analyzed (1 contracts), 1 result(s) found tests/pragma.0.4.24.sol analyzed (1 contracts with 1 detectors), 1 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium",
"description": "Reentrancy in Reentrancy.withdrawBalance() (tests/reentrancy-0.5.1.sol#14-22):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/reentrancy-0.5.1.sol#17)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy-0.5.1.sol#21)\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -350,13 +346,14 @@
"variable_name": "userBalance" "variable_name": "userBalance"
} }
} }
] ],
}, "description": "Reentrancy in Reentrancy.withdrawBalance() (tests/reentrancy-0.5.1.sol#14-22):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/reentrancy-0.5.1.sol#17)\n\tState variables written after the call(s):\n\t- Reentrancy.userBalance (tests/reentrancy-0.5.1.sol#4) in userBalance[msg.sender] = 0 (tests/reentrancy-0.5.1.sol#21)\n",
{ "markdown": "Reentrancy in [Reentrancy.withdrawBalance()](tests/reentrancy-0.5.1.sol#L14-L22):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()](tests/reentrancy-0.5.1.sol#L17)\n\tState variables written after the call(s):\n\t- [Reentrancy.userBalance](tests/reentrancy-0.5.1.sol#L4) in [userBalance[msg.sender] = 0](tests/reentrancy-0.5.1.sol#L21)\n",
"check": "reentrancy-eth", "check": "reentrancy-eth",
"impact": "High", "impact": "High",
"confidence": "Medium", "confidence": "Medium"
"description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3() (tests/reentrancy-0.5.1.sol#44-53):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(amount)() (tests/reentrancy-0.5.1.sol#49)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy-0.5.1.sol#51)\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -702,7 +699,12 @@
"variable_name": "userBalance" "variable_name": "userBalance"
} }
} }
] ],
"description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3() (tests/reentrancy-0.5.1.sol#44-53):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(amount)() (tests/reentrancy-0.5.1.sol#49)\n\tState variables written after the call(s):\n\t- Reentrancy.userBalance (tests/reentrancy-0.5.1.sol#4) in userBalance[msg.sender] = amount (tests/reentrancy-0.5.1.sol#51)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance_fixed_3()](tests/reentrancy-0.5.1.sol#L44-L53):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call.value(amount)()](tests/reentrancy-0.5.1.sol#L49)\n\tState variables written after the call(s):\n\t- [Reentrancy.userBalance](tests/reentrancy-0.5.1.sol#L4) in [userBalance[msg.sender] = amount](tests/reentrancy-0.5.1.sol#L51)\n",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"
} }
] ]
} }

@ -1,13 +1,13 @@
INFO:Detectors: 
Reentrancy in Reentrancy.withdrawBalance() (tests/reentrancy-0.5.1.sol#14-22): Reentrancy in Reentrancy.withdrawBalance() (tests/reentrancy-0.5.1.sol#14-22):
External calls: External calls:
- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/reentrancy-0.5.1.sol#17) - (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/reentrancy-0.5.1.sol#17)
State variables written after the call(s): State variables written after the call(s):
- userBalance (tests/reentrancy-0.5.1.sol#21) - Reentrancy.userBalance (tests/reentrancy-0.5.1.sol#4) in userBalance[msg.sender] = 0 (tests/reentrancy-0.5.1.sol#21)
Reentrancy in Reentrancy.withdrawBalance_fixed_3() (tests/reentrancy-0.5.1.sol#44-53): Reentrancy in Reentrancy.withdrawBalance_fixed_3() (tests/reentrancy-0.5.1.sol#44-53):
External calls: External calls:
- (ret,mem) = msg.sender.call.value(amount)() (tests/reentrancy-0.5.1.sol#49) - (ret,mem) = msg.sender.call.value(amount)() (tests/reentrancy-0.5.1.sol#49)
State variables written after the call(s): State variables written after the call(s):
- userBalance (tests/reentrancy-0.5.1.sol#51) - Reentrancy.userBalance (tests/reentrancy-0.5.1.sol#4) in userBalance[msg.sender] = amount (tests/reentrancy-0.5.1.sol#51)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities
INFO:Slither:tests/reentrancy-0.5.1.sol analyzed (1 contracts), 2 result(s) found tests/reentrancy-0.5.1.sol analyzed (1 contracts with 1 detectors), 2 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium",
"description": "Reentrancy in Reentrancy.withdrawBalance() (tests/reentrancy.sol#14-21):\n\tExternal calls:\n\t- ! (msg.sender.call.value(userBalance[msg.sender])()) (tests/reentrancy.sol#17)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy.sol#20)\n",
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -401,13 +397,14 @@
"variable_name": "userBalance" "variable_name": "userBalance"
} }
} }
] ],
}, "description": "Reentrancy in Reentrancy.withdrawBalance() (tests/reentrancy.sol#14-21):\n\tExternal calls:\n\t- ! (msg.sender.call.value(userBalance[msg.sender])()) (tests/reentrancy.sol#17)\n\tState variables written after the call(s):\n\t- Reentrancy.userBalance (tests/reentrancy.sol#4) in userBalance[msg.sender] = 0 (tests/reentrancy.sol#20)\n",
{ "markdown": "Reentrancy in [Reentrancy.withdrawBalance()](tests/reentrancy.sol#L14-L21):\n\tExternal calls:\n\t- [! (msg.sender.call.value(userBalance[msg.sender])())](tests/reentrancy.sol#L17)\n\tState variables written after the call(s):\n\t- [Reentrancy.userBalance](tests/reentrancy.sol#L4) in [userBalance[msg.sender] = 0](tests/reentrancy.sol#L20)\n",
"check": "reentrancy-eth", "check": "reentrancy-eth",
"impact": "High", "impact": "High",
"confidence": "Medium", "confidence": "Medium"
"description": "Reentrancy in Reentrancy.withdrawBalance_nested() (tests/reentrancy.sol#64-70):\n\tExternal calls:\n\t- msg.sender.call.value(amount / 2)() (tests/reentrancy.sol#67)\n\tState variables written after the call(s):\n\t- userBalance (tests/reentrancy.sol#68)\n", },
{
"elements": [ "elements": [
{ {
"type": "function", "type": "function",
@ -798,7 +795,12 @@
"variable_name": "userBalance" "variable_name": "userBalance"
} }
} }
] ],
"description": "Reentrancy in Reentrancy.withdrawBalance_nested() (tests/reentrancy.sol#64-70):\n\tExternal calls:\n\t- msg.sender.call.value(amount / 2)() (tests/reentrancy.sol#67)\n\tState variables written after the call(s):\n\t- Reentrancy.userBalance (tests/reentrancy.sol#4) in userBalance[msg.sender] = 0 (tests/reentrancy.sol#68)\n",
"markdown": "Reentrancy in [Reentrancy.withdrawBalance_nested()](tests/reentrancy.sol#L64-L70):\n\tExternal calls:\n\t- [msg.sender.call.value(amount / 2)()](tests/reentrancy.sol#L67)\n\tState variables written after the call(s):\n\t- [Reentrancy.userBalance](tests/reentrancy.sol#L4) in [userBalance[msg.sender] = 0](tests/reentrancy.sol#L68)\n",
"check": "reentrancy-eth",
"impact": "High",
"confidence": "Medium"
} }
] ]
} }

@ -1,13 +1,13 @@
INFO:Detectors: 
Reentrancy in Reentrancy.withdrawBalance() (tests/reentrancy.sol#14-21): Reentrancy in Reentrancy.withdrawBalance() (tests/reentrancy.sol#14-21):
External calls: External calls:
- ! (msg.sender.call.value(userBalance[msg.sender])()) (tests/reentrancy.sol#17) - ! (msg.sender.call.value(userBalance[msg.sender])()) (tests/reentrancy.sol#17)
State variables written after the call(s): State variables written after the call(s):
- userBalance (tests/reentrancy.sol#20) - Reentrancy.userBalance (tests/reentrancy.sol#4) in userBalance[msg.sender] = 0 (tests/reentrancy.sol#20)
Reentrancy in Reentrancy.withdrawBalance_nested() (tests/reentrancy.sol#64-70): Reentrancy in Reentrancy.withdrawBalance_nested() (tests/reentrancy.sol#64-70):
External calls: External calls:
- msg.sender.call.value(amount / 2)() (tests/reentrancy.sol#67) - msg.sender.call.value(amount / 2)() (tests/reentrancy.sol#67)
State variables written after the call(s): State variables written after the call(s):
- userBalance (tests/reentrancy.sol#68) - Reentrancy.userBalance (tests/reentrancy.sol#4) in userBalance[msg.sender] = 0 (tests/reentrancy.sol#68)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities
INFO:Slither:tests/reentrancy.sol analyzed (1 contracts), 2 result(s) found tests/reentrancy.sol analyzed (1 contracts with 1 detectors), 2 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "rtlo",
"impact": "High",
"confidence": "High",
"description": "/home/travis/build/crytic/slither/tests/right_to_left_override.sol contains a unicode right-to-left-override character at byte offset 96:\n\t- b' test1(/*A\\xe2\\x80\\xae/*B*/2 , 1/*\\xe2\\x80\\xad'\n",
"elements": [ "elements": [
{ {
"type": "other", "type": "other",
@ -27,7 +23,12 @@
"ending_column": 21 "ending_column": 21
} }
} }
] ],
"description": "/home/travis/build/crytic/slither/tests/right_to_left_override.sol contains a unicode right-to-left-override character at byte offset 96:\n\t- b' test1(/*A\\xe2\\x80\\xae/*B*/2 , 1/*\\xe2\\x80\\xad'\n",
"markdown": "/home/travis/build/crytic/slither/tests/right_to_left_override.sol contains a unicode right-to-left-override character at byte offset 96:\n\t- b' test1(/*A\\xe2\\x80\\xae/*B*/2 , 1/*\\xe2\\x80\\xad'\n",
"check": "rtlo",
"impact": "High",
"confidence": "High"
} }
] ]
} }

@ -1,5 +1,5 @@
INFO:Detectors: 
/home/travis/build/crytic/slither/tests/right_to_left_override.sol contains a unicode right-to-left-override character at byte offset 96: /home/travis/build/crytic/slither/tests/right_to_left_override.sol contains a unicode right-to-left-override character at byte offset 96:
- b' test1(/*A\xe2\x80\xae/*B*/2 , 1/*\xe2\x80\xad' - b' test1(/*A\xe2\x80\xae/*B*/2 , 1/*\xe2\x80\xad'
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#right-to-left-override-character Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#right-to-left-override-character
INFO:Slither:tests/right_to_left_override.sol analyzed (1 contracts), 1 result(s) found tests/right_to_left_override.sol analyzed (1 contracts with 1 detectors), 1 result(s) found

@ -4,10 +4,6 @@
"results": { "results": {
"detectors": [ "detectors": [
{ {
"check": "shadowing-abstract",
"impact": "Medium",
"confidence": "High",
"description": "DerivedContract.owner (tests/shadowing_abstract.sol#7) shadows:\n\t- BaseContract.owner (tests/shadowing_abstract.sol#2)\n",
"elements": [ "elements": [
{ {
"type": "variable", "type": "variable",
@ -91,7 +87,12 @@
} }
} }
} }
] ],
"description": "DerivedContract.owner (tests/shadowing_abstract.sol#7) shadows:\n\t- BaseContract.owner (tests/shadowing_abstract.sol#2)\n",
"markdown": "[DerivedContract.owner](tests/shadowing_abstract.sol#L7) shadows:\n\t- [BaseContract.owner](tests/shadowing_abstract.sol#L2)\n",
"check": "shadowing-abstract",
"impact": "Medium",
"confidence": "High"
} }
] ]
} }

Some files were not shown because too many files have changed in this diff Show More

Loading…
Cancel
Save