Add code quality detector to check if an old version of solc is used

6 years ago · ef32f484e0
parent cfe987ef52
commit ef32f484e0
4 changed files with 109 additions and 0 deletions
--- a/examples/bugs/old_solc.sol.json
+++ b/examples/bugs/old_solc.sol.json
@ -0,0 +1,67 @@
+JSON AST:
+
+
+======= old_solc.sol =======
+{
+	"attributes" : 
+	{
+		"absolutePath" : "old_solc.sol",
+		"exportedSymbols" : 
+		{
+			"Contract" : 
+			[
+				2
+			]
+		}
+	},
+	"children" : 
+	[
+		{
+			"attributes" : 
+			{
+				"literals" : 
+				[
+					"solidity",
+					"0.4",
+					".21"
+				]
+			},
+			"id" : 1,
+			"name" : "PragmaDirective",
+			"src" : "0:23:0"
+		},
+		{
+			"attributes" : 
+			{
+				"baseContracts" : 
+				[
+					null
+				],
+				"contractDependencies" : 
+				[
+					null
+				],
+				"contractKind" : "contract",
+				"documentation" : null,
+				"fullyImplemented" : true,
+				"linearizedBaseContracts" : 
+				[
+					2
+				],
+				"name" : "Contract",
+				"nodes" : 
+				[
+					null
+				],
+				"scope" : 3
+			},
+			"id" : 2,
+			"name" : "ContractDefinition",
+			"src" : "25:21:0"
+		}
+	],
+	"id" : 3,
+	"name" : "SourceUnit",
+	"src" : "0:47:0"
+}
+======= old_solc.sol:Contract =======
--- a/scripts/travis_test.sh
+++ b/scripts/travis_test.sh
@ -15,4 +15,9 @@ if [ $? -ne 1 ]; then
    exit 1
 fi

+slither examples/bugs/old_solc.sol.json --solc-ast
+if [ $? -ne 1 ]; then
+    exit 1
+fi
+
 exit 0
--- a/slither/detectors/attributes/old_solc.py
+++ b/slither/detectors/attributes/old_solc.py
@ -0,0 +1,36 @@
+"""
+    Check if an old version of solc is used
+    Solidity >= 0.4.23 should be used
+"""
+
+from slither.detectors.abstractDetector import AbstractDetector
+from slither.detectors.detectorClassification import DetectorClassification
+
+class OldSolc(AbstractDetector):
+    """
+    Check if an old version of solc is used
+    """
+
+    ARGUMENT = 'solc-version'
+    HELP = 'an old version of Solidity used (<0.4.23)'
+    CLASSIFICATION = DetectorClassification.CODE_QUALITY
+
+
+    def detect(self):
+        """
+        """
+
+        results = []
+        pragma = self.slither.pragma_directives
+        pragma = [''.join(p[1:]) for p in pragma]
+        pragma = [p.replace('solidity','').replace('^','') for p in pragma]
+        pragma = list(set(pragma))
+        old_pragma = [p for p in pragma if p not in ['0.4.23', '0.4.24']]
+
+        if old_pragma:
+            info = "Old version of Solidity used in {}: {}".format(self.filename, old_pragma)
+            self.log(info)
+
+            results.append({'vuln':'OldPragma', 'pragma': old_pragma})
+
+        return results
--- a/slither/detectors/detectors.py
+++ b/slither/detectors/detectors.py
@ -9,6 +9,7 @@ from slither.detectors.detectorClassification import DetectorClassification
 from slither.detectors.examples.backdoor import Backdoor
 from slither.detectors.variables.uninitializedStateVarsDetection import UninitializedStateVarsDetection
 from slither.detectors.attributes.constant_pragma import ConstantPragma
+from slither.detectors.attributes.old_solc import OldSolc

 ###