Add deterministic results for reentrancy

pull/179/head
Josselin 6 years ago
parent 1777759dd0
commit f970f8c647
  1. 6
      slither/detectors/reentrancy/reentrancy_benign.py
  2. 11
      slither/detectors/reentrancy/reentrancy_eth.py
  3. 4
      slither/detectors/reentrancy/reentrancy_read_before_write.py

@ -82,8 +82,8 @@ Only report reentrancy that acts as a double call (see `reentrancy-eth`, `reentr
result_sorted = sorted(list(reentrancies.items()), key=lambda x:x[0][0].name) result_sorted = sorted(list(reentrancies.items()), key=lambda x:x[0][0].name)
for (func, calls, send_eth), varsWritten in result_sorted: for (func, calls, send_eth), varsWritten in result_sorted:
calls = list(set(calls)) calls = sorted(list(set(calls)), key=lambda x: x.node_id)
send_eth = list(set(send_eth)) send_eth = sorted(list(set(send_eth)), key=lambda x: x.node_id)
info = 'Reentrancy in {}.{} ({}):\n' info = 'Reentrancy in {}.{} ({}):\n'
info = info.format(func.contract.name, func.name, func.source_mapping_str) info = info.format(func.contract.name, func.name, func.source_mapping_str)
info += '\tExternal calls:\n' info += '\tExternal calls:\n'
@ -94,7 +94,7 @@ Only report reentrancy that acts as a double call (see `reentrancy-eth`, `reentr
for call_info in send_eth: for call_info in send_eth:
info += '\t- {} ({})\n'.format(call_info.expression, call_info.source_mapping_str) info += '\t- {} ({})\n'.format(call_info.expression, call_info.source_mapping_str)
info += '\tState variables written after the call(s):\n' info += '\tState variables written after the call(s):\n'
for (v, node) in varsWritten: for (v, node) in sorted(varsWritten, key=lambda x: (x[0].name, x[1].node_id)):
info += '\t- {} ({})\n'.format(v, node.source_mapping_str) info += '\t- {} ({})\n'.format(v, node.source_mapping_str)
sending_eth_json = [] sending_eth_json = []

@ -84,12 +84,9 @@ Bob uses the re-entrancy bug to call `withdrawBalance` two times, and withdraw m
result_sorted = sorted(list(reentrancies.items()), key=lambda x:x[0][0].name) result_sorted = sorted(list(reentrancies.items()), key=lambda x:x[0][0].name)
for (func, calls, send_eth), varsWritten in result_sorted: for (func, calls, send_eth), varsWritten in result_sorted:
calls = list(set(calls)) calls = sorted(list(set(calls)), key=lambda x: x.node_id)
send_eth = list(set(send_eth)) send_eth = sorted(list(set(send_eth)), key=lambda x: x.node_id)
# if calls == send_eth:
# calls_info = 'Call: {},'.format(calls_str)
# else:
# calls_info = 'Call: {}, Ether sent: {},'.format(calls_str, send_eth_str)
info = 'Reentrancy in {}.{} ({}):\n' info = 'Reentrancy in {}.{} ({}):\n'
info = info.format(func.contract.name, func.name, func.source_mapping_str) info = info.format(func.contract.name, func.name, func.source_mapping_str)
info += '\tExternal calls:\n' info += '\tExternal calls:\n'
@ -100,7 +97,7 @@ Bob uses the re-entrancy bug to call `withdrawBalance` two times, and withdraw m
for call_info in send_eth: for call_info in send_eth:
info += '\t- {} ({})\n'.format(call_info.expression, call_info.source_mapping_str) info += '\t- {} ({})\n'.format(call_info.expression, call_info.source_mapping_str)
info += '\tState variables written after the call(s):\n' info += '\tState variables written after the call(s):\n'
for (v, node) in varsWritten: for (v, node) in sorted(varsWritten, key=lambda x: (x[0].name, x[1].node_id)):
info += '\t- {} ({})\n'.format(v, node.source_mapping_str) info += '\t- {} ({})\n'.format(v, node.source_mapping_str)
sending_eth_json = [] sending_eth_json = []

@ -81,14 +81,14 @@ Do not report reentrancies that involve ethers (see `reentrancy-eth`)'''
result_sorted = sorted(list(reentrancies.items()), key=lambda x:x[0][0].name) result_sorted = sorted(list(reentrancies.items()), key=lambda x:x[0][0].name)
for (func, calls), varsWritten in result_sorted: for (func, calls), varsWritten in result_sorted:
calls = list(set(calls)) calls = sorted(list(set(calls)), key=lambda x: x.node_id)
info = 'Reentrancy in {}.{} ({}):\n' info = 'Reentrancy in {}.{} ({}):\n'
info = info.format(func.contract.name, func.name, func.source_mapping_str) info = info.format(func.contract.name, func.name, func.source_mapping_str)
info += '\tExternal calls:\n' info += '\tExternal calls:\n'
for call_info in calls: for call_info in calls:
info += '\t- {} ({})\n'.format(call_info.expression, call_info.source_mapping_str) info += '\t- {} ({})\n'.format(call_info.expression, call_info.source_mapping_str)
info += '\tState variables written after the call(s):\n' info += '\tState variables written after the call(s):\n'
for (v, node) in varsWritten: for (v, node) in sorted(varsWritten, key=lambda x: (x[0].name, x[1].node_id)):
info += '\t- {} ({})\n'.format(v, node.source_mapping_str) info += '\t- {} ({})\n'.format(v, node.source_mapping_str)
sending_eth_json = [] sending_eth_json = []

Loading…
Cancel
Save