mirror of https://github.com/crytic/slither
Alexander Remie
4 years ago
parent
cf07c59516
commit
fa22b62634
@ -0,0 +1,99 @@ |
||||
pragma experimental ABIEncoderV2; |
||||
|
||||
contract A { |
||||
|
||||
struct S { |
||||
uint i; |
||||
} |
||||
|
||||
uint[2][3] bad_arr = [[1, 2], [3, 4], [5, 6]]; |
||||
uint[3] good_arr = [1, 2, 3]; |
||||
S[3] s; |
||||
|
||||
event event1_bad(uint[2][3] bad_arr); |
||||
event event1_good(uint[3] good_arr); |
||||
event event2_bad(S[3] s); |
||||
|
||||
function bad0_external(uint [2][3] calldata arr1) external { |
||||
} |
||||
|
||||
/* Array of arrays passed to an external function is vulnerable */ |
||||
function bad0() public { |
||||
this.bad0_external(bad_arr); |
||||
} |
||||
|
||||
function bad1_external (S[3] calldata s1) external { |
||||
} |
||||
|
||||
/* Array of structs passed to an external function is vulnerable */ |
||||
function bad1 (S[3] memory s1) public { |
||||
this.bad1_external(s); |
||||
} |
||||
|
||||
/* Array of arrays passed to abi.encode is vulnerable */ |
||||
function bad2() public { |
||||
bytes memory b = abi.encode(bad_arr); |
||||
} |
||||
|
||||
/* Array of structs passed to abi.encode is vulnerable */ |
||||
function bad3() public { |
||||
bytes memory b = abi.encode(s); |
||||
} |
||||
|
||||
/* Array of arrays passed to an event emit is vulnerable */ |
||||
function bad4() public { |
||||
emit event1_bad(bad_arr); |
||||
} |
||||
|
||||
/* Array of structs passed to an event emit is vulnerable */ |
||||
function bad5() public { |
||||
emit event2_bad(s); |
||||
} |
||||
|
||||
function good0_public (uint[2][3] memory arr1) public { |
||||
} |
||||
|
||||
/* Array of arrays passed to a public function is benign */ |
||||
function good0() public { |
||||
good0_public(bad_arr); |
||||
} |
||||
|
||||
function good1_public (S[3] memory s1) public { |
||||
} |
||||
|
||||
/* Array of structs passed to a public function is benign */ |
||||
function good1 (S[3] memory s1) public { |
||||
good1_public(s); |
||||
} |
||||
|
||||
/* Array of arrays in-memory passed to abi.encode is benign */ |
||||
function good2() public { |
||||
uint8 [2][3] memory bad_arr_mem = [[1, 2], [3, 4], [5, 6]]; |
||||
bytes memory b = abi.encode(bad_arr_mem); |
||||
} |
||||
|
||||
/* Array of structs in-memory passed to abi.encode is benign */ |
||||
function good3() public { |
||||
S[3] memory s_mem; |
||||
bytes memory b = abi.encode(s_mem); |
||||
} |
||||
|
||||
function good4_external(uint[3] calldata arr1) external { |
||||
} |
||||
|
||||
/* Array of elementary types passed to external function is benign */ |
||||
function good4() public { |
||||
this.good4_external(good_arr); |
||||
} |
||||
|
||||
/* Array of elementary types passed to abi.encode is benign */ |
||||
function good5() public { |
||||
bytes memory b = abi.encode(good_arr); |
||||
} |
||||
|
||||
/* Array of elementary types passed to event emit is benign */ |
||||
function good6() public { |
||||
emit event1_good(good_arr); |
||||
} |
||||
|
||||
} |
||||
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,99 @@ |
||||
pragma experimental ABIEncoderV2; |
||||
|
||||
contract A { |
||||
|
||||
struct S { |
||||
uint i; |
||||
} |
||||
|
||||
uint[2][3] bad_arr = [[1, 2], [3, 4], [5, 6]]; |
||||
uint[3] good_arr = [1, 2, 3]; |
||||
S[3] s; |
||||
|
||||
event event1_bad(uint[2][3] bad_arr); |
||||
event event1_good(uint[3] good_arr); |
||||
event event2_bad(S[3] s); |
||||
|
||||
function good7_external(uint [2][3] calldata arr1) external { |
||||
} |
||||
|
||||
/* Array of arrays passed to an external function is vulnerable */ |
||||
function good7() public { |
||||
this.good7_external(bad_arr); |
||||
} |
||||
|
||||
function good8_external (S[3] calldata s1) external { |
||||
} |
||||
|
||||
/* Array of structs passed to an external function is vulnerable */ |
||||
function good8 (S[3] memory s1) public { |
||||
this.good8_external(s); |
||||
} |
||||
|
||||
/* Array of arrays passed to abi.encode is vulnerable */ |
||||
function good9() public { |
||||
bytes memory b = abi.encode(bad_arr); |
||||
} |
||||
|
||||
/* Array of structs passed to abi.encode is vulnerable */ |
||||
function good10() public { |
||||
bytes memory b = abi.encode(s); |
||||
} |
||||
|
||||
/* Array of arrays passed to an event emit is vulnerable */ |
||||
function good11() public { |
||||
emit event1_bad(bad_arr); |
||||
} |
||||
|
||||
/* Array of structs passed to an event emit is vulnerable */ |
||||
function good12() public { |
||||
emit event2_bad(s); |
||||
} |
||||
|
||||
function good0_public (uint[2][3] memory arr1) public { |
||||
} |
||||
|
||||
/* Array of arrays passed to a public function is benign */ |
||||
function good0() public { |
||||
good0_public(bad_arr); |
||||
} |
||||
|
||||
function good1_public (S[3] memory s1) public { |
||||
} |
||||
|
||||
/* Array of structs passed to a public function is benign */ |
||||
function good1 (S[3] memory s1) public { |
||||
good1_public(s); |
||||
} |
||||
|
||||
/* Array of arrays in-memory passed to abi.encode is benign */ |
||||
function good2() public { |
||||
uint8 [2][3] memory bad_arr_mem = [[1, 2], [3, 4], [5, 6]]; |
||||
bytes memory b = abi.encode(bad_arr_mem); |
||||
} |
||||
|
||||
/* Array of structs in-memory passed to abi.encode is benign */ |
||||
function good3() public { |
||||
S[3] memory s_mem; |
||||
bytes memory b = abi.encode(s_mem); |
||||
} |
||||
|
||||
function good4_external(uint[3] calldata arr1) external { |
||||
} |
||||
|
||||
/* Array of elementary types passed to external function is benign */ |
||||
function good4() public { |
||||
this.good4_external(good_arr); |
||||
} |
||||
|
||||
/* Array of elementary types passed to abi.encode is benign */ |
||||
function good5() public { |
||||
bytes memory b = abi.encode(good_arr); |
||||
} |
||||
|
||||
/* Array of elementary types passed to event emit is benign */ |
||||
function good6() public { |
||||
emit event1_good(good_arr); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,388 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "direct", |
||||
"source_mapping": { |
||||
"start": 147, |
||||
"length": 79, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "Test", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 869, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "direct()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "msg.sender.send(address(this).balance)", |
||||
"source_mapping": { |
||||
"start": 181, |
||||
"length": 38, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
12 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 47 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "direct", |
||||
"source_mapping": { |
||||
"start": 147, |
||||
"length": 79, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "Test", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 869, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "direct()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "Test.direct() (tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol#12)\n", |
||||
"markdown": "[Test.direct()](tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol#L11-L13) sends eth to arbitrary user\n\tDangerous calls:\n\t- [msg.sender.send(address(this).balance)](tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol#L12)\n", |
||||
"id": "477cc1ab9fa3d2263400e47d09146eaed3e478f5eecf7856b59d49a2a5093a1c", |
||||
"check": "arbitrary-send", |
||||
"impact": "High", |
||||
"confidence": "Medium" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "indirect", |
||||
"source_mapping": { |
||||
"start": 301, |
||||
"length": 82, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "Test", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 869, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "indirect()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "destination.send(address(this).balance)", |
||||
"source_mapping": { |
||||
"start": 337, |
||||
"length": 39, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
20 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 48 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "indirect", |
||||
"source_mapping": { |
||||
"start": 301, |
||||
"length": 82, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "Test", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 869, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "indirect()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "Test.indirect() (tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol#20)\n", |
||||
"markdown": "[Test.indirect()](tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol#L19-L21) sends eth to arbitrary user\n\tDangerous calls:\n\t- [destination.send(address(this).balance)](tests/detectors/arbitrary-send/0.4.25/arbitrary_send.sol#L20)\n", |
||||
"id": "4759805615df746a3d8a6c068ce885d2c18c46edf411f83ae004593958caafe7", |
||||
"check": "arbitrary-send", |
||||
"impact": "High", |
||||
"confidence": "Medium" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,388 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "direct", |
||||
"source_mapping": { |
||||
"start": 162, |
||||
"length": 79, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "Test", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 884, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "direct()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "msg.sender.send(address(this).balance)", |
||||
"source_mapping": { |
||||
"start": 196, |
||||
"length": 38, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
12 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 47 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "direct", |
||||
"source_mapping": { |
||||
"start": 162, |
||||
"length": 79, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "Test", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 884, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "direct()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "Test.direct() (tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol#12)\n", |
||||
"markdown": "[Test.direct()](tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol#L11-L13) sends eth to arbitrary user\n\tDangerous calls:\n\t- [msg.sender.send(address(this).balance)](tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol#L12)\n", |
||||
"id": "9531cafd91af4d7b54f22fa933dae983077df1c51bd855c2516ffee812911f43", |
||||
"check": "arbitrary-send", |
||||
"impact": "High", |
||||
"confidence": "Medium" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "indirect", |
||||
"source_mapping": { |
||||
"start": 316, |
||||
"length": 82, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "Test", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 884, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "indirect()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "destination.send(address(this).balance)", |
||||
"source_mapping": { |
||||
"start": 352, |
||||
"length": 39, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
20 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 48 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "indirect", |
||||
"source_mapping": { |
||||
"start": 316, |
||||
"length": 82, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "Test", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 884, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "indirect()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "Test.indirect() (tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol#20)\n", |
||||
"markdown": "[Test.indirect()](tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol#L19-L21) sends eth to arbitrary user\n\tDangerous calls:\n\t- [destination.send(address(this).balance)](tests/detectors/arbitrary-send/0.5.16/arbitrary_send.sol#L20)\n", |
||||
"id": "f1395ebf21de9f8fb2c5d254c5990cce55b239c05a6a5e074813f58c6cd32834", |
||||
"check": "arbitrary-send", |
||||
"impact": "High", |
||||
"confidence": "Medium" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,41 @@ |
||||
contract Test{ |
||||
|
||||
address payable destination; |
||||
|
||||
mapping (address => uint) balances; |
||||
|
||||
constructor() public{ |
||||
balances[msg.sender] = 0; |
||||
} |
||||
|
||||
function direct() public{ |
||||
msg.sender.send(address(this).balance); |
||||
} |
||||
|
||||
function init() public{ |
||||
destination = msg.sender; |
||||
} |
||||
|
||||
function indirect() public{ |
||||
destination.send(address(this).balance); |
||||
} |
||||
|
||||
// these are legitimate calls |
||||
// and should not be detected |
||||
function repay() payable public{ |
||||
msg.sender.transfer(msg.value); |
||||
} |
||||
|
||||
function withdraw() public{ |
||||
uint val = balances[msg.sender]; |
||||
msg.sender.send(val); |
||||
} |
||||
|
||||
function buy() payable public{ |
||||
uint value_send = msg.value; |
||||
uint value_spent = 0 ; // simulate a buy of tokens |
||||
uint remaining = value_send - value_spent; |
||||
msg.sender.send(remaining); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,388 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "direct", |
||||
"source_mapping": { |
||||
"start": 162, |
||||
"length": 79, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "Test", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 884, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "direct()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "msg.sender.send(address(this).balance)", |
||||
"source_mapping": { |
||||
"start": 196, |
||||
"length": 38, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
12 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 47 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "direct", |
||||
"source_mapping": { |
||||
"start": 162, |
||||
"length": 79, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "Test", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 884, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "direct()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "Test.direct() (tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol#11-13) sends eth to arbitrary user\n\tDangerous calls:\n\t- msg.sender.send(address(this).balance) (tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol#12)\n", |
||||
"markdown": "[Test.direct()](tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol#L11-L13) sends eth to arbitrary user\n\tDangerous calls:\n\t- [msg.sender.send(address(this).balance)](tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol#L12)\n", |
||||
"id": "8a1de239f630f10fef9ef6a9c439fc10aad2f6caba7ee43d1a7f7bacf6028f1e", |
||||
"check": "arbitrary-send", |
||||
"impact": "High", |
||||
"confidence": "Medium" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "indirect", |
||||
"source_mapping": { |
||||
"start": 316, |
||||
"length": 82, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "Test", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 884, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "indirect()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "destination.send(address(this).balance)", |
||||
"source_mapping": { |
||||
"start": 352, |
||||
"length": 39, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
20 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 48 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "indirect", |
||||
"source_mapping": { |
||||
"start": 316, |
||||
"length": 82, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "Test", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 884, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "indirect()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "Test.indirect() (tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol#19-21) sends eth to arbitrary user\n\tDangerous calls:\n\t- destination.send(address(this).balance) (tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol#20)\n", |
||||
"markdown": "[Test.indirect()](tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol#L19-L21) sends eth to arbitrary user\n\tDangerous calls:\n\t- [destination.send(address(this).balance)](tests/detectors/arbitrary-send/0.6.11/arbitrary_send.sol#L20)\n", |
||||
"id": "f272e05d9741895fc22051ed09afa6ce4af8ad4cd74b3452224dfb29eb4b9df6", |
||||
"check": "arbitrary-send", |
||||
"impact": "High", |
||||
"confidence": "Medium" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,41 @@ |
||||
contract Test{ |
||||
|
||||
address payable destination; |
||||
|
||||
mapping (address => uint) balances; |
||||
|
||||
constructor() public{ |
||||
balances[msg.sender] = 0; |
||||
} |
||||
|
||||
function direct() public{ |
||||
msg.sender.send(address(this).balance); |
||||
} |
||||
|
||||
function init() public{ |
||||
destination = msg.sender; |
||||
} |
||||
|
||||
function indirect() public{ |
||||
destination.send(address(this).balance); |
||||
} |
||||
|
||||
// these are legitimate calls |
||||
// and should not be detected |
||||
function repay() payable public{ |
||||
msg.sender.transfer(msg.value); |
||||
} |
||||
|
||||
function withdraw() public{ |
||||
uint val = balances[msg.sender]; |
||||
msg.sender.send(val); |
||||
} |
||||
|
||||
function buy() payable public{ |
||||
uint value_send = msg.value; |
||||
uint value_spent = 0 ; // simulate a buy of tokens |
||||
uint remaining = value_send - value_spent; |
||||
msg.sender.send(remaining); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,51 @@ |
||||
contract C { |
||||
uint[1] public x; |
||||
|
||||
function f() public { |
||||
setByRef(x); // can set x. |
||||
setByValue(x); // cannot set x. |
||||
uint test = 1 + setByValueAndReturn(x); // cannot set x. |
||||
} |
||||
|
||||
function g() public { |
||||
uint[1] storage y = x; |
||||
setByRef(y); // can set y. |
||||
setByValue(y); // cannot set y. |
||||
uint test = 1 + setByValueAndReturn(y); // cannot set y. |
||||
} |
||||
|
||||
function setByRef(uint[1] storage arr) internal { |
||||
arr[0] = 1; |
||||
} |
||||
|
||||
function setByValue(uint[1] memory arr) public { |
||||
arr[0] = 2; |
||||
} |
||||
|
||||
function setByValueAndReturn(uint[1] memory arr) public returns(uint) { |
||||
arr[0] = 2; |
||||
return arr[0]; |
||||
} |
||||
} |
||||
|
||||
contract D { |
||||
// Struct definition |
||||
struct TestStruct { |
||||
uint[1] x; |
||||
} |
||||
|
||||
// State Variables |
||||
TestStruct ts; |
||||
uint[1] x; |
||||
|
||||
// Functions |
||||
function f() public { |
||||
C c = new C(); |
||||
c.setByValue(ts.x); // cannot set x. |
||||
uint test = 1 + c.setByValueAndReturn(ts.x); // cannot set x. |
||||
c.setByValue(x); // cannot set x. |
||||
test = 1 + c.setByValueAndReturn(x); // cannot set x. |
||||
} |
||||
|
||||
|
||||
} |
||||
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,51 @@ |
||||
contract C { |
||||
uint[1] public x; |
||||
|
||||
function f() public { |
||||
setByRef(x); // can set x. |
||||
setByValue(x); // cannot set x. |
||||
uint test = 1 + setByValueAndReturn(x); // cannot set x. |
||||
} |
||||
|
||||
function g() public { |
||||
uint[1] storage y = x; |
||||
setByRef(y); // can set y. |
||||
setByValue(y); // cannot set y. |
||||
uint test = 1 + setByValueAndReturn(y); // cannot set y. |
||||
} |
||||
|
||||
function setByRef(uint[1] storage arr) internal { |
||||
arr[0] = 1; |
||||
} |
||||
|
||||
function setByValue(uint[1] memory arr) public { |
||||
arr[0] = 2; |
||||
} |
||||
|
||||
function setByValueAndReturn(uint[1] memory arr) public returns(uint) { |
||||
arr[0] = 2; |
||||
return arr[0]; |
||||
} |
||||
} |
||||
|
||||
contract D { |
||||
// Struct definition |
||||
struct TestStruct { |
||||
uint[1] x; |
||||
} |
||||
|
||||
// State Variables |
||||
TestStruct ts; |
||||
uint[1] x; |
||||
|
||||
// Functions |
||||
function f() public { |
||||
C c = new C(); |
||||
c.setByValue(ts.x); // cannot set x. |
||||
uint test = 1 + c.setByValueAndReturn(ts.x); // cannot set x. |
||||
c.setByValue(x); // cannot set x. |
||||
test = 1 + c.setByValueAndReturn(x); // cannot set x. |
||||
} |
||||
|
||||
|
||||
} |
||||
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,51 @@ |
||||
contract C { |
||||
uint[1] public x; |
||||
|
||||
function f() public { |
||||
setByRef(x); // can set x. |
||||
setByValue(x); // cannot set x. |
||||
uint test = 1 + setByValueAndReturn(x); // cannot set x. |
||||
} |
||||
|
||||
function g() public { |
||||
uint[1] storage y = x; |
||||
setByRef(y); // can set y. |
||||
setByValue(y); // cannot set y. |
||||
uint test = 1 + setByValueAndReturn(y); // cannot set y. |
||||
} |
||||
|
||||
function setByRef(uint[1] storage arr) internal { |
||||
arr[0] = 1; |
||||
} |
||||
|
||||
function setByValue(uint[1] memory arr) public { |
||||
arr[0] = 2; |
||||
} |
||||
|
||||
function setByValueAndReturn(uint[1] memory arr) public returns(uint) { |
||||
arr[0] = 2; |
||||
return arr[0]; |
||||
} |
||||
} |
||||
|
||||
contract D { |
||||
// Struct definition |
||||
struct TestStruct { |
||||
uint[1] x; |
||||
} |
||||
|
||||
// State Variables |
||||
TestStruct ts; |
||||
uint[1] x; |
||||
|
||||
// Functions |
||||
function f() public { |
||||
C c = new C(); |
||||
c.setByValue(ts.x); // cannot set x. |
||||
uint test = 1 + c.setByValueAndReturn(ts.x); // cannot set x. |
||||
c.setByValue(x); // cannot set x. |
||||
test = 1 + c.setByValueAndReturn(x); // cannot set x. |
||||
} |
||||
|
||||
|
||||
} |
||||
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,20 @@ |
||||
// taken from https://solidity.readthedocs.io/en/v0.4.25/assembly.html |
||||
|
||||
library GetCode { |
||||
function at(address _addr) public view returns (bytes memory o_code) { |
||||
assembly { |
||||
// retrieve the size of the code, this needs assembly |
||||
let size := extcodesize(_addr) |
||||
// allocate output byte array - this could also be done without assembly |
||||
// by using o_code = new bytes(size) |
||||
o_code := mload(0x40) |
||||
// new "memory end" including padding |
||||
mstore(0x40, add(o_code, and(add(add(size, 0x20), 0x1f), not(0x1f)))) |
||||
// store length in memory |
||||
mstore(o_code, size) |
||||
// actually retrieve the code, this needs assembly |
||||
extcodecopy(_addr, add(o_code, 0x20), 0, size) |
||||
} |
||||
} |
||||
} |
||||
|
||||
@ -0,0 +1,184 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "at", |
||||
"source_mapping": { |
||||
"start": 94, |
||||
"length": 707, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_contract.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_contract.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "GetCode", |
||||
"source_mapping": { |
||||
"start": 72, |
||||
"length": 731, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_contract.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_contract.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "at(address)" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "", |
||||
"source_mapping": { |
||||
"start": 173, |
||||
"length": 622, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_contract.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_contract.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 10 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "at", |
||||
"source_mapping": { |
||||
"start": 94, |
||||
"length": 707, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_contract.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_contract.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "GetCode", |
||||
"source_mapping": { |
||||
"start": 72, |
||||
"length": 731, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_contract.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_contract.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "at(address)" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "GetCode.at(address) (tests/detectors/assembly/0.6.11/inline_assembly_contract.sol#4-18) uses assembly\n\t- INLINE ASM (tests/detectors/assembly/0.6.11/inline_assembly_contract.sol#5-17)\n", |
||||
"markdown": "[GetCode.at(address)](tests/detectors/assembly/0.6.11/inline_assembly_contract.sol#L4-L18) uses assembly\n\t- [INLINE ASM](tests/detectors/assembly/0.6.11/inline_assembly_contract.sol#L5-L17)\n", |
||||
"id": "00e51f7f223289ebaad73cd6e77329b37ff5be360d9a682614cb6b72b8e3d9b4", |
||||
"check": "assembly", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,47 @@ |
||||
// taken from https://solidity.readthedocs.io/en/v0.4.25/assembly.html |
||||
|
||||
library VectorSum { |
||||
// This function is less efficient because the optimizer currently fails to |
||||
// remove the bounds checks in array access. |
||||
function sumSolidity(uint[] memory _data) public view returns (uint o_sum) { |
||||
for (uint i = 0; i < _data.length; ++i) |
||||
o_sum += _data[i]; |
||||
} |
||||
|
||||
// We know that we only access the array in bounds, so we can avoid the check. |
||||
// 0x20 needs to be added to an array because the first slot contains the |
||||
// array length. |
||||
function sumAsm(uint[] memory _data) public view returns (uint o_sum) { |
||||
for (uint i = 0; i < _data.length; ++i) { |
||||
assembly { |
||||
o_sum := add(o_sum, mload(add(add(_data, 0x20), mul(i, 0x20)))) |
||||
} |
||||
} |
||||
} |
||||
|
||||
// Same as above, but accomplish the entire code within inline assembly. |
||||
function sumPureAsm(uint[] memory _data) public view returns (uint o_sum) { |
||||
assembly { |
||||
// Load the length (first 32 bytes) |
||||
let len := mload(_data) |
||||
|
||||
// Skip over the length field. |
||||
// |
||||
// Keep temporary variable so it can be incremented in place. |
||||
// |
||||
// NOTE: incrementing _data would result in an unusable |
||||
// _data variable after this assembly block |
||||
let data := add(_data, 0x20) |
||||
|
||||
// Iterate until the bound is not met. |
||||
for |
||||
{ let end := add(data, len) } |
||||
lt(data, end) |
||||
{ data := add(data, 0x20) } |
||||
{ |
||||
o_sum := add(o_sum, mload(data)) |
||||
} |
||||
} |
||||
} |
||||
} |
||||
|
||||
@ -0,0 +1,470 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "sumAsm", |
||||
"source_mapping": { |
||||
"start": 574, |
||||
"length": 254, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "VectorSum", |
||||
"source_mapping": { |
||||
"start": 72, |
||||
"length": 1602, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "sumAsm(uint256[])" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "", |
||||
"source_mapping": { |
||||
"start": 708, |
||||
"length": 104, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
16, |
||||
17, |
||||
18 |
||||
], |
||||
"starting_column": 13, |
||||
"ending_column": 14 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "sumAsm", |
||||
"source_mapping": { |
||||
"start": 574, |
||||
"length": 254, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "VectorSum", |
||||
"source_mapping": { |
||||
"start": 72, |
||||
"length": 1602, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "sumAsm(uint256[])" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "VectorSum.sumAsm(uint256[]) (tests/detectors/assembly/0.6.11/inline_assembly_library.sol#14-20) uses assembly\n\t- INLINE ASM (tests/detectors/assembly/0.6.11/inline_assembly_library.sol#16-18)\n", |
||||
"markdown": "[VectorSum.sumAsm(uint256[])](tests/detectors/assembly/0.6.11/inline_assembly_library.sol#L14-L20) uses assembly\n\t- [INLINE ASM](tests/detectors/assembly/0.6.11/inline_assembly_library.sol#L16-L18)\n", |
||||
"id": "a8d71513166310212c49c4edecbdf8fbc3040b1cb5b5756f0ad1971ae7d4cdb1", |
||||
"check": "assembly", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "sumPureAsm", |
||||
"source_mapping": { |
||||
"start": 911, |
||||
"length": 761, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "VectorSum", |
||||
"source_mapping": { |
||||
"start": 72, |
||||
"length": 1602, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "sumPureAsm(uint256[])" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "", |
||||
"source_mapping": { |
||||
"start": 995, |
||||
"length": 671, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 10 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "sumPureAsm", |
||||
"source_mapping": { |
||||
"start": 911, |
||||
"length": 761, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "VectorSum", |
||||
"source_mapping": { |
||||
"start": 72, |
||||
"length": 1602, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.6.11/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "sumPureAsm(uint256[])" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "VectorSum.sumPureAsm(uint256[]) (tests/detectors/assembly/0.6.11/inline_assembly_library.sol#23-45) uses assembly\n\t- INLINE ASM (tests/detectors/assembly/0.6.11/inline_assembly_library.sol#24-44)\n", |
||||
"markdown": "[VectorSum.sumPureAsm(uint256[])](tests/detectors/assembly/0.6.11/inline_assembly_library.sol#L23-L45) uses assembly\n\t- [INLINE ASM](tests/detectors/assembly/0.6.11/inline_assembly_library.sol#L24-L44)\n", |
||||
"id": "5964c7440a9efb78bf78544bcdc60c789e3d9dff73438108bcb07ac98d60876a", |
||||
"check": "assembly", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,20 @@ |
||||
// taken from https://solidity.readthedocs.io/en/v0.4.25/assembly.html |
||||
|
||||
library GetCode { |
||||
function at(address _addr) public view returns (bytes memory o_code) { |
||||
assembly { |
||||
// retrieve the size of the code, this needs assembly |
||||
let size := extcodesize(_addr) |
||||
// allocate output byte array - this could also be done without assembly |
||||
// by using o_code = new bytes(size) |
||||
o_code := mload(0x40) |
||||
// new "memory end" including padding |
||||
mstore(0x40, add(o_code, and(add(add(size, 0x20), 0x1f), not(0x1f)))) |
||||
// store length in memory |
||||
mstore(o_code, size) |
||||
// actually retrieve the code, this needs assembly |
||||
extcodecopy(_addr, add(o_code, 0x20), 0, size) |
||||
} |
||||
} |
||||
} |
||||
|
||||
@ -0,0 +1,184 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "at", |
||||
"source_mapping": { |
||||
"start": 94, |
||||
"length": 707, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_contract.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_contract.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "GetCode", |
||||
"source_mapping": { |
||||
"start": 72, |
||||
"length": 731, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_contract.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_contract.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "at(address)" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "", |
||||
"source_mapping": { |
||||
"start": 173, |
||||
"length": 622, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_contract.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_contract.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 10 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "at", |
||||
"source_mapping": { |
||||
"start": 94, |
||||
"length": 707, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_contract.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_contract.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "GetCode", |
||||
"source_mapping": { |
||||
"start": 72, |
||||
"length": 731, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_contract.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_contract.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "at(address)" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "GetCode.at(address) (tests/detectors/assembly/0.7.6/inline_assembly_contract.sol#4-18) uses assembly\n\t- INLINE ASM (tests/detectors/assembly/0.7.6/inline_assembly_contract.sol#5-17)\n", |
||||
"markdown": "[GetCode.at(address)](tests/detectors/assembly/0.7.6/inline_assembly_contract.sol#L4-L18) uses assembly\n\t- [INLINE ASM](tests/detectors/assembly/0.7.6/inline_assembly_contract.sol#L5-L17)\n", |
||||
"id": "3b2ace4ab64f4fdd4436ae22d38a7db3efe8d2b65dca270af7fb18f281323670", |
||||
"check": "assembly", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,47 @@ |
||||
// taken from https://solidity.readthedocs.io/en/v0.4.25/assembly.html |
||||
|
||||
library VectorSum { |
||||
// This function is less efficient because the optimizer currently fails to |
||||
// remove the bounds checks in array access. |
||||
function sumSolidity(uint[] memory _data) public view returns (uint o_sum) { |
||||
for (uint i = 0; i < _data.length; ++i) |
||||
o_sum += _data[i]; |
||||
} |
||||
|
||||
// We know that we only access the array in bounds, so we can avoid the check. |
||||
// 0x20 needs to be added to an array because the first slot contains the |
||||
// array length. |
||||
function sumAsm(uint[] memory _data) public view returns (uint o_sum) { |
||||
for (uint i = 0; i < _data.length; ++i) { |
||||
assembly { |
||||
o_sum := add(o_sum, mload(add(add(_data, 0x20), mul(i, 0x20)))) |
||||
} |
||||
} |
||||
} |
||||
|
||||
// Same as above, but accomplish the entire code within inline assembly. |
||||
function sumPureAsm(uint[] memory _data) public view returns (uint o_sum) { |
||||
assembly { |
||||
// Load the length (first 32 bytes) |
||||
let len := mload(_data) |
||||
|
||||
// Skip over the length field. |
||||
// |
||||
// Keep temporary variable so it can be incremented in place. |
||||
// |
||||
// NOTE: incrementing _data would result in an unusable |
||||
// _data variable after this assembly block |
||||
let data := add(_data, 0x20) |
||||
|
||||
// Iterate until the bound is not met. |
||||
for |
||||
{ let end := add(data, len) } |
||||
lt(data, end) |
||||
{ data := add(data, 0x20) } |
||||
{ |
||||
o_sum := add(o_sum, mload(data)) |
||||
} |
||||
} |
||||
} |
||||
} |
||||
|
||||
@ -0,0 +1,470 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "sumAsm", |
||||
"source_mapping": { |
||||
"start": 574, |
||||
"length": 254, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "VectorSum", |
||||
"source_mapping": { |
||||
"start": 72, |
||||
"length": 1602, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "sumAsm(uint256[])" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "", |
||||
"source_mapping": { |
||||
"start": 708, |
||||
"length": 104, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
16, |
||||
17, |
||||
18 |
||||
], |
||||
"starting_column": 13, |
||||
"ending_column": 14 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "sumAsm", |
||||
"source_mapping": { |
||||
"start": 574, |
||||
"length": 254, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "VectorSum", |
||||
"source_mapping": { |
||||
"start": 72, |
||||
"length": 1602, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "sumAsm(uint256[])" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "VectorSum.sumAsm(uint256[]) (tests/detectors/assembly/0.7.6/inline_assembly_library.sol#14-20) uses assembly\n\t- INLINE ASM (tests/detectors/assembly/0.7.6/inline_assembly_library.sol#16-18)\n", |
||||
"markdown": "[VectorSum.sumAsm(uint256[])](tests/detectors/assembly/0.7.6/inline_assembly_library.sol#L14-L20) uses assembly\n\t- [INLINE ASM](tests/detectors/assembly/0.7.6/inline_assembly_library.sol#L16-L18)\n", |
||||
"id": "a83582beb2c0460617fa82fbdfc38a050004e285749b17141b63e8051062248b", |
||||
"check": "assembly", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "sumPureAsm", |
||||
"source_mapping": { |
||||
"start": 911, |
||||
"length": 761, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "VectorSum", |
||||
"source_mapping": { |
||||
"start": 72, |
||||
"length": 1602, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "sumPureAsm(uint256[])" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "", |
||||
"source_mapping": { |
||||
"start": 995, |
||||
"length": 671, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 10 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "sumPureAsm", |
||||
"source_mapping": { |
||||
"start": 911, |
||||
"length": 761, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "VectorSum", |
||||
"source_mapping": { |
||||
"start": 72, |
||||
"length": 1602, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assembly/0.7.6/inline_assembly_library.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "sumPureAsm(uint256[])" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "VectorSum.sumPureAsm(uint256[]) (tests/detectors/assembly/0.7.6/inline_assembly_library.sol#23-45) uses assembly\n\t- INLINE ASM (tests/detectors/assembly/0.7.6/inline_assembly_library.sol#24-44)\n", |
||||
"markdown": "[VectorSum.sumPureAsm(uint256[])](tests/detectors/assembly/0.7.6/inline_assembly_library.sol#L23-L45) uses assembly\n\t- [INLINE ASM](tests/detectors/assembly/0.7.6/inline_assembly_library.sol#L24-L44)\n", |
||||
"id": "5cafb3e9d7d87c17203cf2c296eeec7de6b774b2a8d71908f8cfc9b8d916cb4b", |
||||
"check": "assembly", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,568 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad0", |
||||
"source_mapping": { |
||||
"start": 77, |
||||
"length": 57, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
6, |
||||
7, |
||||
8 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad0()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "assert(bool)((s_a += 1) > 10)", |
||||
"source_mapping": { |
||||
"start": 106, |
||||
"length": 23, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
7 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 28 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad0", |
||||
"source_mapping": { |
||||
"start": 77, |
||||
"length": 57, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
6, |
||||
7, |
||||
8 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad0()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.bad0() (tests/detectors/assert-state-change/0.4.25/assert_state_change.sol#6-8) has an assert() call which possibly changes state.\n\t-assert(bool)((s_a += 1) > 10) (tests/detectors/assert-state-change/0.4.25/assert_state_change.sol#7)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"markdown": "[A.bad0()](tests/detectors/assert-state-change/0.4.25/assert_state_change.sol#L6-L8) has an assert() call which possibly changes state.\n\t-[assert(bool)((s_a += 1) > 10)](tests/detectors/assert-state-change/0.4.25/assert_state_change.sol#L7)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"id": "a01104ede08ddc5107a2d63d851930d477642029aeef70d6cb44eb2a640b282a", |
||||
"check": "assert-state-change", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 186, |
||||
"length": 66, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad1(uint256)" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "assert(bool)((s_a += a) > 10)", |
||||
"source_mapping": { |
||||
"start": 224, |
||||
"length": 23, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
12 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 28 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 186, |
||||
"length": 66, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad1(uint256)" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.bad1(uint256) (tests/detectors/assert-state-change/0.4.25/assert_state_change.sol#11-13) has an assert() call which possibly changes state.\n\t-assert(bool)((s_a += a) > 10) (tests/detectors/assert-state-change/0.4.25/assert_state_change.sol#12)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"markdown": "[A.bad1(uint256)](tests/detectors/assert-state-change/0.4.25/assert_state_change.sol#L11-L13) has an assert() call which possibly changes state.\n\t-[assert(bool)((s_a += a) > 10)](tests/detectors/assert-state-change/0.4.25/assert_state_change.sol#L12)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"id": "849934acf882563bb79caed681f16909f03795bbbbe8338455d104d66a52314c", |
||||
"check": "assert-state-change", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad2", |
||||
"source_mapping": { |
||||
"start": 398, |
||||
"length": 55, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad2()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "assert(bool)(bad2_callee())", |
||||
"source_mapping": { |
||||
"start": 427, |
||||
"length": 21, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
20 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 26 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad2", |
||||
"source_mapping": { |
||||
"start": 398, |
||||
"length": 55, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.4.25/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad2()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.bad2() (tests/detectors/assert-state-change/0.4.25/assert_state_change.sol#19-21) has an assert() call which possibly changes state.\n\t-assert(bool)(bad2_callee()) (tests/detectors/assert-state-change/0.4.25/assert_state_change.sol#20)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"markdown": "[A.bad2()](tests/detectors/assert-state-change/0.4.25/assert_state_change.sol#L19-L21) has an assert() call which possibly changes state.\n\t-[assert(bool)(bad2_callee())](tests/detectors/assert-state-change/0.4.25/assert_state_change.sol#L20)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"id": "47c8c39b084f8d339822d44f892cb049c1a3834f52fd48d2dcef80bac56996a3", |
||||
"check": "assert-state-change", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,39 @@ |
||||
contract A { |
||||
|
||||
uint s_a; |
||||
|
||||
/* Direct state change in assert is NOT ok */ |
||||
function bad0() public { |
||||
assert((s_a += 1) > 10); |
||||
} |
||||
|
||||
/* Direct state change in assert is NOT ok */ |
||||
function bad1(uint256 a) public { |
||||
assert((s_a += a) > 10); |
||||
} |
||||
|
||||
/* State change via functions calls in assert is NOT ok */ |
||||
function bad2_callee() public returns (bool) { |
||||
return (s_a += 1) > 10; |
||||
} |
||||
function bad2() public { |
||||
assert(bad2_callee()); |
||||
} |
||||
|
||||
|
||||
/* Parameter use is ok */ |
||||
function good0(uint256 a) public { |
||||
assert(a > 10); |
||||
} |
||||
|
||||
/* Parameter change is ok */ |
||||
function good1(uint256 a) public { |
||||
assert((a += 1) > 10); |
||||
} |
||||
|
||||
/* State change in require is ok */ |
||||
function good2(uint256 a) public { |
||||
require(a == (s_a += 1)); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,568 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad0", |
||||
"source_mapping": { |
||||
"start": 77, |
||||
"length": 57, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
6, |
||||
7, |
||||
8 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad0()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "assert(bool)((s_a += 1) > 10)", |
||||
"source_mapping": { |
||||
"start": 106, |
||||
"length": 23, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
7 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 28 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad0", |
||||
"source_mapping": { |
||||
"start": 77, |
||||
"length": 57, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
6, |
||||
7, |
||||
8 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad0()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.bad0() (tests/detectors/assert-state-change/0.5.16/assert_state_change.sol#6-8) has an assert() call which possibly changes state.\n\t-assert(bool)((s_a += 1) > 10) (tests/detectors/assert-state-change/0.5.16/assert_state_change.sol#7)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"markdown": "[A.bad0()](tests/detectors/assert-state-change/0.5.16/assert_state_change.sol#L6-L8) has an assert() call which possibly changes state.\n\t-[assert(bool)((s_a += 1) > 10)](tests/detectors/assert-state-change/0.5.16/assert_state_change.sol#L7)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"id": "ed7344e23d057576887c7e524b215bd0b52464ce035f686bab51b271460e43a0", |
||||
"check": "assert-state-change", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 186, |
||||
"length": 66, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad1(uint256)" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "assert(bool)((s_a += a) > 10)", |
||||
"source_mapping": { |
||||
"start": 224, |
||||
"length": 23, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
12 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 28 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 186, |
||||
"length": 66, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad1(uint256)" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.bad1(uint256) (tests/detectors/assert-state-change/0.5.16/assert_state_change.sol#11-13) has an assert() call which possibly changes state.\n\t-assert(bool)((s_a += a) > 10) (tests/detectors/assert-state-change/0.5.16/assert_state_change.sol#12)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"markdown": "[A.bad1(uint256)](tests/detectors/assert-state-change/0.5.16/assert_state_change.sol#L11-L13) has an assert() call which possibly changes state.\n\t-[assert(bool)((s_a += a) > 10)](tests/detectors/assert-state-change/0.5.16/assert_state_change.sol#L12)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"id": "ea912d34e8adabfd2ce93ecd5723df8d2e7ebec7e66de5fc56f3304c780488b3", |
||||
"check": "assert-state-change", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad2", |
||||
"source_mapping": { |
||||
"start": 398, |
||||
"length": 55, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad2()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "assert(bool)(bad2_callee())", |
||||
"source_mapping": { |
||||
"start": 427, |
||||
"length": 21, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
20 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 26 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad2", |
||||
"source_mapping": { |
||||
"start": 398, |
||||
"length": 55, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.5.16/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad2()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.bad2() (tests/detectors/assert-state-change/0.5.16/assert_state_change.sol#19-21) has an assert() call which possibly changes state.\n\t-assert(bool)(bad2_callee()) (tests/detectors/assert-state-change/0.5.16/assert_state_change.sol#20)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"markdown": "[A.bad2()](tests/detectors/assert-state-change/0.5.16/assert_state_change.sol#L19-L21) has an assert() call which possibly changes state.\n\t-[assert(bool)(bad2_callee())](tests/detectors/assert-state-change/0.5.16/assert_state_change.sol#L20)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"id": "feb1fef411c094fe2d2dac33e4932217dd550b8a89548417ef8a4da2fe99eea2", |
||||
"check": "assert-state-change", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,39 @@ |
||||
contract A { |
||||
|
||||
uint s_a; |
||||
|
||||
/* Direct state change in assert is NOT ok */ |
||||
function bad0() public { |
||||
assert((s_a += 1) > 10); |
||||
} |
||||
|
||||
/* Direct state change in assert is NOT ok */ |
||||
function bad1(uint256 a) public { |
||||
assert((s_a += a) > 10); |
||||
} |
||||
|
||||
/* State change via functions calls in assert is NOT ok */ |
||||
function bad2_callee() public returns (bool) { |
||||
return (s_a += 1) > 10; |
||||
} |
||||
function bad2() public { |
||||
assert(bad2_callee()); |
||||
} |
||||
|
||||
|
||||
/* Parameter use is ok */ |
||||
function good0(uint256 a) public { |
||||
assert(a > 10); |
||||
} |
||||
|
||||
/* Parameter change is ok */ |
||||
function good1(uint256 a) public { |
||||
assert((a += 1) > 10); |
||||
} |
||||
|
||||
/* State change in require is ok */ |
||||
function good2(uint256 a) public { |
||||
require(a == (s_a += 1)); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,568 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad0", |
||||
"source_mapping": { |
||||
"start": 77, |
||||
"length": 57, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
6, |
||||
7, |
||||
8 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad0()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "assert(bool)((s_a += 1) > 10)", |
||||
"source_mapping": { |
||||
"start": 106, |
||||
"length": 23, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
7 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 28 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad0", |
||||
"source_mapping": { |
||||
"start": 77, |
||||
"length": 57, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
6, |
||||
7, |
||||
8 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad0()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.bad0() (tests/detectors/assert-state-change/0.6.11/assert_state_change.sol#6-8) has an assert() call which possibly changes state.\n\t-assert(bool)((s_a += 1) > 10) (tests/detectors/assert-state-change/0.6.11/assert_state_change.sol#7)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"markdown": "[A.bad0()](tests/detectors/assert-state-change/0.6.11/assert_state_change.sol#L6-L8) has an assert() call which possibly changes state.\n\t-[assert(bool)((s_a += 1) > 10)](tests/detectors/assert-state-change/0.6.11/assert_state_change.sol#L7)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"id": "5b8574d24925d841b9f041ba70166cc219ea6bcdd06c27d2f570740722b38380", |
||||
"check": "assert-state-change", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 186, |
||||
"length": 66, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad1(uint256)" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "assert(bool)((s_a += a) > 10)", |
||||
"source_mapping": { |
||||
"start": 224, |
||||
"length": 23, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
12 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 28 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 186, |
||||
"length": 66, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad1(uint256)" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.bad1(uint256) (tests/detectors/assert-state-change/0.6.11/assert_state_change.sol#11-13) has an assert() call which possibly changes state.\n\t-assert(bool)((s_a += a) > 10) (tests/detectors/assert-state-change/0.6.11/assert_state_change.sol#12)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"markdown": "[A.bad1(uint256)](tests/detectors/assert-state-change/0.6.11/assert_state_change.sol#L11-L13) has an assert() call which possibly changes state.\n\t-[assert(bool)((s_a += a) > 10)](tests/detectors/assert-state-change/0.6.11/assert_state_change.sol#L12)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"id": "c27ede68d9d7c6159032f3aef6bf9fa491390317da33307fa783a93c1b675bd7", |
||||
"check": "assert-state-change", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad2", |
||||
"source_mapping": { |
||||
"start": 398, |
||||
"length": 55, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad2()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "assert(bool)(bad2_callee())", |
||||
"source_mapping": { |
||||
"start": 427, |
||||
"length": 21, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
20 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 26 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad2", |
||||
"source_mapping": { |
||||
"start": 398, |
||||
"length": 55, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 3, |
||||
"ending_column": 4 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 759, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/assert-state-change/0.6.11/assert_state_change.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad2()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.bad2() (tests/detectors/assert-state-change/0.6.11/assert_state_change.sol#19-21) has an assert() call which possibly changes state.\n\t-assert(bool)(bad2_callee()) (tests/detectors/assert-state-change/0.6.11/assert_state_change.sol#20)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"markdown": "[A.bad2()](tests/detectors/assert-state-change/0.6.11/assert_state_change.sol#L19-L21) has an assert() call which possibly changes state.\n\t-[assert(bool)(bad2_callee())](tests/detectors/assert-state-change/0.6.11/assert_state_change.sol#L20)\nConsider using require() or change the invariant to not modify the state.\n", |
||||
"id": "6f4b2360043bf3035cc152b583d3462d8cc98e91de8577091fe3a0af569d5285", |
||||
"check": "assert-state-change", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,39 @@ |
||||
contract A { |
||||
|
||||
uint s_a; |
||||
|
||||
/* Direct state change in assert is NOT ok */ |
||||
function bad0() public { |
||||
assert((s_a += 1) > 10); |
||||
} |
||||
|
||||
/* Direct state change in assert is NOT ok */ |
||||
function bad1(uint256 a) public { |
||||
assert((s_a += a) > 10); |
||||
} |
||||
|
||||
/* State change via functions calls in assert is NOT ok */ |
||||
function bad2_callee() public returns (bool) { |
||||
return (s_a += 1) > 10; |
||||
} |
||||
function bad2() public { |
||||
assert(bad2_callee()); |
||||
} |
||||
|
||||
|
||||
/* Parameter use is ok */ |
||||
function good0(uint256 a) public { |
||||
assert(a > 10); |
||||
} |
||||
|
||||
/* Parameter change is ok */ |
||||
function good1(uint256 a) public { |
||||
assert((a += 1) > 10); |
||||
} |
||||
|
||||
/* State change in require is ok */ |
||||
function good2(uint256 a) public { |
||||
require(a == (s_a += 1)); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,8 @@ |
||||
|
||||
contract C{ |
||||
|
||||
function i_am_a_backdoor() public{ |
||||
selfdestruct(msg.sender); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,61 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "i_am_a_backdoor", |
||||
"source_mapping": { |
||||
"start": 18, |
||||
"length": 74, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/backdoor/0.5.16/backdoor.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/backdoor/0.5.16/backdoor.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
4, |
||||
5, |
||||
6 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "C", |
||||
"source_mapping": { |
||||
"start": 1, |
||||
"length": 94, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/backdoor/0.5.16/backdoor.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/backdoor/0.5.16/backdoor.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "i_am_a_backdoor()" |
||||
} |
||||
} |
||||
], |
||||
"description": "Backdoor function found in C.i_am_a_backdoor() (tests/detectors/backdoor/0.5.16/backdoor.sol#4-6)\n", |
||||
"markdown": "Backdoor function found in [C.i_am_a_backdoor()](tests/detectors/backdoor/0.5.16/backdoor.sol#L4-L6)\n", |
||||
"id": "8a9008f2f5cd23b34feb0235dcc30ecb8d09a10eff151b522939caead117ef7a", |
||||
"check": "backdoor", |
||||
"impact": "High", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,8 @@ |
||||
|
||||
contract C{ |
||||
|
||||
function i_am_a_backdoor() public{ |
||||
selfdestruct(msg.sender); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,61 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "i_am_a_backdoor", |
||||
"source_mapping": { |
||||
"start": 18, |
||||
"length": 74, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/backdoor/0.6.11/backdoor.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/backdoor/0.6.11/backdoor.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
4, |
||||
5, |
||||
6 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "C", |
||||
"source_mapping": { |
||||
"start": 1, |
||||
"length": 94, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/backdoor/0.6.11/backdoor.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/backdoor/0.6.11/backdoor.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "i_am_a_backdoor()" |
||||
} |
||||
} |
||||
], |
||||
"description": "Backdoor function found in C.i_am_a_backdoor() (tests/detectors/backdoor/0.6.11/backdoor.sol#4-6)\n", |
||||
"markdown": "Backdoor function found in [C.i_am_a_backdoor()](tests/detectors/backdoor/0.6.11/backdoor.sol#L4-L6)\n", |
||||
"id": "8a9008f2f5cd23b34feb0235dcc30ecb8d09a10eff151b522939caead117ef7a", |
||||
"check": "backdoor", |
||||
"impact": "High", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,8 @@ |
||||
|
||||
contract C{ |
||||
|
||||
function i_am_a_backdoor() public{ |
||||
selfdestruct(msg.sender); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,27 @@ |
||||
contract MyConc { |
||||
function bad0(bool foo) public pure returns (bool) { |
||||
if (foo) { |
||||
return true; |
||||
} |
||||
} |
||||
function bad1(bool b) public pure returns (bool) { |
||||
return (b == true); |
||||
} |
||||
|
||||
function bad2(bool x, uint8 y) public pure returns (bool) { |
||||
if (x == (y > 0)) { |
||||
return true; |
||||
} |
||||
} |
||||
|
||||
function bad3() public pure returns (bool) { |
||||
uint256 a; |
||||
if (a == 10) { |
||||
return true; |
||||
} |
||||
} |
||||
|
||||
function good(uint8 a) public pure returns (bool) { |
||||
return a >= 1; |
||||
} |
||||
} |
||||
@ -0,0 +1,170 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 139, |
||||
"length": 84, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
7, |
||||
8, |
||||
9 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 578, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 0 |
||||
} |
||||
}, |
||||
"signature": "bad1(bool)" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "(b == true)", |
||||
"source_mapping": { |
||||
"start": 198, |
||||
"length": 18, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
8 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 27 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 139, |
||||
"length": 84, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
7, |
||||
8, |
||||
9 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 578, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 0 |
||||
} |
||||
}, |
||||
"signature": "bad1(bool)" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "MyConc.bad1(bool) (tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol#7-9) compares to a boolean constant:\n\t-(b == true) (tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol#8)\n", |
||||
"markdown": "[MyConc.bad1(bool)](tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol#L7-L9) compares to a boolean constant:\n\t-[(b == true)](tests/detectors/boolean-constant-equality/0.5.16/boolean-constant-equality.sol#L8)\n", |
||||
"id": "55f3ed7ce9767b07a34113bd35c34e61c20eb8ec35174086cdfea6c0063bd946", |
||||
"check": "boolean-equal", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,27 @@ |
||||
contract MyConc { |
||||
function bad0(bool foo) public pure returns (bool) { |
||||
if (foo) { |
||||
return true; |
||||
} |
||||
} |
||||
function bad1(bool b) public pure returns (bool) { |
||||
return (b == true); |
||||
} |
||||
|
||||
function bad2(bool x, uint8 y) public pure returns (bool) { |
||||
if (x == (y > 0)) { |
||||
return true; |
||||
} |
||||
} |
||||
|
||||
function bad3() public pure returns (bool) { |
||||
uint256 a; |
||||
if (a == 10) { |
||||
return true; |
||||
} |
||||
} |
||||
|
||||
function good(uint8 a) public pure returns (bool) { |
||||
return a >= 1; |
||||
} |
||||
} |
||||
@ -0,0 +1,170 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 139, |
||||
"length": 84, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
7, |
||||
8, |
||||
9 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 578, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 0 |
||||
} |
||||
}, |
||||
"signature": "bad1(bool)" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "(b == true)", |
||||
"source_mapping": { |
||||
"start": 198, |
||||
"length": 18, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
8 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 27 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 139, |
||||
"length": 84, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
7, |
||||
8, |
||||
9 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 578, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 0 |
||||
} |
||||
}, |
||||
"signature": "bad1(bool)" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "MyConc.bad1(bool) (tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol#7-9) compares to a boolean constant:\n\t-(b == true) (tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol#8)\n", |
||||
"markdown": "[MyConc.bad1(bool)](tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol#L7-L9) compares to a boolean constant:\n\t-[(b == true)](tests/detectors/boolean-constant-equality/0.6.11/boolean-constant-equality.sol#L8)\n", |
||||
"id": "c51b5452fc3e68aff071a2c4ab0963cbbb1b55871b53c0131c11d4cf8abd046f", |
||||
"check": "boolean-equal", |
||||
"impact": "Informational", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,27 @@ |
||||
contract MyConc { |
||||
function bad0(bool foo) public pure returns (bool) { |
||||
if (foo) { |
||||
return true; |
||||
} |
||||
} |
||||
function bad1(bool b) public pure returns (bool) { |
||||
return (b == true); |
||||
} |
||||
|
||||
function bad2(bool x, uint8 y) public pure returns (bool) { |
||||
if (x == (y > 0)) { |
||||
return true; |
||||
} |
||||
} |
||||
|
||||
function bad3() public pure returns (bool) { |
||||
uint256 a; |
||||
if (a == 10) { |
||||
return true; |
||||
} |
||||
} |
||||
|
||||
function good(uint8 a) public pure returns (bool) { |
||||
return a >= 1; |
||||
} |
||||
} |
||||
@ -0,0 +1,208 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 162, |
||||
"length": 84, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
9, |
||||
10, |
||||
11 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 923, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46, |
||||
47 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 0 |
||||
} |
||||
}, |
||||
"signature": "bad1(bool)" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "(b || true)", |
||||
"source_mapping": { |
||||
"start": 221, |
||||
"length": 18, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
10 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 27 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 162, |
||||
"length": 84, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
9, |
||||
10, |
||||
11 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 923, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46, |
||||
47 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 0 |
||||
} |
||||
}, |
||||
"signature": "bad1(bool)" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "MyConc.bad1(bool) (tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol#9-11) uses a Boolean constant improperly:\n\t-(b || true) (tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol#10)\n", |
||||
"markdown": "[MyConc.bad1(bool)](tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol#L9-L11) uses a Boolean constant improperly:\n\t-[(b || true)](tests/detectors/boolean-constant-misuse/0.4.25/boolean-constant-misuse.sol#L10)\n", |
||||
"id": "c8c323396d19d9ddfd97f18ed731c7f07bb1cc030c198c830b595a770aeb26c2", |
||||
"check": "boolean-cst", |
||||
"impact": "Medium", |
||||
"confidence": "Medium" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,46 @@ |
||||
contract MyConc { |
||||
function bad0(bool foo) public pure returns (bool) { |
||||
if (foo) { |
||||
return true; |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
function bad1(bool b) public pure returns (bool) { |
||||
return (b || true); |
||||
} |
||||
|
||||
function bad2(bool x, uint8 y) public pure returns (bool) { |
||||
while (x == (y > 0)) { |
||||
return true; |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
function bad3(bool a) public pure returns (bool) { |
||||
uint256 b = 0; |
||||
while (a) { |
||||
b++; |
||||
} |
||||
return true; |
||||
} |
||||
|
||||
function bad4() public pure returns (bool) { |
||||
uint256 b = 0; |
||||
while (true) { |
||||
b++; |
||||
} |
||||
return true; |
||||
} |
||||
|
||||
function bad5() public pure returns (bool) { |
||||
while (true) { |
||||
return true; |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
function good() public pure returns (bool) { |
||||
return true; |
||||
} |
||||
} |
||||
@ -0,0 +1,208 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 162, |
||||
"length": 84, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
9, |
||||
10, |
||||
11 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 923, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46, |
||||
47 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 0 |
||||
} |
||||
}, |
||||
"signature": "bad1(bool)" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "(b || true)", |
||||
"source_mapping": { |
||||
"start": 221, |
||||
"length": 18, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
10 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 27 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 162, |
||||
"length": 84, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
9, |
||||
10, |
||||
11 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 923, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46, |
||||
47 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 0 |
||||
} |
||||
}, |
||||
"signature": "bad1(bool)" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "MyConc.bad1(bool) (tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol#9-11) uses a Boolean constant improperly:\n\t-(b || true) (tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol#10)\n", |
||||
"markdown": "[MyConc.bad1(bool)](tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol#L9-L11) uses a Boolean constant improperly:\n\t-[(b || true)](tests/detectors/boolean-constant-misuse/0.5.16/boolean-constant-misuse.sol#L10)\n", |
||||
"id": "f6ceb7e0651a96a88da265b955956fb4a3878f1491c81cf6bc8e433b5006e6aa", |
||||
"check": "boolean-cst", |
||||
"impact": "Medium", |
||||
"confidence": "Medium" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,46 @@ |
||||
contract MyConc { |
||||
function bad0(bool foo) public pure returns (bool) { |
||||
if (foo) { |
||||
return true; |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
function bad1(bool b) public pure returns (bool) { |
||||
return (b || true); |
||||
} |
||||
|
||||
function bad2(bool x, uint8 y) public pure returns (bool) { |
||||
while (x == (y > 0)) { |
||||
return true; |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
function bad3(bool a) public pure returns (bool) { |
||||
uint256 b = 0; |
||||
while (a) { |
||||
b++; |
||||
} |
||||
return true; |
||||
} |
||||
|
||||
function bad4() public pure returns (bool) { |
||||
uint256 b = 0; |
||||
while (true) { |
||||
b++; |
||||
} |
||||
return true; |
||||
} |
||||
|
||||
function bad5() public pure returns (bool) { |
||||
while (true) { |
||||
return true; |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
function good() public pure returns (bool) { |
||||
return true; |
||||
} |
||||
} |
||||
@ -0,0 +1,208 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 162, |
||||
"length": 84, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
9, |
||||
10, |
||||
11 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 923, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46, |
||||
47 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 0 |
||||
} |
||||
}, |
||||
"signature": "bad1(bool)" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "(b || true)", |
||||
"source_mapping": { |
||||
"start": 221, |
||||
"length": 18, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
10 |
||||
], |
||||
"starting_column": 9, |
||||
"ending_column": 27 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad1", |
||||
"source_mapping": { |
||||
"start": 162, |
||||
"length": 84, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
9, |
||||
10, |
||||
11 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 923, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21, |
||||
22, |
||||
23, |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37, |
||||
38, |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46, |
||||
47 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 0 |
||||
} |
||||
}, |
||||
"signature": "bad1(bool)" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "MyConc.bad1(bool) (tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol#9-11) uses a Boolean constant improperly:\n\t-(b || true) (tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol#10)\n", |
||||
"markdown": "[MyConc.bad1(bool)](tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol#L9-L11) uses a Boolean constant improperly:\n\t-[(b || true)](tests/detectors/boolean-constant-misuse/0.6.11/boolean-constant-misuse.sol#L10)\n", |
||||
"id": "0b2599e627a1163a49a4113426fe385f5987d7e247cdbe8e2d9b39988b95478a", |
||||
"check": "boolean-cst", |
||||
"impact": "Medium", |
||||
"confidence": "Medium" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,46 @@ |
||||
contract MyConc { |
||||
function bad0(bool foo) public pure returns (bool) { |
||||
if (foo) { |
||||
return true; |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
function bad1(bool b) public pure returns (bool) { |
||||
return (b || true); |
||||
} |
||||
|
||||
function bad2(bool x, uint8 y) public pure returns (bool) { |
||||
while (x == (y > 0)) { |
||||
return true; |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
function bad3(bool a) public pure returns (bool) { |
||||
uint256 b = 0; |
||||
while (a) { |
||||
b++; |
||||
} |
||||
return true; |
||||
} |
||||
|
||||
function bad4() public pure returns (bool) { |
||||
uint256 b = 0; |
||||
while (true) { |
||||
b++; |
||||
} |
||||
return true; |
||||
} |
||||
|
||||
function bad5() public pure returns (bool) { |
||||
while (true) { |
||||
return true; |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
function good() public pure returns (bool) { |
||||
return true; |
||||
} |
||||
} |
||||
@ -0,0 +1,15 @@ |
||||
contract CallInLoop{ |
||||
|
||||
address[] destinations; |
||||
|
||||
constructor(address[] memory newDestinations) public{ |
||||
destinations = newDestinations; |
||||
} |
||||
|
||||
function bad() external{ |
||||
for (uint i=0; i < destinations.length; i++){ |
||||
address(uint160(destinations[i])).transfer(i); |
||||
} |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,148 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad", |
||||
"source_mapping": { |
||||
"start": 160, |
||||
"length": 153, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "CallInLoop", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 316, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "address(uint160(destinations[i])).transfer(i)", |
||||
"source_mapping": { |
||||
"start": 251, |
||||
"length": 45, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11 |
||||
], |
||||
"starting_column": 13, |
||||
"ending_column": 58 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad", |
||||
"source_mapping": { |
||||
"start": 160, |
||||
"length": 153, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "CallInLoop", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 316, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "CallInLoop.bad() (tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: address(uint160(destinations[i])).transfer(i) (tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#11)\n", |
||||
"markdown": "[CallInLoop.bad()](tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L9-L13) has external calls inside a loop: [address(uint160(destinations[i])).transfer(i)](tests/detectors/calls-loop/0.5.16/multiple_calls_in_loop.sol#L11)\n", |
||||
"id": "47b82a76ee810d93f014f425eefea8adbb806036dfee401a9883b1aa3ca85c44", |
||||
"check": "calls-loop", |
||||
"impact": "Low", |
||||
"confidence": "Medium" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,15 @@ |
||||
contract CallInLoop{ |
||||
|
||||
address[] destinations; |
||||
|
||||
constructor(address[] memory newDestinations) public{ |
||||
destinations = newDestinations; |
||||
} |
||||
|
||||
function bad() external{ |
||||
for (uint i=0; i < destinations.length; i++){ |
||||
address(uint160(destinations[i])).transfer(i); |
||||
} |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,148 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad", |
||||
"source_mapping": { |
||||
"start": 160, |
||||
"length": 153, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "CallInLoop", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 316, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "address(uint160(destinations[i])).transfer(i)", |
||||
"source_mapping": { |
||||
"start": 251, |
||||
"length": 45, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11 |
||||
], |
||||
"starting_column": 13, |
||||
"ending_column": 58 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad", |
||||
"source_mapping": { |
||||
"start": 160, |
||||
"length": 153, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "CallInLoop", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 316, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "CallInLoop.bad() (tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: address(uint160(destinations[i])).transfer(i) (tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#11)\n", |
||||
"markdown": "[CallInLoop.bad()](tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L9-L13) has external calls inside a loop: [address(uint160(destinations[i])).transfer(i)](tests/detectors/calls-loop/0.6.11/multiple_calls_in_loop.sol#L11)\n", |
||||
"id": "f7fa2b373fe4eb9207d3ed267d99d7ca34ec7d786898816bc113c3e20079a411", |
||||
"check": "calls-loop", |
||||
"impact": "Low", |
||||
"confidence": "Medium" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,15 @@ |
||||
contract CallInLoop{ |
||||
|
||||
address[] destinations; |
||||
|
||||
constructor(address[] memory newDestinations) public{ |
||||
destinations = newDestinations; |
||||
} |
||||
|
||||
function bad() external{ |
||||
for (uint i=0; i < destinations.length; i++){ |
||||
address(uint160(destinations[i])).transfer(i); |
||||
} |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,148 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "function", |
||||
"name": "bad", |
||||
"source_mapping": { |
||||
"start": 160, |
||||
"length": 153, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "CallInLoop", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 316, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad()" |
||||
} |
||||
}, |
||||
{ |
||||
"type": "node", |
||||
"name": "address(uint160(destinations[i])).transfer(i)", |
||||
"source_mapping": { |
||||
"start": 251, |
||||
"length": 45, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
11 |
||||
], |
||||
"starting_column": 13, |
||||
"ending_column": 58 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "function", |
||||
"name": "bad", |
||||
"source_mapping": { |
||||
"start": 160, |
||||
"length": 153, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 6 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "CallInLoop", |
||||
"source_mapping": { |
||||
"start": 0, |
||||
"length": 316, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
1, |
||||
2, |
||||
3, |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
}, |
||||
"signature": "bad()" |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "CallInLoop.bad() (tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#9-13) has external calls inside a loop: address(uint160(destinations[i])).transfer(i) (tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#11)\n", |
||||
"markdown": "[CallInLoop.bad()](tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L9-L13) has external calls inside a loop: [address(uint160(destinations[i])).transfer(i)](tests/detectors/calls-loop/0.7.6/multiple_calls_in_loop.sol#L11)\n", |
||||
"id": "c06ed4f7f79cddc5fbc2f828500766cab0a6d18b262a0f8e9c227cef7e6607df", |
||||
"check": "calls-loop", |
||||
"impact": "Low", |
||||
"confidence": "Medium" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,52 @@ |
||||
//pragma solidity ^0.4.24; |
||||
|
||||
|
||||
contract A { |
||||
|
||||
address constant public MY_ADDRESS = 0xE0f5206BBD039e7b0592d8918820024e2a7437b9; |
||||
address public myFriendsAddress = 0xc0ffee254729296a45a3885639AC7E10F9d54979; |
||||
|
||||
uint public used; |
||||
uint public test = 5; |
||||
|
||||
uint constant X = 32**22 + 8; |
||||
string constant TEXT1 = "abc"; |
||||
string text2 = "xyz"; |
||||
|
||||
function setUsed() public { |
||||
if (msg.sender == MY_ADDRESS) { |
||||
used = test; |
||||
} |
||||
} |
||||
} |
||||
|
||||
|
||||
contract B is A { |
||||
|
||||
address public mySistersAddress = 0x999999cf1046e68e36E1aA2E0E07105eDDD1f08E; |
||||
|
||||
function () external { |
||||
used = 0; |
||||
} |
||||
|
||||
function setUsed(uint a) public { |
||||
if (msg.sender == MY_ADDRESS) { |
||||
used = a; |
||||
} |
||||
} |
||||
} |
||||
|
||||
contract MyConc{ |
||||
|
||||
uint constant A = 1; |
||||
bytes32 should_be_constant = sha256('abc'); |
||||
uint should_be_constant_2 = A + 1; |
||||
address not_constant = msg.sender; |
||||
uint not_constant_2 = getNumber(); |
||||
uint not_constant_3 = 10 + block.number; |
||||
|
||||
function getNumber() public returns(uint){ |
||||
return block.number; |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,382 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "variable", |
||||
"name": "myFriendsAddress", |
||||
"source_mapping": { |
||||
"start": 132, |
||||
"length": 76, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
7 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 81 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 29, |
||||
"length": 441, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.myFriendsAddress (tests/detectors/constable-states/0.5.16/const_state_variables.sol#7) should be constant\n", |
||||
"markdown": "[A.myFriendsAddress](tests/detectors/constable-states/0.5.16/const_state_variables.sol#L7) should be constant\n", |
||||
"id": "1454db80653b732bf6acbe54ff0ae4707002207a2a8216708c12d61c88a43e5f", |
||||
"check": "constable-states", |
||||
"impact": "Optimization", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "variable", |
||||
"name": "test", |
||||
"source_mapping": { |
||||
"start": 237, |
||||
"length": 20, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
10 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 25 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 29, |
||||
"length": 441, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.test (tests/detectors/constable-states/0.5.16/const_state_variables.sol#10) should be constant\n", |
||||
"markdown": "[A.test](tests/detectors/constable-states/0.5.16/const_state_variables.sol#L10) should be constant\n", |
||||
"id": "5d9e3fb413322b71a93e90f7e89bd8c83cd4884d577d039598c681fe9db38b1d", |
||||
"check": "constable-states", |
||||
"impact": "Optimization", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "variable", |
||||
"name": "text2", |
||||
"source_mapping": { |
||||
"start": 333, |
||||
"length": 20, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
14 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 25 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 29, |
||||
"length": 441, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.text2 (tests/detectors/constable-states/0.5.16/const_state_variables.sol#14) should be constant\n", |
||||
"markdown": "[A.text2](tests/detectors/constable-states/0.5.16/const_state_variables.sol#L14) should be constant\n", |
||||
"id": "df11e6201c4558a8c5cd90b55b134b9ca8f07203b2264d3aa93bd7745e8cb4ba", |
||||
"check": "constable-states", |
||||
"impact": "Optimization", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "variable", |
||||
"name": "mySistersAddress", |
||||
"source_mapping": { |
||||
"start": 496, |
||||
"length": 76, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
26 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 81 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "B", |
||||
"source_mapping": { |
||||
"start": 473, |
||||
"length": 271, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "B.mySistersAddress (tests/detectors/constable-states/0.5.16/const_state_variables.sol#26) should be constant\n", |
||||
"markdown": "[B.mySistersAddress](tests/detectors/constable-states/0.5.16/const_state_variables.sol#L26) should be constant\n", |
||||
"id": "bee93a722c8eae4a48aade67d8ef537d84c106f48fc9eb738c795fce10d3bc63", |
||||
"check": "constable-states", |
||||
"impact": "Optimization", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "variable", |
||||
"name": "should_be_constant", |
||||
"source_mapping": { |
||||
"start": 793, |
||||
"length": 42, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
42 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 47 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 746, |
||||
"length": 342, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46, |
||||
47, |
||||
48, |
||||
49, |
||||
50, |
||||
51, |
||||
52 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "MyConc.should_be_constant (tests/detectors/constable-states/0.5.16/const_state_variables.sol#42) should be constant\n", |
||||
"markdown": "[MyConc.should_be_constant](tests/detectors/constable-states/0.5.16/const_state_variables.sol#L42) should be constant\n", |
||||
"id": "cbcafa2a3efba4d21ac1b51b4b823e5082d556bc3d6cf3fd2ab3188f9f218fc1", |
||||
"check": "constable-states", |
||||
"impact": "Optimization", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "variable", |
||||
"name": "should_be_constant_2", |
||||
"source_mapping": { |
||||
"start": 841, |
||||
"length": 33, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
43 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 38 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 746, |
||||
"length": 342, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.5.16/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46, |
||||
47, |
||||
48, |
||||
49, |
||||
50, |
||||
51, |
||||
52 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "MyConc.should_be_constant_2 (tests/detectors/constable-states/0.5.16/const_state_variables.sol#43) should be constant\n", |
||||
"markdown": "[MyConc.should_be_constant_2](tests/detectors/constable-states/0.5.16/const_state_variables.sol#L43) should be constant\n", |
||||
"id": "9a48a4122de1a6a4774a9f1e0d4917bd0fa08f17b4af41b86ba07689e51bf711", |
||||
"check": "constable-states", |
||||
"impact": "Optimization", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,52 @@ |
||||
//pragma solidity ^0.4.24; |
||||
|
||||
|
||||
contract A { |
||||
|
||||
address constant public MY_ADDRESS = 0xE0f5206BBD039e7b0592d8918820024e2a7437b9; |
||||
address public myFriendsAddress = 0xc0ffee254729296a45a3885639AC7E10F9d54979; |
||||
|
||||
uint public used; |
||||
uint public test = 5; |
||||
|
||||
uint constant X = 32**22 + 8; |
||||
string constant TEXT1 = "abc"; |
||||
string text2 = "xyz"; |
||||
|
||||
function setUsed() public { |
||||
if (msg.sender == MY_ADDRESS) { |
||||
used = test; |
||||
} |
||||
} |
||||
} |
||||
|
||||
|
||||
contract B is A { |
||||
|
||||
address public mySistersAddress = 0x999999cf1046e68e36E1aA2E0E07105eDDD1f08E; |
||||
|
||||
fallback () external { |
||||
used = 0; |
||||
} |
||||
|
||||
function setUsed(uint a) public { |
||||
if (msg.sender == MY_ADDRESS) { |
||||
used = a; |
||||
} |
||||
} |
||||
} |
||||
|
||||
contract MyConc{ |
||||
|
||||
uint constant A = 1; |
||||
bytes32 should_be_constant = sha256('abc'); |
||||
uint should_be_constant_2 = A + 1; |
||||
address not_constant = msg.sender; |
||||
uint not_constant_2 = getNumber(); |
||||
uint not_constant_3 = 10 + block.number; |
||||
|
||||
function getNumber() public returns(uint){ |
||||
return block.number; |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,382 @@ |
||||
[ |
||||
[ |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "variable", |
||||
"name": "myFriendsAddress", |
||||
"source_mapping": { |
||||
"start": 132, |
||||
"length": 76, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
7 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 81 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 29, |
||||
"length": 441, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.myFriendsAddress (tests/detectors/constable-states/0.6.11/const_state_variables.sol#7) should be constant\n", |
||||
"markdown": "[A.myFriendsAddress](tests/detectors/constable-states/0.6.11/const_state_variables.sol#L7) should be constant\n", |
||||
"id": "1454db80653b732bf6acbe54ff0ae4707002207a2a8216708c12d61c88a43e5f", |
||||
"check": "constable-states", |
||||
"impact": "Optimization", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "variable", |
||||
"name": "test", |
||||
"source_mapping": { |
||||
"start": 237, |
||||
"length": 20, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
10 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 25 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 29, |
||||
"length": 441, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.test (tests/detectors/constable-states/0.6.11/const_state_variables.sol#10) should be constant\n", |
||||
"markdown": "[A.test](tests/detectors/constable-states/0.6.11/const_state_variables.sol#L10) should be constant\n", |
||||
"id": "5d9e3fb413322b71a93e90f7e89bd8c83cd4884d577d039598c681fe9db38b1d", |
||||
"check": "constable-states", |
||||
"impact": "Optimization", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "variable", |
||||
"name": "text2", |
||||
"source_mapping": { |
||||
"start": 333, |
||||
"length": 20, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
14 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 25 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "A", |
||||
"source_mapping": { |
||||
"start": 29, |
||||
"length": 441, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
4, |
||||
5, |
||||
6, |
||||
7, |
||||
8, |
||||
9, |
||||
10, |
||||
11, |
||||
12, |
||||
13, |
||||
14, |
||||
15, |
||||
16, |
||||
17, |
||||
18, |
||||
19, |
||||
20, |
||||
21 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "A.text2 (tests/detectors/constable-states/0.6.11/const_state_variables.sol#14) should be constant\n", |
||||
"markdown": "[A.text2](tests/detectors/constable-states/0.6.11/const_state_variables.sol#L14) should be constant\n", |
||||
"id": "df11e6201c4558a8c5cd90b55b134b9ca8f07203b2264d3aa93bd7745e8cb4ba", |
||||
"check": "constable-states", |
||||
"impact": "Optimization", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "variable", |
||||
"name": "mySistersAddress", |
||||
"source_mapping": { |
||||
"start": 496, |
||||
"length": 76, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
26 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 81 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "B", |
||||
"source_mapping": { |
||||
"start": 473, |
||||
"length": 271, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
24, |
||||
25, |
||||
26, |
||||
27, |
||||
28, |
||||
29, |
||||
30, |
||||
31, |
||||
32, |
||||
33, |
||||
34, |
||||
35, |
||||
36, |
||||
37 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "B.mySistersAddress (tests/detectors/constable-states/0.6.11/const_state_variables.sol#26) should be constant\n", |
||||
"markdown": "[B.mySistersAddress](tests/detectors/constable-states/0.6.11/const_state_variables.sol#L26) should be constant\n", |
||||
"id": "bee93a722c8eae4a48aade67d8ef537d84c106f48fc9eb738c795fce10d3bc63", |
||||
"check": "constable-states", |
||||
"impact": "Optimization", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "variable", |
||||
"name": "should_be_constant", |
||||
"source_mapping": { |
||||
"start": 793, |
||||
"length": 42, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
42 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 47 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 746, |
||||
"length": 342, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46, |
||||
47, |
||||
48, |
||||
49, |
||||
50, |
||||
51, |
||||
52 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "MyConc.should_be_constant (tests/detectors/constable-states/0.6.11/const_state_variables.sol#42) should be constant\n", |
||||
"markdown": "[MyConc.should_be_constant](tests/detectors/constable-states/0.6.11/const_state_variables.sol#L42) should be constant\n", |
||||
"id": "cbcafa2a3efba4d21ac1b51b4b823e5082d556bc3d6cf3fd2ab3188f9f218fc1", |
||||
"check": "constable-states", |
||||
"impact": "Optimization", |
||||
"confidence": "High" |
||||
}, |
||||
{ |
||||
"elements": [ |
||||
{ |
||||
"type": "variable", |
||||
"name": "should_be_constant_2", |
||||
"source_mapping": { |
||||
"start": 841, |
||||
"length": 33, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
43 |
||||
], |
||||
"starting_column": 5, |
||||
"ending_column": 38 |
||||
}, |
||||
"type_specific_fields": { |
||||
"parent": { |
||||
"type": "contract", |
||||
"name": "MyConc", |
||||
"source_mapping": { |
||||
"start": 746, |
||||
"length": 342, |
||||
"filename_used": "/GENERIC_PATH", |
||||
"filename_relative": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"filename_absolute": "/GENERIC_PATH", |
||||
"filename_short": "tests/detectors/constable-states/0.6.11/const_state_variables.sol", |
||||
"is_dependency": false, |
||||
"lines": [ |
||||
39, |
||||
40, |
||||
41, |
||||
42, |
||||
43, |
||||
44, |
||||
45, |
||||
46, |
||||
47, |
||||
48, |
||||
49, |
||||
50, |
||||
51, |
||||
52 |
||||
], |
||||
"starting_column": 1, |
||||
"ending_column": 2 |
||||
} |
||||
} |
||||
} |
||||
} |
||||
], |
||||
"description": "MyConc.should_be_constant_2 (tests/detectors/constable-states/0.6.11/const_state_variables.sol#43) should be constant\n", |
||||
"markdown": "[MyConc.should_be_constant_2](tests/detectors/constable-states/0.6.11/const_state_variables.sol#L43) should be constant\n", |
||||
"id": "9a48a4122de1a6a4774a9f1e0d4917bd0fa08f17b4af41b86ba07689e51bf711", |
||||
"check": "constable-states", |
||||
"impact": "Optimization", |
||||
"confidence": "High" |
||||
} |
||||
] |
||||
] |
||||
@ -0,0 +1,52 @@ |
||||
//pragma solidity ^0.4.24; |
||||
|
||||
|
||||
contract A { |
||||
|
||||
address constant public MY_ADDRESS = 0xE0f5206BBD039e7b0592d8918820024e2a7437b9; |
||||
address public myFriendsAddress = 0xc0ffee254729296a45a3885639AC7E10F9d54979; |
||||
|
||||
uint public used; |
||||
uint public test = 5; |
||||
|
||||
uint constant X = 32**22 + 8; |
||||
string constant TEXT1 = "abc"; |
||||
string text2 = "xyz"; |
||||
|
||||
function setUsed() public { |
||||
if (msg.sender == MY_ADDRESS) { |
||||
used = test; |
||||
} |
||||
} |
||||
} |
||||
|
||||
|
||||
contract B is A { |
||||
|
||||
address public mySistersAddress = 0x999999cf1046e68e36E1aA2E0E07105eDDD1f08E; |
||||
|
||||
fallback () external { |
||||
used = 0; |
||||
} |
||||
|
||||
function setUsed(uint a) public { |
||||
if (msg.sender == MY_ADDRESS) { |
||||
used = a; |
||||
} |
||||
} |
||||
} |
||||
|
||||
contract MyConc{ |
||||
|
||||
uint constant A = 1; |
||||
bytes32 should_be_constant = sha256('abc'); |
||||
uint should_be_constant_2 = A + 1; |
||||
address not_constant = msg.sender; |
||||
uint not_constant_2 = getNumber(); |
||||
uint not_constant_3 = 10 + block.number; |
||||
|
||||
function getNumber() public returns(uint){ |
||||
return block.number; |
||||
} |
||||
|
||||
} |
||||
@ -1,4 +1,4 @@ |
||||
pragma solidity 0.5.1; |
||||
// pragma solidity 0.5.1; |
||||
|
||||
contract Constant { |
||||
|
||||
@ -0,0 +1,20 @@ |
||||
// pragma solidity 0.5.1; |
||||
|
||||
contract Constant { |
||||
|
||||
uint a; |
||||
|
||||
|
||||
function test_view_shadow() public view{ |
||||
uint a; |
||||
a = 0; |
||||
} |
||||
|
||||
function test_view() public view{ |
||||
a; |
||||
} |
||||
|
||||
function test_assembly_bug() public view{ |
||||
assembly{} |
||||
} |
||||
} |
||||
@ -0,0 +1,20 @@ |
||||
// pragma solidity 0.5.1; |
||||
|
||||
contract Constant { |
||||
|
||||
uint a; |
||||
|
||||
|
||||
function test_view_shadow() public view{ |
||||
uint a; |
||||
a = 0; |
||||
} |
||||
|
||||
function test_view() public view{ |
||||
a; |
||||
} |
||||
|
||||
function test_assembly_bug() public view{ |
||||
assembly{} |
||||
} |
||||
} |
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue