[ [ { "elements": [ { "type": "function", "name": "bad_delegate_call", "source_mapping": { "start": 101, "length": 134, "filename_used": "/GENERIC_PATH", "filename_relative": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 8, 9, 10, 11 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "C", "source_mapping": { "start": 0, "length": 585, "filename_used": "/GENERIC_PATH", "filename_relative": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25 ], "starting_column": 1, "ending_column": 2 } }, "signature": "bad_delegate_call(bytes)" } }, { "type": "node", "name": "addr_bad.delegatecall(data)", "source_mapping": { "start": 201, "length": 27, "filename_used": "/GENERIC_PATH", "filename_relative": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 10 ], "starting_column": 9, "ending_column": 36 }, "type_specific_fields": { "parent": { "type": "function", "name": "bad_delegate_call", "source_mapping": { "start": 101, "length": 134, "filename_used": "/GENERIC_PATH", "filename_relative": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 8, 9, 10, 11 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "C", "source_mapping": { "start": 0, "length": 585, "filename_used": "/GENERIC_PATH", "filename_relative": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25 ], "starting_column": 1, "ending_column": 2 } }, "signature": "bad_delegate_call(bytes)" } } } } ], "description": "C.bad_delegate_call(bytes) (tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id\n\t- addr_bad.delegatecall(data) (tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol#10)\n", "markdown": "[C.bad_delegate_call(bytes)](tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol#L8-L11) uses delegatecall to a input-controlled function id\n\t- [addr_bad.delegatecall(data)](tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol#L10)\n", "first_markdown_element": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol#L8-L11", "id": "5ffc12fd6e122f0e70986a5d7f8d14c087f538145910100ea15192a63391a2b7", "check": "controlled-delegatecall", "impact": "High", "confidence": "Medium" }, { "elements": [ { "type": "function", "name": "bad_delegate_call2", "source_mapping": { "start": 337, "length": 118, "filename_used": "/GENERIC_PATH", "filename_relative": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 18, 19, 20 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "C", "source_mapping": { "start": 0, "length": 585, "filename_used": "/GENERIC_PATH", "filename_relative": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25 ], "starting_column": 1, "ending_column": 2 } }, "signature": "bad_delegate_call2(bytes)" } }, { "type": "node", "name": "addr_bad.delegatecall(abi.encode(func_id,data))", "source_mapping": { "start": 400, "length": 48, "filename_used": "/GENERIC_PATH", "filename_relative": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 19 ], "starting_column": 9, "ending_column": 57 }, "type_specific_fields": { "parent": { "type": "function", "name": "bad_delegate_call2", "source_mapping": { "start": 337, "length": 118, "filename_used": "/GENERIC_PATH", "filename_relative": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 18, 19, 20 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "C", "source_mapping": { "start": 0, "length": 585, "filename_used": "/GENERIC_PATH", "filename_relative": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25 ], "starting_column": 1, "ending_column": 2 } }, "signature": "bad_delegate_call2(bytes)" } } } } ], "description": "C.bad_delegate_call2(bytes) (tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id\n\t- addr_bad.delegatecall(abi.encode(func_id,data)) (tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol#19)\n", "markdown": "[C.bad_delegate_call2(bytes)](tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol#L18-L20) uses delegatecall to a input-controlled function id\n\t- [addr_bad.delegatecall(abi.encode(func_id,data))](tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol#L19)\n", "first_markdown_element": "tests/detectors/controlled-delegatecall/0.5.16/controlled_delegatecall.sol#L18-L20", "id": "a8749733eb415695ac990f9045813c8c1aadfb54f6de912cff1927db64a6d8d6", "check": "controlled-delegatecall", "impact": "High", "confidence": "Medium" } ] ]