{ "success": true, "error": null, "results": { "detectors": [ { "elements": [ { "type": "function", "name": "bad_delegate_call", "source_mapping": { "start": 101, "length": 134, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 8, 9, 10, 11 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "C", "source_mapping": { "start": 0, "length": 585, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25 ], "starting_column": 1, "ending_column": 2 } }, "signature": "bad_delegate_call(bytes)" } }, { "type": "node", "name": "addr_bad.delegatecall(data)", "source_mapping": { "start": 201, "length": 27, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 10 ], "starting_column": 9, "ending_column": 36 }, "type_specific_fields": { "parent": { "type": "function", "name": "bad_delegate_call", "source_mapping": { "start": 101, "length": 134, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 8, 9, 10, 11 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "C", "source_mapping": { "start": 0, "length": 585, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25 ], "starting_column": 1, "ending_column": 2 } }, "signature": "bad_delegate_call(bytes)" } } } } ], "description": "C.bad_delegate_call(bytes) (tests/controlled_delegatecall.sol#8-11) uses delegatecall to a input-controlled function id\n\t- addr_bad.delegatecall(data) (tests/controlled_delegatecall.sol#10)\n", "markdown": "[C.bad_delegate_call(bytes)](tests/controlled_delegatecall.sol#L8-L11) uses delegatecall to a input-controlled function id\n\t- [addr_bad.delegatecall(data)](tests/controlled_delegatecall.sol#L10)\n", "id": "a97990bb03ea7d6b3844cfe53689f9d3f32e49baf83e603760588e34c7cba64f", "check": "controlled-delegatecall", "impact": "High", "confidence": "Medium" }, { "elements": [ { "type": "function", "name": "bad_delegate_call2", "source_mapping": { "start": 337, "length": 118, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 18, 19, 20 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "C", "source_mapping": { "start": 0, "length": 585, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25 ], "starting_column": 1, "ending_column": 2 } }, "signature": "bad_delegate_call2(bytes)" } }, { "type": "node", "name": "addr_bad.delegatecall(abi.encode(func_id,data))", "source_mapping": { "start": 400, "length": 48, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 19 ], "starting_column": 9, "ending_column": 57 }, "type_specific_fields": { "parent": { "type": "function", "name": "bad_delegate_call2", "source_mapping": { "start": 337, "length": 118, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 18, 19, 20 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "C", "source_mapping": { "start": 0, "length": 585, "filename_used": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_relative": "tests/controlled_delegatecall.sol", "filename_absolute": "/home/travis/build/crytic/slither/tests/controlled_delegatecall.sol", "filename_short": "tests/controlled_delegatecall.sol", "is_dependency": false, "lines": [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25 ], "starting_column": 1, "ending_column": 2 } }, "signature": "bad_delegate_call2(bytes)" } } } } ], "description": "C.bad_delegate_call2(bytes) (tests/controlled_delegatecall.sol#18-20) uses delegatecall to a input-controlled function id\n\t- addr_bad.delegatecall(abi.encode(func_id,data)) (tests/controlled_delegatecall.sol#19)\n", "markdown": "[C.bad_delegate_call2(bytes)](tests/controlled_delegatecall.sol#L18-L20) uses delegatecall to a input-controlled function id\n\t- [addr_bad.delegatecall(abi.encode(func_id,data))](tests/controlled_delegatecall.sol#L19)\n", "id": "611ca2baf5d14852abb16f98b888d9d52760b8e729599d472c669a9b2f008026", "check": "controlled-delegatecall", "impact": "High", "confidence": "Medium" } ] } }