[ [ { "elements": [ { "type": "function", "name": "withdrawBalance_fixed_3", "source_mapping": { "start": 1843, "length": 393, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 55, 56, 57, 58, 59, 60, 61, 62, 63, 64 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "Reentrancy", "source_mapping": { "start": 28, "length": 2213, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65 ], "starting_column": 1, "ending_column": 2 } }, "signature": "withdrawBalance_fixed_3()" } }, { "type": "node", "name": "(ret,mem) = msg.sender.call.value(amount)()", "source_mapping": { "start": 2088, "length": 64, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 60 ], "starting_column": 9, "ending_column": 73 }, "type_specific_fields": { "parent": { "type": "function", "name": "withdrawBalance_fixed_3", "source_mapping": { "start": 1843, "length": 393, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 55, 56, 57, 58, 59, 60, 61, 62, 63, 64 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "Reentrancy", "source_mapping": { "start": 28, "length": 2213, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65 ], "starting_column": 1, "ending_column": 2 } }, "signature": "withdrawBalance_fixed_3()" } } }, "additional_fields": { "underlying_type": "external_calls" } }, { "type": "node", "name": "userBalance[msg.sender] = amount", "source_mapping": { "start": 2187, "length": 32, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 62 ], "starting_column": 13, "ending_column": 45 }, "type_specific_fields": { "parent": { "type": "function", "name": "withdrawBalance_fixed_3", "source_mapping": { "start": 1843, "length": 393, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 55, 56, 57, 58, 59, 60, 61, 62, 63, 64 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "Reentrancy", "source_mapping": { "start": 28, "length": 2213, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65 ], "starting_column": 1, "ending_column": 2 } }, "signature": "withdrawBalance_fixed_3()" } } }, "additional_fields": { "underlying_type": "variables_written", "variable_name": "userBalance" } } ], "description": "Reentrancy in Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#55-64):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(amount)() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#60)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = amount (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#62)\n\tReentrancy.userBalance (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#4) can be used in cross function reentrancies:\n\t- Reentrancy.addToBalance() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#10-12)\n\t- Reentrancy.constructor() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#15-23)\n\t- Reentrancy.getBalance(address) (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#6-8)\n\t- Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#25-33)\n\t- Reentrancy.withdrawBalance_fixed() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#35-44)\n\t- Reentrancy.withdrawBalance_fixed_2() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#46-53)\n\t- Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#55-64)\n", "markdown": "Reentrancy in [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L55-L64):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call.value(amount)()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L60)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = amount](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L62)\n\t[Reentrancy.userBalance](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L4) can be used in cross function reentrancies:\n\t- [Reentrancy.addToBalance()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L10-L12)\n\t- [Reentrancy.constructor()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L15-L23)\n\t- [Reentrancy.getBalance(address)](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L6-L8)\n\t- [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L25-L33)\n\t- [Reentrancy.withdrawBalance_fixed()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L35-L44)\n\t- [Reentrancy.withdrawBalance_fixed_2()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L46-L53)\n\t- [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L55-L64)\n", "first_markdown_element": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L55-L64", "id": "bc199b4c8749cb08649e2084ac891e0cb098640e2752bf319ffa79d99ee10cdb", "check": "reentrancy-eth", "impact": "High", "confidence": "Medium" }, { "elements": [ { "type": "function", "name": "withdrawBalance", "source_mapping": { "start": 707, "length": 357, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 25, 26, 27, 28, 29, 30, 31, 32, 33 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "Reentrancy", "source_mapping": { "start": 28, "length": 2213, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65 ], "starting_column": 1, "ending_column": 2 } }, "signature": "withdrawBalance()" } }, { "type": "node", "name": "(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()", "source_mapping": { "start": 886, "length": 81, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 28 ], "starting_column": 9, "ending_column": 90 }, "type_specific_fields": { "parent": { "type": "function", "name": "withdrawBalance", "source_mapping": { "start": 707, "length": 357, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 25, 26, 27, 28, 29, 30, 31, 32, 33 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "Reentrancy", "source_mapping": { "start": 28, "length": 2213, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65 ], "starting_column": 1, "ending_column": 2 } }, "signature": "withdrawBalance()" } } }, "additional_fields": { "underlying_type": "external_calls" } }, { "type": "node", "name": "userBalance[msg.sender] = 0", "source_mapping": { "start": 1030, "length": 27, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 32 ], "starting_column": 9, "ending_column": 36 }, "type_specific_fields": { "parent": { "type": "function", "name": "withdrawBalance", "source_mapping": { "start": 707, "length": 357, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 25, 26, 27, 28, 29, 30, 31, 32, 33 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "Reentrancy", "source_mapping": { "start": 28, "length": 2213, "filename_relative": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "filename_absolute": "/GENERIC_PATH", "filename_short": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol", "is_dependency": false, "lines": [ 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65 ], "starting_column": 1, "ending_column": 2 } }, "signature": "withdrawBalance()" } } }, "additional_fields": { "underlying_type": "variables_written", "variable_name": "userBalance" } } ], "description": "Reentrancy in Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#25-33):\n\tExternal calls:\n\t- (ret,mem) = msg.sender.call.value(userBalance[msg.sender])() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#28)\n\tState variables written after the call(s):\n\t- userBalance[msg.sender] = 0 (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#32)\n\tReentrancy.userBalance (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#4) can be used in cross function reentrancies:\n\t- Reentrancy.addToBalance() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#10-12)\n\t- Reentrancy.constructor() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#15-23)\n\t- Reentrancy.getBalance(address) (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#6-8)\n\t- Reentrancy.withdrawBalance() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#25-33)\n\t- Reentrancy.withdrawBalance_fixed() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#35-44)\n\t- Reentrancy.withdrawBalance_fixed_2() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#46-53)\n\t- Reentrancy.withdrawBalance_fixed_3() (tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#55-64)\n", "markdown": "Reentrancy in [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L25-L33):\n\tExternal calls:\n\t- [(ret,mem) = msg.sender.call.value(userBalance[msg.sender])()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L28)\n\tState variables written after the call(s):\n\t- [userBalance[msg.sender] = 0](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L32)\n\t[Reentrancy.userBalance](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L4) can be used in cross function reentrancies:\n\t- [Reentrancy.addToBalance()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L10-L12)\n\t- [Reentrancy.constructor()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L15-L23)\n\t- [Reentrancy.getBalance(address)](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L6-L8)\n\t- [Reentrancy.withdrawBalance()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L25-L33)\n\t- [Reentrancy.withdrawBalance_fixed()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L35-L44)\n\t- [Reentrancy.withdrawBalance_fixed_2()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L46-L53)\n\t- [Reentrancy.withdrawBalance_fixed_3()](tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L55-L64)\n", "first_markdown_element": "tests/detectors/reentrancy-eth/0.6.11/reentrancy.sol#L25-L33", "id": "c8c4106c11c4f1fc4a76fc18e91bb3132d5b8d95d94c707453f64be98f1efa8d", "check": "reentrancy-eth", "impact": "High", "confidence": "Medium" } ] ]