refactor: add VULNERABLE_SOLC_VERSIONS and logic

crytic · Nov 21, 2022 · 43dd448 · 43dd448
1 parent a41f867
commit 43dd448
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 18 deletions.
diff --git a/slither/detectors/abstract_detector.py b/slither/detectors/abstract_detector.py
@@ -61,6 +61,11 @@ class AbstractDetector(metaclass=abc.ABCMeta):
 
     STANDARD_JSON = True
 
+    # list of vulnerable solc versions as strings (e.g. ["0.4.25", "0.5.0"])
+    # if this list is not empty then the detector will not run unless the solc version is on the list
+    # an empty list means that the detector will run on any solc version
+    VULNERABLE_SOLC_VERSIONS = []
+
     def __init__(
         self, compilation_unit: SlitherCompilationUnit, slither: "Slither", logger: Logger
     ):
@@ -139,6 +144,12 @@ def _log(self, info: str) -> None:
         if self.logger:
             self.logger.info(self.color(info))
 
+    def _uses_vulnerable_solc_version(self) -> bool:
+        if not self.VULNERABLE_SOLC_VERSIONS:
+            return False
+
+        return self.compilation_unit.solc_version in self.VULNERABLE_SOLC_VERSIONS
+
     @abc.abstractmethod
     def _detect(self) -> List[Output]:
         """TODO Documentation"""
@@ -147,6 +158,11 @@ def _detect(self) -> List[Output]:
     # pylint: disable=too-many-branches
     def detect(self) -> List[Dict]:
         results: List[Dict] = []
+
+        # check solc version
+        if not self._uses_vulnerable_solc_version():
+            return results
+
         # only keep valid result, and remove duplicate
         # Keep only dictionaries
         for r in [output.data for output in self._detect()]:

diff --git a/slither/detectors/compiler_bugs/enum_conversion.py b/slither/detectors/compiler_bugs/enum_conversion.py
@@ -7,18 +7,6 @@
 from slither.core.declarations.enum import Enum
 
 
-def _uses_vulnerable_solc_version(version):
-    """Detect if used compiler version is 0.4.[0|1|2|3|4]
-    Args:
-       version (solc version used)
-    Returns:
-       Bool
-    """
-    if version in ["0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4"]:
-        return True
-    return False
-
-
 def _detect_dangerous_enum_conversions(contract):
     """Detect dangerous conversion to enum by checking IR
     Args:
@@ -54,11 +42,11 @@ class EnumConversion(AbstractDetector):
 ```solidity
     pragma solidity 0.4.2;
     contract Test{
-    
+
     enum E{a}
-    
+
     function bug(uint a) public returns(E){
-        return E(a);   
+        return E(a);
     }
 }
 ```
@@ -67,12 +55,11 @@ class EnumConversion(AbstractDetector):
 
     WIKI_RECOMMENDATION = "Use a recent compiler version. If `solc` <`0.4.5` is required, check the `enum` conversion range."
 
+    VULNERABLE_SOLC_VERSIONS = ["0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4"]
+
     def _detect(self):
         """Detect dangerous conversion to enum"""
         results = []
-        # If solc version >= 0.4.5 then return
-        if not _uses_vulnerable_solc_version(self.compilation_unit.solc_version):
-            return results
 
         for c in self.compilation_unit.contracts:
             ret = _detect_dangerous_enum_conversions(c)