From 43dd4489a8baa46bed4945944728cfdef06b6322 Mon Sep 17 00:00:00 2001 From: Richie Date: Mon, 21 Nov 2022 14:13:34 -0800 Subject: [PATCH] refactor: add VULNERABLE_SOLC_VERSIONS and logic --- slither/detectors/abstract_detector.py | 16 +++++++++++++ .../compiler_bugs/enum_conversion.py | 23 ++++--------------- 2 files changed, 21 insertions(+), 18 deletions(-) diff --git a/slither/detectors/abstract_detector.py b/slither/detectors/abstract_detector.py index 4ebead96af..dd96cdd807 100644 --- a/slither/detectors/abstract_detector.py +++ b/slither/detectors/abstract_detector.py @@ -61,6 +61,11 @@ class AbstractDetector(metaclass=abc.ABCMeta): STANDARD_JSON = True + # list of vulnerable solc versions as strings (e.g. ["0.4.25", "0.5.0"]) + # if this list is not empty then the detector will not run unless the solc version is on the list + # an empty list means that the detector will run on any solc version + VULNERABLE_SOLC_VERSIONS = [] + def __init__( self, compilation_unit: SlitherCompilationUnit, slither: "Slither", logger: Logger ): @@ -139,6 +144,12 @@ def _log(self, info: str) -> None: if self.logger: self.logger.info(self.color(info)) + def _uses_vulnerable_solc_version(self) -> bool: + if not self.VULNERABLE_SOLC_VERSIONS: + return False + + return self.compilation_unit.solc_version in self.VULNERABLE_SOLC_VERSIONS + @abc.abstractmethod def _detect(self) -> List[Output]: """TODO Documentation""" @@ -147,6 +158,11 @@ def _detect(self) -> List[Output]: # pylint: disable=too-many-branches def detect(self) -> List[Dict]: results: List[Dict] = [] + + # check solc version + if not self._uses_vulnerable_solc_version(): + return results + # only keep valid result, and remove duplicate # Keep only dictionaries for r in [output.data for output in self._detect()]: diff --git a/slither/detectors/compiler_bugs/enum_conversion.py b/slither/detectors/compiler_bugs/enum_conversion.py index 1db166ac2f..60a012f103 100644 --- a/slither/detectors/compiler_bugs/enum_conversion.py +++ b/slither/detectors/compiler_bugs/enum_conversion.py @@ -7,18 +7,6 @@ from slither.core.declarations.enum import Enum -def _uses_vulnerable_solc_version(version): - """Detect if used compiler version is 0.4.[0|1|2|3|4] - Args: - version (solc version used) - Returns: - Bool - """ - if version in ["0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4"]: - return True - return False - - def _detect_dangerous_enum_conversions(contract): """Detect dangerous conversion to enum by checking IR Args: @@ -54,11 +42,11 @@ class EnumConversion(AbstractDetector): ```solidity pragma solidity 0.4.2; contract Test{ - + enum E{a} - + function bug(uint a) public returns(E){ - return E(a); + return E(a); } } ``` @@ -67,12 +55,11 @@ class EnumConversion(AbstractDetector): WIKI_RECOMMENDATION = "Use a recent compiler version. If `solc` <`0.4.5` is required, check the `enum` conversion range." + VULNERABLE_SOLC_VERSIONS = ["0.4.0", "0.4.1", "0.4.2", "0.4.3", "0.4.4"] + def _detect(self): """Detect dangerous conversion to enum""" results = [] - # If solc version >= 0.4.5 then return - if not _uses_vulnerable_solc_version(self.compilation_unit.solc_version): - return results for c in self.compilation_unit.contracts: ret = _detect_dangerous_enum_conversions(c)