Skip to content

Commit

Permalink
Minor API improvements
Browse files Browse the repository at this point in the history
  • Loading branch information
montyly committed Jan 13, 2023
1 parent 4c976d5 commit ea8d232
Show file tree
Hide file tree
Showing 8 changed files with 137 additions and 34 deletions.
40 changes: 32 additions & 8 deletions slither/core/source_mapping/source_mapping.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
from abc import ABCMeta
from typing import Dict, Union, List, Tuple, TYPE_CHECKING, Optional

from Crypto.Hash import SHA1
from crytic_compile.utils.naming import Filename

from slither.core.context.context import Context

if TYPE_CHECKING:
Expand Down Expand Up @@ -56,7 +56,7 @@ def to_detailled_str(self) -> str:
filename_short: str = self.filename.short if self.filename.short else ""
return f"{filename_short}{lines} ({self.starting_column} - {self.ending_column})"

def _get_lines_str(self, line_descr=""):
def _get_lines_str(self, line_descr: str = "") -> str:

# If the compilation unit was not initialized, it means that the set_offset was never called
# on the corresponding object, which should not happen
Expand All @@ -66,12 +66,36 @@ def _get_lines_str(self, line_descr=""):

lines = self.lines
if not lines:
lines = ""
elif len(lines) == 1:
lines = f"{line_prefix}{line_descr}{lines[0]}"
else:
lines = f"{line_prefix}{line_descr}{lines[0]}-{line_descr}{lines[-1]}"
return lines
return ""
if len(lines) == 1:
return f"{line_prefix}{line_descr}{lines[0]}"

return f"{line_prefix}{line_descr}{lines[0]}-{line_descr}{lines[-1]}"

@property
def content(self) -> str:
"""
Return the txt content of the Source
Returns:
"""
# If the compilation unit was not initialized, it means that the set_offset was never called
# on the corresponding object, which should not happen
assert self.compilation_unit
return self.compilation_unit.core.source_code[self.filename.absolute][self.start : self.end]

@property
def content_hash(self) -> str:
"""
Return sha1(self.content)
Returns:
"""
h = SHA1.new()
h.update(self.content.encode("utf8"))
return h.hexdigest()

def __str__(self) -> str:
lines = self._get_lines_str()
Expand Down
6 changes: 1 addition & 5 deletions slither/detectors/functions/codex.py
Original file line number Diff line number Diff line change
Expand Up @@ -114,11 +114,7 @@ def _detect(self) -> List[Output]:
):
continue
prompt = f"Analyze this Solidity contract and find the vulnerabilities. If you find any vulnerabilities, begin the response with {VULN_FOUND}\n"
src_mapping = contract.source_mapping
content = contract.compilation_unit.core.source_code[src_mapping.filename.absolute]
start = src_mapping.start
end = src_mapping.start + src_mapping.length
prompt += content[start:end]
prompt += contract.source_mapping.content

answer = self._run_codex(logging_file, prompt)

Expand Down
18 changes: 8 additions & 10 deletions slither/printers/summary/constructor_calls.py
Original file line number Diff line number Diff line change
@@ -1,24 +1,22 @@
"""
Module printing summary of the contract
"""
from slither.core.declarations import Function
from slither.core.source_mapping.source_mapping import Source
from slither.printers.abstract_printer import AbstractPrinter
from slither.utils import output


def _get_source_code(cst: Function) -> str:
src_mapping: Source = cst.source_mapping
return " " * src_mapping.starting_column + src_mapping.content


class ConstructorPrinter(AbstractPrinter):
WIKI = "https://github.com/crytic/slither/wiki/Printer-documentation#constructor-calls"
ARGUMENT = "constructor-calls"
HELP = "Print the constructors executed"

def _get_soruce_code(self, cst):
src_mapping: Source = cst.source_mapping
content = self.slither.source_code[src_mapping.filename.absolute]
start = src_mapping.start
end = src_mapping.start + src_mapping.length
initial_space = src_mapping.starting_column
return " " * initial_space + content[start:end]

def output(self, _filename):
info = ""
for contract in self.slither.contracts_derived:
Expand All @@ -27,12 +25,12 @@ def output(self, _filename):
cst = contract.constructors_declared
if cst:
stack_name.append(contract.name)
stack_definition.append(self._get_soruce_code(cst))
stack_definition.append(_get_source_code(cst))
for inherited_contract in contract.inheritance:
cst = inherited_contract.constructors_declared
if cst:
stack_name.append(inherited_contract.name)
stack_definition.append(self._get_soruce_code(cst))
stack_definition.append(_get_source_code(cst))

if len(stack_name) > 0:

Expand Down
6 changes: 1 addition & 5 deletions slither/tools/flattening/flattening.py
Original file line number Diff line number Diff line change
Expand Up @@ -80,11 +80,7 @@ def __init__(

def _get_source_code_top_level(self, elems: Sequence[TopLevel]) -> None:
for elem in elems:
src_mapping = elem.source_mapping
content = self._compilation_unit.core.source_code[src_mapping.filename.absolute]
start = src_mapping.start
end = src_mapping.start + src_mapping.length
self._source_codes_top_level[elem] = content[start:end]
self._source_codes_top_level[elem] = elem.source_mapping.content

def _check_abi_encoder_v2(self):
"""
Expand Down
55 changes: 55 additions & 0 deletions slither/utils/arithmetic.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,12 @@
from typing import List, TYPE_CHECKING

from slither.exceptions import SlitherException
from slither.utils.integer_conversion import convert_string_to_fraction


if TYPE_CHECKING:
from slither.core.declarations import Contract, Function

# pylint: disable=too-many-branches
def convert_subdenomination(
value: str, sub: str
Expand Down Expand Up @@ -31,3 +37,52 @@ def convert_subdenomination(
return int(decimal_value * 60 * 60 * 24 * 7 * 365)

raise SlitherException(f"Subdemonination conversion impossible {decimal_value} {sub}")


# Number of unchecked arithmetic operation needed to be interesting
THRESHOLD_ARITHMETIC_USAGE = 3


def _unchecked_arithemtic_usage(function: "Function") -> bool:
"""
Check if the function has more than THRESHOLD_ARITHMETIC_USAGE unchecked arithmetic operation
Args:
function:
Returns:
"""

# pylint: disable=import-outside-toplevel
from slither.slithir.operations import Binary

score = 0
for node in function.nodes:
if not node.scope.is_checked:
for ir in node.irs:
if isinstance(ir, Binary):
score += 1
if score >= THRESHOLD_ARITHMETIC_USAGE:
return True
return False


def unchecked_arithemtic_usage(contract: "Contract") -> List["Function"]:
"""
Return the list of function with some unchecked arithmetics
Args:
contract:
Returns:
"""
# pylint: disable=import-outside-toplevel
from slither.core.declarations import Function

ret: List[Function] = []
for function in contract.all_functions_called:
if isinstance(function, Function) and _unchecked_arithemtic_usage(function):
ret.append(function)
return ret
7 changes: 1 addition & 6 deletions slither/utils/standard_libraries.py
Original file line number Diff line number Diff line change
Expand Up @@ -68,12 +68,7 @@ def is_openzeppelin(contract: "Contract") -> bool:


def is_openzeppelin_strict(contract: "Contract") -> bool:
start = contract.source_mapping.start
end = start + contract.source_mapping.length
source_code = contract.compilation_unit.core.source_code[
contract.source_mapping.filename.absolute
][start:end]
source_hash = sha1(source_code.encode("utf-8")).hexdigest()
source_hash = sha1(contract.source_mapping.content.encode("utf-8")).hexdigest()
return source_hash in oz_hashes


Expand Down
29 changes: 29 additions & 0 deletions tests/arithmetic_usage/test.sol
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
function protected(uint a, uint b) returns(uint){
return (a + b) * (a + b);
}

function not_protected_asm(uint a, uint b) returns(uint){
uint c;
assembly{
c := mul(add(a,b), add(a,b))
}
return c;
}

function not_protected_unchecked(uint a, uint b) returns(uint){
uint c;
unchecked{
return (a + b) * (a + b);
}

}

contract A{

function f(uint a, uint b) public{
protected(a,b);
not_protected_asm(a, b);
not_protected_unchecked(a, b);
}

}
10 changes: 10 additions & 0 deletions tests/test_features.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
from slither.detectors import all_detectors
from slither.detectors.abstract_detector import AbstractDetector
from slither.slithir.operations import LibraryCall, InternalCall
from slither.utils.arithmetic import unchecked_arithemtic_usage


def _run_all_detectors(slither: Slither) -> None:
Expand Down Expand Up @@ -150,3 +151,12 @@ def test_private_variable() -> None:
var_read = f.variables_read[0]
assert isinstance(var_read, StateVariable)
assert str(var_read.contract) == "B"


def test_arithmetic_usage() -> None:
solc_select.switch_global_version("0.8.15", always_install=True)
slither = Slither("./tests/arithmetic_usage/test.sol")

assert {
f.source_mapping.content_hash for f in unchecked_arithemtic_usage(slither.contracts[0])
} == {"2b4bc73cf59d486dd9043e840b5028b679354dd9", "e4ecd4d0fda7e762d29aceb8425f2c5d4d0bf962"}

0 comments on commit ea8d232

Please sign in to comment.