From ecd8adbcbefe8ad77fa86eca3bd7954a2d7d65bc Mon Sep 17 00:00:00 2001 From: feliam Date: Sun, 17 Jul 2022 19:28:15 -0300 Subject: [PATCH] Added tests --- .../0.8.0/wrongencodeselector.sol | 17 +++ ...tor.sol.0.8.0.WrongEncodeWithSelector.json | 137 ++++++++++++++++++ ...or.sol.0.8.15.WrongEncodeWithSelector.json | 137 ++++++++++++++++++ .../0.8.15/wrongencodeselector.sol | 17 +++ ...or.sol.0.8.15.WrongEncodeWithSelector.json | 137 ++++++++++++++++++ tests/test_detectors.py | 9 ++ 6 files changed, 454 insertions(+) create mode 100644 tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol create mode 100644 tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol.0.8.0.WrongEncodeWithSelector.json create mode 100644 tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol.0.8.15.WrongEncodeWithSelector.json create mode 100644 tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol create mode 100644 tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol.0.8.15.WrongEncodeWithSelector.json diff --git a/tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol b/tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol new file mode 100644 index 0000000000..e97719db4c --- /dev/null +++ b/tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol @@ -0,0 +1,17 @@ +contract Test { + event Val(uint, uint); + function f(uint a, uint b) public { + emit Val(a, b); + } +} +contract D { + function bad() public { + Test t = new Test(); + address(t).call(abi.encodeWithSelector(Test.f.selector,"test")); + } + function good() public { + Test t = new Test(); + address(t).call(abi.encodeWithSelector(Test.f.selector, 1, 2)); + } +} + diff --git a/tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol.0.8.0.WrongEncodeWithSelector.json b/tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol.0.8.0.WrongEncodeWithSelector.json new file mode 100644 index 0000000000..8054fb62d1 --- /dev/null +++ b/tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol.0.8.0.WrongEncodeWithSelector.json @@ -0,0 +1,137 @@ +[ + [ + { + "elements": [ + { + "type": "function", + "name": "bad", + "source_mapping": { + "start": 135, + "length": 131, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10, + 11 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "D", + "source_mapping": { + "start": 118, + "length": 286, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad()" + } + }, + { + "type": "node", + "name": "address(t).call(abi.encodeWithSelector(Test.f.selector,test))", + "source_mapping": { + "start": 196, + "length": 63, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 10 + ], + "starting_column": 9, + "ending_column": 72 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad", + "source_mapping": { + "start": 135, + "length": 131, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10, + 11 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "D", + "source_mapping": { + "start": 118, + "length": 286, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad()" + } + } + } + } + ], + "description": "D.bad() (tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol#8-11) calls abi.encodeWithSelector() with wrong arguments ataddress(t).call(abi.encodeWithSelector(Test.f.selector,test)) (tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol#10)", + "markdown": "[D.bad()](tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol#L8-L11) calls abi.encodeWithSelector() with wrong arguments at[address(t).call(abi.encodeWithSelector(Test.f.selector,test))](tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol#L10)", + "first_markdown_element": "tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol#L8-L11", + "id": "9230578efcdc63464cf775b07aaf1d04e77ea58363f4809b7f6ffb1dcd46e34f", + "check": "wrongencodeselector", + "impact": "Medium", + "confidence": "High" + } + ] +] \ No newline at end of file diff --git a/tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol.0.8.15.WrongEncodeWithSelector.json b/tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol.0.8.15.WrongEncodeWithSelector.json new file mode 100644 index 0000000000..09e474c7cd --- /dev/null +++ b/tests/detectors/wrongencodeselector/0.8.0/wrongencodeselector.sol.0.8.15.WrongEncodeWithSelector.json @@ -0,0 +1,137 @@ +[ + [ + { + "elements": [ + { + "type": "function", + "name": "bad", + "source_mapping": { + "start": 135, + "length": 131, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10, + 11 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "D", + "source_mapping": { + "start": 118, + "length": 286, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad()" + } + }, + { + "type": "node", + "name": "address(t).call(abi.encodeWithSelector(Test.f.selector,test))", + "source_mapping": { + "start": 196, + "length": 63, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 10 + ], + "starting_column": 9, + "ending_column": 72 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad", + "source_mapping": { + "start": 135, + "length": 131, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10, + 11 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "D", + "source_mapping": { + "start": 118, + "length": 286, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad()" + } + } + } + } + ], + "description": "D.bad() (tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol#8-11) calls abi.encodeWithSelector() with wrong arguments ataddress(t).call(abi.encodeWithSelector(Test.f.selector,test)) (tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol#10)", + "markdown": "[D.bad()](tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol#L8-L11) calls abi.encodeWithSelector() with wrong arguments at[address(t).call(abi.encodeWithSelector(Test.f.selector,test))](tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol#L10)", + "first_markdown_element": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol#L8-L11", + "id": "b47ae579712e33679731aa3f91fdf7221e6a3cfe1b16bfdf1da9d791c6c65ee8", + "check": "wrongencodeselector", + "impact": "Medium", + "confidence": "High" + } + ] +] \ No newline at end of file diff --git a/tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol b/tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol new file mode 100644 index 0000000000..e97719db4c --- /dev/null +++ b/tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol @@ -0,0 +1,17 @@ +contract Test { + event Val(uint, uint); + function f(uint a, uint b) public { + emit Val(a, b); + } +} +contract D { + function bad() public { + Test t = new Test(); + address(t).call(abi.encodeWithSelector(Test.f.selector,"test")); + } + function good() public { + Test t = new Test(); + address(t).call(abi.encodeWithSelector(Test.f.selector, 1, 2)); + } +} + diff --git a/tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol.0.8.15.WrongEncodeWithSelector.json b/tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol.0.8.15.WrongEncodeWithSelector.json new file mode 100644 index 0000000000..09e474c7cd --- /dev/null +++ b/tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol.0.8.15.WrongEncodeWithSelector.json @@ -0,0 +1,137 @@ +[ + [ + { + "elements": [ + { + "type": "function", + "name": "bad", + "source_mapping": { + "start": 135, + "length": 131, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10, + 11 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "D", + "source_mapping": { + "start": 118, + "length": 286, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad()" + } + }, + { + "type": "node", + "name": "address(t).call(abi.encodeWithSelector(Test.f.selector,test))", + "source_mapping": { + "start": 196, + "length": 63, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 10 + ], + "starting_column": 9, + "ending_column": 72 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad", + "source_mapping": { + "start": 135, + "length": 131, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10, + 11 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "D", + "source_mapping": { + "start": 118, + "length": 286, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol", + "is_dependency": false, + "lines": [ + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad()" + } + } + } + } + ], + "description": "D.bad() (tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol#8-11) calls abi.encodeWithSelector() with wrong arguments ataddress(t).call(abi.encodeWithSelector(Test.f.selector,test)) (tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol#10)", + "markdown": "[D.bad()](tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol#L8-L11) calls abi.encodeWithSelector() with wrong arguments at[address(t).call(abi.encodeWithSelector(Test.f.selector,test))](tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol#L10)", + "first_markdown_element": "tests/detectors/wrongencodeselector/0.8.15/wrongencodeselector.sol#L8-L11", + "id": "b47ae579712e33679731aa3f91fdf7221e6a3cfe1b16bfdf1da9d791c6c65ee8", + "check": "wrongencodeselector", + "impact": "Medium", + "confidence": "High" + } + ] +] \ No newline at end of file diff --git a/tests/test_detectors.py b/tests/test_detectors.py index c01594f5f5..038018a671 100644 --- a/tests/test_detectors.py +++ b/tests/test_detectors.py @@ -1327,6 +1327,15 @@ def id_test(test_item: Test): "arbitrary_send_erc20_permit.sol", "0.8.0", ), + Test(all_detectors.WrongEncodeWithSelector, + "wrongencodeselector.sol", + "0.8.15" + ), + Test(all_detectors.WrongEncodeWithSelector, + "wrongencodeselector.sol", + "0.8.0" + ) + ]