diff --git a/slither/detectors/all_detectors.py b/slither/detectors/all_detectors.py index 2c8d244281..1169917a67 100644 --- a/slither/detectors/all_detectors.py +++ b/slither/detectors/all_detectors.py @@ -3,6 +3,7 @@ from .variables.uninitialized_state_variables import UninitializedStateVarsDetection from .variables.uninitialized_storage_variables import UninitializedStorageVars from .variables.uninitialized_local_variables import UninitializedLocalVars +from .variables.var_read_using_this import VarReadUsingThis from .attributes.constant_pragma import ConstantPragma from .attributes.incorrect_solc import IncorrectSolc from .attributes.locked_ether import LockedEther diff --git a/slither/detectors/variables/var_read_using_this.py b/slither/detectors/variables/var_read_using_this.py new file mode 100644 index 0000000000..8f62f91111 --- /dev/null +++ b/slither/detectors/variables/var_read_using_this.py @@ -0,0 +1,54 @@ +from typing import List +from slither.core.declarations import Function, SolidityVariable +from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification +from slither.slithir.operations.high_level_call import HighLevelCall + + +class VarReadUsingThis(AbstractDetector): + ARGUMENT = "var-read-using-this" + HELP = "Contract reads its own variable using `this`" + IMPACT = DetectorClassification.OPTIMIZATION + CONFIDENCE = DetectorClassification.MEDIUM + + WIKI = "https://github.com/trailofbits/slither-private/wiki/Vulnerabilities-Description#var-read-using-this" + + WIKI_TITLE = "Variable read using this" + WIKI_DESCRIPTION = "Contract reads its own variable using `this`, adding overhead of an unnecessary STATICCALL." + WIKI_EXPLOIT_SCENARIO = """ +```solidity +contract C { + mapping(uint => address) public myMap; + function test(uint x) external returns(address) { + return this.myMap(x); + } +} +``` +""" + + WIKI_RECOMMENDATION = "Read the variable directly from storage instead of calling the contract." + + def _detect(self): + results = [] + for c in self.contracts: + for func in c.functions: + for node in self._detect_var_read_using_this(func): + info = [ + "The function ", + func, + " reads ", + node, + " with `this` which adds an extra STATICALL.\n", + ] + json = self.generate_result(info) + results.append(json) + + return results + + def _detect_var_read_using_this(self, func: Function) -> List: + results = [] + for node in func.nodes: + for ir in node.irs: + if isinstance(ir, HighLevelCall): + if ir.destination == SolidityVariable("this") and ir.is_static_call(): + results.append(node) + return results diff --git a/tests/detectors/var-read-using-this/0.4.25/var_read_using_this.sol b/tests/detectors/var-read-using-this/0.4.25/var_read_using_this.sol new file mode 100644 index 0000000000..dc0d152be1 --- /dev/null +++ b/tests/detectors/var-read-using-this/0.4.25/var_read_using_this.sol @@ -0,0 +1,33 @@ + +contract VarReadUsingThis { + address public erc20; + mapping(uint => address) public myMap; + function bad1(uint x) external returns(address) { + return this.myMap(x); + } + function bad2() external returns(address) { + return this.erc20(); + } + function bad3() external returns(address) { + if (this.erc20() == address(0)) revert(); + } + function bad4() internal returns(address) { + for (uint x; x < 10; x++) { + address local = this.erc20(); + } + } + function good1(uint x) external returns(address) { + return myMap[x]; + } + function good2() external returns(address) { + return erc20; + } + function good3() external returns(address) { + if (erc20 == address(0)) revert(); + } + function good4() internal returns(address) { + for (uint x; x < 10; x++) { + address local = erc20; + } + } +} diff --git a/tests/detectors/var-read-using-this/0.4.25/var_read_using_this.sol.0.4.25.VarReadUsingThis.json b/tests/detectors/var-read-using-this/0.4.25/var_read_using_this.sol.0.4.25.VarReadUsingThis.json new file mode 100644 index 0000000000..5825bcacc6 --- /dev/null +++ b/tests/detectors/var-read-using-this/0.4.25/var_read_using_this.sol.0.4.25.VarReadUsingThis.json @@ -0,0 +1,3 @@ +[ + [] +] \ No newline at end of file diff --git a/tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol b/tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol new file mode 100644 index 0000000000..dc0d152be1 --- /dev/null +++ b/tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol @@ -0,0 +1,33 @@ + +contract VarReadUsingThis { + address public erc20; + mapping(uint => address) public myMap; + function bad1(uint x) external returns(address) { + return this.myMap(x); + } + function bad2() external returns(address) { + return this.erc20(); + } + function bad3() external returns(address) { + if (this.erc20() == address(0)) revert(); + } + function bad4() internal returns(address) { + for (uint x; x < 10; x++) { + address local = this.erc20(); + } + } + function good1(uint x) external returns(address) { + return myMap[x]; + } + function good2() external returns(address) { + return erc20; + } + function good3() external returns(address) { + if (erc20 == address(0)) revert(); + } + function good4() internal returns(address) { + for (uint x; x < 10; x++) { + address local = erc20; + } + } +} diff --git a/tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol.0.5.16.VarReadUsingThis.json b/tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol.0.5.16.VarReadUsingThis.json new file mode 100644 index 0000000000..556194437b --- /dev/null +++ b/tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol.0.5.16.VarReadUsingThis.json @@ -0,0 +1,708 @@ +[ + [ + { + "elements": [ + { + "type": "function", + "name": "bad2", + "source_mapping": { + "start": 192, + "length": 78, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad2()" + } + }, + { + "type": "node", + "name": "this.erc20()", + "source_mapping": { + "start": 244, + "length": 19, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 9 + ], + "starting_column": 9, + "ending_column": 28 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad2", + "source_mapping": { + "start": 192, + "length": 78, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad2()" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad2() (tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#8-10) reads this.erc20() (tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#9) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad2()](tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#L8-L10) reads [this.erc20()](tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#L9) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#L8-L10", + "id": "0178009997f4d2c4d9a3a9e966bc7c3277ba1ce8c8c412b04fbe2cab3eab1b64", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + }, + { + "elements": [ + { + "type": "function", + "name": "bad1", + "source_mapping": { + "start": 102, + "length": 85, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 5, + 6, + 7 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad1(uint256)" + } + }, + { + "type": "node", + "name": "this.myMap(x)", + "source_mapping": { + "start": 160, + "length": 20, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 6 + ], + "starting_column": 9, + "ending_column": 29 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad1", + "source_mapping": { + "start": 102, + "length": 85, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 5, + 6, + 7 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad1(uint256)" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad1(uint256) (tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#5-7) reads this.myMap(x) (tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#6) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad1(uint256)](tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#L5-L7) reads [this.myMap(x)](tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#L6) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#L5-L7", + "id": "1aeda0f171a714323d2cc886a4569374dcecf4a31bfd07dd341985cb91c1cda4", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + }, + { + "elements": [ + { + "type": "function", + "name": "bad4", + "source_mapping": { + "start": 379, + "length": 138, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 14, + 15, + 16, + 17, + 18 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad4()" + } + }, + { + "type": "node", + "name": "local = this.erc20()", + "source_mapping": { + "start": 471, + "length": 28, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 16 + ], + "starting_column": 13, + "ending_column": 41 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad4", + "source_mapping": { + "start": 379, + "length": 138, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 14, + 15, + 16, + 17, + 18 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad4()" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad4() (tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#14-18) reads local = this.erc20() (tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#16) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad4()](tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#L14-L18) reads [local = this.erc20()](tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#L16) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#L14-L18", + "id": "512bc7a6d6d4fc95951dd03634d193a2e29b0162882a8b4be6e27ff899e21b2d", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + }, + { + "elements": [ + { + "type": "function", + "name": "bad3", + "source_mapping": { + "start": 275, + "length": 99, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 11, + 12, + 13 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad3()" + } + }, + { + "type": "node", + "name": "this.erc20() == address(0)", + "source_mapping": { + "start": 331, + "length": 26, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 12 + ], + "starting_column": 13, + "ending_column": 39 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad3", + "source_mapping": { + "start": 275, + "length": 99, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 11, + 12, + 13 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad3()" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad3() (tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#11-13) reads this.erc20() == address(0) (tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#12) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad3()](tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#L11-L13) reads [this.erc20() == address(0)](tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#L12) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.5.16/var_read_using_this.sol#L11-L13", + "id": "e230fb1483c53ad953389bae20f599c95bbb5feb0040a4b9c33da5ec96682eff", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + } + ] +] \ No newline at end of file diff --git a/tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol b/tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol new file mode 100644 index 0000000000..dc0d152be1 --- /dev/null +++ b/tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol @@ -0,0 +1,33 @@ + +contract VarReadUsingThis { + address public erc20; + mapping(uint => address) public myMap; + function bad1(uint x) external returns(address) { + return this.myMap(x); + } + function bad2() external returns(address) { + return this.erc20(); + } + function bad3() external returns(address) { + if (this.erc20() == address(0)) revert(); + } + function bad4() internal returns(address) { + for (uint x; x < 10; x++) { + address local = this.erc20(); + } + } + function good1(uint x) external returns(address) { + return myMap[x]; + } + function good2() external returns(address) { + return erc20; + } + function good3() external returns(address) { + if (erc20 == address(0)) revert(); + } + function good4() internal returns(address) { + for (uint x; x < 10; x++) { + address local = erc20; + } + } +} diff --git a/tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol.0.6.11.VarReadUsingThis.json b/tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol.0.6.11.VarReadUsingThis.json new file mode 100644 index 0000000000..8a153fbf83 --- /dev/null +++ b/tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol.0.6.11.VarReadUsingThis.json @@ -0,0 +1,708 @@ +[ + [ + { + "elements": [ + { + "type": "function", + "name": "bad3", + "source_mapping": { + "start": 275, + "length": 99, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 11, + 12, + 13 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad3()" + } + }, + { + "type": "node", + "name": "this.erc20() == address(0)", + "source_mapping": { + "start": 331, + "length": 26, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 12 + ], + "starting_column": 13, + "ending_column": 39 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad3", + "source_mapping": { + "start": 275, + "length": 99, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 11, + 12, + 13 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad3()" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad3() (tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#11-13) reads this.erc20() == address(0) (tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#12) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad3()](tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#L11-L13) reads [this.erc20() == address(0)](tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#L12) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#L11-L13", + "id": "0207d6c951b693638b81afe89cdee392fd61a671e0a92e1f8c8b4e5824b1d25b", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + }, + { + "elements": [ + { + "type": "function", + "name": "bad2", + "source_mapping": { + "start": 192, + "length": 78, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad2()" + } + }, + { + "type": "node", + "name": "this.erc20()", + "source_mapping": { + "start": 244, + "length": 19, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 9 + ], + "starting_column": 9, + "ending_column": 28 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad2", + "source_mapping": { + "start": 192, + "length": 78, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad2()" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad2() (tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#8-10) reads this.erc20() (tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#9) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad2()](tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#L8-L10) reads [this.erc20()](tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#L9) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#L8-L10", + "id": "58da220580586bad1af775ff0da07248cea80f98a30f3173c494ce5517d4b041", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + }, + { + "elements": [ + { + "type": "function", + "name": "bad4", + "source_mapping": { + "start": 379, + "length": 138, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 14, + 15, + 16, + 17, + 18 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad4()" + } + }, + { + "type": "node", + "name": "local = this.erc20()", + "source_mapping": { + "start": 471, + "length": 28, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 16 + ], + "starting_column": 13, + "ending_column": 41 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad4", + "source_mapping": { + "start": 379, + "length": 138, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 14, + 15, + 16, + 17, + 18 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad4()" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad4() (tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#14-18) reads local = this.erc20() (tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#16) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad4()](tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#L14-L18) reads [local = this.erc20()](tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#L16) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#L14-L18", + "id": "6d5eeb058ec44a05d486b3ee7c2911a7f5306b3d0b619a52ae08efe195c8614c", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + }, + { + "elements": [ + { + "type": "function", + "name": "bad1", + "source_mapping": { + "start": 102, + "length": 85, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 5, + 6, + 7 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad1(uint256)" + } + }, + { + "type": "node", + "name": "this.myMap(x)", + "source_mapping": { + "start": 160, + "length": 20, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 6 + ], + "starting_column": 9, + "ending_column": 29 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad1", + "source_mapping": { + "start": 102, + "length": 85, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 5, + 6, + 7 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad1(uint256)" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad1(uint256) (tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#5-7) reads this.myMap(x) (tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#6) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad1(uint256)](tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#L5-L7) reads [this.myMap(x)](tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#L6) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.6.11/var_read_using_this.sol#L5-L7", + "id": "b8b557dc26e17f526df0fd98af8c5d06013dd18b163e05a281ea1519e15ca24e", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + } + ] +] \ No newline at end of file diff --git a/tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol b/tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol new file mode 100644 index 0000000000..dc0d152be1 --- /dev/null +++ b/tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol @@ -0,0 +1,33 @@ + +contract VarReadUsingThis { + address public erc20; + mapping(uint => address) public myMap; + function bad1(uint x) external returns(address) { + return this.myMap(x); + } + function bad2() external returns(address) { + return this.erc20(); + } + function bad3() external returns(address) { + if (this.erc20() == address(0)) revert(); + } + function bad4() internal returns(address) { + for (uint x; x < 10; x++) { + address local = this.erc20(); + } + } + function good1(uint x) external returns(address) { + return myMap[x]; + } + function good2() external returns(address) { + return erc20; + } + function good3() external returns(address) { + if (erc20 == address(0)) revert(); + } + function good4() internal returns(address) { + for (uint x; x < 10; x++) { + address local = erc20; + } + } +} diff --git a/tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol.0.7.6.VarReadUsingThis.json b/tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol.0.7.6.VarReadUsingThis.json new file mode 100644 index 0000000000..42b3864bbe --- /dev/null +++ b/tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol.0.7.6.VarReadUsingThis.json @@ -0,0 +1,708 @@ +[ + [ + { + "elements": [ + { + "type": "function", + "name": "bad3", + "source_mapping": { + "start": 275, + "length": 99, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 11, + 12, + 13 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad3()" + } + }, + { + "type": "node", + "name": "this.erc20() == address(0)", + "source_mapping": { + "start": 331, + "length": 26, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 12 + ], + "starting_column": 13, + "ending_column": 39 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad3", + "source_mapping": { + "start": 275, + "length": 99, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 11, + 12, + 13 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad3()" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad3() (tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#11-13) reads this.erc20() == address(0) (tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#12) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad3()](tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#L11-L13) reads [this.erc20() == address(0)](tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#L12) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#L11-L13", + "id": "44eec3d0ad87871981571b3d571f13579272bdabcfebe6bd25ac2880d2bf3c33", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + }, + { + "elements": [ + { + "type": "function", + "name": "bad4", + "source_mapping": { + "start": 379, + "length": 138, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 14, + 15, + 16, + 17, + 18 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad4()" + } + }, + { + "type": "node", + "name": "local = this.erc20()", + "source_mapping": { + "start": 471, + "length": 28, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 16 + ], + "starting_column": 13, + "ending_column": 41 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad4", + "source_mapping": { + "start": 379, + "length": 138, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 14, + 15, + 16, + 17, + 18 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad4()" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad4() (tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#14-18) reads local = this.erc20() (tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#16) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad4()](tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#L14-L18) reads [local = this.erc20()](tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#L16) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#L14-L18", + "id": "519caa8ce5e7990c223fd65d827817bb93fe3020efcf9133f204f7a80f6a4e7f", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + }, + { + "elements": [ + { + "type": "function", + "name": "bad1", + "source_mapping": { + "start": 102, + "length": 85, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 5, + 6, + 7 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad1(uint256)" + } + }, + { + "type": "node", + "name": "this.myMap(x)", + "source_mapping": { + "start": 160, + "length": 20, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 6 + ], + "starting_column": 9, + "ending_column": 29 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad1", + "source_mapping": { + "start": 102, + "length": 85, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 5, + 6, + 7 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad1(uint256)" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad1(uint256) (tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#5-7) reads this.myMap(x) (tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#6) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad1(uint256)](tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#L5-L7) reads [this.myMap(x)](tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#L6) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#L5-L7", + "id": "7f28036af3c8cd6bc29a5a25378629d8f703b655a55f3a5cf36e8b96a11c792a", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + }, + { + "elements": [ + { + "type": "function", + "name": "bad2", + "source_mapping": { + "start": 192, + "length": 78, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad2()" + } + }, + { + "type": "node", + "name": "this.erc20()", + "source_mapping": { + "start": 244, + "length": 19, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 9 + ], + "starting_column": 9, + "ending_column": 28 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad2", + "source_mapping": { + "start": 192, + "length": 78, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad2()" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad2() (tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#8-10) reads this.erc20() (tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#9) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad2()](tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#L8-L10) reads [this.erc20()](tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#L9) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.7.6/var_read_using_this.sol#L8-L10", + "id": "a19dc63eefbe43a4a7642c957b7b96fad0c42563e18d0b03fb1592c1ad5bad04", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + } + ] +] \ No newline at end of file diff --git a/tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol b/tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol new file mode 100644 index 0000000000..dc0d152be1 --- /dev/null +++ b/tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol @@ -0,0 +1,33 @@ + +contract VarReadUsingThis { + address public erc20; + mapping(uint => address) public myMap; + function bad1(uint x) external returns(address) { + return this.myMap(x); + } + function bad2() external returns(address) { + return this.erc20(); + } + function bad3() external returns(address) { + if (this.erc20() == address(0)) revert(); + } + function bad4() internal returns(address) { + for (uint x; x < 10; x++) { + address local = this.erc20(); + } + } + function good1(uint x) external returns(address) { + return myMap[x]; + } + function good2() external returns(address) { + return erc20; + } + function good3() external returns(address) { + if (erc20 == address(0)) revert(); + } + function good4() internal returns(address) { + for (uint x; x < 10; x++) { + address local = erc20; + } + } +} diff --git a/tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol.0.8.15.VarReadUsingThis.json b/tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol.0.8.15.VarReadUsingThis.json new file mode 100644 index 0000000000..f29ea3ff3e --- /dev/null +++ b/tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol.0.8.15.VarReadUsingThis.json @@ -0,0 +1,708 @@ +[ + [ + { + "elements": [ + { + "type": "function", + "name": "bad4", + "source_mapping": { + "start": 379, + "length": 138, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 14, + 15, + 16, + 17, + 18 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad4()" + } + }, + { + "type": "node", + "name": "local = this.erc20()", + "source_mapping": { + "start": 471, + "length": 28, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 16 + ], + "starting_column": 13, + "ending_column": 41 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad4", + "source_mapping": { + "start": 379, + "length": 138, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 14, + 15, + 16, + 17, + 18 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad4()" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad4() (tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#14-18) reads local = this.erc20() (tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#16) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad4()](tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#L14-L18) reads [local = this.erc20()](tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#L16) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#L14-L18", + "id": "1224862cf823193c24ce4a02579e7b9cf0eaded7167e8c9f9ed2861d9a9910cc", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + }, + { + "elements": [ + { + "type": "function", + "name": "bad3", + "source_mapping": { + "start": 275, + "length": 99, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 11, + 12, + 13 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad3()" + } + }, + { + "type": "node", + "name": "this.erc20() == address(0)", + "source_mapping": { + "start": 331, + "length": 26, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 12 + ], + "starting_column": 13, + "ending_column": 39 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad3", + "source_mapping": { + "start": 275, + "length": 99, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 11, + 12, + 13 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad3()" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad3() (tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#11-13) reads this.erc20() == address(0) (tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#12) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad3()](tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#L11-L13) reads [this.erc20() == address(0)](tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#L12) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#L11-L13", + "id": "29d9293adc1046d877a098beb2f9b7757658226e50c6d28228df65dfeeba7fd8", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + }, + { + "elements": [ + { + "type": "function", + "name": "bad2", + "source_mapping": { + "start": 192, + "length": 78, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad2()" + } + }, + { + "type": "node", + "name": "this.erc20()", + "source_mapping": { + "start": 244, + "length": 19, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 9 + ], + "starting_column": 9, + "ending_column": 28 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad2", + "source_mapping": { + "start": 192, + "length": 78, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 8, + 9, + 10 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad2()" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad2() (tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#8-10) reads this.erc20() (tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#9) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad2()](tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#L8-L10) reads [this.erc20()](tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#L9) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#L8-L10", + "id": "38e0c82eed10e2c79f5d232284f6e0d0b12966f71eaee7a5139a82e927d38005", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + }, + { + "elements": [ + { + "type": "function", + "name": "bad1", + "source_mapping": { + "start": 102, + "length": 85, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 5, + 6, + 7 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad1(uint256)" + } + }, + { + "type": "node", + "name": "this.myMap(x)", + "source_mapping": { + "start": 160, + "length": 20, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 6 + ], + "starting_column": 9, + "ending_column": 29 + }, + "type_specific_fields": { + "parent": { + "type": "function", + "name": "bad1", + "source_mapping": { + "start": 102, + "length": 85, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 5, + 6, + 7 + ], + "starting_column": 5, + "ending_column": 6 + }, + "type_specific_fields": { + "parent": { + "type": "contract", + "name": "VarReadUsingThis", + "source_mapping": { + "start": 1, + "length": 916, + "filename_used": "/GENERIC_PATH", + "filename_relative": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "filename_absolute": "/GENERIC_PATH", + "filename_short": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol", + "is_dependency": false, + "lines": [ + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23, + 24, + 25, + 26, + 27, + 28, + 29, + 30, + 31, + 32, + 33 + ], + "starting_column": 1, + "ending_column": 2 + } + }, + "signature": "bad1(uint256)" + } + } + } + } + ], + "description": "The function VarReadUsingThis.bad1(uint256) (tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#5-7) reads this.myMap(x) (tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#6) with `this` which adds an extra STATICALL.\n", + "markdown": "The function [VarReadUsingThis.bad1(uint256)](tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#L5-L7) reads [this.myMap(x)](tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#L6) with `this` which adds an extra STATICALL.\n", + "first_markdown_element": "tests/detectors/var-read-using-this/0.8.15/var_read_using_this.sol#L5-L7", + "id": "aa84305fa524be189a9e050c79cea81a7bc258614c7563e22738e17a3559615a", + "check": "var-read-using-this", + "impact": "Optimization", + "confidence": "Medium" + } + ] +] \ No newline at end of file diff --git a/tests/test_detectors.py b/tests/test_detectors.py index 7a27e2d4b6..46f763ea74 100644 --- a/tests/test_detectors.py +++ b/tests/test_detectors.py @@ -1553,6 +1553,27 @@ def id_test(test_item: Test): "permit_domain_state_var_collision.sol", "0.8.0", ), + Test( + all_detectors.VarReadUsingThis, + "var_read_using_this.sol", + "0.4.25", + ), + Test( + all_detectors.VarReadUsingThis, + "var_read_using_this.sol", + "0.5.16", + ), + Test(all_detectors.VarReadUsingThis, "var_read_using_this.sol", "0.6.11"), + Test( + all_detectors.VarReadUsingThis, + "var_read_using_this.sol", + "0.7.6", + ), + Test( + all_detectors.VarReadUsingThis, + "var_read_using_this.sol", + "0.8.15", + ), ]