Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sync master <> dev #2506

Merged
merged 38 commits into from
Aug 23, 2024
Merged
Show file tree
Hide file tree
Changes from 20 commits
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
c3a5fb2
Add tests to slither-mutate and fix some Python 3.8 compatibility iss…
DarkaMaul Jun 12, 2024
7b983e3
Fix typo (thanks Gustavo)
DarkaMaul Jun 12, 2024
f1df3ea
Run tests only if forge is available.
DarkaMaul Jun 12, 2024
94fc82c
Run tools tests in CI.
DarkaMaul Jun 12, 2024
43301c7
Remove last wrongly typed annotation
DarkaMaul Jun 12, 2024
5c0eccf
Fix test in CI.
DarkaMaul Jun 12, 2024
48fc49a
Fix for dynamic array operations
smonicas Jun 14, 2024
eb20765
Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0
dependabot[bot] Jun 17, 2024
6495148
Bump docker/build-push-action from 5 to 6
dependabot[bot] Jun 17, 2024
469286f
Don't report if destination is immutable state var
smonicas Jun 21, 2024
ee76875
update WIKI_DESCRIPTION
ThomasHeim11 Jun 22, 2024
f3fbcdc
Merge pull request #2488 from crytic/dev-arb-send-eth-immutable
0xalpharush Jun 24, 2024
84b15a6
Merge pull request #2493 from crytic/master
0xalpharush Jun 24, 2024
a39dcbb
Merge pull request #2492 from ThomasHeim11/update-WIKI_DESCRIPTION
0xalpharush Jun 24, 2024
072a64b
Dockerfile: fix `ckzg` build
elopez Jun 24, 2024
84e8633
Merge pull request #2494 from crytic/dev-docker-ckzg
0xalpharush Jun 25, 2024
95e153d
Added length check on bugs_by_version for specific version_number
MukulKolpe Jun 27, 2024
8499b5d
Merge pull request #2499 from MukulKolpe/bugsByVersionLC
0xalpharush Jul 2, 2024
8879244
Merge pull request #2486 from crytic/dependabot/github_actions/dev/do…
0xalpharush Jul 2, 2024
e42079b
Merge pull request #2485 from crytic/dependabot/github_actions/dev/py…
0xalpharush Jul 2, 2024
7c7b71f
Merge pull request #2482 from crytic/features/test-mutator
0xalpharush Jul 2, 2024
49164a2
Merge branch 'dev' into dev-fix-aor-array
0xalpharush Jul 2, 2024
a22ae18
Bump sigstore/gh-action-sigstore-python from 2.1.1 to 3.0.0
dependabot[bot] Jul 15, 2024
4881519
feat: make tables fit within terminal by default (#2426)
DarkaMaul Jul 18, 2024
16cfaa7
Merge pull request #2484 from crytic/dev-fix-aor-array
0xalpharush Jul 18, 2024
4701885
Revert "Reduce verbosity for InvalidCompilation errors"
0xalpharush Aug 12, 2024
81fa6ac
Merge pull request #2508 from crytic/dependabot/github_actions/dev/si…
0xalpharush Aug 12, 2024
1dca348
require web3 with <5 eth_typing deps
0xalpharush Aug 21, 2024
610c301
Merge branch 'dev' into fix-web3
0xalpharush Aug 21, 2024
00c908c
Merge pull request #2537 from crytic/fix-web3
0xalpharush Aug 23, 2024
a2a2ee9
Merge branch 'dev' into revert-2417-invalid-compilations-errors
0xalpharush Aug 23, 2024
63fa86b
add upper bound
0xalpharush Aug 23, 2024
aff055a
Merge pull request #2541 from crytic/fix-deps
0xalpharush Aug 23, 2024
0d0112b
Merge branch 'dev' into revert-2417-invalid-compilations-errors
0xalpharush Aug 23, 2024
588ef3d
Merge pull request #2529 from crytic/revert-2417-invalid-compilations…
0xalpharush Aug 23, 2024
d29f41d
disable unused import (#2540)
0xalpharush Aug 23, 2024
e4657f5
tool: add detector for multiple new reinitializers (#2536)
QiuhaoLi Aug 23, 2024
809d1b5
Bump pypa/gh-action-pip-audit from 1.0.8 to 1.1.0 (#2531)
dependabot[bot] Aug 23, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/scripts/tool_test_runner.sh
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@

# used to pass --cov=$path and --cov-append to pytest
if [ "$1" != "" ]; then
pytest "$1" tests/tools/read-storage/test_read_storage.py
pytest "$1" tests/tools
status_code=$?
python -m coverage report
else
pytest tests/tools/read-storage/test_read_storage.py
pytest tests/tools
status_code=$?
fi

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}

- name: Docker Build and Push
uses: docker/build-push-action@v5
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8,linux/arm/v7
target: final
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ jobs:
path: dist/

- name: publish
uses: pypa/gh-action-pypi-publish@v1.8.14
uses: pypa/gh-action-pypi-publish@v1.9.0

- name: sign
uses: sigstore/[email protected]
Expand Down
1 change: 1 addition & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ FROM ubuntu:jammy AS python-wheels
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
gcc \
git \
make \
python3-dev \
python3-pip \
&& rm -rf /var/lib/apt/lists/*
Expand Down
2 changes: 1 addition & 1 deletion slither/detectors/attributes/incorrect_solc.py
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ def _check_version(self, version: Tuple[str, str, str, str, str]) -> Optional[st
if op and op not in [">", ">=", "^"]:
return self.LESS_THAN_TXT
version_number = ".".join(version[2:])
if version_number in bugs_by_version:
if version_number in bugs_by_version and len(bugs_by_version[version_number]):
bugs = "\n".join([f"\t- {bug}" for bug in bugs_by_version[version_number]])
return self.BUGGY_VERSION_TXT + f"\n{bugs}"
return None
Expand Down
3 changes: 3 additions & 0 deletions slither/detectors/functions/arbitrary_send_eth.py
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@
SolidityCall,
Transfer,
)
from slither.core.variables.state_variable import StateVariable

# pylint: disable=too-many-nested-blocks,too-many-branches
from slither.utils.output import Output
Expand Down Expand Up @@ -67,6 +68,8 @@ def arbitrary_send(func: Function) -> Union[bool, List[Node]]:
continue
if ir.call_value == SolidityVariableComposed("msg.value"):
continue
if isinstance(ir.destination, StateVariable) and ir.destination.is_immutable:
continue
if is_dependent(
ir.call_value,
SolidityVariableComposed("msg.value"),
Expand Down
2 changes: 1 addition & 1 deletion slither/detectors/functions/dead_code.py
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ class DeadCode(AbstractDetector):
WIKI = "https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code"

WIKI_TITLE = "Dead-code"
WIKI_DESCRIPTION = "Functions that are not sued."
WIKI_DESCRIPTION = "Functions that are not used."

# region wiki_exploit_scenario
WIKI_EXPLOIT_SCENARIO = """
Expand Down
4 changes: 2 additions & 2 deletions slither/tools/mutator/__main__.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
import sys
import time
from pathlib import Path
from typing import Type, List, Any, Optional
from typing import Type, List, Any, Optional, Union
from crytic_compile import cryticparser
from slither import Slither
from slither.tools.mutator.utils.testing_generated_mutant import run_test_cmd
Expand Down Expand Up @@ -116,7 +116,7 @@ def parse_args() -> argparse.Namespace:
return parser.parse_args()


def _get_mutators(mutators_list: List[str] | None) -> List[Type[AbstractMutator]]:
def _get_mutators(mutators_list: Union[List[str], None]) -> List[Type[AbstractMutator]]:
detectors_ = [getattr(all_mutators, name) for name in dir(all_mutators)]
if mutators_list is not None:
detectors = [
Expand Down
4 changes: 2 additions & 2 deletions slither/tools/mutator/mutators/LIR.py
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ def _mutate(self) -> Dict: # pylint: disable=too-many-branches
literal_replacements.append(variable.type.max) # append data type max value
if str(variable.type).startswith("uint"):
literal_replacements.append("1")
elif str(variable.type).startswith("uint"):
elif str(variable.type).startswith("int"):
literal_replacements.append("-1")
# Get the string
start = variable.source_mapping.start
Expand Down Expand Up @@ -63,7 +63,7 @@ def _mutate(self) -> Dict: # pylint: disable=too-many-branches
literal_replacements.append(variable.type.max)
if str(variable.type).startswith("uint"):
literal_replacements.append("1")
elif str(variable.type).startswith("uint"):
elif str(variable.type).startswith("int"):
literal_replacements.append("-1")
start = variable.source_mapping.start
stop = start + variable.source_mapping.length
Expand Down
8 changes: 4 additions & 4 deletions slither/tools/mutator/mutators/abstract_mutator.py
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import abc
import logging
from pathlib import Path
from typing import Optional, Dict, Tuple, List
from typing import Optional, Dict, Tuple, List, Union
from slither.core.compilation_unit import SlitherCompilationUnit
from slither.formatters.utils.patches import apply_patch, create_diff
from slither.tools.mutator.utils.testing_generated_mutant import test_patch
Expand All @@ -27,7 +27,7 @@ def __init__( # pylint: disable=too-many-arguments
testing_command: str,
testing_directory: str,
contract_instance: Contract,
solc_remappings: str | None,
solc_remappings: Union[str, None],
verbose: bool,
very_verbose: bool,
output_folder: Path,
Expand Down Expand Up @@ -81,7 +81,7 @@ def mutate(self) -> Tuple[List[int], List[int], List[int]]:
(all_patches) = self._mutate()
if "patches" not in all_patches:
logger.debug("No patches found by %s", self.NAME)
return ([0, 0, 0], [0, 0, 0], self.dont_mutate_line)
return [0, 0, 0], [0, 0, 0], self.dont_mutate_line

for file in all_patches["patches"]: # Note: This should only loop over a single file
original_txt = self.slither.source_code[file].encode("utf8")
Expand Down Expand Up @@ -146,4 +146,4 @@ def mutate(self) -> Tuple[List[int], List[int], List[int]]:
f"Found {self.uncaught_mutant_counts[2]} uncaught tweak mutants so far (out of {self.total_mutant_counts[2]} that compile)"
)

return (self.total_mutant_counts, self.uncaught_mutant_counts, self.dont_mutate_line)
return self.total_mutant_counts, self.uncaught_mutant_counts, self.dont_mutate_line
2 changes: 1 addition & 1 deletion slither/tools/mutator/utils/file_handling.py
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,7 @@ def get_sol_file_list(codebase: Path, ignore_paths: Union[List[str], None]) -> L
# if input is folder
if codebase.is_dir():
for file_name in codebase.rglob("*.sol"):
if not any(part in ignore_paths for part in file_name.parts):
if file_name.is_file() and not any(part in ignore_paths for part in file_name.parts):
sol_file_list.append(file_name.as_posix())

return sol_file_list
7 changes: 6 additions & 1 deletion slither/tools/mutator/utils/testing_generated_mutant.py
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,12 @@ def compile_generated_mutant(file_path: str, mappings: str) -> bool:
return False


def run_test_cmd(cmd: str, timeout: int | None, target_file: str | None, verbose: bool) -> bool:
def run_test_cmd(
cmd: str,
timeout: Union[int, None] = None,
target_file: Union[str, None] = None,
verbose: bool = False,
) -> bool:
"""
function to run codebase tests
returns: boolean whether the tests passed or not
Expand Down
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
Test.indirect() (tests/e2e/detectors/test_data/arbitrary-send-eth/0.6.11/arbitrary_send_eth.sol#19-21) sends eth to arbitrary user
Test.direct() (tests/e2e/detectors/test_data/arbitrary-send-eth/0.6.11/arbitrary_send_eth.sol#16-18) sends eth to arbitrary user
Dangerous calls:
- destination.send(address(this).balance) (tests/e2e/detectors/test_data/arbitrary-send-eth/0.6.11/arbitrary_send_eth.sol#20)
- msg.sender.send(address(this).balance) (tests/e2e/detectors/test_data/arbitrary-send-eth/0.6.11/arbitrary_send_eth.sol#17)

Test.direct() (tests/e2e/detectors/test_data/arbitrary-send-eth/0.6.11/arbitrary_send_eth.sol#11-13) sends eth to arbitrary user
Test.indirect() (tests/e2e/detectors/test_data/arbitrary-send-eth/0.6.11/arbitrary_send_eth.sol#24-26) sends eth to arbitrary user
Dangerous calls:
- msg.sender.send(address(this).balance) (tests/e2e/detectors/test_data/arbitrary-send-eth/0.6.11/arbitrary_send_eth.sol#12)
- destination.send(address(this).balance) (tests/e2e/detectors/test_data/arbitrary-send-eth/0.6.11/arbitrary_send_eth.sol#25)

Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
Test.direct() (tests/e2e/detectors/test_data/arbitrary-send-eth/0.7.6/arbitrary_send_eth.sol#11-13) sends eth to arbitrary user
Test.direct() (tests/e2e/detectors/test_data/arbitrary-send-eth/0.7.6/arbitrary_send_eth.sol#16-18) sends eth to arbitrary user
Dangerous calls:
- msg.sender.send(address(this).balance) (tests/e2e/detectors/test_data/arbitrary-send-eth/0.7.6/arbitrary_send_eth.sol#12)
- msg.sender.send(address(this).balance) (tests/e2e/detectors/test_data/arbitrary-send-eth/0.7.6/arbitrary_send_eth.sol#17)

Test.indirect() (tests/e2e/detectors/test_data/arbitrary-send-eth/0.7.6/arbitrary_send_eth.sol#19-21) sends eth to arbitrary user
Test.indirect() (tests/e2e/detectors/test_data/arbitrary-send-eth/0.7.6/arbitrary_send_eth.sol#24-26) sends eth to arbitrary user
Dangerous calls:
- destination.send(address(this).balance) (tests/e2e/detectors/test_data/arbitrary-send-eth/0.7.6/arbitrary_send_eth.sol#20)
- destination.send(address(this).balance) (tests/e2e/detectors/test_data/arbitrary-send-eth/0.7.6/arbitrary_send_eth.sol#25)

Original file line number Diff line number Diff line change
@@ -1,13 +1,18 @@
contract Test{

address payable destination;

address payable immutable destination_imm;
mapping (address => uint) balances;

constructor() public{
destination_imm = payable(msg.sender);
balances[msg.sender] = 0;
}

function send_immutable() public{
destination_imm.send(address(this).balance);
}

function direct() public{
msg.sender.send(address(this).balance);
}
Expand Down
Binary file not shown.
Original file line number Diff line number Diff line change
@@ -1,13 +1,18 @@
contract Test{

address payable destination;

address payable immutable destination_imm;
mapping (address => uint) balances;

constructor() public{
destination_imm = payable(msg.sender);
balances[msg.sender] = 0;
}

function send_immutable() public{
destination_imm.send(address(this).balance);
}

function direct() public{
msg.sender.send(address(this).balance);
}
Expand Down
Binary file not shown.
Empty file.
7 changes: 7 additions & 0 deletions tests/tools/mutator/test_data/test_source_unit/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# Counter

Init using :

```shell
forge install --no-commit --no-git .
```
7 changes: 7 additions & 0 deletions tests/tools/mutator/test_data/test_source_unit/foundry.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
[profile.default]
src = 'src'
out = 'out'
libs = ['lib']
solc = "0.8.15"

# See more config options https://github.com/foundry-rs/foundry/tree/master/config
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.13;

import {Script, console} from "forge-std/Script.sol";

contract CounterScript is Script {
function setUp() public {}

function run() public {
vm.broadcast();
}
}
14 changes: 14 additions & 0 deletions tests/tools/mutator/test_data/test_source_unit/src/Counter.sol
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.15;

contract Counter {
uint256 public number;

function setNumber(uint256 newNumber) public {
number = newNumber;
}

function increment() public {
number++;
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.15;

import {Test, console} from "forge-std/Test.sol";
import {Counter} from "../src/Counter.sol";

contract CounterTest is Test {
Counter public counter;

function setUp() public {
counter = new Counter();
counter.setNumber(0);
}

function test_Increment() public {
counter.increment();
assertEq(counter.number(), 1);
}

function testFuzz_SetNumber(uint256 x) public {
counter.setNumber(x);
assertEq(counter.number(), x);
}
}
Loading