From 031465bb34583b08a39bc88c064090e2a675f7e5 Mon Sep 17 00:00:00 2001 From: "Samuel E. Moelius III" Date: Wed, 26 Aug 2020 11:11:50 -0400 Subject: [PATCH 1/4] "slither-erc" -> "slither-check-erc" --- README.md | 2 +- slither/tools/erc_conformance/__main__.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 0426c250ab..d8e99dba3c 100644 --- a/README.md +++ b/README.md @@ -123,7 +123,7 @@ See the [Printer documentation](https://github.com/crytic/slither/wiki/Printer-d - `slither-check-upgradeability`: [Review `delegatecall`-based upgradeability](https://github.com/crytic/slither/wiki/Upgradeability-Checks) - `slither-prop`: [Automatic unit tests and properties generation](https://github.com/crytic/slither/wiki/Properties-generation) - `slither-flat`: [Flatten a codebase](https://github.com/crytic/slither/wiki/Contract-Flattening) -- `slither-erc`: [Check the ERC's conformance](https://github.com/crytic/slither/wiki/ERC-Conformance) +- `slither-check-erc`: [Check the ERC's conformance](https://github.com/crytic/slither/wiki/ERC-Conformance) - `slither-format`: [Automatic patches generation](https://github.com/crytic/slither/wiki/Slither-format) See the [Tool documentation](https://github.com/crytic/slither/wiki/Tool-Documentation) for additional tools. diff --git a/slither/tools/erc_conformance/__main__.py b/slither/tools/erc_conformance/__main__.py index 449ae86694..bb98842e29 100644 --- a/slither/tools/erc_conformance/__main__.py +++ b/slither/tools/erc_conformance/__main__.py @@ -31,7 +31,7 @@ def parse_args(): :return: Returns the arguments for the program. """ parser = argparse.ArgumentParser( - description="Check the ERC 20 conformance", usage="slither-erc project contractName" + description="Check the ERC 20 conformance", usage="slither-check-erc project contractName" ) parser.add_argument("project", help="The codebase to be tested.") From 246a4baa0e8f5dcc57400127c483b2c10b039c5d Mon Sep 17 00:00:00 2001 From: Claudia Richoux Date: Thu, 27 Aug 2020 20:22:25 -0400 Subject: [PATCH 2/4] fixing exponent dos by adding limits on size of exponent --- slither/slithir/variables/constant.py | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/slither/slithir/variables/constant.py b/slither/slithir/variables/constant.py index 5de70d0a97..9be1bbc593 100644 --- a/slither/slithir/variables/constant.py +++ b/slither/slithir/variables/constant.py @@ -27,10 +27,16 @@ def __init__(self, val, type=None, subdenomination=None): else: if 'e' in val: base, expo = val.split('e') - self._val = int(Decimal(base) * (10 ** int(expo))) + expo = int(expo) + if expo > 80: + raise ValueError("exponent is too large to fit in any Solidity integer size") + self._val = int(Decimal(base) * (10 ** expo)) elif 'E' in val: base, expo = val.split('E') - self._val = int(Decimal(base) * (10 ** int(expo))) + expo = int(expo) + if expo > 80: + raise ValueError("exponent is too large to fit in any Solidity integer size") + self._val = int(Decimal(base) * (10 ** expo)) else: self._val = int(Decimal(val)) elif type.type == 'bool': From d06c397a5c600ae7380e7fe9fb3338532c996de8 Mon Sep 17 00:00:00 2001 From: Claudia Richoux Date: Thu, 27 Aug 2020 20:28:55 -0400 Subject: [PATCH 3/4] fixing it and supporting base of zero --- slither/slithir/variables/constant.py | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/slither/slithir/variables/constant.py b/slither/slithir/variables/constant.py index 9be1bbc593..dd9df153ba 100644 --- a/slither/slithir/variables/constant.py +++ b/slither/slithir/variables/constant.py @@ -25,18 +25,16 @@ def __init__(self, val, type=None, subdenomination=None): if val.startswith('0x') or val.startswith('0X'): self._val = int(val, 16) else: - if 'e' in val: - base, expo = val.split('e') - expo = int(expo) + if 'e' in val or 'E' in val: + base, expo = val.split('e') if 'e' in val else val.split('E') + base, expo = Decimal(base), int(expo) if expo > 80: - raise ValueError("exponent is too large to fit in any Solidity integer size") - self._val = int(Decimal(base) * (10 ** expo)) - elif 'E' in val: - base, expo = val.split('E') - expo = int(expo) - if expo > 80: - raise ValueError("exponent is too large to fit in any Solidity integer size") - self._val = int(Decimal(base) * (10 ** expo)) + if base != Decimal(0): + raise ValueError("exponent is too large to fit in any Solidity integer size") + else: + self._val = 0 + else: + self._val = int(Decimal(base) * (10 ** expo)) else: self._val = int(Decimal(val)) elif type.type == 'bool': From 66b98dafea7b37062b12f9c34af87957d9f0b14e Mon Sep 17 00:00:00 2001 From: Claudia Richoux Date: Thu, 27 Aug 2020 20:45:11 -0400 Subject: [PATCH 4/4] fixing 587 while im at it --- slither/slithir/variables/constant.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/slither/slithir/variables/constant.py b/slither/slithir/variables/constant.py index dd9df153ba..f0ab9b4a07 100644 --- a/slither/slithir/variables/constant.py +++ b/slither/slithir/variables/constant.py @@ -34,7 +34,7 @@ def __init__(self, val, type=None, subdenomination=None): else: self._val = 0 else: - self._val = int(Decimal(base) * (10 ** expo)) + self._val = int(Decimal(base) * Decimal(10 ** expo)) else: self._val = int(Decimal(val)) elif type.type == 'bool':