Merge pull request #485 from crytic/dev

0xalpharush · web-flow · commit db965592d567 · 2023-08-08T13:39:23.000Z
prepare for 0.3.4 release
diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml
@@ -37,7 +37,7 @@ jobs:
       - run: pip install -e ".[doc]"
       - run: pdoc -o html/ crytic_compile
       - name: Upload artifact
-        uses: actions/upload-pages-artifact@v1
+        uses: actions/upload-pages-artifact@v2
         with:
           # Upload the doc
           path: './html/'
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -45,10 +45,10 @@ jobs:
           path: dist/
 
       - name: publish
-        uses: pypa/gh-action-pypi-publish@v1.8.7
+        uses: pypa/gh-action-pypi-publish@v1.8.8
 
       - name: sign
-        uses: sigstore/gh-action-sigstore-python@v1.2.3
+        uses: sigstore/gh-action-sigstore-python@v2.0.0
         with:
           inputs: ./dist/*.tar.gz ./dist/*.whl
           release-signing-artifacts: true
diff --git a/README.md b/README.md
@@ -5,17 +5,23 @@
 
 Library to help smart contract compilation. It includes support for:
 - Direct solc compilation
+- [Foundry](https://github.com/foundry-rs/foundry/)
+- [Hardhat](https://github.com/nomiclabs/hardhat)
 - [Brownie](https://github.com/iamdefinitelyahuman/brownie)
 - [Buidler](https://github.com/nomiclabs/buidler)
 - [Dapp](https://dapp.tools/dapp/)
 - [Embark](https://embark.status.im/)
 - [Etherlime](https://github.com/LimeChain/etherlime)
 - [Etherscan](https://etherscan.io/) (including several alt-chain explorers and testnets)
-- [Foundry](https://github.com/foundry-rs/foundry/)
-- [Hardhat](https://github.com/nomiclabs/hardhat)
 - [Truffle](https://truffleframework.com/)
 - [Waffle](https://github.com/EthWorks/Waffle)
 
+To force compilation with a specific framework, use the `--compile-force-framework` flag. For example, to force compilation with Hardhat:
+
+```shell
+crytic-compile . --compile-force-framework hardhat
+```
+
 See the [Configuration](https://github.com/crytic/crytic-compile/wiki/Configuration) documentation for advanced usages.
 
 The plugin is used in Trail of Bits tools, including:
@@ -27,21 +33,33 @@ The plugin is used in Trail of Bits tools, including:
 
 ## Installation
 
-```bash
+```shell
 pip3 install crytic-compile
 ```
 
 ## Usage
 
-### Standalone
-```bash
+In the root directory of your project e.g. same directory as `hardhat.config.js` or `foundry.toml`, run:
+
+```shell
 crytic-compile .
 ```
 
 Crytic-compile will generate `crytic-export/contracts.json` containing the AST/ABI and bytecodes of the contracts.
 
 Run `crytic-compile --help` for more options.
 
+## Library Linking
+
+If your project uses [libraries](https://docs.soliditylang.org/en/latest/contracts.html#libraries) with external functions, they can be linked to their deployed address with the `--compile-libraries` flag. For example, if you have a library `SafeMath` deployed at `0xff`, you can link it with:
+
+
+```shell
+crytic-compile . --compile-libraries "(SafeMath, 0xff)"
+```
+
+If you are fuzzing with Echidna or Medusa, follow this [tutorial on linking libraries](https://secure-contracts.com/program-analysis/echidna/advanced/working-with-libraries.html?highlight=library#linking-libraries).
+
 ### As a library
 
 See the [library documentation](https://github.com/crytic/crytic-compile/wiki/Library-Documentation).
diff --git a/crytic_compile/crytic_compile.py b/crytic_compile/crytic_compile.py
@@ -63,13 +63,14 @@ def _extract_libraries(libraries_str: Optional[str]) -> Optional[Dict[str, int]]
 
     if not libraries_str:
         return None
-
-    pattern = r"\((?P<name>\w+),\s*(?P<value1>0x[0-9a-fA-F]{2})\),?"
+    # Extract tuple like (libname1, 0x00)
+    pattern = r"\((?P<name>\w+),\s*(?P<value1>0x[0-9a-fA-F]{2,40})\),?"
     matches = re.findall(pattern, libraries_str)
 
     if not matches:
-        logging.info(f"Libraries {libraries_str} could not be parsed")
-        return None
+        raise ValueError(
+            f"Invalid library linking directive\nGot:\n{libraries_str}\nExpected format:\n(libname1, 0x00),(libname2, 0x02)"
+        )
 
     ret: Dict[str, int] = {}
     for key, value in matches:
diff --git a/crytic_compile/platform/solc.py b/crytic_compile/platform/solc.py
@@ -34,10 +34,11 @@
 def _build_contract_data(compilation_unit: "CompilationUnit") -> Dict:
     contracts = {}
 
-    libraries = compilation_unit.crytic_compile.libraries
+    libraries_to_update = compilation_unit.crytic_compile.libraries
 
     for filename, source_unit in compilation_unit.source_units.items():
         for contract_name in source_unit.contracts_names:
+            libraries = source_unit.libraries_names_and_patterns(contract_name)
             abi = str(source_unit.abi(contract_name))
             abi = abi.replace("'", '"')
             abi = abi.replace("True", "true")
@@ -48,10 +49,11 @@ def _build_contract_data(compilation_unit: "CompilationUnit") -> Dict:
                 "srcmap": ";".join(source_unit.srcmap_init(contract_name)),
                 "srcmap-runtime": ";".join(source_unit.srcmap_runtime(contract_name)),
                 "abi": abi,
-                "bin": source_unit.bytecode_init(contract_name, libraries),
-                "bin-runtime": source_unit.bytecode_runtime(contract_name, libraries),
+                "bin": source_unit.bytecode_init(contract_name, libraries_to_update),
+                "bin-runtime": source_unit.bytecode_runtime(contract_name, libraries_to_update),
                 "userdoc": source_unit.natspec[contract_name].userdoc.export(),
                 "devdoc": source_unit.natspec[contract_name].devdoc.export(),
+                "libraries": dict(libraries) if libraries else {},
             }
     return contracts
 
@@ -519,16 +521,21 @@ def _run_solc(
 
     additional_kwargs: Dict = {"cwd": working_dir} if working_dir else {}
     if not compiler_version.version in [f"0.4.{x}" for x in range(0, 11)]:
-        # Add . as default allowed path
+        # Add --allow-paths argument, if it isn't already specified
+        # We allow the CWD as well as the directory that contains the file
         if "--allow-paths" not in cmd:
             file_dir_start = os.path.normpath(os.path.dirname(filename))
+            # Paths in the --allow-paths arg can't contain commas, since this is the delimeter
+            # Try using absolute path; if it contains a comma, try using relative path instead
             file_dir = os.path.abspath(file_dir_start)
             if "," in file_dir:
                 try:
                     file_dir = os.path.relpath(file_dir_start)
                 except ValueError:
+                    # relpath can fail if, for example, we're on Windows and the directory is on a different drive than CWD
                     pass
 
+            # Even the relative path might have a comma in it, so we want to make sure first
             if "," not in file_dir:
                 cmd += ["--allow-paths", ".," + file_dir]
             else:
diff --git a/tests/library_linking.sol b/tests/library_linking.sol
@@ -0,0 +1,16 @@
+library NeedsLinkingA {
+    function testA() external pure returns (uint) {
+        return type(uint).max;
+    }
+}
+library NeedsLinkingB {
+    function testB() external pure returns (uint) {
+        return type(uint).min;
+    }
+}
+contract TestLibraryLinking {
+    function test() external {
+        NeedsLinkingA.testA();
+        NeedsLinkingB.testB();
+    }
+}
diff --git a/tests/test_library_linking.py b/tests/test_library_linking.py
@@ -0,0 +1,54 @@
+"""
+Test library linking
+"""
+import re
+from pathlib import Path
+import pytest
+from crytic_compile.crytic_compile import CryticCompile
+
+TEST_DIR = Path(__file__).resolve().parent
+
+LIBRARY_PLACEHOLDER_REGEX = r"__.{36}__"
+
+
+def test_library_linking() -> None:
+    """Test that the placeholder is not present in the bytecode when the libraries are provided"""
+    cc = CryticCompile(
+        Path(TEST_DIR / "library_linking.sol").as_posix(),
+        compile_libraries="(NeedsLinkingA, 0xdead),(NeedsLinkingB, 0x000000000000000000000000000000000000beef)",
+    )
+    for compilation_unit in cc.compilation_units.values():
+        for source_unit in compilation_unit.source_units.values():
+            assert (
+                len(re.findall(r"__.{36}__", source_unit.bytecode_init("TestLibraryLinking"))) == 2
+            )
+            assert (
+                len(re.findall(r"__.{36}__", source_unit.bytecode_runtime("TestLibraryLinking")))
+                == 2
+            )
+            libraries = compilation_unit.crytic_compile.libraries
+            assert (
+                len(
+                    re.findall(
+                        r"__.{36}__", source_unit.bytecode_init("TestLibraryLinking", libraries)
+                    )
+                )
+                == 0
+            )
+            assert (
+                len(
+                    re.findall(
+                        r"__.{36}__", source_unit.bytecode_runtime("TestLibraryLinking", libraries)
+                    )
+                )
+                == 0
+            )
+
+
+def test_library_linking_validation() -> None:
+    """Test that invalid compile libraries argument raises an error"""
+    with pytest.raises(ValueError):
+        CryticCompile(
+            Path(TEST_DIR / "library_linking.sol").as_posix(),
+            compile_libraries="(NeedsLinkingA, 0x)",
+        )
