Merge branch 'dev' into dev-multiple-compilation-units

Author: montyly

.github/workflows/parser.yml

@@ -35,12 +35,11 @@ jobs:
 
           git clone https://github.com/crytic/solc-select.git
           cd solc-select
-          git checkout 857d6fa883d9283454be1cb2d869a8f9962b27b8
+          git checkout 119dd05f58341811cb02b546f25269a7e8a10875
+          python setup.py install
+          solc-select install all
+          solc-select use 0.8.0
           cd ..
-          ./solc-select/scripts/install.sh
-          export PATH=/home/runner/.solc-select:$PATH
-          echo "export PATH=/home/runner/.solc-select:$PATH" >> ~/.bashrc
-          solc use 0.7.3
 
       - name: Test with pytest
         run: |

CONTRIBUTING.md

@@ -51,6 +51,7 @@ To see the tests coverage, run `pytest  tests/test_detectors.py  --cov=slither/d
 
 ### Parser tests
 - Create a test in `tests/ast-parsing`
+- Run `python ./tests/test_ast_parsing.py --compile`. This will compile the artifact in `tests/compile`. Add the compiled artifact to git.
 - Run `python ./tests/test_ast_parsing.py --generate`. This will generate the json artifacts in `tests/expected_json`. Add the generated files to git.
 - Run `pytest ./tests/test_ast_parsing.py` and check that everything worked.
 

slither/core/compilation_unit.py

@@ -54,6 +54,10 @@ def __init__(self, core: "SlitherCore", crytic_compilation_unit: CompilationUnit
 
         self._source_units: Dict[int, str] = {}
 
+        self.counter_slithir_tuple = 0
+        self.counter_slithir_temporary = 0
+        self.counter_slithir_reference = 0
+
     @property
     def core(self) -> "SlitherCore":
         return self._core

slither/core/declarations/__init__.py

@@ -13,3 +13,4 @@
 from .structure import Structure
 from .enum_contract import EnumContract
 from .structure_contract import StructureContract
+from .function_contract import FunctionContract

slither/core/declarations/contract.py

@@ -24,7 +24,14 @@
 # pylint: disable=too-many-lines,too-many-instance-attributes,import-outside-toplevel,too-many-nested-blocks
 if TYPE_CHECKING:
     from slither.utils.type_helpers import LibraryCallType, HighLevelCallType, InternalCallType
-    from slither.core.declarations import Enum, Event, Modifier, EnumContract, StructureContract
+    from slither.core.declarations import (
+        Enum,
+        Event,
+        Modifier,
+        EnumContract,
+        StructureContract,
+        FunctionContract,
+    )
     from slither.slithir.variables.variable import SlithIRVariable
     from slither.core.variables.variable import Variable
     from slither.core.variables.state_variable import StateVariable
@@ -57,7 +64,7 @@ def __init__(self, compilation_unit: "SlitherCompilationUnit"):
         self._variables: Dict[str, "StateVariable"] = {}
         self._variables_ordered: List["StateVariable"] = []
         self._modifiers: Dict[str, "Modifier"] = {}
-        self._functions: Dict[str, "Function"] = {}
+        self._functions: Dict[str, "FunctionContract"] = {}
         self._linearizedBaseContracts = List[int]
 
         # The only str is "*"
@@ -390,23 +397,23 @@ def functions_signatures_declared(self) -> List[str]:
         return self._signatures_declared
 
     @property
-    def functions(self) -> List["Function"]:
+    def functions(self) -> List["FunctionContract"]:
         """
         list(Function): List of the functions
         """
         return list(self._functions.values())
 
-    def available_functions_as_dict(self) -> Dict[str, "Function"]:
+    def available_functions_as_dict(self) -> Dict[str, "FunctionContract"]:
         if self._available_functions_as_dict is None:
             self._available_functions_as_dict = {
                 f.full_name: f for f in self._functions.values() if not f.is_shadowed
             }
         return self._available_functions_as_dict
 
-    def add_function(self, func: "Function"):
+    def add_function(self, func: "FunctionContract"):
         self._functions[func.canonical_name] = func
 
-    def set_functions(self, functions: Dict[str, "Function"]):
+    def set_functions(self, functions: Dict[str, "FunctionContract"]):
         """
         Set the functions
 
@@ -416,21 +423,21 @@ def set_functions(self, functions: Dict[str, "Function"]):
         self._functions = functions
 
     @property
-    def functions_inherited(self) -> List["Function"]:
+    def functions_inherited(self) -> List["FunctionContract"]:
         """
         list(Function): List of the inherited functions
         """
         return [f for f in self.functions if f.contract_declarer != self]
 
     @property
-    def functions_declared(self) -> List["Function"]:
+    def functions_declared(self) -> List["FunctionContract"]:
         """
         list(Function): List of the functions defined within the contract (not inherited)
         """
         return [f for f in self.functions if f.contract_declarer == self]
 
     @property
-    def functions_entry_points(self) -> List["Function"]:
+    def functions_entry_points(self) -> List["FunctionContract"]:
         """
         list(Functions): List of public and external functions
         """

slither/core/solidity_types/elementary_type.py

@@ -85,8 +85,6 @@
 Max_Uint = {k: 2 ** (8 * i) - 1 if i > 0 else 2 ** 256 - 1 for i, k in enumerate(Uint)}
 Min_Uint = {k: 0 for k in Uint}
 
-MaxValues = dict(Max_Int, **Max_Uint)
-MinValues = dict(Min_Int, **Min_Uint)
 
 Byte = [
     "byte",
@@ -125,6 +123,16 @@
     "bytes32",
 ]
 
+Max_Byte = {k: 2 ** (8 * (i + 1)) - 1 for i, k in enumerate(Byte[2:])}
+Max_Byte["bytes"] = None
+Max_Byte["byte"] = 255
+Min_Byte = {k: 1 << (4 + 8 * i) for i, k in enumerate(Byte[2:])}
+Min_Byte["bytes"] = 0x0
+Min_Byte["byte"] = 0x10
+
+MaxValues = dict(dict(Max_Int, **Max_Uint), **Max_Byte)
+MinValues = dict(dict(Min_Int, **Min_Uint), **Min_Byte)
+
 # https://solidity.readthedocs.io/en/v0.4.24/types.html#fixed-point-numbers
 M = list(range(8, 257, 8))
 N = list(range(0, 81))

slither/detectors/all_detectors.py

@@ -21,6 +21,7 @@
 from .statements.assembly import Assembly
 from .operations.low_level_calls import LowLevelCalls
 from .operations.unused_return_values import UnusedReturnValues
+from .operations.unchecked_transfer import UncheckedTransfer
 from .naming_convention.naming_convention import NamingConvention
 from .functions.external_function import ExternalFunction
 from .statements.controlled_delegatecall import ControlledDelegateCall

slither/detectors/operations/unchecked_low_level_return_values.py

@@ -34,7 +34,5 @@ class UncheckedLowLevel(UnusedReturnValues):
 
     WIKI_RECOMMENDATION = "Ensure that the return value of a low-level call is checked or logged."
 
-    _txt_description = "low-level calls"
-
     def _is_instance(self, ir):  # pylint: disable=no-self-use
         return isinstance(ir, LowLevelCall)

slither/detectors/operations/unchecked_send_return_value.py

@@ -35,7 +35,5 @@ class UncheckedSend(UnusedReturnValues):
 
     WIKI_RECOMMENDATION = "Ensure that the return value of `send` is checked or logged."
 
-    _txt_description = "send calls"
-
     def _is_instance(self, ir):  # pylint: disable=no-self-use
         return isinstance(ir, Send)

slither/detectors/operations/unchecked_transfer.py

@@ -0,0 +1,51 @@
+"""
+Module detecting unused transfer/transferFrom return values from external calls
+"""
+
+from slither.core.declarations import Function
+from slither.detectors.abstract_detector import DetectorClassification
+from slither.detectors.operations.unused_return_values import UnusedReturnValues
+from slither.slithir.operations import HighLevelCall
+
+
+class UncheckedTransfer(UnusedReturnValues):
+    """
+    If the return value of a transfer/transferFrom function is never used, it's likely to be bug
+    """
+
+    ARGUMENT = "unchecked-transfer"
+    HELP = "Unchecked tokens transfer"
+    IMPACT = DetectorClassification.HIGH
+    CONFIDENCE = DetectorClassification.MEDIUM
+
+    WIKI = "https://github.com/crytic/slither/wiki/Detector-Documentation#unchecked-transfer"
+
+    WIKI_TITLE = "Unchecked transfer"
+    WIKI_DESCRIPTION = "The return value of an external transfer/transferFrom call is not checked"
+    WIKI_EXPLOIT_SCENARIO = """
+```solidity
+contract Token {
+    function transferFrom(address _from, address _to, uint256 _value) public returns (bool success);
+}
+contract MyBank{  
+    mapping(address => uint) balances;
+    Token token;
+    function deposit(uint amount) public{
+        token.transferFrom(msg.sender, address(this), amount);
+        balances[msg.sender] += amount;
+    }
+}
+```
+Several tokens do not revert in case of failure and return false. If one of these tokens is used in `MyBank`, `deposit` will not revert if the transfer fails, and an attacker can call `deposit` for free.."""
+
+    WIKI_RECOMMENDATION = (
+        "Use `SafeERC20`, or ensure that the transfer/transferFrom return value is checked."
+    )
+
+    def _is_instance(self, ir):  # pylint: disable=no-self-use
+        return (
+            isinstance(ir, HighLevelCall)
+            and isinstance(ir.function, Function)
+            and ir.function.solidity_signature
+            in ["transfer(address,uint256)", "transferFrom(address,address,uint256)"]
+        )