slither icon indicating copy to clipboard operation
slither copied to clipboard

Published 20 hours ago verified publisher icon crytic

analyze internal calls after performing constant propagation

Open 0xalpharush opened this issue 2 years ago • 2 comments

This detector currently under-approximates arbitrary from's in transferFrom as it does not consider internal calls and it's dependency analysis is not strict (if msg.sender is used anywhere in the contract it's considered okay despite other tainted values).

This PR addresses those issues in two ways:

  1. It performs constant propagation on address(this) and msg.sender so that arguments passed to library/internal function calls represent the underlying value.

  2. Whenever high_level_calls was being used, it wasn't returning internal nodes/IRs to analyze, so I added a recursive analysis whenever an IR is an INTERNAL_CALL.

0xalpharush avatar Jun 08 '22 03:06 0xalpharush

This pull request introduces 1 alert when merging 8e77dd791163c5e3192d2861dc507709772c491c into 168e96298fb8f8a588c110aa75cd38b3a7662ed9 - view on LGTM.com

new alerts:

  • 1 for Unused import

lgtm-com[bot] avatar Jun 08 '22 03:06 lgtm-com[bot]

This pull request introduces 1 alert when merging 3beca4b107c3054763b2188192f9f02ff1f70329 into 6a2e1e0819f0dde932484b20bb0e0d3e39293adf - view on LGTM.com

new alerts:

  • 1 for Unused import

lgtm-com[bot] avatar Jul 06 '22 01:07 lgtm-com[bot]