slither
slither copied to clipboard
crytic
[Bug-Candidate]: Slither calls solc with non-existant option "--evm-version"
Describe the issue:
This issue happens when we have a foundry.toml in the current working directory. Slither detects foundry and tries to pass its configurations to solc.
One config is evm_version which defaults to "paris", however the --evm-version option does not exist in old versions of solc (such as 0.4.18), so solc breaks.
Code example to reproduce the issue:
pragma solidity ^0.4.18;
contract WETH9 {
string public name = "Wrapped Ether";
string public symbol = "WETH";
uint8 public decimals = 18;
event Approval(address indexed src, address indexed guy, uint wad);
event Transfer(address indexed src, address indexed dst, uint wad);
event Deposit(address indexed dst, uint wad);
event Withdrawal(address indexed src, uint wad);
mapping (address => uint) public balanceOf;
mapping (address => mapping (address => uint)) public allowance;
function() public payable {
deposit();
}
function deposit() public payable {
balanceOf[msg.sender] += msg.value;
Deposit(msg.sender, msg.value);
}
function withdraw(uint wad) public {
require(balanceOf[msg.sender] >= wad);
balanceOf[msg.sender] -= wad;
msg.sender.transfer(wad);
Withdrawal(msg.sender, wad);
}
function totalSupply() public view returns (uint) {
return this.balance;
}
function approve(address guy, uint wad) public returns (bool) {
allowance[msg.sender][guy] = wad;
Approval(msg.sender, guy, wad);
return true;
}
function transfer(address dst, uint wad) public returns (bool) {
return transferFrom(msg.sender, dst, wad);
}
function transferFrom(address src, address dst, uint wad)
public
returns (bool)
{
require(balanceOf[src] >= wad);
if (src != msg.sender && allowance[src][msg.sender] != uint(-1)) {
require(allowance[src][msg.sender] >= wad);
allowance[src][msg.sender] -= wad;
}
balanceOf[src] -= wad;
balanceOf[dst] += wad;
Transfer(src, dst, wad);
return true;
}
}
Just put the above code in a foundry project, with a simple foundry.toml:
[profile.default]
src = "src"
out = "out"
libs = ["lib"]
And try to run slither from the same directory, making Slither detect foundry.
slither /home/user/default/src/WETH9.sol --disable-color --json /home/user/default/src/WETH9.json --solc-solcs-select 0.4.18
Version:
0.10.2
Relevant log output:
slither /home/user/default/src/WETH9.sol --disable-color --json /home/user/default/src/WETH9.json --solc-solcs-select 0.4.18
'forge config --json' running
Could not detect solc version from Foundry config. Falling back to system version...
'solc --version' running
'solc ds-test/=lib/forge-std/lib/ds-test/src/ forge-std/=lib/forge-std/src/ /home/user/default/src/WETH9.sol --combined-json abi,ast,bin,bin-runtime,srcmap,srcmap-runtime,userdoc,devdoc,hashes,compact-format --optimize --optimize-runs 200 --evm-version paris --allow-paths .,/home/user/default/src' running
Compilation warnings/errors on /home/user/default/src/WETH9.sol:
unrecognised option '--evm-version'
Found a way around it after digging a little bit. If I first compile with Foundry and then run:
slither src/WETH9.sol --foundry-ignore-compile --compile-force-framework "Foundry" --foundry-out-directory "absoluteOutPath"
It works. But it's absolutely a bug.
Hi! This is a known foundry bug, being tracked upstream here https://github.com/foundry-rs/foundry/issues/7014
slither / crytic-compile query foundry config --json to learn information such as the the EVM version, but foundry sometimes reports "paris" when it shouldn't. You should be able to work around the problem by setting an explicit evm_version in your foundry.toml
Also related: https://github.com/crytic/slither/issues/2287
