slither icon indicating copy to clipboard operation
slither copied to clipboard
verified publisher icon crytic

uninitialized-state-variables raised on mappings

Open elenadimitrova opened this issue 5 years ago • 3 comments

The following high priority error has started showing up with [email protected] when running against the argent-contracts repo:

RecoveryManager.recoveryConfigs (modules/RecoveryManager.sol#47) is never initialized. It is used in:
LimitManager.limits (modules/common/LimitManager.sol#56) is never initialized. It is used in:
	- LimitManager.init(address) (modules/common/LimitManager.sol#76-81)
	- LimitManager.changeLimit(address,uint256,uint256) (modules/common/LimitManager.sol#92-102)
	- LimitManager.getCurrentLimit(address) (modules/common/LimitManager.sol#119-122)
	- LimitManager.getPendingLimit(address) (modules/common/LimitManager.sol#139-143)
	- LimitManager.getDailyUnspent(address) (modules/common/LimitManager.sol#150-164)
	- LimitManager.checkAndUpdateDailySpent(address,uint256) (modules/common/LimitManager.sol#172-182)
	- LimitManager.updateDailySpent(address,uint128,uint256) (modules/common/LimitManager.sol#190-202)
	- LimitManager.isWithinDailyLimit(address,uint256,uint256) (modules/common/LimitManager.sol#211-222)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-state-variables

Mappings are virtually instantiated by default so this must be a false positive.

elenadimitrova avatar Apr 21 '20 13:04 elenadimitrova

Sharing another example for this issue:

https://github.com/PaulRBerg/prb-proxy/security/code-scanning/47

PaulRBerg avatar May 03 '23 14:05 PaulRBerg

Hi, I'm using Slither 0.9.6 and uninitialized-state-variables is still raised on mappings

RilRil avatar Oct 06 '23 08:10 RilRil