slither
slither copied to clipboard
crytic
Static Analyzer for Solidity and Vyper
Issue https://github.com/crytic/slither/issues/529 (and its associated PRs) made me realize that we could now remove `TupleVariable` and the `Unpack` operation, and only use structures. We should investigate if that is possible.
### Describe the issue: ``` slither.exceptions.SlitherException: Function not found on IR: TMP_2759(None) = HIGH_LEVEL_CALL, dest:location_(StackTop), function:set, arguments:['orderHash_', 'REF_739'] . Node: EXPRESSION location_.set(clearedOrder[OrderHash.wrap(orderHash_)]) (contracts/orderbook/OrderBook.sol#292) Function: opOrderFundsCleared Please try compiling with a...
### Describe the desired feature The new `is_dynamic()` property for types is a great idea. However, only basing this property off of type information leads to incorrect conclusions if you...
… DOMAIN_SEPARATOR - Also implements solidity sig and return type for public/external state variables Heuristic: warn if external or public function/ state variable name collides with hash of "DOMAIN_SEPARATOR()" or...
### Describe the issue: [OpenZeppelin recently added support for `_disableInitializers` which helps with disabling implementation initialization when used in the constructor of a contract](https://docs.openzeppelin.com/upgrades-plugins/1.x/writing-upgradeable#initializing_the_implementation_contract). Slither should be able to pick...
### Describe the desired feature The description on https://pypi.org/project/slither-analyzer/ is not being rendered as markdown. Add the line `long_description_content_type="text/markdown",` to the `setup.py` for it to render correctly in future releases.
### Describe the issue: Error when using with foundry / forge ### Code example to reproduce the issue: The code isn't public but its a pretty minimal repo:  ###...
### Describe the issue: When trying to run `Slither` it fails without any concrete information but with the trace stack that I couldn't demystify. Contracts compilation is successful as well...
### Describe the issue: Trying to get function relations on the contract of the [Fallback ethernaut challenge](https://ethernaut.openzeppelin.com/level/0x9CB391dbcD447E645D6Cb55dE6ca23164130D008) returns a result that contains an invalid function signature: `()` ```` { "constructor()":...
TBD: we might want the CONTINUE node to point to the increment EXPRESSION and not STARTLOOP. See visualization [here](https://dreampuf.github.io/GraphvizOnline/#digraph%7B%0A0%5Blabel%3D%22Node%20Type%3A%20ENTRY_POINT%200%0A%22%5D%3B%0A0-%3E3%3B%0A1%5Blabel%3D%22Node%20Type%3A%20BEGIN_LOOP%201%0A%22%5D%3B%0A1-%3E4%3B%0A2%5Blabel%3D%22Node%20Type%3A%20END_LOOP%202%0A%22%5D%3B%0A3%5Blabel%3D%22Node%20Type%3A%20NEW%20VARIABLE%203%0A%0AEXPRESSION%3A%0Ai%20%3D%200%0A%0AIRs%3A%0Ai(uint256)%20%3A%3D%200(uint256)%22%5D%3B%0A3-%3E1%3B%0A4%5Blabel%3D%22Node%20Type%3A%20IF_LOOP%204%0A%0AEXPRESSION%3A%0Ai%20%3C%2010%0A%0AIRs%3A%0ATMP_0(bool)%20%3D%20i%20%3C%2010%0ACONDITION%20TMP_0%22%5D%3B%0A4-%3E5%5Blabel%3D%22True%22%5D%3B%0A4-%3E2%5Blabel%3D%22False%22%5D%3B%0A5%5Blabel%3D%22Node%20Type%3A%20IF%205%0A%0AEXPRESSION%3A%0Ai%20%3E%20100%0A%0AIRs%3A%0ATMP_1(bool)%20%3D%20i%20%3E%20100%0ACONDITION%20TMP_1%22%5D%3B%0A5-%3E6%5Blabel%3D%22True%22%5D%3B%0A5-%3E7%5Blabel%3D%22False%22%5D%3B%0A6%5Blabel%3D%22Node%20Type%3A%20BREAK%206%0A%22%5D%3B%0A6-%3E2%3B%0A7%5Blabel%3D%22Node%20Type%3A%20END_IF%207%0A%22%5D%3B%0A7-%3E8%3B%0A8%5Blabel%3D%22Node%20Type%3A%20IF%208%0A%0AEXPRESSION%3A%0Ai%20%3C%203%0A%0AIRs%3A%0ATMP_2(bool)%20%3D%20i%20%3C%203%0ACONDITION%20TMP_2%22%5D%3B%0A8-%3E9%5Blabel%3D%22True%22%5D%3B%0A8-%3E10%5Blabel%3D%22False%22%5D%3B%0A9%5Blabel%3D%22Node%20Type%3A%20CONTINUE%209%0A%22%5D%3B%0A9-%3E1%3B%0A10%5Blabel%3D%22Node%20Type%3A%20END_IF%2010%0A%22%5D%3B%0A10-%3E13%3B%0A11%5Blabel%3D%22Node%20Type%3A%20BEGIN_LOOP%2011%0A%22%5D%3B%0A11-%3E14%3B%0A12%5Blabel%3D%22Node%20Type%3A%20END_LOOP%2012%0A%22%5D%3B%0A12-%3E23%3B%0A13%5Blabel%3D%22Node%20Type%3A%20NEW%20VARIABLE%2013%0A%0AEXPRESSION%3A%0Aj%20%3D%200%0A%0AIRs%3A%0Aj(uint256)%20%3A%3D%200(uint256)%22%5D%3B%0A13-%3E11%3B%0A14%5Blabel%3D%22Node%20Type%3A%20IF_LOOP%2014%0A%0AEXPRESSION%3A%0Aj%20%3C%2010%0A%0AIRs%3A%0ATMP_3(bool)%20%3D%20j%20%3C%2010%0ACONDITION%20TMP_3%22%5D%3B%0A14-%3E15%5Blabel%3D%22True%22%5D%3B%0A14-%3E12%5Blabel%3D%22False%22%5D%3B%0A15%5Blabel%3D%22Node%20Type%3A%20IF%2015%0A%0AEXPRESSION%3A%0Aj%20%3E%2010%0A%0AIRs%3A%0ATMP_4(bool)%20%3D%20j%20%3E%2010%0ACONDITION%20TMP_4%22%5D%3B%0A15-%3E16%5Blabel%3D%22True%22%5D%3B%0A15-%3E17%5Blabel%3D%22False%22%5D%3B%0A16%5Blabel%3D%22Node%20Type%3A%20CONTINUE%2016%0A%22%5D%3B%0A16-%3E11%3B%0A17%5Blabel%3D%22Node%20Type%3A%20END_IF%2017%0A%22%5D%3B%0A17-%3E18%3B%0A18%5Blabel%3D%22Node%20Type%3A%20IF%2018%0A%0AEXPRESSION%3A%0Aj%20%3C%203%0A%0AIRs%3A%0ATMP_5(bool)%20%3D%20j%20%3C%203%0ACONDITION%20TMP_5%22%5D%3B%0A18-%3E19%5Blabel%3D%22True%22%5D%3B%0A18-%3E20%5Blabel%3D%22False%22%5D%3B%0A19%5Blabel%3D%22Node%20Type%3A%20BREAK%2019%0A%22%5D%3B%0A19-%3E12%3B%0A20%5Blabel%3D%22Node%20Type%3A%20END_IF%2020%0A%22%5D%3B%0A20-%3E21%3B%0A21%5Blabel%3D%22Node%20Type%3A%20EXPRESSION%2021%0A%0AEXPRESSION%3A%0Aj%20-%3D%201%0A%0AIRs%3A%0Aj(uint256)%20%3D%20j%20(c)-%201%22%5D%3B%0A21-%3E22%3B%0A22%5Blabel%3D%22Node%20Type%3A%20EXPRESSION%2022%0A%0AEXPRESSION%3A%0Aj%20%2B%2B%0A%0AIRs%3A%0ATMP_6(uint256)%20%3A%3D%20j(uint256)%0Aj(uint256)%20%3D%20j%20(c)%2B%201%22%5D%3B%0A22-%3E14%3B%0A23%5Blabel%3D%22Node%20Type%3A%20EXPRESSION%2023%0A%0AEXPRESSION%3A%0Ai%20%2B%2B%0A%0AIRs%3A%0ATMP_7(uint256)%20%3A%3D%20i(uint256)%0Ai(uint256)%20%3D%20i%20(c)%2B%201%22%5D%3B%0A23-%3E4%3B%0A%7D%0A). Will open an issue and fix in a follow-on PR _Originally...