PythX CLI report not displaying all detected issues #17
Description
- pythx version: 1.1.4
- Python version: 3.6.7
- Operating System: Ubuntu LTS 18.04
Description
What I Did
Submitted analysis for simple_dao.sol via PythX.
pythx report only show one detected issue, but examining the analysis via mythx-api-curl reveals MythX detected multiple issues.
Report for Unknown
╒════════╤══════════╤═════════════════╤════════════╤═══════════════════════════╕
│ Line │ Column │ SWC Title │ Severity │ Short Description │
╞════════╪══════════╪═════════════════╪════════════╪═══════════════════════════╡
│ 0 │ 0 │ Floating Pragma │ Medium │ A floating pragma is set. │
╘════════╧══════════╧═════════════════╧════════════╧═══════════════════════════╛
Here's the output from /mythx-api-curl/analyses-results.sh 12f02ad8-94b4-49fd-97ea-ae8ff89edc72:
Note the multiple objects, does each tool return a new one?
[
{
"issues": [
{
"swcID": "SWC-103",
"swcTitle": "Floating Pragma",
"description": {
"head": "A floating pragma is set.",
"tail": "It is recommended to make a conscious choice on what version of Solidity is used for compilation. Currently any version equal or greater than \"=0.4.24\" is allowed."
},
"severity": "Medium",
"locations": [
{
"sourceMap": "170:25:0"
}
],
"extra": {
"testCase": {
"initialState": {
"accounts": null
},
"steps": null
}
}
}
],
"sourceType": "solidity-file",
"sourceFormat": "text",
"sourceList": [
"/simple_dao.sol",
"./simple_dao.sol"
],
"meta": {
"coveredInstructions": 378,
"coveredPaths": 10,
"selectedCompiler": "0.4.25"
}
},
{
"issues": [
{
"swcID": "SWC-101",
"swcTitle": "Integer Overflow and Underflow",
"description": {
"head": "The binary addition can overflow.",
"tail": "The operands of the addition operation are not sufficiently constrained. The addition could therefore result in an integer overflow. Prevent the overflow by checking inputs or ensure sure that the overflow is caught by an assertion."
},
"severity": "High",
"locations": [
{
"sourceMap": "444:1:0"
}
],
"extra": {
"testCase": {
"initialState": {
"accounts": null
},
"steps": null
}
}
},
{
"swcID": "SWC-107",
"swcTitle": "Reentrancy",
"description": {
"head": "persistent state read after call",
"tail": "Accessing the persistent state (storage or balance) of a contract should be avoided after calls to external contracts to prevent reentrancy issues. Make sure the callee is trusted or access the persistent state before the call."
},
"severity": "High",
"locations": [
{
"sourceMap": "648:1:0"
}
],
"extra": {
"testCase": {
"initialState": {
"accounts": {
"0x6666666666666666666666666666666666666660": {
"nonce": 1,
"balance": "0x00000000000000000000000000000000000000ffffffffffffffffffffffffff",
"code": "",
"storage": {}
},
"0x6666666666666666666666666666666666666661": {
"nonce": 1,
"balance": "0x00000000000000000000000000000000000000ffffffffffffffffffffffffff",
"code": "0x00",
"storage": {}
},
"0x6666666666666666666666666666666666666662": {
"nonce": 1,
"balance": "0x00000000000000000000000000000000000000ffffffffffffffffffffffffff",
"code": "0xfd",
"storage": {}
},
"0x6666666666666666666666666666666666666663": {
"nonce": 1,
"balance": "0x00000000000000000000000000000000000000ffffffffffffffffffffffffff",
"code": "0x608060405260005600a165627a7a72305820466f8a1bdae15c60b8e998fe04836ef505803cfbd8edd29bd4679531357576530029",
"storage": {}
},
"0x6666666666666666666666666666666666666664": {
"nonce": 1,
"balance": "0x00000000000000000000000000000000000000ffffffffffffffffffffffffff",
"code": "0x60806040527366666666666666666666666666666666666666643081146038578073ffffffffffffffffffffffffffffffffffffffff16ff5b5000fea165627a7a72305820ebf117db15ae50145ae169199f2a837a03ce5cd63b0b77fa0935b347011805f40029",
"storage": {}
},
"0x8af6a7af30d840ba137e8f3f34d54cfb8beba6e2": {
"nonce": 1,
"balance": "0x0000000000000000000000000000000000000000000000000000000000000000",
"code": "0x608060405260043610610061576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff168062362a95146100665780632e1a7d4d1461009c57806359f1286d146100c9578063d5d44d8014610120575b600080fd5b61009a600480360381019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610177565b005b3480156100a857600080fd5b506100c7600480360381019080803590602001909291905050506101c6565b005b3480156100d557600080fd5b5061010a600480360381019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610294565b6040518082815260200191505060405180910390f35b34801561012c57600080fd5b50610161600480360381019080803573ffffffffffffffffffffffffffffffffffffffff1690602001909291905050506102dc565b6040518082815260200191505060405180910390f35b346000808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020016000206000828254019250508190555050565b806000803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002054101515610291573373ffffffffffffffffffffffffffffffffffffffff168160405160006040518083038185875af192505050151561024457600080fd5b806000803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020600082825403925050819055505b50565b60008060008373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020549050919050565b600060205280600052604060002060009150905054815600a165627a7a7230582055257d7e55270e0f9d1abf1cd2cf3d2bb4469fefe877a42062e8aaaf1a43cefa0029",
"storage": {}
},
"0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa": {
"nonce": 0,
"balance": "0x00000000000000000000ffffffffffffffffffffffffffffffffffffffffffff",
"code": "",
"storage": {}
},
"0xcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcb": {
"nonce": 0,
"balance": "0x000000000000000000000000000000000000000000000000001e2ce9ce368000",
"code": "",
"storage": {}
},
"0xcccccccccccccccccccccccccccccccccccccccc": {
"nonce": 1,
"balance": "0x00000000000000000000ffffffffffffffffffffffffffffffe1d31631c97fff",
"code": "",
"storage": {}
}
}
},
"steps": [
{
"address": "0x8af6a7af30d840ba137e8f3f34d54cfb8beba6e2",
"gasLimit": "0x7d00",
"gasPrice": "0x773594000",
"input": "0x2e1a7d4d000000000000000000000000000000",
"origin": "0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
"value": "0x0",
"blockCoinbase": "0xcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcb",
"blockDifficulty": "0xa7d7343662e26",
"blockGasLimit": "0x7d0000",
"blockNumber": "0x661a55",
"blockTime": "0x5be99aa8"
}
]
}
}
},
{
"swcID": "SWC-107",
"swcTitle": "Reentrancy",
"description": {
"head": "persistent state write after call",
"tail": "Accessing the persistent state (storage or balance) of a contract should be avoided after calls to external contracts to prevent reentrancy issues. Make sure the callee is trusted or access the persistent state before the call."
},
"severity": "High",
"locations": [
{
"sourceMap": "655:1:0"
}
],
"extra": {
"testCase": {
"initialState": {
"accounts": {
"0x6666666666666666666666666666666666666660": {
"nonce": 1,
"balance": "0x00000000000000000000000000000000000000ffffffffffffffffffffffffff",
"code": "",
"storage": {}
},
"0x6666666666666666666666666666666666666661": {
"nonce": 1,
"balance": "0x00000000000000000000000000000000000000ffffffffffffffffffffffffff",
"code": "0x00",
"storage": {}
},
"0x6666666666666666666666666666666666666662": {
"nonce": 1,
"balance": "0x00000000000000000000000000000000000000ffffffffffffffffffffffffff",
"code": "0xfd",
"storage": {}
},
"0x6666666666666666666666666666666666666663": {
"nonce": 1,
"balance": "0x00000000000000000000000000000000000000ffffffffffffffffffffffffff",
"code": "0x608060405260005600a165627a7a72305820466f8a1bdae15c60b8e998fe04836ef505803cfbd8edd29bd4679531357576530029",
"storage": {}
},
"0x6666666666666666666666666666666666666664": {
"nonce": 1,
"balance": "0x00000000000000000000000000000000000000ffffffffffffffffffffffffff",
"code": "0x60806040527366666666666666666666666666666666666666643081146038578073ffffffffffffffffffffffffffffffffffffffff16ff5b5000fea165627a7a72305820ebf117db15ae50145ae169199f2a837a03ce5cd63b0b77fa0935b347011805f40029",
"storage": {}
},
"0x8af6a7af30d840ba137e8f3f34d54cfb8beba6e2": {
"nonce": 1,
"balance": "0x0000000000000000000000000000000000000000000000000000000000000000",
"code": "0x608060405260043610610061576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff168062362a95146100665780632e1a7d4d1461009c57806359f1286d146100c9578063d5d44d8014610120575b600080fd5b61009a600480360381019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610177565b005b3480156100a857600080fd5b506100c7600480360381019080803590602001909291905050506101c6565b005b3480156100d557600080fd5b5061010a600480360381019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610294565b6040518082815260200191505060405180910390f35b34801561012c57600080fd5b50610161600480360381019080803573ffffffffffffffffffffffffffffffffffffffff1690602001909291905050506102dc565b6040518082815260200191505060405180910390f35b346000808373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020016000206000828254019250508190555050565b806000803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002054101515610291573373ffffffffffffffffffffffffffffffffffffffff168160405160006040518083038185875af192505050151561024457600080fd5b806000803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020600082825403925050819055505b50565b60008060008373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020549050919050565b600060205280600052604060002060009150905054815600a165627a7a7230582055257d7e55270e0f9d1abf1cd2cf3d2bb4469fefe877a42062e8aaaf1a43cefa0029",
"storage": {}
},
"0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa": {
"nonce": 0,
"balance": "0x00000000000000000000ffffffffffffffffffffffffffffffffffffffffffff",
"code": "",
"storage": {}
},
"0xcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcb": {
"nonce": 0,
"balance": "0x000000000000000000000000000000000000000000000000001e2ce9ce368000",
"code": "",
"storage": {}
},
"0xcccccccccccccccccccccccccccccccccccccccc": {
"nonce": 1,
"balance": "0x00000000000000000000ffffffffffffffffffffffffffffffe1d31631c97fff",
"code": "",
"storage": {}
}
}
},
"steps": [
{
"address": "0x8af6a7af30d840ba137e8f3f34d54cfb8beba6e2",
"gasLimit": "0x7d00",
"gasPrice": "0x773594000",
"input": "0x2e1a7d4d000000000000000000000000000000",
"origin": "0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
"value": "0x0",
"blockCoinbase": "0xcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcbcb",
"blockDifficulty": "0xa7d7343662e26",
"blockGasLimit": "0x7d0000",
"blockNumber": "0x661a55",
"blockTime": "0x5be99aa8"
}
]
}
}
},
{
"swcID": "SWC-107",
"swcTitle": "Reentrancy",
"description": {
"head": "A call to a user-supplied address is executed.",
"tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on the contract state."
},
"severity": "Medium",
"locations": [
{
"sourceMap": "565:1:0"
}
],
"extra": {
"testCase": {
"initialState": {
"accounts": null
},
"steps": null
}
}
}
],
"sourceType": "raw-bytecode",
"sourceFormat": "evm-byzantium-bytecode",
"sourceList": [
"0x416427c16b123b9091f6950597886fac730e4e94097d86d7877cd89cf1fa436e"
],
"meta": {}
}
]