Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: convert_library_call is buggy and doesn't convert high level call/ set function properly #1286

Closed
eccentricexit opened this issue Jul 13, 2022 · 1 comment
Closed

[Bug]: convert_library_call is buggy and doesn't convert high level call/ set function properly #1286

eccentricexit opened this issue Jul 13, 2022 · 1 comment
Labels
bug Something isn't working

Comments

@eccentricexit
Copy link

eccentricexit commented Jul 13, 2022
edited
Loading

Describe the issue:

Slither with slither . --print echidna throws this error when the contract uses a library with fixed sized arrays.

Code example to reproduce the issue:

// SPDX-License-Identifier: MIT
pragma solidity 0.8.10;

library Setter {
    function set(
        uint256[1] storage self,
        uint256 key,
        uint256 value
    ) internal {
        self[key] = value;
    }
}

contract SetterTest {
    using Setter for uint256[1];

    uint256[1] public params;

    function f(uint256 key, uint256 value) external {
        params.set(key, value);
    }
}

Version:

$ slither --version
0.8.3

$ truffle version
Truffle v5.5.21 (core: 5.5.21)
Ganache v7.2.0
Solidity - 0.8.10 (solc-js)
Node v12.22.12
Web3.js v1.7.4

Relevant log output:

...
> Compiled successfully using:
   - solc: 0.8.10+commit.fc410830.Emscripten.clang

Traceback (most recent call last):
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/__main__.py", line 744, in main_impl
    ) = process_all(filename, args, detector_classes, printer_classes)
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/__main__.py", line 87, in process_all
    ) = process_single(compilation, args, detector_classes, printer_classes)
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/__main__.py", line 72, in process_single
    return _process(slither, detector_classes, printer_classes)
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/__main__.py", line 119, in _process
    printer_results = slither.run_printers()
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/slither.py", line 211, in run_printers
    return [p.output(self._crytic_compile.target).data for p in self._printers]
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/slither.py", line 211, in <listcomp>
    return [p.output(self._crytic_compile.target).data for p in self._printers]
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/printers/guidance/echidna.py", line 380, in output
    cst_functions = _extract_constant_functions(self.slither)
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/printers/guidance/echidna.py", line 118, in _extract_constant_functions
    cst_functions = [_get_name(f) for f in contract.functions_entry_points if _is_constant(f)]
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/printers/guidance/echidna.py", line 118, in <listcomp>
    cst_functions = [_get_name(f) for f in contract.functions_entry_points if _is_constant(f)]
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/printers/guidance/echidna.py", line 102, in _is_constant
    if isinstance(ir.function, Variable) or ir.function.view or ir.function.pure:
AttributeError: 'NoneType' object has no attribute 'view'
None
Error in .
Traceback (most recent call last):
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/__main__.py", line 744, in main_impl
    ) = process_all(filename, args, detector_classes, printer_classes)
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/__main__.py", line 87, in process_all
    ) = process_single(compilation, args, detector_classes, printer_classes)
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/__main__.py", line 72, in process_single
    return _process(slither, detector_classes, printer_classes)
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/__main__.py", line 119, in _process
    printer_results = slither.run_printers()
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/slither.py", line 211, in run_printers
    return [p.output(self._crytic_compile.target).data for p in self._printers]
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/slither.py", line 211, in <listcomp>
    return [p.output(self._crytic_compile.target).data for p in self._printers]
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/printers/guidance/echidna.py", line 380, in output
    cst_functions = _extract_constant_functions(self.slither)
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/printers/guidance/echidna.py", line 118, in _extract_constant_functions
    cst_functions = [_get_name(f) for f in contract.functions_entry_points if _is_constant(f)]
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/printers/guidance/echidna.py", line 118, in <listcomp>
    cst_functions = [_get_name(f) for f in contract.functions_entry_points if _is_constant(f)]
  File "/home/deadcode/.local/lib/python3.10/site-packages/slither/printers/guidance/echidna.py", line 102, in _is_constant
    if isinstance(ir.function, Variable) or ir.function.view or ir.function.pure:
AttributeError: 'NoneType' object has no attribute 'view'
@eccentricexit eccentricexit added the bug-candidate Bugs reports that are not yet confirmed label Jul 13, 2022
@0xalpharush 0xalpharush added bug Something isn't working and removed bug-candidate Bugs reports that are not yet confirmed labels Jul 13, 2022
@0xalpharush 0xalpharush changed the title [Bug]: AttributeError: 'NoneType' object has no attribute 'view' [Bug]: convert_library_call is buggy and does convert high level call/ set function properly Aug 4, 2022
@0xalpharush 0xalpharush changed the title [Bug]: convert_library_call is buggy and does convert high level call/ set function properly [Bug]: convert_library_call is buggy and doesn't convert high level call/ set function properly Aug 4, 2022
@0xalpharush
Copy link
Member

0xalpharush commented Aug 4, 2022
edited
Loading

Here, using_for can have keys that are objects and not strings:

slither/slither/slithir/convert.py

Lines 529 to 532 in ce9dbf6

if t in using_for or "*" in using_for:
new_ir = convert_to_library(ir, node, using_for)
if new_ir:
return new_ir

Thus, the high level call is not converted to a library call and the function attribute is not set, producing the following incorrect IR:

Contract Setter
        Function Setter.set(uint256[1],uint256,uint256) (*)
                Expression: self[key] = value
                IRs:
                        REF_0(uint256) -> self[key]
                        REF_0 (->self) := value(uint256)
Contract SetterTest
        Function SetterTest.f(uint256,uint256) (*)
                Expression: params.set(key,value)
                IRs:
                        TMP_0(None) = HIGH_LEVEL_CALL, dest:params(uint256[1]), function:set, arguments:['key', 'value']

EDIT:
The __eq__ function for ArrayType compares equality of its length property (which in this case is a Literal). The Literal class does not implement __eq__

@0xalpharush 0xalpharush mentioned this issue Aug 16, 2022
Merged
pull bot pushed a commit to bbhunter/slither that referenced this issue Aug 17, 2022
@0xalpharush
implement eq for literal
6819084 
Fixes crytic#1286
IR generated after this PR
```
Contract Setter
        Function Setter.set(uint256[1],uint256,uint256) (*)
                Expression: self[key] = value
                IRs:
                        REF_0(uint256) -> self[key]
                        REF_0 (->self) := value(uint256)
Contract SetterTest
        Function SetterTest.f(uint256,uint256) (*)
                Expression: params.set(key,value)
                IRs:
                        LIBRARY_CALL, dest:Setter, function:Setter.set(uint256[1],uint256,uint256), arguments:['params', 'key', 'value'] 
```
@kevinclancy kevinclancy mentioned this issue Aug 15, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@eccentricexit @0xalpharush