Fix title & desc - state variable shadowing (#629)

Co-authored-by: Alex Roan <alex@cyfrin.io>
Cyfrin · Aug 2, 2024 · 82d4877 · 82d4877
1 parent b0c2ed7
commit 82d4877
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 10 deletions.
diff --git a/aderyn_core/src/detect/high/state_variable_shadowing.rs b/aderyn_core/src/detect/high/state_variable_shadowing.rs
@@ -179,11 +179,16 @@ impl IssueDetector for StateVariableShadowingDetector {
     }
 
     fn title(&self) -> String {
-        String::from("High Issue Title")
+        String::from("Shadowed State Variables in Inheritance Hierarchy")
     }
 
     fn description(&self) -> String {
-        String::from("Description of the high issue.")
+        String::from(
+            "This vulnerability arises when a derived contract unintentionally shadows a state variable from \
+            a parent contract by declaring a variable with the same name. This can be misleading. \
+            To prevent this, ensure variable names \
+            are unique across the inheritance hierarchy or use proper visibility and scope controls."
+        )
     }
 
     fn instances(&self) -> BTreeMap<(String, usize, String), NodeID> {
@@ -220,11 +225,19 @@ mod state_variable_shadowing_detector_tests {
             crate::detect::detector::IssueSeverity::High
         );
         // assert the title is correct
-        assert_eq!(detector.title(), String::from("High Issue Title"));
+        assert_eq!(
+            detector.title(),
+            String::from("Shadowed State Variables in Inheritance Hierarchy")
+        );
         // assert the description is correct
         assert_eq!(
             detector.description(),
-            String::from("Description of the high issue.")
+            String::from(
+                "This vulnerability arises when a derived contract unintentionally shadows a state variable from \
+                a parent contract by declaring a variable with the same name. This can be misleading. \
+                To prevent this, ensure variable names \
+                are unique across the inheritance hierarchy or use proper visibility and scope controls."
+            )
         );
     }
 }
diff --git a/reports/report.json b/reports/report.json
@@ -1414,8 +1414,8 @@
         ]
       },
       {
-        "title": "High Issue Title",
-        "description": "Description of the high issue.",
+        "title": "Shadowed State Variables in Inheritance Hierarchy",
+        "description": "This vulnerability arises when a derived contract unintentionally shadows a state variable from a parent contract by declaring a variable with the same name. This can be misleading. To prevent this, ensure variable names are unique across the inheritance hierarchy or use proper visibility and scope controls.",
         "detector_name": "state-variable-shadowing",
         "instances": [
           {

diff --git a/reports/report.md b/reports/report.md
@@ -26,7 +26,7 @@ This report was generated by [Aderyn](https://github.com/Cyfrin/aderyn), a stati
   - [H-16: Uninitialized State Variables](#h-16-uninitialized-state-variables)
   - [H-17: Incorrect use of caret operator on a non hexadcimal constant](#h-17-incorrect-use-of-caret-operator-on-a-non-hexadcimal-constant)
   - [H-18: Yul block contains `return` function call.](#h-18-yul-block-contains-return-function-call)
-  - [H-19: High Issue Title](#h-19-high-issue-title)
+  - [H-19: Shadowed State Variables in Inheritance Hierarchy](#h-19-shadowed-state-variables-in-inheritance-hierarchy)
   - [H-20: Unchecked `bool success` value for send call.](#h-20-unchecked-bool-success-value-for-send-call)
   - [H-21: Misused boolean with logical operators](#h-21-misused-boolean-with-logical-operators)
   - [H-22: Sending native Eth is not protected from these functions.](#h-22-sending-native-eth-is-not-protected-from-these-functions)
@@ -1348,9 +1348,9 @@ Remove this, as this causes execution to halt. Nothing after that call will exec
 
 
 
-## H-19: High Issue Title
+## H-19: Shadowed State Variables in Inheritance Hierarchy
 
-Description of the high issue.
+This vulnerability arises when a derived contract unintentionally shadows a state variable from a parent contract by declaring a variable with the same name. This can be misleading. To prevent this, ensure variable names are unique across the inheritance hierarchy or use proper visibility and scope controls.
 
 <details><summary>1 Found Instances</summary>
 

diff --git a/reports/report.sarif b/reports/report.sarif
@@ -1975,7 +1975,7 @@
             }
           ],
           "message": {
-            "text": "Description of the high issue."
+            "text": "This vulnerability arises when a derived contract unintentionally shadows a state variable from a parent contract by declaring a variable with the same name. This can be misleading. To prevent this, ensure variable names are unique across the inheritance hierarchy or use proper visibility and scope controls."
           },
           "ruleId": "state-variable-shadowing"
         },