-
Notifications
You must be signed in to change notification settings - Fork 71
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
104 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,101 @@ | ||
| use prettytable::{row, Row}; | ||
|
|
||
| use super::auditor::AuditorDetector; | ||
| use crate::{ | ||
| ast::{FunctionKind, NodeType}, | ||
| context::workspace_context::{ASTNode, WorkspaceContext}, | ||
| detect::helpers::get_implemented_external_and_public_functions, | ||
| }; | ||
| use std::{cmp::Ordering, collections::BTreeSet, error::Error}; | ||
|
|
||
| #[derive(Clone, Eq, PartialEq)] | ||
| pub struct EntryPointsInstance { | ||
| pub contract_name: String, | ||
| pub function_name: String, | ||
| pub function_kind: FunctionKind, | ||
| } | ||
|
|
||
| impl Ord for EntryPointsInstance { | ||
| fn cmp(&self, other: &Self) -> Ordering { | ||
| let by_contract = self.contract_name.cmp(&other.contract_name); | ||
| if by_contract == Ordering::Equal { | ||
| self.function_name.cmp(&other.function_name) | ||
| } else { | ||
| by_contract | ||
| } | ||
| } | ||
| } | ||
|
|
||
| impl PartialOrd for EntryPointsInstance { | ||
| fn partial_cmp(&self, other: &Self) -> Option<Ordering> { | ||
| Some(self.cmp(other)) | ||
| } | ||
| } | ||
|
|
||
| #[derive(Default)] | ||
| pub struct EntryPointsDetector { | ||
| // contract_name, function_name | ||
| found_instances: BTreeSet<EntryPointsInstance>, | ||
| } | ||
|
|
||
| impl AuditorDetector for EntryPointsDetector { | ||
| fn detect(&mut self, context: &WorkspaceContext) -> Result<bool, Box<dyn Error>> { | ||
| let functions = get_implemented_external_and_public_functions(context); | ||
| functions.for_each(|function_definition| { | ||
| if let ASTNode::ContractDefinition(contract_definition) = context | ||
| .get_closest_ancestor(function_definition.id, NodeType::ContractDefinition) | ||
| .unwrap() | ||
| { | ||
| let contract_name = contract_definition.name.clone(); | ||
| self.found_instances.insert(EntryPointsInstance { | ||
| contract_name, | ||
| function_name: function_definition.name.clone(), | ||
| function_kind: function_definition.kind().clone(), | ||
| }); | ||
| } | ||
| }); | ||
| Ok(!self.found_instances.is_empty()) | ||
| } | ||
|
|
||
| fn title(&self) -> String { | ||
| String::from("Contract Entry Points") | ||
| } | ||
|
|
||
| fn skeletal_clone(&self) -> Box<dyn AuditorDetector> { | ||
| Box::<EntryPointsDetector>::default() | ||
| } | ||
|
|
||
| fn table_titles(&self) -> Row { | ||
| row!["Contract", "Function Kind", "Function Name"] | ||
| } | ||
|
|
||
| fn table_rows(&self) -> Vec<Row> { | ||
| self.found_instances | ||
| .iter() | ||
| .map(|instance| { | ||
| row![instance.contract_name, instance.function_kind, instance.function_name,] | ||
| }) | ||
| .collect() | ||
| } | ||
| } | ||
|
|
||
| #[cfg(test)] | ||
| mod public_functions_no_sender_checks { | ||
| use crate::{ | ||
| audit::{auditor::AuditorDetector, entry_points::EntryPointsDetector}, | ||
| detect::test_utils::load_solidity_source_unit, | ||
| }; | ||
|
|
||
| #[test] | ||
| fn test_public_functions_no_sender_checks() { | ||
| let context = load_solidity_source_unit( | ||
| "../tests/contract-playground/src/auditor_mode/PublicFunctionsWithoutSenderCheck.sol", | ||
| ); | ||
|
|
||
| let mut detector = EntryPointsDetector::default(); | ||
| let found = detector.detect(&context).unwrap(); | ||
| // assert that the detector found an issue | ||
| assert!(found); | ||
| assert!(detector.found_instances.len() == 11); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,4 @@ | ||
| pub mod attack_surface; | ||
| pub mod auditor; | ||
| pub mod entry_points; | ||
| pub mod public_functions_no_sender; |