search

Consensys / mythril

Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.
https://mythx.io/
MIT License
3.88k stars 741 forks source link

Issue #337 not fully resolved #394

Closed shashank-srikant closed 6 years ago

shashank-srikant commented 6 years ago

Description

Had raised a bug earlier regarding Mythril not processing Interfaces. Issue referenced in #337 It was fixed in #347 However, the fix seems to be incorrect, since now, it is unable to process contracts with valid methods.

How to Reproduce

Solidity script: https://etherscan.io/address/0x6342eabec28aec4902432d852dcd08d4f6df96ab#code Both commands - myth -xo json file_name:MintableToken and myth -xo json file_name:MintableTokenImpl provide the following output

{"issues": [], "error": "input files do not contain any valid contracts", "success": false}

The source codes of the two contracts are - 

contract MintableToken is Token {
    event Mint(address indexed to, uint256 amount);

    function mint(address _to, uint256 _amount) public returns (bool);
}

and,

contract MintableTokenImpl is Ownable, TokenImpl, MintableToken {
    /**
     * @dev Function to mint tokens
     * @param _to The address that will receive the minted tokens.
     * @param _amount The amount of tokens to mint.
     * @return A boolean that indicates if the operation was successful.
     */
    function mint(address _to, uint256 _amount) onlyOwner public returns (bool) {
        totalSupply = totalSupply.add(_amount);
        balances[_to] = balances[_to].add(_amount);
        emitMint(_to, _amount);
        emitTransfer(address(0), _to, _amount);
        return true;
    }

    function emitMint(address _to, uint256 _value) internal {
        Mint(_to, _value);
    }
}

Clearly, MintableTokenImpl is not an interface.

Environment

norhh commented 6 years ago

Hi @shashank-srikant ,Thanks for the report. Currently we are using solc for getting the bytecode and I don't see any code for MintableTokenImpl when i execute solc -o outputDirectory --bin --bin-runtime --asm --opcodes sourceFile.sol And it's code seems to be in the ZenomeToken file, looks like solc is considering it as an interface

norhh commented 6 years ago

It seems MintableTokenImpl is an abstract contract in which case solc doesn't compile it so we won't receive the code from solidity.