val <- map[key];
hash = builtin sha256hash val;
...
Perhaps the author intended to process val differently if it's a missing value (None).
To prevent things like this we can analyse if val is actually pattern-matched on somewhere.
Another instance:
val <- map[key];
e = {
_eventname : "EventName";
val: val
};
event e
The programmer here did not mean to send an event containing an optional value.
A real-world contract has code like this:
Perhaps the author intended to process
valdifferently if it's a missing value (None). To prevent things like this we can analyse ifvalis actually pattern-matched on somewhere.Another instance:
The programmer here did not mean to send an event containing an optional value.