[BUG] [MS Windows]: Relative paths should be relative to the scanned contract.

[cleanunicorn]

With the MetaCoin project, I run the following in the root of the project:

$ mythos analyze contracts\MetaCoin.sol MetaCoin

The error returned is:

Reading contract contracts\MetaCoin.sol... done
Compiling with Solidity version: v0.5.6+commit.b259423e
 »   Error: contracts\MetaCoin.sol:3:1: ParserError: Source "ConvertLib.sol" not found: ENOENT: no such file or directory, stat 'ConvertLib.sol'
 »   import "./ConvertLib.sol";
 »   ^------------------------^
 »
Compiling contract contracts\MetaCoin.sol... failed

But when I move into the contracts directory and run:

$ mythos analyze MetaCoin.sol MetaCoin

The run succeeds:

Reading contract MetaCoin.sol... done
Compiling with Solidity version: v0.5.6+commit.b259423e
Compiling contract MetaCoin.sol... done
Analyzing contract MetaCoin... done

UUID: 6218bf94-3ecf-459b-93ef-ec66bae11c17
API Version: v1.4.14
Harvey Version: 0.0.18
Maestro Version: 1.2.10
Maru Version: 0.4.4
Mythril Version: 0.20.4

Report found 1 issues
Meta:
Covered instructions: 410
Covered paths: 10
Selected compiler version: vUnknown

Title: (SWC-111) Use of Deprecated Solidity Functions
Severity: Medium
Head: Use of tx.origin is deprecated.
Description: The smart contract retrieves the transaction origin (tx.origin) using msg.origin. Use of msg.origin is deprecated and the instruction may be removed in the  future. Use msg.sender instead.
See also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin
Source code:

MetaCoin.sol 16:10
--------------------------------------------------
[tx.origi
--------------------------------------------------

==================================================

Done

Presumably the tool is not seeing that the ./ConvertLib.sol is relative to the MetaCoin.col, not the directory that Mythos is running in. That should be fixed.

[use-strict]

PS C:\workspace\test> .\node_modules\.bin\mythos analyze ./contracts/index.sol A --mythxEthAddress=a --mythxPassword=b
Reading contract ./contracts/index.sol... done
Compiling with Solidity version: latest
 »   Warning: ./contracts/i.sol:1:1: Warning: Source file does not specify required compiler version! Consider adding
 »   "pragma solidity ^0.5.9;"
 »   contract B {}
 »   ^ (Relevant source part starts here and spans across multiple lines).
 »
 »   Warning: ./contracts/index.sol:1:1: Warning: Source file does not specify required compiler version! Consider
 »   adding "pragma solidity ^0.5.9;"
 »   import "./i.sol";
 »   ^ (Relevant source part starts here and spans across multiple lines).
 »
Compiling contract ./contracts/index.sol... done
Analyzing contract A... !
 »   Error: MythX login for ethereum address  a failed:
 »   Parse error of JWT login request: Wrong credentials - check your ethAddress and password (HTTP status 400)

[cleanunicorn]

I tried this on Windows and it was able to compile a contract that was inheriting another contract:

$ .\node_modules\.bin\mythos analyze ./contracts/index.sol A --mythxEthAddress=a --mythxPassword=b
Reading contract ./contracts/index.sol... done
Compiling with Solidity version: latest
 »   Warning: ./contracts/i.sol:1:1: Warning: Source file does not specify required compiler version! Consider adding
 »   "pragma solidity ^0.5.9;"
 »   contract B {}
 »   ^ (Relevant source part starts here and spans across multiple lines).
 »
 »   Warning: ./contracts/index.sol:1:1: Warning: Source file does not specify required compiler version! Consider
 »   adding "pragma solidity ^0.5.9;"
 »   import "./i.sol";
 »   ^ (Relevant source part starts here and spans across multiple lines).
 »
Compiling contract ./contracts/index.sol... done
Analyzing contract A... !
 »   Error: MythX login for ethereum address  a failed:
 »   Parse error of JWT login request: Wrong credentials - check your ethAddress and password (HTTP status 400)

The contracts were saved in the contracts/ folder and their contents are:

contracts/i.sol

contract B {}

contracts/index.sol

import "./i.sol";

contract A is B {}

Mythos version: 0.9.0

Can your confirm you still get the error with this version and these files?

[cleanunicorn]

Reopen this if you can reproduce the issue.

[bmmpxf]

I believe I am able to reproduce this issue with 0.9.0.

Running in the root of the project:

C:\....\simpleimport>mythos analyze contracts\index.sol A
Reading contract contracts\index.sol... done
Compiling with Solidity version: latest
 »   Error: contracts\index.sol:1:1: ParserError: Source "i.sol" not found: ENOENT: no such file or directory, stat 'i.sol'
 »   import "./i.sol";
 »   ^---------------^
 »
Compiling contract contracts\index.sol... failed

Then going into the contracts directory:

C:\....\simpleimport>cd contracts

C:\....\simpleimport\contracts>mythos analyze index.sol A
Reading contract index.sol... done
Compiling with Solidity version: latest
 »   Warning: i.sol:1:1: Warning: Source file does not specify required compiler version! Consider adding "pragma solidity ^0.5.9;"
 »   contract B {}
 »   ^-----------^
 »
 »   Warning: index.sol:1:1: Warning: Source file does not specify required compiler version! Consider adding "pragma solidity ^0.5.9;"
 »   import "./i.sol";
 »   ^ (Relevant source part starts here and spans across multiple lines).
 »
Compiling contract index.sol... done
Analyzing contract A... !
 »   Error: Sources are provided without `mainSource` field

There still is some kind of error there, but it gets farther. (Also, I got the same experience when I tried this with MetaCoin.sol again.)

[bmmpxf]

(I am not able to reopen this issue.)

[cleanunicorn]

I am reopening this issue because it has more information and will mark https://github.com/cleanunicorn/mythos/issues/40 as a duplicate.

I have problems reproducing this bug on Windows. I think I will try with a Windows virtual machine and debug this problem.

[cleanunicorn]

@use-strict I see the compilation worked

Compiling contract ./contracts/index.sol... done

The analysis failed because an invalid authentication was specified in the command line. You can replace --mythxEthAddress=a --mythxPassword=b with your authentication and rerun.

However, if you want to use your environment variables (MYTHX_ETH_ADDRESS and MYTHX_PASSWORD) you can just omit the arguments, like this:

PS C:\workspace\test> .\node_modules\.bin\mythos analyze ./contracts/index.sol A

[bmmpxf]

I think I figured out what's going on. I believe that Mythos is expecting UNIX-style forward slashes for paths, even on Windows.

So this fails:

rootofproject>mythos analyze contracts\index.sol A

while this succeeds:

rootofproject>mythos analyze contracts/index.sol A

(And FYI, I'm not using Powershell, I'm using cmd.)

[cleanunicorn]

@bmmpxf Thanks for debugging this :)

Should we close this issue?

[bmmpxf]

If you've got a fix for this, I'm happy to test.

[cleanunicorn]

The problem seems to be in the (solc)[https://www.npmjs.com/package/solc] package.

I suggest always using unix paths when specifying files, however it works with windows style paths, as long as they don't contain special characters.

Try with version 0.10.4. It worked on my local VM. It should work for you too.

[cleanunicorn]

@bmmpxf I will close this issue and feel free to reopen it if this problem still happens.