search

crytic / amarna

Amarna is a static-analyzer and linter for the Cairo programming language.
https://blog.trailofbits.com/2022/04/20/amarna-static-analysis-for-cairo-programs/
GNU Affero General Public License v3.0
149 stars 7 forks source link

Warn on storage_var collision #10

Closed milancermak closed 2 years ago

milancermak commented 2 years ago

Cairo lets you write a contract with @storage_var collisions. Here's an example courtesy of @andrew-fleming. Obviously, this can lead to an unintended behaviour or an exploit.

It would be great if Amarna could detect a collision like this and raise a warning.

From my experimentation, the compiler does detect this but only if the func declaration is slightly different. For example, this will raise an error when compiling:

# a.cairo
@storage_var
func balance() -> (res : felt):
end

# b.cairo
# notice the different name for the returned value
@storage_var
func balance() -> (value : felt):
end

This will compile without a problem:

# a.cairo
@storage_var
func balance() -> (res : felt):
end

# b.cairo
@storage_var
func balance() -> (res : felt):
end

The compiler also doesn't raise a warning if the --no_debug_info flag is passed.

montyly commented 2 years ago

Hi @milancermak .

This is a great idea, we will add a detector for it