search

crytic / slither

Static Analyzer for Solidity and Vyper
https://blog.trailofbits.com/2018/10/19/slither-a-solidity-static-analysis-framework/
GNU Affero General Public License v3.0
5.33k stars 968 forks source link

Identify Functions that use delegatecall and msg.data for Echidna Printer #1202

Open man715 opened 2 years ago

man715 commented 2 years ago

Describe the desired feature

Echidna should be able to access implementation contracts via a proxy contract that utilizes delegatecall with msg.data. This will allow easier fuzzing on proxy contracts. Currently, the user needs to create a wrapper for each of the functions that are in the implementation contract.

Ideally, the Slither printer would extract functions that use msg.data and associate the functions of the called contract into the calling contract.

0xalpharush commented 2 years ago

To identify functions with msg.data, I think you can use the same method used here and add that info to the dictionary. Getting that working would be a good first step, and then we can discuss filtering for only fallback functions (it's not obvious that it wouldn't be useful for all functions).

man715 commented 2 years ago

I have created added the information to the dictionary in PR https://github.com/crytic/slither/pull/1204

man715 commented 2 years ago

To identify functions with msg.data, I think you can use the same method used here and add that info to the dictionary. Getting that working would be a good first step, and then we can discuss filtering for only fallback functions (it's not obvious that it wouldn't be useful for all functions).

I was able to get that function working. I agree it may not be needed that the fallback be filtered out.