search

crytic / slither

Static Analyzer for Solidity and Vyper
https://blog.trailofbits.com/2018/10/19/slither-a-solidity-static-analysis-framework/
GNU Affero General Public License v3.0
5.25k stars 959 forks source link

SSA: function parameter use index 1 instead of 0 #1683

Open montyly opened 1 year ago

montyly commented 1 year ago 
contract A{
    function f(int a, int b) public returns(int){
        return a+b;
    }
}

$ slither test.sol --print slithir-ssa

Function A.f(int256,int256)
    Expression: a + b
    IRs:
        TMP_0(int256) = a_1 (c)+ b_1
        RETURN TMP_0


Here `a_1` should be `a_0`. In particular this will break the taint analysis on the SSA API
Troublor commented 1 year ago

Can this bug be avoided temporarily by rolling back to old slither versions?