Open alexanderhawl opened 4 weeks ago
You are looking for arguments of the call https://crytic.github.io/slither/slither/slithir/operations/call.html#Call.arguments. The parameters are what is in the function defintion.
Here's an example of how you'd do this https://github.com/crytic/slither/blob/9a5b4f5cff9db6475c5badff18f9882180d5f344/slither/detectors/erc/erc20/arbitrary_send_erc20.py#L54-L64
For your example here's roughly how that translates
for contract in ct:
funcs=contract.functions
for func in funcs:
fps=[]
for fp in func.parameters:
fps.append(fp.name)
for block in func.nodes:
for operation in block.irs:
if isinstance(operation, HighLevelCall)
and isinstance(operation.function, Function)
and operation.function.name == "safeTransferFrom": # use sig or check length of args to prevent IndexError's
frm=str(scs[1].arguments[1])
t=str(scs[1].arguments[2])
if (frm in fps) and (t in fps):
print('vuln')
Describe the issue:
There is a smart contract
I use slither in python, to detect the safeTransferFrom whether limit the from parameter. This is my code
But I found scs[1].parameters are parameters 'token' 'from','to','value' which are in TransferHelper smart contract's safeTransferFrom, not 'token','from','to','fee' in TokenFee contract's safeTransferFrom. How to get the right parameter 'token','from','to','fee'?
Code example to reproduce the issue:
Version:
0.10.3
Relevant log output:
No response