search

crytic / slither

Static Analyzer for Solidity and Vyper
https://blog.trailofbits.com/2018/10/19/slither-a-solidity-static-analysis-framework/
GNU Affero General Public License v3.0
5.14k stars 945 forks source link

Tracking: imprecision of data dependencies on structures and arrays #365

Open gakonst opened 4 years ago

gakonst commented 4 years ago 

echo "pragma solidity ^0.5.3;

contract C {
    struct S { uint x; }

    function x() external pure returns (address) {
        S memory s;
        s.x = 1;
    }
}" > a.sol && slither a.sol

INFO:Detectors:
s in C.x() (a.sol#7) is a local variable never initialiazed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables
INFO:Slither:a.sol analyzed (1 contracts with 38 detectors), 1 result(s) found

Returns that s is never initialized, when in fact we populate all of its fields in the following line Related to https://github.com/crytic/slither/issues/270 and https://github.com/crytic/slither/issues/112 probably

montyly commented 4 years ago

Hi @gakonst,

Thank you for reporting this FP.

I think it is related to the current limitation of our IR, and the way it handles structure/mapping. It should be fixed once our IR refactoring is done (https://github.com/crytic/slither/pull/346)

jurajpiar commented 2 years ago

Any advance on this?

0xalpharush commented 1 year ago