Decompilation Error with --truffle

[TlxTejaswi]

Hello,

While scanning my contract using Securify, I get the following message:

---

Processing contract: /project/contracts/ReputationBook.sol:ReputationBook
  Attempt to decompile the contract with methods...
  Failed to decompile methods. Attempt to decompile the contract without identifying methods...
  Decompilation failed.
Error in Securify
java.lang.NullPointerException
    at ch.securify.decompiler.DestackerFallback.findJumpCondition(DestackerFallback.java:403)
    at ch.securify.decompiler.DestackerFallback.handleStackMerging(DestackerFallback.java:356)
    at ch.securify.decompiler.DestackerFallback.decompile(DestackerFallback.java:205)
    at ch.securify.decompiler.DestackerFallback.decompile(DestackerFallback.java:201)
    at ch.securify.decompiler.DestackerFallback.decompile(DestackerFallback.java:238)
    at ch.securify.decompiler.DestackerFallback.decompile(DestackerFallback.java:216)
    at ch.securify.decompiler.DestackerFallback.decompile(DestackerFallback.java:238)
    at ch.securify.decompiler.DestackerFallback.decompile(DestackerFallback.java:238)
    at ch.securify.decompiler.DestackerFallback.decompile(DestackerFallback.java:131)
    at ch.securify.decompiler.DecompilerFallback.decompile(DecompilerFallback.java:73)
    at ch.securify.Main.decompileContract(Main.java:296)
    at ch.securify.Main.processHexFile(Main.java:160)
    at ch.securify.Main.processCompilationOutput(Main.java:129)
    at ch.securify.Main.mainFromCompilationOutput(Main.java:105)
    at ch.securify.Main.main(Main.java:241)
Error, skipping: /project/contracts/ReputationBook.sol:ReputationBook

---

As a result, Securify is skipping the contract that I want to scan.

Please help me address this.

[hiqua]

Could you send us your contract, or a minimal reproducible example?

[TlxTejaswi]

@hiqua Thanks for the quick response. Here is the truffle project we are trying to compile. Contract

For your reference, we have changed the Dockerfile to below. Because we were unable to compile truffle with old versions of nodejs.

FROM ubuntu:18.04

LABEL maintainer="contact@securify.ch"

# install basic packages
RUN apt-get update && apt-get install -y\
    software-properties-common\
    locales

# set correct locale
RUN locale-gen en_US.UTF-8
ENV LANG en_US.UTF-8
ENV LANGUAGE en_US:en
ENV LC_ALL en_US.UTF-8

# install souffle
RUN apt-get update &&\
        apt-get -y install\
        wget\
        gdebi

RUN mkdir /souffle
RUN wget -P /souffle/ https://github.com/souffle-lang/souffle/releases/download/1.4.0/souffle_1.4.0-1_amd64.deb &&\
        gdebi --n /souffle/souffle_1.4.0-1_amd64.deb

# install java and pip
RUN apt-get update && apt-get -y install\
        openjdk-8-jdk\
        python3-pip

COPY requirements.txt /tmp/
RUN pip3 install --user -r /tmp/requirements.txt

RUN mkdir /isolc
COPY scripts/isolc/* /isolc/
RUN cd / && python3 -m isolc.install_solc

# install truffle for project compilation
RUN apt-get install -y curl
RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
RUN apt install -y nodejs

ARG truffle="latest"
RUN npm install -g truffle@$truffle

WORKDIR /sec

# To cache gradle distribution
COPY gradlew settings.gradle /sec/
COPY gradle /sec/gradle/
RUN ./gradlew -v

# copy and compile securify
COPY . /sec

RUN ./gradlew jar

# Solidity example
COPY src/test/resources/solidity/transaction-reordering.sol /project/example.sol
RUN npm -v
RUN node -v
# run_securify.py allows arguments to be passed (e.g. "--truffle").
ENTRYPOINT ["python3", "docker_run_securify.py", "-p", "/project","--truffle"]

[hiqua]

I didn't try with your Dockerfile, but if you rebuild the docker container by removing the build/ folder before, it should work. Alternatively, you can just pull the latest version, where I added this folder to the .dockerignore file. Please let us know if it works!

[tlxnithin]

Hi @hiqua , I was able to run after taking the latest code. But I seem to be getting OutOfMemory exception.

Below is detailed error. Is it something to do with system memory??

Compiling project
Running Securify
Processing contract: /project/node_modules/openzeppelin-solidity/contracts/token/ERC721/ERC721.sol:ERC721
Processing contract: /project/contracts/Constants.sol:Constants
  Attempt to decompile the contract with methods...
  Failed to decompile methods. Attempt to decompile the contract without identifying methods...
  Propagating constants...
  Verifying patterns...
Processing contract: /project/node_modules/openzeppelin-solidity/contracts/math/SafeMath.sol:SafeMath
  Attempt to decompile the contract with methods...
  Failed to decompile methods. Attempt to decompile the contract without identifying methods...
  Propagating constants...
  Verifying patterns...
Processing contract: /project/node_modules/openzeppelin-solidity/contracts/ownership/Ownable.sol:Ownable
  Attempt to decompile the contract with methods...
  Failed to decompile methods. Attempt to decompile the contract without identifying methods...
  Propagating constants...
  Verifying patterns...
Exception in thread "main" java.lang.OutOfMemoryError: Java heap space
    at java.util.HashMap.resize(HashMap.java:704)
    at java.util.HashMap.putVal(HashMap.java:629)
    at java.util.HashMap.put(HashMap.java:612)
    at java.util.HashSet.add(HashSet.java:220)
    at ch.securify.analysis.AbstractDataflow.readFixedpoint(AbstractDataflow.java:217)
    at ch.securify.analysis.AbstractDataflow.runQuery(AbstractDataflow.java:226)
    at ch.securify.analysis.MustExplicitDataflow.mustPrecede(MustExplicitDataflow.java:44)
    at ch.securify.analysis.Dataflow.mustPrecede(Dataflow.java:89)
    at ch.securify.patterns.LockedEther.isSafe(LockedEther.java:54)
    at ch.securify.patterns.AbstractContractPattern.checkPattern(AbstractContractPattern.java:38)
    at ch.securify.Main.checkInstructions(Main.java:443)
    at ch.securify.Main.checkPatterns(Main.java:388)
    at ch.securify.Main.processHexFile(Main.java:185)
    at ch.securify.Main.processCompilationOutput(Main.java:132)
    at ch.securify.Main.mainFromCompilationOutput(Main.java:108)
    at ch.securify.Main.main(Main.java:244)
Error running Securify

I saw the same here but did not get what to do for resolving this.

[tlxnithin]

I was able to run successfully for most of the contracts after the same change. But still see the null pointer exception as before as below. Can I get to know what might be reason for the this error?

Processing contract: /project/node_modules/openzeppelin-solidity/contracts/token/ERC721/ERC721BasicToken.sol:ERC721BasicToken
  Attempt to decompile the contract with methods...
  Failed to decompile methods. Attempt to decompile the contract without identifying methods...
  Decompilation failed.
Error in Securify
java.lang.NullPointerException
    at ch.securify.decompiler.DestackerFallback.findJumpCondition(DestackerFallback.java:403)
    at ch.securify.decompiler.DestackerFallback.handleStackMerging(DestackerFallback.java:356)

[hiqua]

It works fine for me, what are the precise commands you run to obtain this result?

[tlxnithin]

I have changed the Dockerfile to have truffle argument and changed the truffle version. Then running the securify against the Contract mentioned before.

The command was like below.

docker run -v <path to truffle folder>:/project securify

[hiqua]

And you ran npm install before, to have the dependencies installed?

[tlxnithin]

Yes, I am able to see those files under node_modules/openzippelin folder.

[hiqua]

You can also try without the --truffle argument, does it fail the same?

[tlxnithin]

With out --truffle argument, will securify able to get the imports mentioned from node_modules folder??

[hiqua]

Yes it should, it just uses the solc binary directly rather than truffle compile.

[tlxnithin]

Last time we tried without --truffle, the securify was giving error saying not able to find those import files. We will try with the latest image without --truffle argument.

[tlxnithin]

Worked without the --truffle argument. But I am not able to understand why such a difference. I will ask @TlxTejaswi to close this. Thanks a lot @hiqua . Much appreciated.

[tlxnithin]

@hiqua Is there any document which says how to handle the warnings/error we get from Securify? I am not able to understand the report I get from securify. For imports and declarations it says "Missing Input Validations", for contract constructor it says "LockedEther". Is there something I am missing?

[hiqua]

@hiqua Is there any document which says how to handle the warnings/error we get from Securify? I am not able to understand the report I get from securify. For imports and declarations it says "Missing Input Validations", for contract constructor it says "LockedEther". Is there something I am missing?

When you run with --json and --descriptions, the pattern descriptions are added to the output, which should help. In particular, missing input validations would mean that there is no check on the input before it is used, e.g. https://securify.chainsecurity.com/report/daba27ac22cd2bd6cd5e3d850b516dce3492d011324dbbe351f3ad542901aa35

[tlxnithin]

@hiqua Is there any document which says how to handle the warnings/error we get from Securify? I am not able to understand the report I get from securify. For imports and declarations it says "Missing Input Validations", for contract constructor it says "LockedEther". Is there something I am missing?

When you run with --json and --descriptions, the pattern descriptions are added to the output, which should help. In particular, missing input validations would mean that there is no check on the input before it is used, e.g. https://securify.chainsecurity.com/report/daba27ac22cd2bd6cd5e3d850b516dce3492d011324dbbe351f3ad542901aa35

I understood what "Missing input validations" is and what I am saying is I am getting that for declaration statement like uint public a = 1;. So it was bit confusing.