rocky / vscode-solidity

Visual Studio Code language support extension for Solidity smart contracts in Ethereum
MIT License
1 stars 1 forks source link

MythX Run analyze fails when build/contracts directory is empty. #9

Closed daniyarchambylov closed 5 years ago

daniyarchambylov commented 5 years ago

vscode-analyze assumes that we're analyzing solidity file inside truffle projects and expects to have folder build/contracts to have json files. When it can't find json file it silently fails without any warning or error. Funny thing, though, is how Arrays work in Javascript.

Example:


export function guessTruffleBuildJson(directory: string): string {
    const jsonPaths = exports.getTruffleBuildJsonFiles(directory);
    const jsonPathsFiltered = [];
    for (const p of jsonPaths) {
        if ((path.basename(p) !== 'Migrations.json') &&
            (path.basename(p) !== 'mythril.json')) {
            jsonPathsFiltered.push(p);
        }
    }
    let jsonPath: string;
    if (jsonPathsFiltered.length >= 1) {
        jsonPath = jsonPathsFiltered[0];
    } else {
        jsonPath = jsonPaths[0];
    }
    return jsonPath;
}

Let's assume exports.getTruffleBuildJsonFiles(directory) returns empty array. Then jsonPathsFiltered would also be assigned to an empty array and jsonPath = jsonPaths[0]; would be executed. Cmming from languages like C, Python, Java we would expect jsonPaths[0 raize an exception like IndexError or KeyError, but Javascript returns undefined. and later tries to work with it assuming result is a string. Proof: image

Anyway whether we should handle such cases or not error should be show to user. Right now command silently fails.

daniyarchambylov commented 5 years ago

PR #11