from manticore.seth import ManticoreEVM
m = ManticoreEVM()
m.verbosity(3)
#And now make the contract account to analyze
source_code = file('coverage.sol').read()
user_account = m.create_account(balance=1000)
bytecode = m.compile(source_code)
#Initialize contract
contract_account = m.create_contract(owner=user_account,
balance=0,
init=bytecode)
m.transaction(
caller=user_account,
address=contract_account,
value=None,
data=m.SByte(164),
)
#Up to here we get only ~30% coverage.
#We need 2 transactions to fully explore the contract
m.transaction(
caller=user_account,
address=contract_account,
value=None,
data=m.SByte(164),
)
#And now make the contract account to analyze
source_code = '''
pragma solidity ^0.4.15;
contract Overflow {
uint private sellerBalance=0;
function add(uint value) returns (bool){
sellerBalance += value; // complicated math with possible overflow
// possible auditor assert
assert(sellerBalance >= value);
}
}
'''
#Initialize user and contracts
user_account = seth.create_account(balance=1000)
contract_account = seth.solidity_create_contract(source_code, owner=user_account, balance=0)
#First add won't overflow uint256 representation
contract_account.add(seth.SValue)
#Potential overflow
contract_account.add(seth.SValue)
print "[+] There are %d reverted states now"% len(seth.final_state_ids)
for state_id in seth.final_state_ids:
seth.report(state_id)
print "[+] There are %d alive states now"% len(seth.running_state_ids)
for state_id in seth.running_state_ids: