def test_laser_result(self):
for input_file in TESTDATA_INPUTS_CONTRACTS.iterdir():
if input_file.name == "weak_random.sol":
continue
output_expected = TESTDATA_OUTPUTS_EXPECTED_LASER_RESULT / (
input_file.name + ".json")
output_current = TESTDATA_OUTPUTS_CURRENT_LASER_RESULT / (
input_file.name + ".json")
disassembly = SolidityContract(str(input_file)).disassembly
account = svm.Account("0x0000000000000000000000000000000000000000",
disassembly)
accounts = {account.address: account}
laser = svm.LaserEVM(accounts, max_depth=22)
laser.sym_exec(account.address)
laser_info = _all_info(laser)
output_current.write_text(
json.dumps(laser_info, cls=LaserEncoder, indent=4))
if not (output_expected.read_text()
== output_expected.read_text()):
self.found_changed_files(input_file, output_expected,
output_current)
self.assert_and_show_changed_files()
def AnalyseSherlockJson(fileAddress):
startTime = time.time() # pour calculer temps exécution
accounts = {}
contractAddress = ""
contractName = ""
firstContract = True
with open(fileAddress) as json_file:
data = json.load(json_file)
#print (data)
for p in data['contract']:
contract = EVMContract(code=p['contractBytecode'],
name=p['contractName'])
address = p['contractAddress']
account = svm.Account(address, contract.disassembly)
accounts[address] = account
if firstContract == True:
contractAddress = p['contractAddress']
contractName = p['contractName']
firstContract = False
print('contract name: ' + p['contractName'])
print('contract address: ' + p['contractAddress'])
#print('contract bytecote: ' + p['contractBytecode'])
print('')
laser = svm.LaserEVM(accounts,
max_depth=maxDept,
execution_timeout=executionTimeOut,
create_timeout=createTimeOut,
transaction_count=transactionCount)
ExecutionSymbolique(laser, contractAddress, contractName, startTime)
def test_intercontract_call():
# Arrange
cfg.gbl_next_uid = 0
caller_code = Disassembly(
"6080604052348015600f57600080fd5b5073deadbeefdeadbeefdeadbeefdeadbeefdeadbeef73ffffffffffffffffffffffffffffffffffffffff166389627e13336040518263ffffffff167c0100000000000000000000000000000000000000000000000000000000028152600401808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001915050602060405180830381600087803b15801560be57600080fd5b505af115801560d1573d6000803e3d6000fd5b505050506040513d602081101560e657600080fd5b8101908080519060200190929190505050500000a165627a7a72305820fdb1e90f0d9775c94820e516970e0d41380a94624fa963c556145e8fb645d4c90029"
)
caller_address = "0xaffeaffeaffeaffeaffeaffeaffeaffeaffeaffe"
callee_code = Disassembly(
"608060405260043610603f576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff16806389627e13146044575b600080fd5b348015604f57600080fd5b506082600480360381019080803573ffffffffffffffffffffffffffffffffffffffff1690602001909291905050506084565b005b8073ffffffffffffffffffffffffffffffffffffffff166108fc3073ffffffffffffffffffffffffffffffffffffffff16319081150290604051600060405180830381858888f1935050505015801560e0573d6000803e3d6000fd5b50505600a165627a7a72305820a6b1335d6f994632bc9a7092d0eaa425de3dea05e015af8a94ad70b3969e117a0029"
)
callee_address = "0xdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef"
caller_account = svm.Account(caller_address,
caller_code,
contract_name="Caller")
callee_account = svm.Account(callee_address,
callee_code,
contract_name="Callee")
accounts = {caller_address: caller_account, callee_address: callee_account}
laser = svm.LaserEVM(accounts)
# Act
laser.sym_exec(caller_address)
# Assert
# Initial node starts in contract caller
assert len(laser.nodes.keys()) > 0
assert laser.nodes[0].contract_name == 'Caller'
# At one point we call into contract callee
for node in laser.nodes.values():
if node.contract_name == 'Callee':
assert len(node.states[0].transaction_stack) > 1
return
assert False
def runTest(self):
disassembly = SolidityContract('./tests/native_tests.sol').disassembly
account = svm.Account("0x0000000000000000000000000000000000000000", disassembly)
accounts = {account.address: account}
laser = svm.LaserEVM(accounts, max_depth = 100)
laser.sym_exec(account.address)
laser_info = str(_all_info(laser))
print('\n')
_test_natives(laser_info, SHA256_TEST, 'SHA256')
_test_natives(laser_info, RIPEMD160_TEST, 'RIPEMD160')
_test_natives(laser_info, ECRECOVER_TEST, 'ECRECOVER')
_test_natives(laser_info, IDENTITY_TEST, 'IDENTITY')
def AnalyseSherlockSolidity(nameContract, addressContract, locationContract):
startTime = time.time() # pour calculer temps exécution
accounts = {}
contractAddress = addressContract
contractName = nameContract
contract = SolidityContract(locationContract)
account = svm.Account(contractAddress, contract.disassembly)
accounts = {contractAddress: account}
laser = svm.LaserEVM(accounts,
max_depth=maxDept,
execution_timeout=executionTimeOut,
create_timeout=createTimeOut,
transaction_count=transactionCount)
ExecutionSymbolique(laser, contractAddress, contractName, startTime)
def __init__(self,
contract,
address,
strategy,
dynloader=None,
max_depth=22,
execution_timeout=None):
s_strategy = None
if strategy == 'dfs':
s_strategy = DepthFirstSearchStrategy
elif strategy == 'bfs':
s_strategy = BreadthFirstSearchStrategy
else:
raise ValueError("Invalid strategy argument supplied")
account = svm.Account(address,
contract.disassembly,
contract_name=contract.name)
self.accounts = {address: account}
self.laser = svm.LaserEVM(self.accounts,
dynamic_loader=dynloader,
max_depth=max_depth,
execution_timeout=execution_timeout,
strategy=s_strategy)
self.laser.sym_exec(address)
self.nodes = self.laser.nodes
self.edges = self.laser.edges
# Generate lists of interesting operations
self.calls = []
self.sstors = {}
for key in self.nodes:
state_index = 0
for state in self.nodes[key].states:
instruction = state.get_current_instruction()
if instruction == None:
continue
op = instruction['opcode']
if op in ('CALL', 'CALLCODE', 'DELEGATECALL', 'STATICCALL'):
stack = state.mstate.stack
if op in ('CALL', 'CALLCODE'):
gas, to, value, meminstart, meminsz, memoutstart, memoutsz = \
get_variable(stack[-1]), get_variable(stack[-2]), get_variable(stack[-3]), get_variable(stack[-4]), get_variable(stack[-5]), get_variable(stack[-6]), get_variable(stack[-7])
if to.type == VarType.CONCRETE and to.val < 5:
# ignore prebuilts
continue
if (meminstart.type == VarType.CONCRETE
and meminsz.type == VarType.CONCRETE):
self.calls.append(
Call(
self.nodes[key], state, state_index, op,
to, gas, value, state.mstate.
memory[meminstart.val:meminsz.val * 4]))
else:
self.calls.append(
Call(self.nodes[key], state, state_index, op,
to, gas, value))
else:
gas, to, meminstart, meminsz, memoutstart, memoutsz = \
get_variable(stack[-1]), get_variable(stack[-2]), get_variable(stack[-3]), get_variable(stack[-4]), get_variable(stack[-5]), get_variable(stack[-6])
self.calls.append(
Call(self.nodes[key], state, state_index, op, to,
gas))
elif op == 'SSTORE':
stack = copy.deepcopy(state.mstate.stack)
address = state.environment.active_account.address
index, value = stack.pop(), stack.pop()
try:
self.sstors[address]
except KeyError:
self.sstors[address] = {}
try:
self.sstors[address][str(index)].append(
SStore(self.nodes[key], state, state_index, value))
except KeyError:
self.sstors[address][str(index)] = [
SStore(self.nodes[key], state, state_index, value)
]
state_index += 1