class EthDetectorsTest(unittest.TestCase):
def setUp(self):
self.io = DetectIntegerOverflow()
self.state = make_mock_evm_state()
def test_mul_no_overflow(self):
"""
Regression test added for issue 714, where we were using the ADD ovf check for MUL
"""
arguments = [1 << (8 * 31), self.state.new_symbolic_value(256)]
self.state.constrain(operators.ULT(arguments[1], 256))
# TODO(mark) We should actually call into the EVM cpu here, and below, rather than
# effectively copy pasting what the MUL does
result = arguments[0] * arguments[1]
check = self.io._can_mul_overflow(self.state, result, *arguments)
self.assertFalse(check)
def test_mul_overflow0(self):
arguments = [2 << (8 * 31), self.state.new_symbolic_value(256)]
self.state.constrain(operators.ULT(arguments[1], 256))
result = arguments[0] * arguments[1]
check = self.io._can_mul_overflow(self.state, result, *arguments)
self.assertTrue(check)
def test_mul_overflow1(self):
arguments = [1 << 255, self.state.new_symbolic_value(256)]
result = arguments[0] * arguments[1]
check = self.io._can_mul_overflow(self.state, result, *arguments)
self.assertTrue(check)
class EthIntegerOverflow(unittest.TestCase):
def setUp(self):
self.io = DetectIntegerOverflow()
self.state = make_mock_evm_state()
def test_mul_no_overflow(self):
"""
Regression test added for issue 714, where we were using the ADD ovf check for MUL
"""
arguments = [1 << 248, self.state.new_symbolic_value(256)]
self.state.constrain(operators.ULT(arguments[1], 256))
cond = self.io._unsigned_mul_overflow(self.state, *arguments)
check = self.state.can_be_true(cond)
self.assertFalse(check)
def test_mul_overflow0(self):
arguments = [1 << 249, self.state.new_symbolic_value(256)]
self.state.constrain(operators.ULT(arguments[1], 256))
cond = self.io._unsigned_mul_overflow(self.state, *arguments)
check = self.state.can_be_true(cond)
self.assertTrue(check)
def test_mul_overflow1(self):
arguments = [1 << 255, self.state.new_symbolic_value(256)]
cond = self.io._unsigned_mul_overflow(self.state, *arguments)
check = self.state.can_be_true(cond)
self.assertTrue(check)
def _test(self, name, should_find, use_ctor_sym_arg=False):
"""
Tests DetectInvalid over the consensys benchmark suite
"""
mevm = self.mevm
mevm.register_detector(DetectInvalid())
mevm.register_detector(DetectIntegerOverflow())
mevm.register_detector(DetectReentrancyAdvanced())
filename = os.path.join(THIS_DIR, "contracts", "consensys_benchmark",
f"{name}.sol")
if use_ctor_sym_arg:
ctor_arg = (mevm.make_symbolic_value(), )
else:
ctor_arg = ()
mevm.multi_tx_analysis(filename,
contract_name="Benchmark",
args=ctor_arg)
mevm.finalize()
expected_findings = set(((c, d) for b, c, d in should_find))
actual_findings = set(((c, d) for a, b, c, d in mevm.global_findings))
self.assertEqual(expected_findings, actual_findings)
def test_int_ovf(self):
mevm = ManticoreEVM()
mevm.register_detector(DetectIntegerOverflow())
filename = os.path.join(THIS_DIR, 'binaries/int_overflow.sol')
mevm.multi_tx_analysis(filename, tx_limit=1)
self.assertEqual(len(mevm.global_findings), 3)
all_findings = ''.join(map(lambda x: x[2], mevm.global_findings))
self.assertIn('underflow at SUB', all_findings)
self.assertIn('overflow at ADD', all_findings)
self.assertIn('overflow at MUL', all_findings)
def test_int_ovf(self):
mevm = ManticoreEVM()
mevm.register_detector(DetectIntegerOverflow())
filename = os.path.join(THIS_DIR, 'binaries/int_overflow.sol')
mevm.multi_tx_analysis(filename, tx_limit=1)
self.assertEqual(len(mevm.global_findings), 3)
all_findings = ''.join([x[2] for x in mevm.global_findings])
self.assertIn('Unsigned integer overflow at SUB instruction', all_findings)
self.assertIn('Unsigned integer overflow at ADD instruction', all_findings)
self.assertIn('Unsigned integer overflow at MUL instruction', all_findings)
def _test(self, name, should_find):
"""
Tests DetectInvalid over the consensys benchmark suit
"""
mevm = self.mevm
mevm.register_detector(DetectInvalid())
mevm.register_detector(DetectIntegerOverflow())
filename = os.path.join(THIS_DIR, 'binaries', 'benchmark', '{}.sol'.format(name))
mevm.multi_tx_analysis(filename, tx_limit=3)
expected_findings = set(( (c, d) for b, c, d in should_find))
actual_findings = set(( (c, d) for a, b, c, d in mevm.global_findings))
self.assertEqual(expected_findings, actual_findings)
def _test(self, name, should_find):
"""
Tests DetectInvalid over the consensys benchmark suite
"""
mevm = self.mevm
mevm.register_detector(DetectInvalid())
mevm.register_detector(DetectIntegerOverflow())
mevm.register_detector(DetectReentrancyAdvanced())
filename = os.path.join(THIS_DIR, 'binaries', 'benchmark',
'{}.sol'.format(name))
mevm.multi_tx_analysis(filename,
contract_name='Benchmark',
args=(mevm.make_symbolic_value(), ))
expected_findings = set(((c, d) for b, c, d in should_find))
actual_findings = set(((c, d) for a, b, c, d in mevm.global_findings))
self.assertEqual(expected_findings, actual_findings)
def setUp(self):
self.io = DetectIntegerOverflow()
self.state = make_mock_evm_state()
