Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added: Slither[arbitrary from in transferFrom] rule | #61 #80

Merged
merged 1 commit into from
May 6, 2023
Merged

Added: Slither[arbitrary from in transferFrom] rule | #61 #80

merged 1 commit into from
May 6, 2023

Conversation

dijkstra-dev
Copy link
Contributor

Related Issue: #61

0xKitsune
0xKitsune reviewed Feb 11, 2023
View reviewed changes
src/analyzer/vulnerabilities/arbitrary_from_in_transferfrom.rs Outdated

use crate::analyzer::ast::{self, Target};

pub fn _arbitrary_from_in_transferfrom_vulnerability(source_unit: SourceUnit) -> HashSet<Loc> {
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you remove the leading _ from the function name?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

src/analyzer/vulnerabilities/arbitrary_from_in_transferfrom.rs Outdated
ast::extract_target_from_node(Target::FunctionDefinition, source_unit.into());

//For each target node that was extracted, check for the vulnerability patterns
for _node in target_nodes {
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you remove the _ in front of the _node since node is being used?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

src/analyzer/vulnerabilities/arbitrary_from_in_transferfrom.rs Outdated
} = box_fn_definition.body.unwrap()
{
// We loop through each body expression to determine if 'transferFrom/SafeTransferFrom' is used.
for _statement in statements {
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same thing here, can you remove the _ in front of _statement?

src/analyzer/vulnerabilities/arbitrary_from_in_transferfrom.rs Outdated Show resolved Hide resolved
src/analyzer/vulnerabilities/arbitrary_from_in_transferfrom.rs Outdated Show resolved Hide resolved
@0xKitsune
Copy link
Owner

Thanks for opening this PR! Just a few comments above.

@dijkstra-dev dijkstra-dev force-pushed the arbitrary-from-in-transferfrom branch from 851cb1e to 5dd699f Compare February 15, 2023 23:01
@0xKitsune
Copy link
Owner

Hey thanks for updating this PR as well, will get this reviewed and merged in.

@dijkstra-dev dijkstra-dev force-pushed the arbitrary-from-in-transferfrom branch from 5dd699f to c4b01e5 Compare February 21, 2023 14:45
@0xKitsune 0xKitsune merged commit 8dd5ea3 into 0xKitsune:development May 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@0xKitsune 0xKitsune 0xKitsune left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dijkstra-dev @0xKitsune