StaticAnalysis: Add Exact and heuristic classification for module

6 years ago · 80933f8715
parent a4bac990d9
commit 80933f8715
17 changed files with 44 additions and 3 deletions
--- a/remix-analyzer/src/solidity-analyzer/modules/algorithmCategories.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/algorithmCategories.js
@ -0,0 +1,9 @@
+/**
+  * Should be used to categorize different modules, main reason is to give users feedback if the modules
+  * Produce exact results or have false positives and negatives in them
+  * A further category could be approximate if some form of approximation is used
+*/
+module.exports = {
+  EXACT: { hasFalsePositives: false, hasFalseNegatives: false, id: 'EXACT' },
+  HEURISTIC: { hasFalsePositives: true, hasFalseNegatives: true, id: 'HEURI' }
+}
--- a/remix-analyzer/src/solidity-analyzer/modules/assignAndCompare.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/assignAndCompare.js
@ -2,6 +2,7 @@ var name = 'Result not used: '
 var desc = 'The result of an operation was not used.'
 var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
+var algo = require('./algorithmCategories')

 function assignAndCompare () {
  this.warningNodes = []
@ -24,5 +25,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.MISC,
+  algorithm: algo.EXACT,
  Module: assignAndCompare
 }
--- a/remix-analyzer/src/solidity-analyzer/modules/blockBlockhash.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/blockBlockhash.js
@ -2,6 +2,7 @@ var name = 'Block.blockhash usage: '
 var desc = 'Semantics maybe unclear'
 var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
+var algo = require('./algorithmCategories')

 function blockBlockhash () {
  this.warningNodes = []
@ -27,6 +28,7 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.SECURITY,
+  algorithm: algo.EXACT,
  Module: blockBlockhash
 }

--- a/remix-analyzer/src/solidity-analyzer/modules/blockTimestamp.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/blockTimestamp.js
@ -2,6 +2,7 @@ var name = 'Block timestamp: '
 var desc = 'Semantics maybe unclear'
 var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
+var algo = require('./algorithmCategories')

 function blockTimestamp () {
  this.warningNowNodes = []
@ -35,6 +36,7 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.SECURITY,
+  algorithm: algo.EXACT,
  Module: blockTimestamp
 }

--- a/remix-analyzer/src/solidity-analyzer/modules/checksEffectsInteraction.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/checksEffectsInteraction.js
@ -4,6 +4,7 @@ var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
 var fcallGraph = require('./functionCallGraph')
 var AbstractAst = require('./abstractAstView')
+var algo = require('./algorithmCategories')

 function checksEffectsInteraction () {
  this.abstractAst = new AbstractAst()
@ -84,5 +85,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.SECURITY,
+  algorithm: algo.HEURISTIC,
  Module: checksEffectsInteraction
 }
--- a/remix-analyzer/src/solidity-analyzer/modules/constantFunctions.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/constantFunctions.js
@ -4,6 +4,7 @@ var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
 var fcallGraph = require('./functionCallGraph')
 var AbstractAst = require('./abstractAstView')
+var algo = require('./algorithmCategories')

 function constantFunctions () {
  this.abstractAst = new AbstractAst()
@ -104,5 +105,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.MISC,
+  algorithm: algo.HEURISTIC,
  Module: constantFunctions
 }
--- a/remix-analyzer/src/solidity-analyzer/modules/deleteDynamicArrays.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/deleteDynamicArrays.js
@ -2,6 +2,7 @@ var name = 'Delete on dynamic Array: '
 var desc = 'Use require and appropriately'
 var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
+var algo = require('./algorithmCategories')

 function deleteDynamicArrays () {
  this.rel = []
@ -25,5 +26,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.GAS,
+  algorithm: algo.EXACT,
  Module: deleteDynamicArrays
 }
--- a/remix-analyzer/src/solidity-analyzer/modules/gasCosts.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/gasCosts.js
@ -1,6 +1,7 @@
 var name = 'Gas costs: '
 var desc = 'Warn if the gas requirements of functions are too high.'
 var categories = require('./categories')
+var algo = require('./algorithmCategories')

 function gasCosts () {
 }
@ -61,5 +62,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.GAS,
+  algorithm: algo.EXACT,
  Module: gasCosts
 }
--- a/remix-analyzer/src/solidity-analyzer/modules/guardConditions.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/guardConditions.js
@ -2,6 +2,7 @@ var name = 'Guard Conditions: '
 var desc = 'Use require and appropriately'
 var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
+var algo = require('./algorithmCategories')

 function guardConditions () {
  this.guards = []
@ -25,5 +26,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.MISC,
+  algorithm: algo.EXACT,
  Module: guardConditions
 }
--- a/remix-analyzer/src/solidity-analyzer/modules/inlineAssembly.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/inlineAssembly.js
@ -2,6 +2,7 @@ var name = 'Inline assembly: '
 var desc = 'Use of Inline Assembly'
 var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
+var algo = require('./algorithmCategories')

 function inlineAssembly () {
  this.inlineAssNodes = []
@ -26,5 +27,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.SECURITY,
+  algorithm: algo.EXACT,
  Module: inlineAssembly
 }
--- a/remix-analyzer/src/solidity-analyzer/modules/intDivisionTruncate.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/intDivisionTruncate.js
@ -2,6 +2,7 @@ var name = 'Data Trucated: '
 var desc = 'Division on int/uint values truncates the result.'
 var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
+var algo = require('./algorithmCategories')

 function intDivitionTruncate () {
  this.warningNodes = []
@ -14,7 +15,7 @@ intDivitionTruncate.prototype.visit = function (node) {
 intDivitionTruncate.prototype.report = function (compilationResults) {
  return this.warningNodes.map(function (item, i) {
    return {
-      warning: 'Division of integer values yields an integer value again. That means eg. a / 100 = 0 instead of 0.a since the result is an integer again. This does not hold for division of (only) literal values since those yield rational constants.',
+      warning: 'Division of integer values yields an integer value again. That means e.g. 10 / 100 = 0 instead of 0.1 since the result is an integer again. This does not hold for division of (only) literal values since those yield rational constants.',
      location: item.src
    }
  })
@ -24,5 +25,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.MISC,
+  algorithm: algo.EXACT,
  Module: intDivitionTruncate
 }
--- a/remix-analyzer/src/solidity-analyzer/modules/lowLevelCalls.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/lowLevelCalls.js
@ -2,6 +2,7 @@ var name = 'Low level calls: '
 var desc = 'Semantics maybe unclear'
 var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
+var algo = require('./algorithmCategories')

 function lowLevelCalls () {
  this.llcNodes = []
@ -59,6 +60,7 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.SECURITY,
+  algorithm: algo.EXACT,
  Module: lowLevelCalls
 }

--- a/remix-analyzer/src/solidity-analyzer/modules/noReturn.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/noReturn.js
@ -3,6 +3,7 @@ var desc = 'Function with return type is not returning'
 var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
 var AbstractAst = require('./abstractAstView')
+var algo = require('./algorithmCategories')

 function noReturn () {
  this.abstractAst = new AbstractAst()
@ -69,5 +70,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.MISC,
+  algorithm: algo.EXACT,
  Module: noReturn
 }
--- a/remix-analyzer/src/solidity-analyzer/modules/selfdestruct.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/selfdestruct.js
@ -3,6 +3,7 @@ var desc = 'Be aware of caller contracts.'
 var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
 var AbstractAst = require('./abstractAstView')
+var algo = require('./algorithmCategories')

 function selfdestruct () {
  this.abstractAst = new AbstractAst()
@ -15,9 +16,9 @@ function selfdestruct () {
  this.report = this.abstractAst.build_report(report)
 }

-selfdestruct.prototype.visit = function () { throw new Error('constantFunctions.js no visit function set upon construction') }
+selfdestruct.prototype.visit = function () { throw new Error('selfdestruct.js no visit function set upon construction') }

-selfdestruct.prototype.report = function () { throw new Error('constantFunctions.js no report function set upon construction') }
+selfdestruct.prototype.report = function () { throw new Error('selfdestruct.js no report function set upon construction') }

 function report (contracts, multipleContractsWithSameName) {
  var warnings = []
@ -53,5 +54,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.SECURITY,
+  algorithm: algo.HEURISTIC,
  Module: selfdestruct
 }
--- a/remix-analyzer/src/solidity-analyzer/modules/similarVariableNames.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/similarVariableNames.js
@ -6,6 +6,7 @@ var AbstractAst = require('./abstractAstView')
 var levenshtein = require('fast-levenshtein')
 var remixLib = require('remix-lib')
 var util = remixLib.util
+var algo = require('./algorithmCategories')

 function similarVariableNames () {
  this.abstractAst = new AbstractAst()
@ -82,5 +83,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.MISC,
+  algorithm: algo.EXACT,
  Module: similarVariableNames
 }
--- a/remix-analyzer/src/solidity-analyzer/modules/thisLocal.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/thisLocal.js
@ -2,6 +2,7 @@ var name = 'This on local calls: '
 var desc = 'Invocation of local functions via this'
 var categories = require('./categories')
 var common = require('./staticAnalysisCommon')
+var algo = require('./algorithmCategories')

 function thisLocal () {
  this.warningNodes = []
@ -25,5 +26,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.GAS,
+  algorithm: algo.EXACT,
  Module: thisLocal
 }
--- a/remix-analyzer/src/solidity-analyzer/modules/txOrigin.js
+++ b/remix-analyzer/src/solidity-analyzer/modules/txOrigin.js
@ -1,6 +1,7 @@
 var name = 'Transaction origin: '
 var desc = 'Warn if tx.origin is used'
 var categories = require('./categories')
+var algo = require('./algorithmCategories')

 function txOrigin () {
  this.txOriginNodes = []
@ -31,5 +32,6 @@ module.exports = {
  name: name,
  description: desc,
  category: categories.SECURITY,
+  algorithm: algo.EXACT,
  Module: txOrigin
 }