-
Notifications
You must be signed in to change notification settings - Fork 982
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update: improve unhandled initializers in unprotected-upgrade detector #2203
Conversation
I just added: Remove ambiguous relation between The |
hi there, any update? @@ |
WalkthroughWalkthroughThe recent updates involve modifications and additions across multiple files related to the Slither framework and test environments for detecting vulnerabilities in upgradeable smart contracts. Changes include altering the initialization and protection mechanisms of smart contracts, refining detection capabilities for unprotected upgradeable functions, and introducing new test cases and contracts to enhance the robustness of security assessments. Changes
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 1
Out of diff range and nitpick comments (5)
tests/e2e/detectors/test_data/unprotected-upgrade/0.4.25/Initializable.sol (1)
6-8
: Thereinitializer
modifier implementation is correct. Consider adding a comment explaining the unusedversion
parameter, if it's intended for future use or external checks.tests/e2e/detectors/test_data/unprotected-upgrade/0.5.16/Initializable.sol (1)
6-8
: Thereinitializer
modifier implementation is correct. Consider adding a comment explaining the unusedversion
parameter, if it's intended for future use or external checks.tests/e2e/detectors/test_data/unprotected-upgrade/0.6.11/Initializable.sol (1)
6-8
: Thereinitializer
modifier implementation is correct. Consider adding a comment explaining the unusedversion
parameter, if it's intended for future use or external checks.slither/core/declarations/contract.py (2)
Line range hint
967-967
: Undefined name 'Event' used in type hint.- def get_event_from_signature(self, event_signature: str) -> Optional["Event"]: + def get_event_from_signature(self, event_signature: str) -> Optional["EventContract"]:
Line range hint
977-977
: Undefined name 'Event' used in type hint.- def get_event_from_canonical_name(self, event_canonical_name: str) -> Optional["Event"]: + def get_event_from_canonical_name(self, event_canonical_name: str) -> Optional["EventContract"]:
Review Details
Configuration used: .coderabbit.yaml
Review profile: CHILL
Files ignored due to path filters (10)
tests/e2e/detectors/test_data/unprotected-upgrade/0.4.25/AnyInitializer.sol-0.4.25.zip
is excluded by!**/*.zip
tests/e2e/detectors/test_data/unprotected-upgrade/0.4.25/Reinitializer.sol-0.4.25.zip
is excluded by!**/*.zip
tests/e2e/detectors/test_data/unprotected-upgrade/0.5.16/AnyInitializer.sol-0.5.16.zip
is excluded by!**/*.zip
tests/e2e/detectors/test_data/unprotected-upgrade/0.5.16/Reinitializer.sol-0.5.16.zip
is excluded by!**/*.zip
tests/e2e/detectors/test_data/unprotected-upgrade/0.6.11/AnyInitializer.sol-0.6.11.zip
is excluded by!**/*.zip
tests/e2e/detectors/test_data/unprotected-upgrade/0.6.11/Reinitializer.sol-0.6.11.zip
is excluded by!**/*.zip
tests/e2e/detectors/test_data/unprotected-upgrade/0.7.6/AnyInitializer.sol-0.7.6.zip
is excluded by!**/*.zip
tests/e2e/detectors/test_data/unprotected-upgrade/0.7.6/Reinitializer.sol-0.7.6.zip
is excluded by!**/*.zip
tests/e2e/detectors/test_data/unprotected-upgrade/0.8.15/AnyInitializer.sol-0.8.15.zip
is excluded by!**/*.zip
tests/e2e/detectors/test_data/unprotected-upgrade/0.8.15/Reinitializer.sol-0.8.15.zip
is excluded by!**/*.zip
Files selected for processing (28)
- slither/core/declarations/contract.py (1 hunks)
- slither/detectors/statements/unprotected_upgradeable.py (1 hunks)
- tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_4_25_AnyInitializer_sol__0.txt (1 hunks)
- tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_4_25_Reinitializer_sol__0.txt (1 hunks)
- tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_5_16_AnyInitializer_sol__0.txt (1 hunks)
- tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_5_16_Reinitializer_sol__0.txt (1 hunks)
- tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_6_11_AnyInitializer_sol__0.txt (1 hunks)
- tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_6_11_Reinitializer_sol__0.txt (1 hunks)
- tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_7_6_AnyInitializer_sol__0.txt (1 hunks)
- tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_7_6_Reinitializer_sol__0.txt (1 hunks)
- tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_8_15_AnyInitializer_sol__0.txt (1 hunks)
- tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_8_15_Reinitializer_sol__0.txt (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.4.25/AnyInitializer.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.4.25/Initializable.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.4.25/Reinitializer.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.5.16/AnyInitializer.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.5.16/Initializable.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.5.16/Reinitializer.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.6.11/AnyInitializer.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.6.11/Initializable.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.6.11/Reinitializer.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.7.6/AnyInitializer.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.7.6/Initializable.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.7.6/Reinitializer.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.8.15/AnyInitializer.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.8.15/Initializable.sol (1 hunks)
- tests/e2e/detectors/test_data/unprotected-upgrade/0.8.15/Reinitializer.sol (1 hunks)
- tests/e2e/detectors/test_detectors.py (5 hunks)
Additional Context Used
Ruff (2)
slither/core/declarations/contract.py (2)
967-967: Undefined name
Event
977-977: Undefined name
Event
Additional comments not posted (36)
tests/e2e/detectors/test_data/unprotected-upgrade/0.4.25/Initializable.sol (1)
2-4
: Theinitializer
modifier implementation looks good.tests/e2e/detectors/test_data/unprotected-upgrade/0.5.16/Initializable.sol (1)
2-4
: Theinitializer
modifier implementation looks good.tests/e2e/detectors/test_data/unprotected-upgrade/0.6.11/Initializable.sol (1)
2-4
: Theinitializer
modifier implementation looks good.tests/e2e/detectors/test_data/unprotected-upgrade/0.4.25/AnyInitializer.sol (2)
6-9
: TheanyName
function correctly implements the initializer pattern, ensuring that it can only be called once when the owner is not set.
11-13
: Thekill
function is correctly protected to ensure only the owner can trigger it, which is crucial for sensitive operations likeselfdestruct
.tests/e2e/detectors/test_data/unprotected-upgrade/0.4.25/Reinitializer.sol (2)
6-9
: Theinitialize
function correctly uses thereinitializer
modifier to demonstrate versioned reinitialization, ensuring it can only be called once when the owner is not set.
11-13
: Thekill
function is correctly protected to ensure only the owner can trigger it, which is crucial for sensitive operations likeselfdestruct
.tests/e2e/detectors/test_data/unprotected-upgrade/0.5.16/AnyInitializer.sol (2)
6-9
: TheanyName
function correctly implements the initializer pattern with the updatedowner
type toaddress payable
, suitable for newer Solidity versions.
11-13
: Thekill
function is correctly protected to ensure only the owner can trigger it, which is crucial for sensitive operations likeselfdestruct
.tests/e2e/detectors/test_data/unprotected-upgrade/0.5.16/Reinitializer.sol (2)
6-9
: Theinitialize
function correctly uses thereinitializer
modifier to demonstrate versioned reinitialization with the updatedowner
type toaddress payable
, suitable for newer Solidity versions.
11-13
: Thekill
function is correctly protected to ensure only the owner can trigger it, which is crucial for sensitive operations likeselfdestruct
.tests/e2e/detectors/test_data/unprotected-upgrade/0.6.11/AnyInitializer.sol (2)
6-9
: TheanyName
function correctly implements the initializer pattern with the explicit use ofpayable
for theowner
assignment, enhancing clarity in newer Solidity versions.
11-13
: Thekill
function is correctly protected to ensure only the owner can trigger it, which is crucial for sensitive operations likeselfdestruct
.tests/e2e/detectors/test_data/unprotected-upgrade/0.7.6/AnyInitializer.sol (2)
6-9
: TheanyName
function correctly implements an initializer pattern by ensuring it can only be executed once and setting the contract's owner.
11-13
: Thekill
function includes appropriate security checks to ensure that only the owner can destroy the contract.tests/e2e/detectors/test_data/unprotected-upgrade/0.8.15/AnyInitializer.sol (2)
6-9
: TheanyName
function correctly implements an initializer pattern by ensuring it can only be executed once and setting the contract's owner.
11-13
: Thekill
function includes appropriate security checks to ensure that only the owner can destroy the contract.tests/e2e/detectors/test_data/unprotected-upgrade/0.6.11/Reinitializer.sol (2)
6-9
: Theinitialize
function correctly implements a re-initializer pattern by potentially allowing re-execution under controlled conditions and setting the contract's owner.
11-13
: Thekill
function includes appropriate security checks to ensure that only the owner can destroy the contract.tests/e2e/detectors/test_data/unprotected-upgrade/0.7.6/Reinitializer.sol (2)
6-9
: Theinitialize
function correctly implements a re-initializer pattern by potentially allowing re-execution under controlled conditions and setting the contract's owner.
11-13
: Thekill
function includes appropriate security checks to ensure that only the owner can destroy the contract.tests/e2e/detectors/test_data/unprotected-upgrade/0.8.15/Reinitializer.sol (2)
6-9
: Theinitialize
function correctly implements a re-initializer pattern by potentially allowing re-execution under controlled conditions and setting the contract's owner.
11-13
: Thekill
function includes appropriate security checks to ensure that only the owner can destroy the contract.tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_7_6_Reinitializer_sol__0.txt (1)
1-1
: The snapshot accurately describes the vulnerabilities in theReinitializer
contract, highlighting the unprotectedinitialize
function and the potential for unauthorized contract destruction.tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_4_25_Reinitializer_sol__0.txt (1)
1-1
: The snapshot accurately describes the vulnerabilities in theReinitializer
contract, highlighting the unprotectedinitialize
function and the potential for unauthorized contract destruction.tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_5_16_Reinitializer_sol__0.txt (1)
1-1
: The snapshot accurately describes the vulnerabilities in theReinitializer
contract, highlighting the unprotectedinitialize
function and the potential for unauthorized contract destruction.tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_6_11_Reinitializer_sol__0.txt (1)
1-1
: Description accurately outlines the test scenario forReinitializer
with unprotected initialization functions.tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_7_6_AnyInitializer_sol__0.txt (1)
1-1
: Description accurately outlines the test scenario forAnyInitializer
with unprotected initialization functions.tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_8_15_Reinitializer_sol__0.txt (1)
1-1
: Description accurately outlines the test scenario forReinitializer
with unprotected initialization functions.tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_4_25_AnyInitializer_sol__0.txt (1)
1-1
: Description accurately outlines the test scenario forAnyInitializer
with unprotected initialization functions.tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_5_16_AnyInitializer_sol__0.txt (1)
1-1
: Description accurately outlines the test scenario forAnyInitializer
with unprotected initialization functions.tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_6_11_AnyInitializer_sol__0.txt (1)
1-1
: Description accurately outlines the test scenario forAnyInitializer
with unprotected initialization functions.tests/e2e/detectors/snapshots/detectors__detector_UnprotectedUpgradeable_0_8_15_AnyInitializer_sol__0.txt (1)
1-1
: Description accurately outlines the test scenario forAnyInitializer
with unprotected initialization functions.tests/e2e/detectors/test_data/unprotected-upgrade/0.8.15/Initializable.sol (1)
9-11
: Addition of thereinitializer
modifier aligns with the PR's objectives to enhance detection capabilities.slither/detectors/statements/unprotected_upgradeable.py (1)
55-62
: The modifications to_initialize_functions
correctly expand the criteria for detecting initializer functions. Good use of list comprehensions and filtering.tests/e2e/detectors/test_detectors.py (1)
Line range hint
941-1050
: The new test configurations forUnprotectedUpgradeable
detector are correctly added for multiple Solidity versions. This ensures comprehensive testing across different environments.
modifier reinitializer(uint64 version) { | ||
_; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consider implementing logic in the reinitializer
modifier or provide a comment explaining its intended use.
What PR for
unprotected-upgrade
only detects function nameinitialize
as initializer. It will increase false negatives because of missing proper initializers.What PR does
initializer
orreinitializer
modifier as aninitializer
._is_upgradeable
and_is_upgradeable_proxy
. The_is_upgradeable
should not be excluded by_is_upgradeable_proxy
. For example, just because the contract name hasproxy
in its name, detectors should not miss the bug (false negative).Summary by CodeRabbit
New Features
AnyInitializer
andReinitializer
with initialization and self-destruct functionalities across various versions.reinitializer
modifier toInitializable
contract to handle versioned reinitialization.Bug Fixes
_initialize_functions
to filter functions with specific modifiers for enhanced security.Tests
UnprotectedUpgradeable
detectors to validate the security of upgradeable contracts.