Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Breaking changes: New location information & updated directory structure #168

Open
thec00n opened this issue Feb 4, 2019 · 1 comment
Open
Assignees
Labels
enhancement New feature or request

Comments

@thec00n
Copy link
Collaborator

thec00n commented Feb 4, 2019

Changes to the test case configuration

The current specification of location information for bytecode offsets does not define a property to map the exact contract that the byte code relates to. This is problematic for test cases that have multiple contracts in the combined JSON output from the Solidity compiler. Similarly it's not possible to specify issue locations in source files other than the main source file. It is proposed to expand the location information to a tuple consisting of:

  • the keccak256 hash of the runtime or creation byte code and the offset
  • the source file and the line number

The following illustrates the new location information for the assert_constructor test case:

The issue for the test case assert_constructor is in the constructor of the contract AssertConstructor. The keccak256 hash has to be created for the creation byte code as in the example below:

web3.utils.sha3('0x6080604052348015600f57600080fd5b5060001515601957fe5b60358060266000396000f3006080604052600080fd00a165627a7a72305820e7a243ebed387408e06ac03e16bf0be6e61b13d34896c4fb307e4641d2c0c2b70029')
'0x78a26dc3f4a5757a59e3a9d9872f127cb3941448491b0e903c126462041f2779'

Since the assert instruction 0xfe is located at offset 24 of the create byte code, the new location information can be defined as follows:

'0x78a26dc3f4a5757a59e3a9d9872f127cb3941448491b0e903c126462041f2779': [24]

Locations in a source file can also be added as tuples see the same example below:

Being able to reference any source file or contract byte code as part of the location tuple allows more complex contract samples to be added to the SWC-registry.

Changes to directory structure

In order to keep multi source file test cases more self contained, each test case is moved into its own directory. For simplicity the name of the directory will be the same as the name for the main source or yaml file without the extension. Also there will be a directory under test_cases that specifies which language the sample was written in to prepare for other languages to be added to the SWC-registry.

Old:
/test_cases/assert_violations/assert_constructor.sol

New:
/test_cases/solidity/assert_violations/assert_constructor/assert_constructor.sol

Changes to EIP-1470

Changes regarding the test configuration affect EIP-1470 and propose the following new YAML schema for the test case configuration:

{
    "title": "SWC config",
    "type": "object",
    "required": ["description", "issues"],
    "properties": {
        "description": {
            "type": "string"
        },
        "issues": {
            "title": "Issue set",
            "type": "array",
            "items": {
                "title": "Issue",
                "type": "object",
                "required": ["id", "count"],
                "properties": {
                    "id": {
                        "type": "string"
                    },
                    "count": {
                        "type": "number"
                    },
                    "locations": {
                        "type": "array",
                        "items": {
                            "bytecode_offsets": {
                                "type": "object"
                            },
                            "line_numbers": {
                                "type": "object"
                            }
                        }
                    }
                }
            }
        }
    }
}

All changes in detail

#166.

@thec00n thec00n added the enhancement New feature or request label Feb 4, 2019
@thec00n thec00n self-assigned this Feb 4, 2019
@thec00n thec00n pinned this issue Feb 8, 2019
@thec00n thec00n changed the title New location information & other improvements Breaking changes: New location information & updated directory structure Feb 8, 2019
s0b0lev added a commit that referenced this issue Feb 11, 2019
s0b0lev added a commit that referenced this issue Feb 11, 2019
s0b0lev added a commit that referenced this issue Feb 11, 2019
thec00n pushed a commit that referenced this issue Feb 14, 2019
* Convert test case configs to new format

* Modify test case config checker

* Update json_lint checker

* Resolve issue with checkers

* Update circle ci config

* Check config hash

* Fix hash in runtime_user_input_call config

* Update image version

* Update checker

* Change the way web3 was used

* Generate config bytecode hash by runtime bytecode

* Remove line break. And append all line numbers

* Check if solidity file exists

* add bytecode offset at SUB opcode

* Add offset add SUB opcode

* Add bytecode offset at SUB

* Add offset at MUL

* Add offset at ADD opcode

* Correct offset

* Add offset at SSTORE

* Add offset at JUMP

* fix byte code loc to reference creation bytecode

* Check create and runtime bytecode of all contracts within json files

* Display errors in configs in readble format

* Update yaml schema linter

* YAML schema validation

* Rewrite bash script of yaml schema validation to js

* bytecode offset at opcode 0xfe in ConstructorCreate

* Update offset to opcode 0xfe 

and ConstructorCreateArgument

* Update offset to opcode 0xfe

* #168 Change folder structure

* Update Circle CI Docker image

* #168 GitHub checker for folder structure

* #168 Update circle ci task name

* #168 Update circle ci move task to flow

* #168 Update circle ci image and yaml content validator
thec00n added a commit to SmartContractSecurity/EIPs that referenced this issue Feb 14, 2019
Test case configuration changes proposed in SmartContractSecurity/SWC-registry#168
thec00n added a commit to thec00n/EIPs that referenced this issue Feb 14, 2019
New test case configuration proposed in SmartContractSecurity/SWC-registry#168
@wuestholz wuestholz unpinned this issue May 13, 2019
@wuestholz wuestholz pinned this issue May 13, 2019
@dmuhs dmuhs unpinned this issue Apr 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

3 participants
@thec00n and others