DeforaNetworks/manticore
3
0
Fork 0
Code Releases Activity

Added --txaccount parameter to control the caller of the symbolic exploration of smart contracts (#819)

Browse Source 
* added --txaccount parameter to control the caller of the symbolic exploration of smart contracts

* Use of the new EthereumError exception
This commit is contained in:
ggrieco-tob 2018-03-19 15:08:22 -03:00 committed by GitHub
parent e97e631d8e
commit 8acd2293b8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
manticore/__main__.py
View File

@ -64,6 +64,10 @@ def parse_arguments():
help='Show program version information') help='Show program version information')
parser.add_argument('--txlimit', type=positive, parser.add_argument('--txlimit', type=positive,
help='Maximum number of symbolic transactions to run (positive integer) (Ethereum only)') help='Maximum number of symbolic transactions to run (positive integer) (Ethereum only)')
parser.add_argument('--txaccount', type=str, default="attacker",
help='Account used as caller in the symbolic transactions, either "attacker" or "owner" (Ethereum only)')
parser.add_argument('--contract', type=str, parser.add_argument('--contract', type=str,
help='Contract name to analyze in case of multiple ones (Ethereum only)') help='Contract name to analyze in case of multiple ones (Ethereum only)')
@ -92,7 +96,7 @@ def ethereum_cli(args):
logger.info("Beginning analysis") logger.info("Beginning analysis")
m.multi_tx_analysis(args.argv[0], args.contract, args.txlimit) m.multi_tx_analysis(args.argv[0], args.contract, args.txlimit, args.txaccount)
def main(): def main():

15
manticore/ethereum.py
View File

@ -920,18 +920,25 @@ class ManticoreEVM(Manticore):
return status return status
def multi_tx_analysis(self, solidity_filename, contract_name=None, tx_limit=None): def multi_tx_analysis(self, solidity_filename, contract_name=None, tx_limit=None, tx_account="attacker"):
with open(solidity_filename) as f: with open(solidity_filename) as f:
source_code = f.read() source_code = f.read()
user_account = self.create_account(balance=1000) owner_account = self.create_account(balance=1000)
contract_account = self.solidity_create_contract(source_code, contract_name=contract_name, owner=user_account) contract_account = self.solidity_create_contract(source_code, contract_name=contract_name, owner=owner_account)
attacker_account = self.create_account(balance=1000) attacker_account = self.create_account(balance=1000)
if tx_account == "attacker":
tx_account = attacker_account
elif tx_account == "owner":
tx_account = owner_account
else:
raise EthereumError('The account to perform the symbolic exploration of the contract should be either "attacker" or "owner"')
def run_symbolic_tx(): def run_symbolic_tx():
symbolic_data = self.make_symbolic_buffer(320) symbolic_data = self.make_symbolic_buffer(320)
symbolic_value = self.make_symbolic_value() symbolic_value = self.make_symbolic_value()
self.transaction(caller=attacker_account, self.transaction(caller=tx_account,
address=contract_account, address=contract_account,
data=symbolic_data, data=symbolic_data,
value=symbolic_value) value=symbolic_value)