db80685758
* Fixes symbolic reentrancy example * Fix coverage Issue# 527 * Remove debug unused code * New solidity biased API and reporting * Updated examples to new api WIP * simple_mapping FIXED. new api * Simple transaction example added. msg.value can be symbolic now * Reentrancy symbolic now updated to new API + bugfixes * Doc and cleanups in evm assembler * EVMInstruction -> Instruction * cleanups * typo * deepcopy in Constant * Better EVM-asm api and doc * some docs * More evm asm docs * Initial seth in place refactor * Fix import * * typo * newline between text and param * similar phrasing to all the other flags * typo * typo * fix function name in comment * sphinx newline * documentation fixes * documentation fixes * refactors * EVMAssembler to EVMAsm * Fix evm @hook signature * EVMAsm * WIP seth doc * WIP move seth * seth moved to manticore module * Fixed DUP and typo * Slightly better evm reporting * review * review * Removed unfinished refactor * Various refactors. Auxiliar for calculating % coverage * Change report in examples * Detailed transactions and reporting accessible to the user2 * Fix on Expression Array * Some documentation * Get full ABI from solc compiler * evm/examples -> bugfixes * Clarify try/except blocks * Code review * Code review * Code review * Code review * Code review * Initial detector plugin. integer overflow and unitialized mem * Better metadata handling and new events for detectors * detectors wip * Better name for internal findings context * Explicit detector register * review * New workspace output * Fix examples * wrog merge fix * Fix examples/new api * Fix examples/new api/output * More output * More doc * Broken examples deleted * Debug code removed * Wrong docstring * Update evm __main__ * Update evm __main__ * Update evm __main__ * Update evm __main__ * Update evm __main__ * Fix TODO
38 lines
1020 B
Python
38 lines
1020 B
Python
from manticore.seth import ManticoreEVM, IntegerOverflow
|
|
m = ManticoreEVM()
|
|
m.register_detector(IntegerOverflow())
|
|
|
|
#And now make the contract account to analyze
|
|
source_code = '''
|
|
pragma solidity ^0.4.15;
|
|
contract Overflow {
|
|
uint private sellerBalance=0;
|
|
|
|
function add(uint value) returns (uint){
|
|
sellerBalance += value; // complicated math with possible overflow
|
|
|
|
// possible auditor assert
|
|
assert(sellerBalance >= value);
|
|
return sellerBalance;
|
|
}
|
|
}
|
|
'''
|
|
#Initialize user and contracts
|
|
user_account = m.create_account(balance=1000)
|
|
contract_account = m.solidity_create_contract(source_code, owner=user_account, balance=0)
|
|
|
|
#First add won't overflow uint256 representation
|
|
contract_account.add(m.make_symbolic_value())
|
|
|
|
#Potential overflow
|
|
contract_account.add(m.make_symbolic_value())
|
|
|
|
#Let seth know we are not sending more transactions so it can output
|
|
# info about running states and global statistics
|
|
m.finalize()
|
|
print "[+] Look for results in %s"% m.workspace
|
|
|
|
|
|
|
|
|