DeforaNetworks/manticore
3
0
Fork 0
Code Releases Activity
manticore/tests/test_eth.py
Mark Mossberg fb79127bc2
Graceful exit when no states to run (#815) 
* rm unnecessary return, change assert to graceful handle

* Add regression test

* Add regression test

* Correct logic

* Rm unnecessary check

This branch is unnecessary, if this condition is true, then ultimately
the executor will do nothing, and we'll simply return anyway.

* Raise NoAliveStates if no alive states to execute

* docstr update

* Update mult_tx_analysis to handle NoAliveStates

* Fancy

* Update test

* Codeclimate fmt

* fmt

* better readability

* add docstr
2018-03-16 17:48:36 -04:00

196 lines
6.4 KiB
Python
Raw Blame History

import unittest
import os
from manticore.core.smtlib import ConstraintSet, operators
from manticore.core.smtlib.expression import BitVec
from manticore.core.state import State
from manticore.ethereum import ManticoreEVM, IntegerOverflow, Detector, NoAliveStates
from manticore.platforms.evm import EVMWorld, ConcretizeStack, concretized_args
THIS_DIR = os.path.dirname(os.path.abspath(__file__))
# FIXME(mark): Remove these two lines when logging works for ManticoreEVM
from manticore.utils.log import init_logging
init_logging()
class EthDetectorsIntegrationTest(unittest.TestCase):
def test_int_ovf(self):
mevm = ManticoreEVM()
mevm.register_detector(IntegerOverflow())
filename = os.path.join(THIS_DIR, 'binaries/int_overflow.sol')
mevm.multi_tx_analysis(filename)
self.assertEqual(len(mevm.global_findings), 3)
all_findings = ''.join(map(lambda x: x[2], mevm.global_findings))
self.assertIn('underflow at SUB', all_findings)
self.assertIn('overflow at ADD', all_findings)
self.assertIn('overflow at MUL', all_findings)
class EthDetectors(unittest.TestCase):
def setUp(self):
self.io = IntegerOverflow()
self.state = self.make_mock_evm_state()
@staticmethod
def make_mock_evm_state():
cs = ConstraintSet()
fakestate = State(cs, EVMWorld(cs))
return fakestate
def test_mul_no_overflow(self):
"""
Regression test added for issue 714, where we were using the ADD ovf check for MUL
"""
arguments = [1 << (8 * 31), self.state.new_symbolic_value(256)]
self.state.constrain(operators.ULT(arguments[1], 256))
# TODO(mark) We should actually call into the EVM cpu here, and below, rather than
# effectively copy pasting what the MUL does
result = arguments[0] * arguments[1]
check = self.io._can_mul_overflow(self.state, result, *arguments)
self.assertFalse(check)
def test_mul_overflow0(self):
arguments = [2 << (8 * 31), self.state.new_symbolic_value(256)]
self.state.constrain(operators.ULT(arguments[1], 256))
result = arguments[0] * arguments[1]
check = self.io._can_mul_overflow(self.state, result, *arguments)
self.assertTrue(check)
def test_mul_overflow1(self):
arguments = [1 << 255, self.state.new_symbolic_value(256)]
result = arguments[0] * arguments[1]
check = self.io._can_mul_overflow(self.state, result, *arguments)
self.assertTrue(check)
class EthTests(unittest.TestCase):
def test_emit_did_execute_end_instructions(self):
class TestDetector(Detector):
def did_evm_execute_instruction_callback(self, state, instruction, arguments, result):
if instruction.semantics in ('REVERT', 'STOP'):
with self.locked_context('insns', dict) as d:
d[instruction.semantics] = True
mevm = ManticoreEVM()
p = TestDetector()
mevm.register_detector(p)
filename = os.path.join(THIS_DIR, 'binaries/int_overflow.sol')
mevm.multi_tx_analysis(filename, tx_limit=1)
self.assertIn('insns', p.context)
context = p.context['insns']
self.assertIn('STOP', context)
self.assertIn('REVERT', context)
def test_graceful_handle_no_alive_states(self):
"""
If there are no alive states, or no initial states, we should not crash. issue #795
"""
# initiate the blockchain
m = ManticoreEVM()
source_code = '''
contract Simple {
function f(uint a) payable public {
if (a == 65) {
revert();
}
}
}
'''
# Initiate the accounts
user_account = m.create_account(balance=1000)
contract_account = m.solidity_create_contract(source_code, owner=user_account, balance=0)
contract_account.f(1) # it works
contract_account.f(65) # it works
with self.assertRaises(NoAliveStates):
contract_account.f(m.SValue) # no alive states, but try to run a tx anyway
def test_can_create(self):
mevm = ManticoreEVM()
source_code = """
contract X { function X(address x) {} }
contract C { function C(address x) { new X(x); }
}
"""
# Make sure that we can can call CREATE without raising an exception
owner = mevm.create_account(balance=1000)
x = mevm.create_account(balance=0)
contract_account = mevm.solidity_create_contract(source_code,
contract_name="C", owner=owner, args=[x])
def test_writebuffer_doesnt_raise(self):
mevm = ManticoreEVM()
source_code = """
contract X {
mapping(address => uint) private balance;
function f(address z) returns (uint) { return balance[z]; }
}
contract C {
X y;
function C() {
y = new X();
uint z = y.f(0);
}
}"""
# Make sure that write_buffer (used by RETURN) succeeds without errors
owner = mevm.create_account(balance=1000)
x = mevm.create_account(balance=0)
contract_account = mevm.solidity_create_contract(source_code,
contract_name="C", owner=owner, args=[x])
class EthHelpers(unittest.TestCase):
def setUp(self):
self.bv = BitVec(256)
def test_concretizer(self):
policy = 'SOME_NONSTANDARD_POLICY'
@concretized_args(a=policy)
def inner_func(self, a, b):
return a, b
with self.assertRaises(ConcretizeStack) as cm:
inner_func(None, self.bv, 34)
self.assertEquals(cm.exception.pos, 1)
self.assertEquals(cm.exception.policy, policy)
def test_concretizer_default(self):
@concretized_args(b='')
def inner_func(self, a, b):
return a, b
with self.assertRaises(ConcretizeStack) as cm:
inner_func(None, 34, self.bv)
self.assertEquals(cm.exception.pos, 2)
# Make sure the policy isn't blank, i.e. we didn't pass through
# a falsifiable value, and we selected a default
self.assertTrue(cm.exception.policy)
self.assertNotEquals(cm.exception.policy, '')
def test_concretizer_doesnt_overreach(self):
@concretized_args(b='')
def inner_func(self, a, b):
return a, b
# Make sure we don't raise when a param is symbolic and its concretization
# wasn't requested.
inner_func(None, self.bv, 123)
View Git Blame Copy Permalink