Skip to content

Releases: crytic/slither

v0.6.2

05 Apr 18:24
Compare
Choose a tag to compare

0.6.2 - 2019-03-05

This release brings Embark native support, fixes several bugs, and improves slither-check-upgradeability.

Added

Changed

  • Rename slither-check-upgradability to slither-check-upgradeability (bffa59f)
  • --ignore-truffle-compile flag renamed to --truffle-ignore-compile
  • Improve slither-check-upgradeability output and documentation.
  • API changed: Add framework detection within Slither object; the caller does not need to check for native/truffle/embark (ee1b4c2)

Fixed

  • Incorrect source mapping computation (#194)
  • Incorrect data dependency for return values (#193)
  • Crash related to the support of abi.decode (#177)

v0.6.1

04 Mar 20:14
Compare
Choose a tag to compare

0.6.1 - 2019-03-04

This release brings a new utility: slither-find-paths to review complex codebase, adds a new check to slither-check-upgradability, and fixes minor bugs.

Added

Changed

  • Calls in loop detector: remove duplicate results ( 39500c0)
  • Call graph printer: export functions individually (833e390)
  • API changed: make GENERIC_TAINT optional on is_tainted call #181

Fixed

  • Incorrect SlithIR conversion in case of explicit base contract usage (8a94a6e, c6e090e, b992010)
  • Use referenced declaration for functions to fix reference not found (AST compact only)
    #177
  • Fix typo in callcode 8344c4e

v0.6.0

15 Feb 22:03
Compare
Choose a tag to compare

0.6.0 - 2019-02-15

This release adds 3 new detectors, 5 new printers, improves the overall usability of Slither, and introduces a new tool: slither-check-upgradability to help to review upradable contracts. User and developer documentation has dramatically improved. This release brings also several bugfixes, API enhancements and lowers the rate of false positives for several detectors.

Thanks to our external contributors @cty12, @mrice32 and @ptare for their numerous bug reports.

Added

Changed:

  • Reduce the false alarms rates of:
    • Unused variables: consider expression oustide of the functions' scope #167
    • Reentrancy: check if a call to this is reentrancy-safe + don't consider view/pure calls for Solidity >= 0.5 #127 #126
    • Locked ether: follow libraries calls #163
  • Improve Truffle integration: Slither will automatically switch to the truffle version provided in package.json (#154)
  • Improve SSA conversion: Use of an interprocedural sensitive analysis (follow parameters) (#156 (comment))
  • Improve data dependency: Compute a fix-point on function context (#171)
  • Improve inheritance printer output (#162, #166)
  • Add support of staticall (#152)

Fixed

  • Several minors bugs, including:
    • Incorrect SSA conversion on Return (59af388)
    • is_storage property on StateVariableIR/LocalVariableIR (59af388)
    • Crash when two variables have the same name #151
    • Incorrect location for LocalVariableIR (#143)
    • Add constant folding visitor to avoid crash on expression-based length (#144)

v0.5.2

31 Jan 18:57
Compare
Choose a tag to compare

0.5.2 - 2019-01-31

This release improves performance, fixes minor bugs, and simplifies the generation of our documentation.

Added

  • Add a vulnerability description to all the detectors, then use that to auto-generate the wiki documentation.

Changed

  • Improve the reentrancy heuristics: the reentrancy information is computed only one time, and its information is shared across all the reentrancy variants.
  • Use a cache system for the function.all_* properties
  • Re-add the Length SlithIR operator (ed7afe0)

Fixed

  • Incorrect read information in case of ReferenceVariable (1cdc34e)

v0.5.1

25 Jan 16:03
Compare
Choose a tag to compare

0.5.1 - 2019-01-25

This release fixes minor bugs and adds support for a handful of missing operations.

We gave a presentation about Slither during our last office hours. We discussed the framework, how it works and its future evolution. The video is available here.

Added

  • Support for constructors declared as a modifier and in the contract's definition (contract B is A(10){ ) (#132)
  • Support for gas and value in dynamic function calls (#132)
  • Support for ternary conversions in modifiers (#140)
  • Support for hexadecimal in subdenominations (#147)
  • Support for user-defined types in functions (#136)
  • Support for indexed information in events (c032328)

Fixed

  • UTF8 file encoding (#146)
  • Parsing of empty do-while loop (#133)

v0.5.0

14 Jan 20:05
Compare
Choose a tag to compare

0.5.0 - 2019-01-14

This release adds support for static single assignment (SSA) to SlithIR for both local and state variables. The use of SSA facilitates the tracking data dependencies and will enable more precise detectors. There are three new detectors: incorrect-equality, shadowing-builtin, shadowing-local, and one new printer: cfg. Detection of reentrancy was improved and now has three levels of severity. This release also includes bugfixes and lowers the rate of false positives for several detectors.

Thanks to our external contributors @mrice32 and @ptare for their numerous bug reports.

Added

  • Detectors:
    • incorrect-equality: Dangerous strict equalities, such as this.balance == 0 ether.
    • shadowing-builtin: Shadowing of builtin symbols
    • shadowing-local: Local variables shadowing the contract's elements
  • SSA on SlithIR:
    • Add Phi operator
    • Add LocalIRVariable and StateIRVariable (they contain the SSA index)
    • Follow Cooper, Harvey, Kennedy to compute minimal SSA
    • Add additional Phi operators at function entrance and after external calls to handle state variables
  • Alias Analysis to track storage references
  • Integrate alias analysis info into the SSA engine for precise SSA construction (note there is a limitation: alias analysis is not yet interprocedural and has no support for functions returning a storage reference)
  • Add new printer: cfg, which exports the CFG of each function (8452b32)
  • Add dominators information
    • List of dominator nodes
    • Dominator tree
    • Dominance frontier

Changed

  • The reentrancy detector is split into three variants to facilitate the triage of results:
    • reentrancy-eth: theft of ether and read before writing (high severity)
    • reentrancy-no-eth: no theft of ether and read before writing (medium severity)
    • reentrancy-benign: no read before writing (low severity)
  • The data dependency is now computed using the SSA
  • Multiple new contract and function helpers (b549a3e, 57a0918, a704635)
  • Improve subdenomination support (ether, wei, days, ..) bdca730
  • Lower false positive for several detectors:

Bugfixes

  • Incorrect return nested array #121,
  • Support for empty tuple in return 7813fdf
  • Support for implicit uint256->int256 conversion on function matching #120
  • Support ternary in return statement #115

v0.4.0

14 Dec 20:44
Compare
Choose a tag to compare

0.4.0 - 2018-12-14

This release brings 4 new detectors, improves the support for Solidity >=0.5, and fixes several minor issues.

Thanks to our external contributors!

@adamhos
@mattaereal
@mihairaulea

Added

  • New detectors:
    • shadowing-state: Detect state variables shadowed
    • shadowing-abstract: Detect state variables shadowed from abstract contracts
    • timestamp: Detect dangerous usage of block.timestamp
    • calls-loop: Detect dangerous calls inside a loop
  • --trufle-version version flag: Allow to install and run a local version of truffle (#105)
    • slither --truffle-version truffle@beta . : Run truffle with Solidity 0.5
    • slither --truffle-version truffle@4.1.14 . : Run truffle with Solidity 0.4

Changed

  • Improve Solidity 0.5.0 and 0.5.1 support (#102)
  • Json output format (#108)

Fixed

  • Variable unpacking issue for the contract printer (#104)
  • Multiple minor parsing bugs (#98, #99, #100)
  • Incorrect do-while recovery (#97)
  • SlithIR: incorrect return tuple conversion (#89)

v0.3.1

03 Dec 15:09
Compare
Choose a tag to compare

0.3.1 - 2018-12-03

This release fixes minor bugs and improves the json output.

Changed

  • Improve json ouput:
  • Add support for Truffle projects using a truffle-config.js file instead of truffle.js
  • Fix incorrect slithIR conversion for mapping of mapping (#83)
  • Fix minor bugs (remove duplicate constructors, fix incorrect is_implemented attribute in Modifier)

v0.3.0

20 Nov 17:04
Compare
Choose a tag to compare

0.3.0 - 2018-11-20

This release brings 4 new detectors, 1 new printer, improved UX, and several bug fixes.

Thanks to the Ethereum Community Fund for funding Gitcoin bounties!

Thanks also to our external contributors!
@anukul
@benstew
@rmi7
@rluijk
@samparsky

Added

  • New detectors:
    • controlled-delegatecall: Detect user-controlled delegatecall destination
    • constant-function : Detect constant functions that change state
    • uninitialized-local : Detect uninitialized local variables
    • unused-return-value : Detect unused return values
  • New printer:
    • human-summary: Print a human readable summary of the contracts

Changed

  • Refactored the output of the detectors:
    • Bug descriptions are more verbose
    • Add line number information
    • Create vulnerability descriptions with short descriptions, exploit scenarios, and recommendations
  • Refactored unit tests to output to JSON
  • Simplified integration with Truffle (slither now runs truffle compile automatically when applied to a Truffle directory)

Recommendation

  • Use the constant-function detector to ensure correct interactions between contracts compiled with Solidity <0.5 and >=0.5

v0.2.0

30 Oct 08:37
Compare
Choose a tag to compare

0.2.0 - 2018-10-30

This release brings 2 new detectors, 2 new printers, integration with Truffle, and enhancements to SlithIR and the detector API.

Thanks to the Ethereum Community Fund for funding many Gitcoin bounties!

Thanks also to our external contributors!
@cryptomental
@evgeniuz
@pvgupta24
@redshark1802
@samparsky

Added

  • Truffle integration. Slither can be run on a Truffle directory: truffle compile && slither .
  • new detectors:
    • constable-states: Detect state variables that could be declared constant
    • external-function: Detect public functions that could be declared as external
  • new printers:
    • call-graph: Export the call-graph of the contracts to a dot file
    • inheritance: Print the inheritance relations between contracts
  • Support for solc's compact AST

Changed

  • The original inheritance printer is now called inheritance-graph
  • Command line arguments are easier to use
  • SlithIR bugfixes and improvements
  • Internal API changes: #58