-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into 4-dos-unbounded-operation
- Loading branch information
Showing
13 changed files
with
498 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
# Avoid core::mem::forget usage | ||
|
||
### What it does | ||
|
||
Checks for `core::mem::forget` usage. | ||
|
||
### Why is this bad? | ||
|
||
This is a bad practice because it can lead to memory leaks, resource leaks and logic errors. | ||
|
||
### Example | ||
|
||
```rust | ||
pub fn forget_something(n: WithoutCopy) -> u64 { | ||
core::mem::forget(n); | ||
0 | ||
} | ||
``` | ||
|
||
Use instead: | ||
|
||
```rust | ||
pub fn forget_something(n: WithoutCopy) -> u64 { | ||
let _ = n; | ||
0 | ||
} | ||
``` | ||
|
||
### Implementation | ||
|
||
The detector's implementation can be found at [this link](https://github.com/CoinFabrik/scout-soroban/tree/main/detectors/avoid-core-mem-forget). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
[package] | ||
name = "avoid-panic-error" | ||
version = "0.1.0" | ||
edition = "2021" | ||
|
||
[lib] | ||
crate-type = ["cdylib"] | ||
|
||
[dependencies] | ||
clippy_utils = { workspace = true } | ||
dylint_linting = { workspace = true } | ||
if_chain = { workspace = true } | ||
|
||
scout-audit-internal = { workspace = true } | ||
|
||
[dev-dependencies] | ||
dylint_testing = { workspace = true } | ||
|
||
[package.metadata.rust-analyzer] | ||
rustc_private = true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,187 @@ | ||
#![feature(rustc_private)] | ||
#![warn(unused_extern_crates)] | ||
|
||
extern crate rustc_ast; | ||
extern crate rustc_span; | ||
|
||
use clippy_utils::sym; | ||
use if_chain::if_chain; | ||
use rustc_ast::{ | ||
ptr::P, | ||
token::{LitKind, TokenKind}, | ||
tokenstream::{TokenStream, TokenTree}, | ||
AttrArgs, AttrKind, Expr, ExprKind, Item, MacCall, StmtKind, | ||
}; | ||
use rustc_lint::{EarlyContext, EarlyLintPass}; | ||
use rustc_span::{sym, Span}; | ||
use scout_audit_internal::Detector; | ||
|
||
dylint_linting::impl_pre_expansion_lint! { | ||
/// ### What it does | ||
/// The panic! macro is used to stop execution when a condition is not met. | ||
/// This is useful for testing and prototyping, but should be avoided in production code | ||
/// | ||
/// ### Why is this bad? | ||
/// The usage of panic! is not recommended because it will stop the execution of the caller contract. | ||
/// | ||
/// ### Known problems | ||
/// While this linter detects explicit calls to panic!, there are some ways to raise a panic such as unwrap() or expect(). | ||
/// | ||
/// ### Example | ||
/// ```rust | ||
/// pub fn add(env: Env, value: u32) -> u32 { | ||
/// let storage = env.storage().instance(); | ||
/// let mut count: u32 = storage.get(&COUNTER).unwrap_or(0); | ||
/// match count.checked_add(value) { | ||
/// Some(value) => count = value, | ||
/// None => panic!("Overflow error"), | ||
/// } | ||
/// storage.set(&COUNTER, &count); | ||
/// storage.extend_ttl(100, 100); | ||
/// count | ||
/// } | ||
/// ``` | ||
/// Use instead: | ||
/// ```rust | ||
/// pub fn add(env: Env, value: u32) -> Result<u32, Error> { | ||
/// let storage = env.storage().instance(); | ||
/// let mut count: u32 = storage.get(&COUNTER).unwrap_or(0); | ||
/// match count.checked_add(value) { | ||
/// Some(value) => count = value, | ||
/// None => return Err(Error::OverflowError), | ||
/// } | ||
/// storage.set(&COUNTER, &count); | ||
/// storage.extend_ttl(100, 100); | ||
/// Ok(count) | ||
/// } | ||
/// ``` | ||
pub AVOID_PANIC_ERROR, | ||
Warn, | ||
Detector::AvoidPanicError.get_lint_message(), | ||
AvoidPanicError::default() | ||
} | ||
|
||
#[derive(Default)] | ||
pub struct AvoidPanicError { | ||
in_test_span: Option<Span>, | ||
} | ||
|
||
impl EarlyLintPass for AvoidPanicError { | ||
fn check_item(&mut self, _cx: &EarlyContext, item: &Item) { | ||
match (is_test_item(item), self.in_test_span) { | ||
(true, None) => self.in_test_span = Some(item.span), | ||
(true, Some(test_span)) => { | ||
if !test_span.contains(item.span) { | ||
self.in_test_span = Some(item.span); | ||
} | ||
} | ||
(false, None) => {} | ||
(false, Some(test_span)) => { | ||
if !test_span.contains(item.span) { | ||
self.in_test_span = None; | ||
} | ||
} | ||
}; | ||
} | ||
|
||
fn check_stmt(&mut self, cx: &EarlyContext<'_>, stmt: &rustc_ast::Stmt) { | ||
if_chain! { | ||
if !self.in_test_item(); | ||
if let StmtKind::MacCall(mac) = &stmt.kind; | ||
then { | ||
check_macro_call(cx, stmt.span, &mac.mac) | ||
} | ||
} | ||
} | ||
|
||
fn check_expr(&mut self, cx: &EarlyContext, expr: &Expr) { | ||
if_chain! { | ||
if !self.in_test_item(); | ||
if let ExprKind::MacCall(mac) = &expr.kind; | ||
then { | ||
check_macro_call(cx, expr.span, mac) | ||
} | ||
} | ||
} | ||
} | ||
|
||
fn check_macro_call(cx: &EarlyContext, span: Span, mac: &P<MacCall>) { | ||
if_chain! { | ||
if mac.path == sym!(panic); | ||
if let [TokenTree::Token(token, _)] = mac | ||
.args | ||
.tokens | ||
.clone() | ||
.trees() | ||
.collect::<Vec<_>>() | ||
.as_slice(); | ||
if let TokenKind::Literal(lit) = token.kind; | ||
if lit.kind == LitKind::Str; | ||
then { | ||
Detector::AvoidPanicError.span_lint_and_help( | ||
cx, | ||
AVOID_PANIC_ERROR, | ||
span, | ||
&format!("You could use instead an Error enum and then 'return Err(Error::{})'", capitalize_err_msg(lit.symbol.as_str()).replace(' ', "")), | ||
); | ||
} | ||
} | ||
} | ||
|
||
fn is_test_item(item: &Item) -> bool { | ||
item.attrs.iter().any(|attr| { | ||
// Find #[cfg(all(test, feature = "e2e-tests"))] | ||
if_chain!( | ||
if let AttrKind::Normal(normal) = &attr.kind; | ||
if let AttrArgs::Delimited(delim_args) = &normal.item.args; | ||
if is_test_token_present(&delim_args.tokens); | ||
then { | ||
return true; | ||
} | ||
); | ||
|
||
// Find unit or integration tests | ||
if attr.has_name(sym::test) { | ||
return true; | ||
} | ||
|
||
if_chain! { | ||
if attr.has_name(sym::cfg); | ||
if let Some(items) = attr.meta_item_list(); | ||
if let [item] = items.as_slice(); | ||
if let Some(feature_item) = item.meta_item(); | ||
if feature_item.has_name(sym::test); | ||
then { | ||
return true; | ||
} | ||
} | ||
|
||
false | ||
}) | ||
} | ||
|
||
impl AvoidPanicError { | ||
fn in_test_item(&self) -> bool { | ||
self.in_test_span.is_some() | ||
} | ||
} | ||
|
||
fn capitalize_err_msg(s: &str) -> String { | ||
s.split_whitespace() | ||
.map(|word| { | ||
let mut chars = word.chars(); | ||
match chars.next() { | ||
None => String::new(), | ||
Some(f) => f.to_uppercase().collect::<String>() + chars.as_str(), | ||
} | ||
}) | ||
.collect::<Vec<String>>() | ||
.join(" ") | ||
} | ||
|
||
fn is_test_token_present(token_stream: &TokenStream) -> bool { | ||
token_stream.trees().any(|tree| match tree { | ||
TokenTree::Token(token, _) => token.is_ident_named(sym::test), | ||
TokenTree::Delimited(_, _, token_stream) => is_test_token_present(token_stream), | ||
}) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# Set contract storage | ||
|
||
### What it does | ||
|
||
Checks for calls to `env.storage()` without a prior call to `env.require_auth()`. | ||
|
||
### Why is this bad? | ||
|
||
Functions using keys as variables without proper access control or input sanitation can allow users to perform changes in arbitrary memory locations. | ||
|
||
### Known problems | ||
|
||
Only check the function call, so false positives could result. | ||
|
||
### Example | ||
|
||
```rust | ||
fn set_contract_storage(env: Env) { | ||
let _storage = env.storage().instance(); | ||
} | ||
``` | ||
|
||
Use instead: | ||
|
||
```rust | ||
fn set_contract_storage(env: Env, user: Address) { | ||
user.require_auth(); | ||
let _storage = env.storage().instance(); | ||
} | ||
``` | ||
|
||
### Implementation | ||
|
||
The detector's implementation can be found at [this link](https://github.com/CoinFabrik/scout-soroban/tree/main/detectors/set-contract-storage). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
30 changes: 30 additions & 0 deletions
30
test-cases/avoid-panic-error/avoid-panic-error-1/remediated-example/Cargo.toml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
[package] | ||
name = "avoid-panic-error-remediated-1" | ||
version = "0.1.0" | ||
edition = "2021" | ||
|
||
[lib] | ||
crate-type = ["cdylib"] | ||
|
||
[dependencies] | ||
soroban-sdk = { version = "=20.0.0" } | ||
|
||
[dev_dependencies] | ||
soroban-sdk = { version = "=20.0.0", features = ["testutils"] } | ||
|
||
[features] | ||
testutils = ["soroban-sdk/testutils"] | ||
|
||
[profile.release] | ||
opt-level = "z" | ||
overflow-checks = true | ||
debug = 0 | ||
strip = "symbols" | ||
debug-assertions = false | ||
panic = "abort" | ||
codegen-units = 1 | ||
lto = true | ||
|
||
[profile.release-with-logs] | ||
inherits = "release" | ||
debug-assertions = true |
Oops, something went wrong.