From 05de5619e471de643ae13bbb3602b9fad4f089d0 Mon Sep 17 00:00:00 2001 From: Jose Garcia Crosta Date: Fri, 23 Feb 2024 13:54:50 -0300 Subject: [PATCH 1/5] Fix detector --- .../src/lib.rs | 16 +++++++++++++--- .../vulnerable-example/Cargo.toml | 7 ++++++- .../vulnerable-example/src/lib.rs | 2 -- 3 files changed, 19 insertions(+), 6 deletions(-) diff --git a/detectors/unprotected-update-current-contract-wasm/src/lib.rs b/detectors/unprotected-update-current-contract-wasm/src/lib.rs index a291c1d7..bb5b5417 100644 --- a/detectors/unprotected-update-current-contract-wasm/src/lib.rs +++ b/detectors/unprotected-update-current-contract-wasm/src/lib.rs @@ -6,6 +6,8 @@ extern crate rustc_hir; extern crate rustc_middle; extern crate rustc_span; +use std::collections::HashSet; + use rustc_hir::{ intravisit::{walk_expr, Visitor}, Expr, ExprKind, @@ -82,6 +84,7 @@ impl<'tcx> LateLintPass<'tcx> for UnprotectedUpdateCurrentContractWasm { BasicBlock::from_u32(0), false, &uuf_storage, + &mut HashSet::new(), ); for span in spans { @@ -97,11 +100,12 @@ impl<'tcx> LateLintPass<'tcx> for UnprotectedUpdateCurrentContractWasm { bb: BasicBlock, auth_checked: bool, uuf_storage: &UnprotectedUpdateFinder, + visited: &mut HashSet, ) -> Vec { - let mut ret_vec: Vec = Vec::::new(); - if bbs[bb].terminator.is_none() { - return ret_vec; + if !visited.insert(bb) || bbs[bb].terminator.is_none() { + return Vec::new(); } + let mut ret_vec: Vec = Vec::::new(); let mut checked = auth_checked; match &bbs[bb].terminator().kind { TerminatorKind::Call { @@ -130,6 +134,7 @@ impl<'tcx> LateLintPass<'tcx> for UnprotectedUpdateCurrentContractWasm { *utarget, checked, uuf_storage, + visited, )); } } @@ -140,6 +145,7 @@ impl<'tcx> LateLintPass<'tcx> for UnprotectedUpdateCurrentContractWasm { *target, checked, uuf_storage, + visited, )); } } @@ -151,6 +157,7 @@ impl<'tcx> LateLintPass<'tcx> for UnprotectedUpdateCurrentContractWasm { *target, checked, uuf_storage, + visited, )); } TerminatorKind::Yield { resume, .. } => { @@ -159,6 +166,7 @@ impl<'tcx> LateLintPass<'tcx> for UnprotectedUpdateCurrentContractWasm { *resume, checked, uuf_storage, + visited, )); } TerminatorKind::FalseEdge { real_target, .. } @@ -168,6 +176,7 @@ impl<'tcx> LateLintPass<'tcx> for UnprotectedUpdateCurrentContractWasm { *real_target, checked, uuf_storage, + visited, )); } TerminatorKind::InlineAsm { destination, .. } => { @@ -177,6 +186,7 @@ impl<'tcx> LateLintPass<'tcx> for UnprotectedUpdateCurrentContractWasm { *udestination, checked, uuf_storage, + visited, )); } } diff --git a/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/Cargo.toml b/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/Cargo.toml index a9a19727..582af695 100644 --- a/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/Cargo.toml +++ b/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/Cargo.toml @@ -28,4 +28,9 @@ lto = true [profile.release-with-logs] inherits = "release" -debug-assertions = true \ No newline at end of file +debug-assertions = true + +[workspace.metadata.dylint] +libraries = [ + { path = "/Users/josegarcia/Desktop/coinfabrik/scout-soroban/detectors/unprotected-update-current-contract-wasm"}, +] diff --git a/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/src/lib.rs b/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/src/lib.rs index 003e0aaa..ef4a7993 100644 --- a/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/src/lib.rs +++ b/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/src/lib.rs @@ -22,8 +22,6 @@ impl UpgradeableContract { } pub fn upgrade(e: Env, new_wasm_hash: BytesN<32>) { - let admin: Address = e.storage().instance().get(&DataKey::Admin).unwrap(); - e.deployer().update_current_contract_wasm(new_wasm_hash); } } From 10d65af7084676cf65790b9d33790dd56ff7e303 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Garc=C3=ADa=20Crosta?= Date: Mon, 26 Feb 2024 10:21:34 -0300 Subject: [PATCH 2/5] Update Cargo.toml --- .../vulnerable-example/Cargo.toml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/Cargo.toml b/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/Cargo.toml index 582af695..9f42e808 100644 --- a/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/Cargo.toml +++ b/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/Cargo.toml @@ -29,8 +29,3 @@ lto = true [profile.release-with-logs] inherits = "release" debug-assertions = true - -[workspace.metadata.dylint] -libraries = [ - { path = "/Users/josegarcia/Desktop/coinfabrik/scout-soroban/detectors/unprotected-update-current-contract-wasm"}, -] From 653e9833e03734ca380eccf11888bbeb2799f3d8 Mon Sep 17 00:00:00 2001 From: Jose Garcia Crosta Date: Mon, 26 Feb 2024 10:45:13 -0300 Subject: [PATCH 3/5] Fix some dependencies --- .../remediated-example/Cargo.toml | 2 +- .../vulnerable-example/Cargo.toml | 2 +- .../overflow-check-1/remediated-example/Cargo.toml | 2 +- .../overflow-check-1/vulnerable-example/Cargo.toml | 2 +- .../soroban-version-1/remediated-example/Cargo.toml | 4 ++-- .../remediated-example/Cargo.toml | 4 ++-- .../vulnerable-example/Cargo.toml | 2 +- 7 files changed, 9 insertions(+), 9 deletions(-) diff --git a/test-cases/insufficiently-random-values/insufficiently-random-values-1/remediated-example/Cargo.toml b/test-cases/insufficiently-random-values/insufficiently-random-values-1/remediated-example/Cargo.toml index 297b14e1..6e20f2a8 100644 --- a/test-cases/insufficiently-random-values/insufficiently-random-values-1/remediated-example/Cargo.toml +++ b/test-cases/insufficiently-random-values/insufficiently-random-values-1/remediated-example/Cargo.toml @@ -8,7 +8,7 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = "20.0.0-rc2" +soroban-sdk = "=20.0.0" [dev_dependencies] soroban-sdk = { version = "=20.0.0", features = ["testutils"] } diff --git a/test-cases/insufficiently-random-values/insufficiently-random-values-1/vulnerable-example/Cargo.toml b/test-cases/insufficiently-random-values/insufficiently-random-values-1/vulnerable-example/Cargo.toml index d018c420..5ade58d7 100644 --- a/test-cases/insufficiently-random-values/insufficiently-random-values-1/vulnerable-example/Cargo.toml +++ b/test-cases/insufficiently-random-values/insufficiently-random-values-1/vulnerable-example/Cargo.toml @@ -8,7 +8,7 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = "20.0.0-rc2" +soroban-sdk = "=20.0.0" [dev_dependencies] soroban-sdk = { version = "=20.0.0", features = ["testutils"] } diff --git a/test-cases/overflow-check/overflow-check-1/remediated-example/Cargo.toml b/test-cases/overflow-check/overflow-check-1/remediated-example/Cargo.toml index 8a51c0ee..45224611 100644 --- a/test-cases/overflow-check/overflow-check-1/remediated-example/Cargo.toml +++ b/test-cases/overflow-check/overflow-check-1/remediated-example/Cargo.toml @@ -8,7 +8,7 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = "20.0.0-rc2" +soroban-sdk = "=20.0.0" [dev_dependencies] soroban-sdk = { version = "=20.0.0", features = ["testutils"] } diff --git a/test-cases/overflow-check/overflow-check-1/vulnerable-example/Cargo.toml b/test-cases/overflow-check/overflow-check-1/vulnerable-example/Cargo.toml index 6ac79841..536d3c4c 100644 --- a/test-cases/overflow-check/overflow-check-1/vulnerable-example/Cargo.toml +++ b/test-cases/overflow-check/overflow-check-1/vulnerable-example/Cargo.toml @@ -8,7 +8,7 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = "20.0.0-rc2" +soroban-sdk = "=20.0.0" [dev_dependencies] soroban-sdk = { version = "=20.0.0", features = ["testutils"] } diff --git a/test-cases/soroban-version/soroban-version-1/remediated-example/Cargo.toml b/test-cases/soroban-version/soroban-version-1/remediated-example/Cargo.toml index a1ee2504..f615db19 100644 --- a/test-cases/soroban-version/soroban-version-1/remediated-example/Cargo.toml +++ b/test-cases/soroban-version/soroban-version-1/remediated-example/Cargo.toml @@ -7,10 +7,10 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = { version = "=20.0.3" } +soroban-sdk = { version = "=20.3.2" } [dev_dependencies] -soroban-sdk = { version = "=20.0.3", features = ["testutils"] } +soroban-sdk = { version = "=20.3.2", features = ["testutils"] } [features] testutils = ["soroban-sdk/testutils"] diff --git a/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/remediated-example/Cargo.toml b/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/remediated-example/Cargo.toml index a9a19727..97637580 100644 --- a/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/remediated-example/Cargo.toml +++ b/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/remediated-example/Cargo.toml @@ -8,7 +8,7 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = "20.0.0-rc2" +soroban-sdk = "=20.0.0" [dev_dependencies] soroban-sdk = { version = "=20.0.0", features = ["testutils"] } @@ -28,4 +28,4 @@ lto = true [profile.release-with-logs] inherits = "release" -debug-assertions = true \ No newline at end of file +debug-assertions = true diff --git a/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/Cargo.toml b/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/Cargo.toml index 9f42e808..97637580 100644 --- a/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/Cargo.toml +++ b/test-cases/unprotected-update-current-contract-wasm/unprotected-update-current-contract-wasm-1/vulnerable-example/Cargo.toml @@ -8,7 +8,7 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = "20.0.0-rc2" +soroban-sdk = "=20.0.0" [dev_dependencies] soroban-sdk = { version = "=20.0.0", features = ["testutils"] } From a8d192a5055da2bfd4e4a4c2f433c8d0ddc214eb Mon Sep 17 00:00:00 2001 From: Jose Garcia Crosta Date: Mon, 26 Feb 2024 10:57:18 -0300 Subject: [PATCH 4/5] Update avoid unsafe block dependencies --- .../avoid-unsafe-block-1/remediated-example/Cargo.toml | 4 ++-- .../avoid-unsafe-block-1/vulnerable-example/Cargo.toml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/test-cases/avoid-unsafe-block/avoid-unsafe-block-1/remediated-example/Cargo.toml b/test-cases/avoid-unsafe-block/avoid-unsafe-block-1/remediated-example/Cargo.toml index 98b83cb8..edc47c18 100644 --- a/test-cases/avoid-unsafe-block/avoid-unsafe-block-1/remediated-example/Cargo.toml +++ b/test-cases/avoid-unsafe-block/avoid-unsafe-block-1/remediated-example/Cargo.toml @@ -7,10 +7,10 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = { version = "20.0.0" } +soroban-sdk = { version = "=20.0.0" } [dev_dependencies] -soroban-sdk = { version = "20.0.0", features = ["testutils"] } +soroban-sdk = { version = "=20.0.0", features = ["testutils"] } [features] testutils = ["soroban-sdk/testutils"] diff --git a/test-cases/avoid-unsafe-block/avoid-unsafe-block-1/vulnerable-example/Cargo.toml b/test-cases/avoid-unsafe-block/avoid-unsafe-block-1/vulnerable-example/Cargo.toml index f12e1f70..ab83c36e 100644 --- a/test-cases/avoid-unsafe-block/avoid-unsafe-block-1/vulnerable-example/Cargo.toml +++ b/test-cases/avoid-unsafe-block/avoid-unsafe-block-1/vulnerable-example/Cargo.toml @@ -7,10 +7,10 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = { version = "20.0.0" } +soroban-sdk = { version = "=20.0.0" } [dev_dependencies] -soroban-sdk = { version = "20.0.0", features = ["testutils"] } +soroban-sdk = { version = "=20.0.0", features = ["testutils"] } [features] testutils = ["soroban-sdk/testutils"] @@ -27,4 +27,4 @@ lto = true [profile.release-with-logs] inherits = "release" -debug-assertions = true \ No newline at end of file +debug-assertions = true From af70cb29b70405dee4586d4dfbcd6133d5ec935a Mon Sep 17 00:00:00 2001 From: Jose Garcia Crosta Date: Mon, 26 Feb 2024 11:30:03 -0300 Subject: [PATCH 5/5] Update dos-unbounded-operation dependencies --- .../dos-unbounded-operation-1/remediated-example/Cargo.toml | 4 ++-- .../dos-unbounded-operation-1/vulnerable-example/Cargo.toml | 4 ++-- .../dos-unbounded-operation-2/remediated-example/Cargo.toml | 4 ++-- .../dos-unbounded-operation-2/vulnerable-example/Cargo.toml | 4 ++-- .../dos-unbounded-operation-3/remediated-example/Cargo.toml | 4 ++-- .../dos-unbounded-operation-3/vulnerable-example/Cargo.toml | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/test-cases/dos-unbounded-operation/dos-unbounded-operation-1/remediated-example/Cargo.toml b/test-cases/dos-unbounded-operation/dos-unbounded-operation-1/remediated-example/Cargo.toml index 09f3bff0..e14e166d 100644 --- a/test-cases/dos-unbounded-operation/dos-unbounded-operation-1/remediated-example/Cargo.toml +++ b/test-cases/dos-unbounded-operation/dos-unbounded-operation-1/remediated-example/Cargo.toml @@ -7,10 +7,10 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = { version = "20.0.0" } +soroban-sdk = { version = "=20.0.0" } [dev_dependencies] -soroban-sdk = { version = "20.0.0", features = ["testutils"] } +soroban-sdk = { version = "=20.0.0", features = ["testutils"] } [features] testutils = ["soroban-sdk/testutils"] diff --git a/test-cases/dos-unbounded-operation/dos-unbounded-operation-1/vulnerable-example/Cargo.toml b/test-cases/dos-unbounded-operation/dos-unbounded-operation-1/vulnerable-example/Cargo.toml index 59fef86f..4bc5e539 100644 --- a/test-cases/dos-unbounded-operation/dos-unbounded-operation-1/vulnerable-example/Cargo.toml +++ b/test-cases/dos-unbounded-operation/dos-unbounded-operation-1/vulnerable-example/Cargo.toml @@ -7,10 +7,10 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = { version = "20.0.0" } +soroban-sdk = { version = "=20.0.0" } [dev_dependencies] -soroban-sdk = { version = "20.0.0", features = ["testutils"] } +soroban-sdk = { version = "=20.0.0", features = ["testutils"] } [features] testutils = ["soroban-sdk/testutils"] diff --git a/test-cases/dos-unbounded-operation/dos-unbounded-operation-2/remediated-example/Cargo.toml b/test-cases/dos-unbounded-operation/dos-unbounded-operation-2/remediated-example/Cargo.toml index 033fbc91..4f77f7e2 100644 --- a/test-cases/dos-unbounded-operation/dos-unbounded-operation-2/remediated-example/Cargo.toml +++ b/test-cases/dos-unbounded-operation/dos-unbounded-operation-2/remediated-example/Cargo.toml @@ -7,10 +7,10 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = { version = "20.0.0" } +soroban-sdk = { version = "=20.0.0" } [dev_dependencies] -soroban-sdk = { version = "20.0.0", features = ["testutils"] } +soroban-sdk = { version = "=20.0.0", features = ["testutils"] } [features] testutils = ["soroban-sdk/testutils"] diff --git a/test-cases/dos-unbounded-operation/dos-unbounded-operation-2/vulnerable-example/Cargo.toml b/test-cases/dos-unbounded-operation/dos-unbounded-operation-2/vulnerable-example/Cargo.toml index 9168c29c..647591a7 100644 --- a/test-cases/dos-unbounded-operation/dos-unbounded-operation-2/vulnerable-example/Cargo.toml +++ b/test-cases/dos-unbounded-operation/dos-unbounded-operation-2/vulnerable-example/Cargo.toml @@ -7,10 +7,10 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = { version = "20.0.0" } +soroban-sdk = { version = "=20.0.0" } [dev_dependencies] -soroban-sdk = { version = "20.0.0", features = ["testutils"] } +soroban-sdk = { version = "=20.0.0", features = ["testutils"] } [features] testutils = ["soroban-sdk/testutils"] diff --git a/test-cases/dos-unbounded-operation/dos-unbounded-operation-3/remediated-example/Cargo.toml b/test-cases/dos-unbounded-operation/dos-unbounded-operation-3/remediated-example/Cargo.toml index 67c931fb..07d29128 100644 --- a/test-cases/dos-unbounded-operation/dos-unbounded-operation-3/remediated-example/Cargo.toml +++ b/test-cases/dos-unbounded-operation/dos-unbounded-operation-3/remediated-example/Cargo.toml @@ -7,10 +7,10 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = { version = "20.0.0" } +soroban-sdk = { version = "=20.0.0" } [dev_dependencies] -soroban-sdk = { version = "20.0.0", features = ["testutils"] } +soroban-sdk = { version = "=20.0.0", features = ["testutils"] } [features] testutils = ["soroban-sdk/testutils"] diff --git a/test-cases/dos-unbounded-operation/dos-unbounded-operation-3/vulnerable-example/Cargo.toml b/test-cases/dos-unbounded-operation/dos-unbounded-operation-3/vulnerable-example/Cargo.toml index efefdeab..ef6f9a17 100644 --- a/test-cases/dos-unbounded-operation/dos-unbounded-operation-3/vulnerable-example/Cargo.toml +++ b/test-cases/dos-unbounded-operation/dos-unbounded-operation-3/vulnerable-example/Cargo.toml @@ -7,10 +7,10 @@ edition = "2021" crate-type = ["cdylib"] [dependencies] -soroban-sdk = { version = "20.0.0" } +soroban-sdk = { version = "=20.0.0" } [dev_dependencies] -soroban-sdk = { version = "20.0.0", features = ["testutils"] } +soroban-sdk = { version = "=20.0.0", features = ["testutils"] } [features] testutils = ["soroban-sdk/testutils"]