Skip to content

Commit

Permalink
better output
Browse files Browse the repository at this point in the history
  • Loading branch information
@shouc
shouc committed Aug 24, 2023
1 parent 62fb838 commit e05683b
Show file tree
Hide file tree
Showing 7 changed files with 28 additions and 13 deletions.
12 changes: 10 additions & 2 deletions src/evm/oracle.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,10 @@ pub fn dummy_precondition(_ctx: &mut EVMOracleCtx<'_>, _stage: u64) -> u64 {


pub struct EVMBugResult {
pub bug_type: String,
pub bug_info: String,
pub input: ConciseEVMInput,
pub issue_source: Option<String>,
pub sourcemap: Option<SourceMapLocation>,
pub bug_idx: u64,
}
Expand All @@ -49,26 +51,32 @@ pub struct EVMBugResult {
impl EVMBugResult {
pub fn to_value(&self) -> serde_json::Value {
serde_json::json!({
"bug_type": self.bug_type,
"bug_info": self.bug_info,
"input": self.input,
"sourcemap": self.sourcemap,
"issue_source": self.issue_source,
"bug_idx": self.bug_idx,
})
}

pub fn new(bug_idx: u64, bug_info: String, input: ConciseEVMInput, sourcemap: Option<SourceMapLocation>) -> Self {
pub fn new(bug_type: String, bug_idx: u64, bug_info: String, input: ConciseEVMInput, sourcemap: Option<SourceMapLocation>, issue_source: Option<String>) -> Self {
Self {
bug_type,
bug_info,
input,
sourcemap,
issue_source,
bug_idx,
}
}

pub fn new_simple(bug_idx: u64, bug_info: String, input: ConciseEVMInput) -> Self {
pub fn new_simple(bug_type: String, bug_idx: u64, bug_info: String, input: ConciseEVMInput) -> Self {
Self {
bug_type,
bug_info,
input,
issue_source: None,
sourcemap: None,
bug_idx,
}
Expand Down
6 changes: 4 additions & 2 deletions src/evm/oracles/echidna.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,10 +73,12 @@ impl
let name = self.names.get(&self.batch_call_txs[idx].1.to_vec()).unwrap();
let bug_idx = (idx << 8) as u64 + ECHIDNA_BUG_IDX;
EVMBugResult::new(
"echidna".to_string(),
bug_idx,
format!("echidna_bug({:?}) hit at contract {:?}\n", name, ctx.input.contract),
format!("{:?} violated", name),
ConciseEVMInput::from_input(ctx.input, ctx.fuzz_state.get_execution_result()),
None
None,
Some(name.clone())
).push_to_output();
bug_idx
} else { 0 }
Expand Down
7 changes: 4 additions & 3 deletions src/evm/oracles/erc20.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,9 +73,10 @@ impl Oracle<EVMState, EVMAddress, Bytecode, Bytes, EVMAddress, EVMU256, Vec<u8>,
if exec_res.flashloan_data.earned > exec_res.flashloan_data.owed {
unsafe {
EVMBugResult::new_simple(
"erc20".to_string(),
ERC20_BUG_IDX,
format!(
"[Flashloan] Earned {} more than owed {}",
"Earned {}wei more than owed {}wei",
exec_res.flashloan_data.earned, exec_res.flashloan_data.owed
),
ConciseEVMInput::from_input(
Expand Down Expand Up @@ -203,14 +204,14 @@ impl Oracle<EVMState, EVMAddress, Bytecode, Bytes, EVMAddress, EVMU256, Vec<u8>,
let net_eth = net / EVMU512::from(10_000_000_000_000_000_000_000_00u128);
unsafe {
EVMBugResult::new_simple(
"erc20".to_string(),
ERC20_BUG_IDX,
format!(
"💰[Flashloan] Earned {} more than owed {}, net earned = {}wei ({}ETH), extra: {:?}\n",
"Earned {} more than owed {}, net earned = {}wei ({}ETH)\n",
exec_res.new_state.state.flashloan_data.earned,
exec_res.new_state.state.flashloan_data.owed,
net,
net_eth,
exec_res.new_state.state.flashloan_data.extra_info
),
ConciseEVMInput::from_input(
ctx.input,
Expand Down
5 changes: 3 additions & 2 deletions src/evm/oracles/selfdestruct.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,13 +79,14 @@ for SelfdestructOracle
*pc
);
EVMBugResult::new(
"selfdestruct".to_string(),
real_bug_idx,
format!(
"[selfdestruct] hit at contract ({})",
name
"Destructed",
),
ConciseEVMInput::from_input(ctx.input, ctx.fuzz_state.get_execution_result()),
srcmap,
Some(name.clone())
).push_to_output();
real_bug_idx
}).collect_vec()
Expand Down
3 changes: 2 additions & 1 deletion src/evm/oracles/state_comp.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,8 +85,9 @@ for StateCompOracle
unsafe {
if STATE_CHANGE && comp(&ctx.post_state, &self.desired_state) {
EVMBugResult::new_simple(
"state_comp".to_string(),
STATE_COMP_BUG_IDX,
"[state_comp] found equivalent state".to_string(),
"Found equivalent state".to_string(),
ConciseEVMInput::from_input(ctx.input, ctx.fuzz_state.get_execution_result()),
).push_to_output();
vec![STATE_COMP_BUG_IDX]
Expand Down
5 changes: 3 additions & 2 deletions src/evm/oracles/typed_bug.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,14 +80,15 @@ impl Oracle<EVMState, EVMAddress, Bytecode, Bytes, EVMAddress, EVMU256, Vec<u8>,
*pc
);
EVMBugResult::new(
"typed_bug".to_string(),
real_bug_idx,
format!(
"[typed_bug] {:?} hit at contract ({})",
"{:?} violated",
bug_id,
name
),
ConciseEVMInput::from_input(ctx.input, ctx.fuzz_state.get_execution_result()),
srcmap,
Some(name.clone())
).push_to_output();
real_bug_idx
}).collect_vec()
Expand Down
3 changes: 2 additions & 1 deletion src/evm/oracles/v2_pair.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,9 +79,10 @@ impl Oracle<EVMState, EVMAddress, Bytecode, Bytes, EVMAddress, EVMU256, Vec<u8>,
let bug_idx = hash << 8 + V2_PAIR_BUG_IDX;

EVMBugResult::new_simple(
"imbalanced_pair".to_string(),
bug_idx,
format!(
"Imbalanced Pair: {:?}, Reserves: {:?} => {:?}\n",
"{:?}, Reserves changed from {:?} to {:?}\n",
addr,
(r0, r1),
(pre_r0, pre_r1)
Expand Down

0 comments on commit e05683b

Please sign in to comment.