From 635d1207e53ed29fe31899ebbfb1d915711c442b Mon Sep 17 00:00:00 2001 From: TilakMaddy Date: Sun, 18 Aug 2024 21:08:30 +0530 Subject: [PATCH] cli/reportgen --- reports/report.json | 368 +++++++-------------------------- reports/report.md | 182 ++++------------- reports/report.sarif | 472 ++++--------------------------------------- 3 files changed, 157 insertions(+), 865 deletions(-) diff --git a/reports/report.json b/reports/report.json index 9e19888f..b826fbb2 100644 --- a/reports/report.json +++ b/reports/report.json @@ -1,7 +1,7 @@ { "files_summary": { "total_source_units": 87, - "total_sloc": 2978 + "total_sloc": 2952 }, "files_details": { "files_details": [ @@ -239,7 +239,7 @@ }, { "file_path": "src/UninitializedLocalVariables.sol", - "n_sloc": 88 + "n_sloc": 62 }, { "file_path": "src/UninitializedStateVariable.sol", @@ -396,30 +396,6 @@ "line_no": 26, "src": "887:16", "src_char": "887:16" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 45, - "src": "1994:16", - "src_char": "1994:16" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 53, - "src": "2692:16", - "src_char": "2692:16" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 102, - "src": "4694:16", - "src_char": "4694:16" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 110, - "src": "5230:16", - "src_char": "5230:16" } ] }, @@ -1439,9 +1415,9 @@ }, { "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 6, - "src": "95:12", - "src_char": "95:12" + "line_no": 5, + "src": "94:12", + "src_char": "94:12" }, { "contract_path": "src/UninitializedStateVariable.sol", @@ -1639,18 +1615,6 @@ "line_no": 75, "src": "1691:18", "src_char": "1691:18" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 98, - "src": "4375:20", - "src_char": "4375:20" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 106, - "src": "4853:27", - "src_char": "4853:27" } ] }, @@ -2932,15 +2896,21 @@ }, { "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 8, - "src": "124:16", - "src_char": "124:16" + "line_no": 7, + "src": "122:19", + "src_char": "122:19" }, { "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 61, - "src": "3093:17", - "src_char": "3093:17" + "line_no": 23, + "src": "728:20", + "src_char": "728:20" + }, + { + "contract_path": "src/UninitializedLocalVariables.sol", + "line_no": 41, + "src": "1528:17", + "src_char": "1528:17" }, { "contract_path": "src/UninitializedStateVariable.sol", @@ -3317,45 +3287,27 @@ }, { "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 33, - "src": "1204:42", - "src_char": "1204:42" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 85, - "src": "3846:42", - "src_char": "3846:42" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 89, - "src": "4027:2", - "src_char": "4027:2" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 91, - "src": "4101:42", - "src_char": "4101:42" + "line_no": 34, + "src": "1265:42", + "src_char": "1265:42" }, { "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 92, - "src": "4175:2", - "src_char": "4175:2" + "line_no": 63, + "src": "2279:42", + "src_char": "2279:42" }, { "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 99, - "src": "4444:42", - "src_char": "4444:42" + "line_no": 67, + "src": "2460:2", + "src_char": "2460:2" }, { "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 107, - "src": "4942:42", - "src_char": "4942:42" + "line_no": 70, + "src": "2608:2", + "src_char": "2608:2" }, { "contract_path": "src/WeakRandomness.sol", @@ -4504,63 +4456,39 @@ }, { "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 10, - "src": "211:17", - "src_char": "211:17" + "line_no": 9, + "src": "212:17", + "src_char": "212:17" }, { "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 16, - "src": "434:22", - "src_char": "434:22" + "line_no": 15, + "src": "435:22", + "src_char": "435:22" }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 25, - "src": "770:15", - "src_char": "770:15" + "src": "818:15", + "src_char": "818:15" }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 31, - "src": "1062:20", - "src_char": "1062:20" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 40, - "src": "1538:3", - "src_char": "1538:3" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 48, - "src": "2110:8", - "src_char": "2110:8" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 63, - "src": "3205:11", - "src_char": "3205:11" + "src": "1110:20", + "src_char": "1110:20" }, { "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 69, - "src": "3392:16", - "src_char": "3392:16" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 97, - "src": "4325:3", - "src_char": "4325:3" + "line_no": 43, + "src": "1640:11", + "src_char": "1640:11" }, { "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 105, - "src": "4785:8", - "src_char": "4785:8" + "line_no": 49, + "src": "1827:16", + "src_char": "1827:16" }, { "contract_path": "src/eth2/DepositContract.sol", @@ -4739,150 +4667,6 @@ "line_no": 14, "src": "377:4", "src_char": "377:4" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 56, - "src": "2871:3", - "src_char": "2871:3" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 56, - "src": "2876:11", - "src_char": "2876:11" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 56, - "src": "2889:10", - "src_char": "2889:10" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 56, - "src": "2901:10", - "src_char": "2901:10" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 56, - "src": "2913:15", - "src_char": "2913:15" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 56, - "src": "2930:14", - "src_char": "2930:14" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 57, - "src": "2958:8", - "src_char": "2958:8" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 57, - "src": "2968:16", - "src_char": "2968:16" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 57, - "src": "2986:15", - "src_char": "2986:15" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 57, - "src": "3003:15", - "src_char": "3003:15" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 57, - "src": "3020:20", - "src_char": "3020:20" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 57, - "src": "3042:19", - "src_char": "3042:19" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 113, - "src": "5369:3", - "src_char": "5369:3" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 113, - "src": "5374:11", - "src_char": "5374:11" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 113, - "src": "5387:10", - "src_char": "5387:10" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 113, - "src": "5399:10", - "src_char": "5399:10" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 113, - "src": "5411:15", - "src_char": "5411:15" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 113, - "src": "5428:14", - "src_char": "5428:14" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 114, - "src": "5452:8", - "src_char": "5452:8" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 114, - "src": "5462:16", - "src_char": "5462:16" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 114, - "src": "5480:15", - "src_char": "5480:15" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 114, - "src": "5497:15", - "src_char": "5497:15" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 114, - "src": "5514:20", - "src_char": "5514:20" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 114, - "src": "5536:19", - "src_char": "5536:19" } ] }, @@ -4984,9 +4768,9 @@ }, { "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 6, - "src": "95:12", - "src_char": "95:12" + "line_no": 5, + "src": "94:12", + "src_char": "94:12" }, { "contract_path": "src/UninitializedStateVariable.sol", @@ -5159,77 +4943,77 @@ "src": "184:11", "src_char": "184:11" }, + { + "contract_path": "src/UninitializedLocalVariables.sol", + "line_no": 9, + "src": "212:17", + "src_char": "212:17" + }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 10, - "src": "211:17", - "src_char": "211:17" + "src": "244:17", + "src_char": "244:17" }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 11, - "src": "243:17", - "src_char": "243:17" + "src": "279:20", + "src_char": "279:20" }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 12, - "src": "278:20", - "src_char": "278:20" + "src": "313:16", + "src_char": "313:16" }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 13, - "src": "312:16", - "src_char": "312:16" + "src": "347:20", + "src_char": "347:20" }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 14, - "src": "346:20", - "src_char": "346:20" + "src": "391:19", + "src_char": "391:19" }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 15, - "src": "390:19", - "src_char": "390:19" + "src": "435:22", + "src_char": "435:22" }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 16, - "src": "434:22", - "src_char": "434:22" + "src": "482:22", + "src_char": "482:22" }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 17, - "src": "481:22", - "src_char": "481:22" + "src": "532:25", + "src_char": "532:25" }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 18, - "src": "531:25", - "src_char": "531:25" + "src": "581:21", + "src_char": "581:21" }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 19, - "src": "580:21", - "src_char": "580:21" + "src": "630:25", + "src_char": "630:25" }, { "contract_path": "src/UninitializedLocalVariables.sol", "line_no": 20, - "src": "629:25", - "src_char": "629:25" - }, - { - "contract_path": "src/UninitializedLocalVariables.sol", - "line_no": 21, - "src": "681:24", - "src_char": "681:24" + "src": "682:24", + "src_char": "682:24" } ] }, diff --git a/reports/report.md b/reports/report.md index 68241280..745e32d4 100644 --- a/reports/report.md +++ b/reports/report.md @@ -89,7 +89,7 @@ This report was generated by [Aderyn](https://github.com/Cyfrin/aderyn), a stati | Key | Value | | --- | --- | | .sol Files | 87 | -| Total nSLOC | 2978 | +| Total nSLOC | 2952 | ## Files Details @@ -154,7 +154,7 @@ This report was generated by [Aderyn](https://github.com/Cyfrin/aderyn), a stati | src/TxOriginUsedForAuth.sol | 42 | | src/UncheckedReturn.sol | 33 | | src/UncheckedSend.sol | 18 | -| src/UninitializedLocalVariables.sol | 88 | +| src/UninitializedLocalVariables.sol | 62 | | src/UninitializedStateVariable.sol | 29 | | src/UnprotectedInitialize.sol | 25 | | src/UnsafeERC721Mint.sol | 18 | @@ -183,7 +183,7 @@ This report was generated by [Aderyn](https://github.com/Cyfrin/aderyn), a stati | src/reused_contract_name/ContractB.sol | 7 | | src/uniswap/UniswapV2Swapper.sol | 50 | | src/uniswap/UniswapV3Swapper.sol | 150 | -| **Total** | **2978** | +| **Total** | **2952** | ## Issue Summary @@ -218,7 +218,7 @@ When calling `delegatecall` the same `msg.value` amount will be accredited multi Use `abi.encode()` instead which will pad items to 32 bytes, which will [prevent hash collisions](https://docs.soliditylang.org/en/v0.8.13/abi-spec.html#non-standard-packed-mode) (e.g. `abi.encodePacked(0x123,0x456)` => `0x123456` => `abi.encodePacked(0x1,0x23456)`, but `abi.encode(0x123,0x456)` => `0x0...1230...456`). Unless there is a compelling reason, `abi.encode` should be preferred. If there is only one argument to `abi.encodePacked()` it can often be cast to `bytes()` or `bytes32()` [instead](https://ethereum.stackexchange.com/questions/30912/how-to-compare-strings-in-solidity#answer-82739). If all arguments are strings and or bytes, `bytes.concat()` should be used instead. -
7 Found Instances +
3 Found Instances - Found in src/KeccakContract.sol [Line: 18](../tests/contract-playground/src/KeccakContract.sol#L18) @@ -239,30 +239,6 @@ If all arguments are strings and or bytes, `bytes.concat()` should be used inste return keccak256(abi.encodePacked(a, b)); ``` -- Found in src/UninitializedLocalVariables.sol [Line: 45](../tests/contract-playground/src/UninitializedLocalVariables.sol#L45) - - ```solidity - string memory combinedString = string(abi.encodePacked(initializedString, uninitializedString)); - ``` - -- Found in src/UninitializedLocalVariables.sol [Line: 53](../tests/contract-playground/src/UninitializedLocalVariables.sol#L53) - - ```solidity - string memory arrayCombinedString = string(abi.encodePacked(initializedStringArray[0], uninitializedStringArray[0])); - ``` - -- Found in src/UninitializedLocalVariables.sol [Line: 102](../tests/contract-playground/src/UninitializedLocalVariables.sol#L102) - - ```solidity - string memory combinedString = string(abi.encodePacked(delayedString, " now")); - ``` - -- Found in src/UninitializedLocalVariables.sol [Line: 110](../tests/contract-playground/src/UninitializedLocalVariables.sol#L110) - - ```solidity - string memory arrayCombinedString = string(abi.encodePacked(delayedStringArray[0], " elements")); - ``` -
@@ -1336,10 +1312,10 @@ Solidity does initialize variables by default when you declare them, however it' uint256 y; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 6](../tests/contract-playground/src/UninitializedLocalVariables.sol#L6) +- Found in src/UninitializedLocalVariables.sol [Line: 5](../tests/contract-playground/src/UninitializedLocalVariables.sol#L5) ```solidity - uint256 stateVarUint; + uint256 stateVarUint; ``` - Found in src/UninitializedStateVariable.sol [Line: 7](../tests/contract-playground/src/UninitializedStateVariable.sol#L7) @@ -1496,7 +1472,7 @@ The transaction `address(payable?).send(address)` may fail because of reasons li The patterns `if (… || true)` and `if (.. && false)` will always evaluate to true and false respectively. -
12 Found Instances +
10 Found Instances - Found in src/MisusedBoolean.sol [Line: 12](../tests/contract-playground/src/MisusedBoolean.sol#L12) @@ -1559,18 +1535,6 @@ The patterns `if (… || true)` and `if (.. && false)` will always evaluate to t if (isEven(num) && !NO) { ``` -- Found in src/UninitializedLocalVariables.sol [Line: 98](../tests/contract-playground/src/UninitializedLocalVariables.sol#L98) - - ```solidity - bool conjunction = delayedBool && false; - ``` - -- Found in src/UninitializedLocalVariables.sol [Line: 106](../tests/contract-playground/src/UninitializedLocalVariables.sol#L106) - - ```solidity - bool arrayConjunction = delayedBoolArray[0] && true; - ``` -
@@ -2791,7 +2755,7 @@ Check for `address(0)` when assigning values to address state variables. Instead of marking a function as `public`, consider marking it as `external` if it is not used internally. -
43 Found Instances +
44 Found Instances - Found in src/ArbitraryTransferFrom.sol [Line: 28](../tests/contract-playground/src/ArbitraryTransferFrom.sol#L28) @@ -2956,13 +2920,19 @@ Instead of marking a function as `public`, consider marking it as `external` if function setNonEmptyAlteredNumbers( ``` -- Found in src/UninitializedLocalVariables.sol [Line: 8](../tests/contract-playground/src/UninitializedLocalVariables.sol#L8) +- Found in src/UninitializedLocalVariables.sol [Line: 7](../tests/contract-playground/src/UninitializedLocalVariables.sol#L7) ```solidity - function testAllDataTypes() public pure { + function testAllDataTypesBAD() public pure { ``` -- Found in src/UninitializedLocalVariables.sol [Line: 61](../tests/contract-playground/src/UninitializedLocalVariables.sol#L61) +- Found in src/UninitializedLocalVariables.sol [Line: 23](../tests/contract-playground/src/UninitializedLocalVariables.sol#L23) + + ```solidity + function testAllDataTypesGOOD() public pure { + ``` + +- Found in src/UninitializedLocalVariables.sol [Line: 41](../tests/contract-playground/src/UninitializedLocalVariables.sol#L41) ```solidity function testAllDataTypes2() public pure { @@ -3060,7 +3030,7 @@ Instead of marking a function as `public`, consider marking it as `external` if If the same constant literal value is used multiple times, create a constant state variable and reference it throughout the contract. -
59 Found Instances +
56 Found Instances - Found in src/BooleanEquality.sol [Line: 6](../tests/contract-playground/src/BooleanEquality.sol#L6) @@ -3327,48 +3297,30 @@ If the same constant literal value is used multiple times, create a constant sta if (UncheckedHelperExternal(address(0x12345)).two() != 2) { ``` -- Found in src/UninitializedLocalVariables.sol [Line: 33](../tests/contract-playground/src/UninitializedLocalVariables.sol#L33) +- Found in src/UninitializedLocalVariables.sol [Line: 34](../tests/contract-playground/src/UninitializedLocalVariables.sol#L34) ```solidity - address[1] memory initializedAddressArray = [0x0000000000000000000000000000000000000001]; + 0x0000000000000000000000000000000000000001 ``` -- Found in src/UninitializedLocalVariables.sol [Line: 85](../tests/contract-playground/src/UninitializedLocalVariables.sol#L85) +- Found in src/UninitializedLocalVariables.sol [Line: 63](../tests/contract-playground/src/UninitializedLocalVariables.sol#L63) ```solidity delayedAddress = 0x0000000000000000000000000000000000000001; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 89](../tests/contract-playground/src/UninitializedLocalVariables.sol#L89) +- Found in src/UninitializedLocalVariables.sol [Line: 67](../tests/contract-playground/src/UninitializedLocalVariables.sol#L67) ```solidity delayedUintArray[0] = 21; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 91](../tests/contract-playground/src/UninitializedLocalVariables.sol#L91) - - ```solidity - delayedAddressArray[0] = 0x0000000000000000000000000000000000000002; - ``` - -- Found in src/UninitializedLocalVariables.sol [Line: 92](../tests/contract-playground/src/UninitializedLocalVariables.sol#L92) +- Found in src/UninitializedLocalVariables.sol [Line: 70](../tests/contract-playground/src/UninitializedLocalVariables.sol#L70) ```solidity delayedIntArray[0] = -21; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 99](../tests/contract-playground/src/UninitializedLocalVariables.sol#L99) - - ```solidity - address comparison = delayedAddress == 0x0000000000000000000000000000000000000001 ? delayedAddress : address(0); - ``` - -- Found in src/UninitializedLocalVariables.sol [Line: 107](../tests/contract-playground/src/UninitializedLocalVariables.sol#L107) - - ```solidity - address arrayComparison = delayedAddressArray[0] == 0x0000000000000000000000000000000000000002 ? delayedAddressArray[0] : address(0); - ``` - - Found in src/WeakRandomness.sol [Line: 25](../tests/contract-playground/src/WeakRandomness.sol#L25) ```solidity @@ -4483,7 +4435,7 @@ Contract contains comments with TODOS Consider keeping the naming convention consistent in a given contract. Explicit size declarations are preferred (uint256, int256) over implicit ones (uint, int) to avoid confusion. -
31 Found Instances +
27 Found Instances - Found in src/Casting.sol [Line: 31](../tests/contract-playground/src/Casting.sol#L31) @@ -4552,13 +4504,13 @@ Consider keeping the naming convention consistent in a given contract. Explicit uint x; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 10](../tests/contract-playground/src/UninitializedLocalVariables.sol#L10) +- Found in src/UninitializedLocalVariables.sol [Line: 9](../tests/contract-playground/src/UninitializedLocalVariables.sol#L9) ```solidity uint uninitializedUint; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 16](../tests/contract-playground/src/UninitializedLocalVariables.sol#L16) +- Found in src/UninitializedLocalVariables.sol [Line: 15](../tests/contract-playground/src/UninitializedLocalVariables.sol#L15) ```solidity uint[1] memory uninitializedUintArray; @@ -4576,42 +4528,18 @@ Consider keeping the naming convention consistent in a given contract. Explicit uint[1] memory initializedUintArray = [uint(2)]; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 40](../tests/contract-playground/src/UninitializedLocalVariables.sol#L40) - - ```solidity - uint sum = initializedUint + uninitializedUint; - ``` - -- Found in src/UninitializedLocalVariables.sol [Line: 48](../tests/contract-playground/src/UninitializedLocalVariables.sol#L48) - - ```solidity - uint arraySum = initializedUintArray[0] + uninitializedUintArray[0]; - ``` - -- Found in src/UninitializedLocalVariables.sol [Line: 63](../tests/contract-playground/src/UninitializedLocalVariables.sol#L63) +- Found in src/UninitializedLocalVariables.sol [Line: 43](../tests/contract-playground/src/UninitializedLocalVariables.sol#L43) ```solidity uint delayedUint; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 69](../tests/contract-playground/src/UninitializedLocalVariables.sol#L69) +- Found in src/UninitializedLocalVariables.sol [Line: 49](../tests/contract-playground/src/UninitializedLocalVariables.sol#L49) ```solidity uint[1] memory delayedUintArray; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 97](../tests/contract-playground/src/UninitializedLocalVariables.sol#L97) - - ```solidity - uint sum = delayedUint + 1; - ``` - -- Found in src/UninitializedLocalVariables.sol [Line: 105](../tests/contract-playground/src/UninitializedLocalVariables.sol#L105) - - ```solidity - uint arraySum = delayedUintArray[0] + 1; - ``` - - Found in src/eth2/DepositContract.sol [Line: 59](../tests/contract-playground/src/eth2/DepositContract.sol#L59) ```solidity @@ -4767,7 +4695,7 @@ Division operations followed directly by multiplication operations can lead to p Remove the redundant statements because no code will be generated and it just congests the codebase. -
30 Found Instances +
6 Found Instances - Found in src/RedundantStatements.sol [Line: 6](../tests/contract-playground/src/RedundantStatements.sol#L6) @@ -4806,30 +4734,6 @@ Remove the redundant statements because no code will be generated and it just co test; // Identifier ``` -- Found in src/UninitializedLocalVariables.sol [Line: 56](../tests/contract-playground/src/UninitializedLocalVariables.sol#L56) - - ```solidity - sum; conjunction; comparison; difference; combinedBytes32; combinedString; - ``` - -- Found in src/UninitializedLocalVariables.sol [Line: 57](../tests/contract-playground/src/UninitializedLocalVariables.sol#L57) - - ```solidity - arraySum; arrayConjunction; arrayComparison; arrayDifference; arrayCombinedBytes32; arrayCombinedString; - ``` - -- Found in src/UninitializedLocalVariables.sol [Line: 113](../tests/contract-playground/src/UninitializedLocalVariables.sol#L113) - - ```solidity - sum; conjunction; comparison; difference; combinedBytes32; combinedString; - ``` - -- Found in src/UninitializedLocalVariables.sol [Line: 114](../tests/contract-playground/src/UninitializedLocalVariables.sol#L114) - - ```solidity - arraySum; arrayConjunction; arrayComparison; arrayDifference; arrayCombinedBytes32; arrayCombinedString; - ``` -
@@ -4936,10 +4840,10 @@ State variable appears to be unused. No analysis has been performed to see if an uint256 y; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 6](../tests/contract-playground/src/UninitializedLocalVariables.sol#L6) +- Found in src/UninitializedLocalVariables.sol [Line: 5](../tests/contract-playground/src/UninitializedLocalVariables.sol#L5) ```solidity - uint256 stateVarUint; + uint256 stateVarUint; ``` - Found in src/UninitializedStateVariable.sol [Line: 13](../tests/contract-playground/src/UninitializedStateVariable.sol#L13) @@ -5125,73 +5029,73 @@ Initialize all the variables. If a variable is meant to be initialized to zero, uint[1] memory memoryArray; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 10](../tests/contract-playground/src/UninitializedLocalVariables.sol#L10) +- Found in src/UninitializedLocalVariables.sol [Line: 9](../tests/contract-playground/src/UninitializedLocalVariables.sol#L9) ```solidity uint uninitializedUint; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 11](../tests/contract-playground/src/UninitializedLocalVariables.sol#L11) +- Found in src/UninitializedLocalVariables.sol [Line: 10](../tests/contract-playground/src/UninitializedLocalVariables.sol#L10) ```solidity bool uninitializedBool; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 12](../tests/contract-playground/src/UninitializedLocalVariables.sol#L12) +- Found in src/UninitializedLocalVariables.sol [Line: 11](../tests/contract-playground/src/UninitializedLocalVariables.sol#L11) ```solidity address uninitializedAddress; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 13](../tests/contract-playground/src/UninitializedLocalVariables.sol#L13) +- Found in src/UninitializedLocalVariables.sol [Line: 12](../tests/contract-playground/src/UninitializedLocalVariables.sol#L12) ```solidity int uninitializedInt; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 14](../tests/contract-playground/src/UninitializedLocalVariables.sol#L14) +- Found in src/UninitializedLocalVariables.sol [Line: 13](../tests/contract-playground/src/UninitializedLocalVariables.sol#L13) ```solidity bytes32 uninitializedBytes32; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 15](../tests/contract-playground/src/UninitializedLocalVariables.sol#L15) +- Found in src/UninitializedLocalVariables.sol [Line: 14](../tests/contract-playground/src/UninitializedLocalVariables.sol#L14) ```solidity string memory uninitializedString; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 16](../tests/contract-playground/src/UninitializedLocalVariables.sol#L16) +- Found in src/UninitializedLocalVariables.sol [Line: 15](../tests/contract-playground/src/UninitializedLocalVariables.sol#L15) ```solidity uint[1] memory uninitializedUintArray; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 17](../tests/contract-playground/src/UninitializedLocalVariables.sol#L17) +- Found in src/UninitializedLocalVariables.sol [Line: 16](../tests/contract-playground/src/UninitializedLocalVariables.sol#L16) ```solidity bool[1] memory uninitializedBoolArray; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 18](../tests/contract-playground/src/UninitializedLocalVariables.sol#L18) +- Found in src/UninitializedLocalVariables.sol [Line: 17](../tests/contract-playground/src/UninitializedLocalVariables.sol#L17) ```solidity address[1] memory uninitializedAddressArray; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 19](../tests/contract-playground/src/UninitializedLocalVariables.sol#L19) +- Found in src/UninitializedLocalVariables.sol [Line: 18](../tests/contract-playground/src/UninitializedLocalVariables.sol#L18) ```solidity int[1] memory uninitializedIntArray; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 20](../tests/contract-playground/src/UninitializedLocalVariables.sol#L20) +- Found in src/UninitializedLocalVariables.sol [Line: 19](../tests/contract-playground/src/UninitializedLocalVariables.sol#L19) ```solidity bytes32[1] memory uninitializedBytes32Array; ``` -- Found in src/UninitializedLocalVariables.sol [Line: 21](../tests/contract-playground/src/UninitializedLocalVariables.sol#L21) +- Found in src/UninitializedLocalVariables.sol [Line: 20](../tests/contract-playground/src/UninitializedLocalVariables.sol#L20) ```solidity string[1] memory uninitializedStringArray; diff --git a/reports/report.sarif b/reports/report.sarif index f3fa4a85..52b4c60f 100644 --- a/reports/report.sarif +++ b/reports/report.sarif @@ -59,50 +59,6 @@ "byteOffset": 887 } } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 16, - "byteOffset": 1994 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 16, - "byteOffset": 2692 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 16, - "byteOffset": 4694 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 16, - "byteOffset": 5230 - } - } } ], "message": { @@ -1920,7 +1876,7 @@ }, "region": { "byteLength": 12, - "byteOffset": 95 + "byteOffset": 94 } } }, @@ -2265,28 +2221,6 @@ "byteOffset": 1691 } } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 20, - "byteOffset": 4375 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 27, - "byteOffset": 4853 - } - } } ], "message": { @@ -4530,8 +4464,19 @@ "uri": "src/UninitializedLocalVariables.sol" }, "region": { - "byteLength": 16, - "byteOffset": 124 + "byteLength": 19, + "byteOffset": 122 + } + } + }, + { + "physicalLocation": { + "artifactLocation": { + "uri": "src/UninitializedLocalVariables.sol" + }, + "region": { + "byteLength": 20, + "byteOffset": 728 } } }, @@ -4542,7 +4487,7 @@ }, "region": { "byteLength": 17, - "byteOffset": 3093 + "byteOffset": 1528 } } }, @@ -5233,7 +5178,7 @@ }, "region": { "byteLength": 42, - "byteOffset": 1204 + "byteOffset": 1265 } } }, @@ -5244,7 +5189,7 @@ }, "region": { "byteLength": 42, - "byteOffset": 3846 + "byteOffset": 2279 } } }, @@ -5255,18 +5200,7 @@ }, "region": { "byteLength": 2, - "byteOffset": 4027 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 42, - "byteOffset": 4101 + "byteOffset": 2460 } } }, @@ -5277,29 +5211,7 @@ }, "region": { "byteLength": 2, - "byteOffset": 4175 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 42, - "byteOffset": 4444 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 42, - "byteOffset": 4942 + "byteOffset": 2608 } } }, @@ -7367,7 +7279,7 @@ }, "region": { "byteLength": 17, - "byteOffset": 211 + "byteOffset": 212 } } }, @@ -7378,7 +7290,7 @@ }, "region": { "byteLength": 22, - "byteOffset": 434 + "byteOffset": 435 } } }, @@ -7389,7 +7301,7 @@ }, "region": { "byteLength": 15, - "byteOffset": 770 + "byteOffset": 818 } } }, @@ -7400,29 +7312,7 @@ }, "region": { "byteLength": 20, - "byteOffset": 1062 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 3, - "byteOffset": 1538 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 8, - "byteOffset": 2110 + "byteOffset": 1110 } } }, @@ -7433,7 +7323,7 @@ }, "region": { "byteLength": 11, - "byteOffset": 3205 + "byteOffset": 1640 } } }, @@ -7444,29 +7334,7 @@ }, "region": { "byteLength": 16, - "byteOffset": 3392 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 3, - "byteOffset": 4325 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 8, - "byteOffset": 4785 + "byteOffset": 1827 } } }, @@ -7780,270 +7648,6 @@ "byteOffset": 377 } } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 3, - "byteOffset": 2871 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 11, - "byteOffset": 2876 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 10, - "byteOffset": 2889 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 10, - "byteOffset": 2901 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 15, - "byteOffset": 2913 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 14, - "byteOffset": 2930 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 8, - "byteOffset": 2958 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 16, - "byteOffset": 2968 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 15, - "byteOffset": 2986 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 15, - "byteOffset": 3003 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 20, - "byteOffset": 3020 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 19, - "byteOffset": 3042 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 3, - "byteOffset": 5369 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 11, - "byteOffset": 5374 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 10, - "byteOffset": 5387 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 10, - "byteOffset": 5399 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 15, - "byteOffset": 5411 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 14, - "byteOffset": 5428 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 8, - "byteOffset": 5452 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 16, - "byteOffset": 5462 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 15, - "byteOffset": 5480 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 15, - "byteOffset": 5497 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 20, - "byteOffset": 5514 - } - } - }, - { - "physicalLocation": { - "artifactLocation": { - "uri": "src/UninitializedLocalVariables.sol" - }, - "region": { - "byteLength": 19, - "byteOffset": 5536 - } - } } ], "message": { @@ -8224,7 +7828,7 @@ }, "region": { "byteLength": 12, - "byteOffset": 95 + "byteOffset": 94 } } }, @@ -8537,7 +8141,7 @@ }, "region": { "byteLength": 17, - "byteOffset": 211 + "byteOffset": 212 } } }, @@ -8548,7 +8152,7 @@ }, "region": { "byteLength": 17, - "byteOffset": 243 + "byteOffset": 244 } } }, @@ -8559,7 +8163,7 @@ }, "region": { "byteLength": 20, - "byteOffset": 278 + "byteOffset": 279 } } }, @@ -8570,7 +8174,7 @@ }, "region": { "byteLength": 16, - "byteOffset": 312 + "byteOffset": 313 } } }, @@ -8581,7 +8185,7 @@ }, "region": { "byteLength": 20, - "byteOffset": 346 + "byteOffset": 347 } } }, @@ -8592,7 +8196,7 @@ }, "region": { "byteLength": 19, - "byteOffset": 390 + "byteOffset": 391 } } }, @@ -8603,7 +8207,7 @@ }, "region": { "byteLength": 22, - "byteOffset": 434 + "byteOffset": 435 } } }, @@ -8614,7 +8218,7 @@ }, "region": { "byteLength": 22, - "byteOffset": 481 + "byteOffset": 482 } } }, @@ -8625,7 +8229,7 @@ }, "region": { "byteLength": 25, - "byteOffset": 531 + "byteOffset": 532 } } }, @@ -8636,7 +8240,7 @@ }, "region": { "byteLength": 21, - "byteOffset": 580 + "byteOffset": 581 } } }, @@ -8647,7 +8251,7 @@ }, "region": { "byteLength": 25, - "byteOffset": 629 + "byteOffset": 630 } } }, @@ -8658,7 +8262,7 @@ }, "region": { "byteLength": 24, - "byteOffset": 681 + "byteOffset": 682 } } }