Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Missing quotes in case mapping key passed as a string #2538

Open
WaizKhan7 opened this issue Aug 21, 2024 · 2 comments
Open

[Bug]: Missing quotes in case mapping key passed as a string #2538

WaizKhan7 opened this issue Aug 21, 2024 · 2 comments
Labels
bug Something isn't working

Comments

@WaizKhan7
Copy link

Describe the issue:

We are using Slither Python API to analyze the expression of each node of function in a contract within Slither object.
The issue I need help with is that Slither expression does not differentiate between the following cases (in Solidity):
mapping(string => uint256) stringGeneBuckets;

//case # 1
stringGeneBuckets["myvariable"] = _geneId;

//case # 2
myvariable = "someStringValue"
stringGeneBuckets[myvariable] = _geneId;

For both cases mentioned above, the node.expression returned is stringGeneBuckets[myvariable] = _geneId, in the first case shouldn't it be stringGeneBuckets["myvariable"] = _geneId?

Code example to reproduce the issue:

pragma solidity ^0.8.0;

contract GeneMapping {

// Mapping from a string to a uint256 value
mapping(string => uint256) public stringGeneBuckets;


function setGeneId(string memory _myvariable, uint256 _geneId) public {
    stringGeneBuckets["myvariable"] = _geneId;
    stringGeneBuckets[_myvariable] = _geneId;
}

// Function to retrieve a value from the mapping for a given key
function getGeneId(string memory key) public view returns (uint256) {
    return stringGeneBuckets[key];
}

}

Version:

0.9.6

Relevant log output:

No response
@WaizKhan7 WaizKhan7 added the bug-candidate Bugs reports that are not yet confirmed label Aug 21, 2024
@0xalpharush
Copy link
Member

0xalpharush commented Aug 26, 2024
edited
Loading

Seems like a quote isn't being escaped. What are you trying to accomplish? There's probably a better way to do it than comparing the expression (which just casts the AST expression with str) e.g. you can tell a literal from an assignment in the Slither API. The source mapping API also will give you the source as it appears in the file

slither/slither/core/source_mapping/source_mapping.py

Lines 72 to 82 in aeeb2d3

def content(self) -> str:
"""
Return the txt content of the Source
Returns:
"""
# If the compilation unit was not initialized, it means that the set_offset was never called
# on the corresponding object, which should not happen
assert self.compilation_unit
return self.compilation_unit.core.source_code[self.filename.absolute][self.start : self.end]

@0xalpharush 0xalpharush added bug Something isn't working and removed bug-candidate Bugs reports that are not yet confirmed labels Aug 26, 2024
@0xalpharush 0xalpharush changed the title [Bug-Candidate]: Missing quotes in case mapping key passed as a string [Bug]: Missing quotes in case mapping key passed as a string Aug 26, 2024
@WaizKhan7
Copy link
Author

WaizKhan7 commented Aug 27, 2024
edited
Loading

You are right. In these specific cases, it is possible to use variables_read to differentiate.
But it gets tricky if the code is something like:

    mapping(string => uint256[]) public stringGeneBuckets;
    
    function setGeneId(string memory myvariable, uint256 _geneId) public {
        stringGeneBuckets["myvariable"].push(_geneId);
        stringGeneBuckets[myvariable].push(_geneId);
    }

In this case, the expression is treated as a function_call, and I can't find a way to differentiate b/w them.

@github-actions github-actions bot mentioned this issue Sep 1, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@WaizKhan7 @0xalpharush