diff --git a/go/eth-rpc-tracetransaction.yaml b/go/eth-rpc-tracetransaction.yaml index c594ad6..2bda9d5 100644 --- a/go/eth-rpc-tracetransaction.yaml +++ b/go/eth-rpc-tracetransaction.yaml @@ -15,7 +15,7 @@ rules: confidence: LOW impact: HIGH likelihood: MEDIUM - description: Detects attempts to extract trace information from an EVM transaction or block + description: Detects attempts to extract trace information from an EVM transaction or block. In exchange or bridge applications, extra logic must be implemented encapsulating these endpoints to prevent the values transferred during reverted call frames from being counted. references: - https://blog.trailofbits.com/2023/08/23/the-engineers-guide-to-blockchain-finality/ diff --git a/go/eth-txreceipt-status-negative.go b/go/eth-txreceipt-status-negative.go deleted file mode 100644 index d8d892c..0000000 --- a/go/eth-txreceipt-status-negative.go +++ /dev/null @@ -1,7 +0,0 @@ -package main - - -func Test() { - // ok: eth-txreceipt-status - a := debug.Status -} diff --git a/go/eth-txreceipt-status.go b/go/eth-txreceipt-status.go index 108cec2..af39fd2 100644 --- a/go/eth-txreceipt-status.go +++ b/go/eth-txreceipt-status.go @@ -1,16 +1,18 @@ package main -import ( - "github.com/ethereum/go-ethereum/common" - "github.com/ethereum/go-ethereum/common/hexutil" - "github.com/ethereum/go-ethereum/crypto" - "github.com/ethereum/go-ethereum/core/types" - "github.com/ethereum/go-ethereum/rlp" -) +import "github.com/ethereum/go-ethereum/core/types" +type Thing struct { + Id Int + Status bool +} func Test() { var debug Receipt // ruleid: eth-txreceipt-status a := debug.Status + + var debug2 Thing + // ok: eth-txreceipt-status + b := debug2.Status } diff --git a/go/eth-txreceipt-status.yaml b/go/eth-txreceipt-status.yaml index 2dc8933..0c6487a 100644 --- a/go/eth-txreceipt-status.yaml +++ b/go/eth-txreceipt-status.yaml @@ -23,4 +23,4 @@ rules: import "github.com/ethereum/go-ethereum/core/types" ... - pattern: | - $RECEIVER.Status + ($RECEIVER : Receipt).Status