Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restrict the pre-declaration usage of local variables detector (variable-scope) to Solidity 0.4 #1424

Closed
CodeSandwich opened this issue Oct 14, 2022 · 3 comments
Closed

Restrict the pre-declaration usage of local variables detector (variable-scope) to Solidity 0.4 #1424

CodeSandwich opened this issue Oct 14, 2022 · 3 comments
Labels
enhancement New feature or request good first issue Good for newcomers

Comments

@CodeSandwich
Copy link
Contributor

Describe the desired feature

The pre-declaration usage of local variables detector checks a property which is impossible to violate since Solidity 0.5, see the last point of the 0.5 changelog. The exploit scenario example doesn't even compile with Solidity >=0.5. Any variable-scopes found when using Solidity >=0.5 are obviously false positives and unfortunately the detector does that quite often. All it takes is a function with the same variable name used twice in two separate scopes, e.g.

function foo() public {
    {
        uint a = 0;
    }
    {
        uint a = 1;
    }
}

It'd be great if this detector was disabled altogether when analyzing codebases using Solidity >=0.5.
@CodeSandwich CodeSandwich added the enhancement New feature or request label Oct 14, 2022
@0xalpharush 0xalpharush added the good first issue Good for newcomers label Oct 18, 2022
@montyly
Copy link
Member

montyly commented Oct 26, 2022

Hi @CodeSandwich , that's a good point. We have to update the detector

@montyly montyly added the 0.9.1 label Oct 26, 2022
This was referenced Nov 21, 2022
Closed
Merged
@0xalpharush 0xalpharush removed the 0.9.1 label Dec 2, 2022
@0xalpharush 0xalpharush reopened this Feb 1, 2023
@0xalpharush
Copy link
Contributor

My mistake this wasnt fixed in the linked pull requests

@0xalpharush 0xalpharush reopened this Feb 1, 2023
0xalpharush added a commit that referenced this issue Mar 9, 2023
@0xalpharush
restrict variable-scope detector to only solc 0.4.x
09a9b90 
close #1424
@0xalpharush 0xalpharush mentioned this issue Mar 9, 2023
Merged
@0xalpharush
Copy link
Contributor

closed by #1731

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@montyly @CodeSandwich @0xalpharush