You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Right now, the data dependency is an over-approximation that merges all the dependencies coming from all the node's fathers.
As a result, in a code like:
function f(addressdestination) internal{
// use of destination
}
function g() internal{
f(msg.sender):
f(owner);
}
destination in f is both dependent of msg.sender and owner. We should have a must depend on mode, to detect if a variable is always dependent of another one.
@montyly I am planning to start implementing this in Slither. Just need a few clarifications. When you say that the "must depend on" mode should should only consider the dependencies present in all the node's fathers, do you mean by immediate fathers?
Could this just be a constant value/ constant propagation analysis? If the variable was always msg.sender, it is a constant, and we can check if the value that must be depended on is equivalent to the constant value. Otherwise, it is not a constant/ undefined, and we can return false.
Right now, the data dependency is an over-approximation that merges all the dependencies coming from all the node's fathers.
As a result, in a code like:
destination
inf
is both dependent ofmsg.sender
andowner
. We should have a must depend on mode, to detect if a variable is always dependent of another one.We can implement it by adding a new mode in analyses/data_dependency/data_dependency.py, where only the dependencies present in all the node's fathers are kept.
The text was updated successfully, but these errors were encountered: