reentrancy analyzer test #1189
reentrancy analyzer test #1189
Conversation
The analyzer intakes .nef file instead of source code, and is unable to be aware of the |
|
is that possible that we add attribute to the debuginfo?@shargon |
I think this may not be the best methodology. Verifying the codes is better than trusting the manifest. And it may be not easy for other languages to have the same attributes |
here we dont consider other languages. |
|
NEP-25 and NEP-19 are shared by all of the ecosystem, so any changes there should be discussed separately. |
|
How it works this reentrancy analyzer? how it check that it has a protection? |
@roman-khimov This is C# compiler, nothing to do with NEP25 or NEP19 standards. And core team is not maintaining any languagues other than C#, we are not responsible for other languages. |
|
I think the best way is to symbolically execute the assembly of a method, and infer that the method cannot be re-entered. |
I know, but
Looks like NEP-19 to me. While in fact what you want with attribute and what is suggested by @Hecate2 by
is even closer to NEP-25. And this rings the bell for me. |
Problem all mine, i did not know debuginfo is also an NEP~~~ |
| public void Test_HasReentrancy() | ||
| { | ||
| ReEntrancyAnalyzer.ReEntrancyVulnerabilityPair v = | ||
| ReEntrancyAnalyzer.AnalyzeSingleContractReEntrancy(NefFile, Manifest); |
There was a problem hiding this comment.
AnalyzeSingleContractReEntrancy checks that the storage key is the same?
There was a problem hiding this comment.
AnalyzeSingleContractReEntrancy checks that the storage key is the same?
No. This is a test for the reentrancy analyzer, instead of the [NoReentrant] attribute.
I am writing a symbolic VM that should be able to infer the storage key from .nef
No description provided.