How to use the mythril.laser.smt.BitVec function in mythril
To help you get started, we’ve selected a few mythril examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
ConsenSys / mythril / mythril / laser / ethereum / state / account.py View on Github 
Breadth first Search
:param key:
:param model:
:return:
"""
if not isinstance(key, BitVecFunc):
concrete_values = [self._find_value(key, model[0]) for model in models]
if key.size() == 512:
ex_key = Extract(511, 256, key)
else:
ex_key = key
potential_values = concrete_values
key.potential_values = []
for i, val in enumerate(potential_values):
key.potential_values.append(
(val, And(models[i][1], BitVec(key.raw) == val))
)
return key.potential_values
if key.size() == 512:
val = simplify(Extract(511, 256, key))
concrete_vals = self._traverse_concretise(val, models)
vals2 = self._traverse_concretise(Extract(255, 0, key), models)
key.potential_values = []
i = 0
for val1, val2 in zip(concrete_vals, vals2):
if val2 and val1:
c_val = Concat(val1[0], val2[0])
condition = And(
models[i][1], BitVec(key.raw) == c_val, val1[1], val2[1]
)
key.potential_values.append((c_val, condition)):param memory_size: Size
:return: Tuple containing: call_data array from memory or empty array if symbolic, type found
"""
state = global_state.mstate
transaction_id = "{}_internalcall".format(global_state.current_transaction.id)
memory_start = cast(
BitVec,
(
symbol_factory.BitVecVal(memory_start, 256)
if isinstance(memory_start, int)
else memory_start
),
)
memory_size = cast(
BitVec,
(
symbol_factory.BitVecVal(memory_size, 256)
if isinstance(memory_size, int)
else memory_size
),
)
uses_entire_calldata = simplify(
memory_size == global_state.environment.calldata.calldatasize
)
if is_true(uses_entire_calldata):
return global_state.environment.calldata
try:
calldata_from_mem = state.memory[def _load(self, item: Union[int, BitVec], clean=False) -> Any:
expr_item = (
symbol_factory.BitVecVal(item, 256) if isinstance(item, int) else item
) # type: BitVec
symbolic_base_value = If(
expr_item >= self._size,
symbol_factory.BitVecVal(0, 8),
BitVec(
symbol_factory.BitVecSym(
"{}_calldata_{}".format(self.tx_id, str(item)), 8
)
),
)
return_value = symbolic_base_value
for r_index, r_value in self._reads:
return_value = If(r_index == expr_item, r_value, return_value)
if not clean:
self._reads.append((expr_item, symbolic_base_value))
return simplify(return_value)"""
# pop one element from stack, converting boolean expressions and
# concrete Python variables to BitVecVal
item = state.stack.pop()
if isinstance(item, Bool):
return If(
cast(Bool, item),
symbol_factory.BitVecVal(1, 256),
symbol_factory.BitVecVal(0, 256),
)
elif isinstance(item, int):
return symbol_factory.BitVecVal(item, 256)
else:
item = cast(BitVec, item)
return simplify(item)
if stop is None:
raise IndexError("Invalid Memory Slice")
if step is None:
step = 1
assert type(value) == list
for i in range(0, stop - start, step):
self[start + i] = cast(List[Union[int, BitVec]], value)[i]
else:
if key >= len(self):
return
if isinstance(value, int):
assert 0 <= value <= 0xFF
if isinstance(value, BitVec):
assert value.size() == 8
self._memory[key] = cast(Union[int, BitVec], value)def mem_extend(self, start: Union[int, BitVec], size: Union[int, BitVec]) -> None:
"""Extends the memory of this machine state.
:param start: Start of memory extension
:param size: Size of memory extension
"""
if (isinstance(start, BitVec) and start.symbolic) or (
isinstance(size, BitVec) and size.symbolic
):
return
if isinstance(start, BitVec):
start = start.value
if isinstance(size, BitVec):
size = size.value
m_extend = self.calculate_extension_size(start, size)
if m_extend:
extend_gas = self.calculate_memory_gas(start, size)
self.min_gas_used += extend_gas
self.max_gas_used += extend_gas
self.check_gas()
self.memory.extend(m_extend)"""
gas, to = global_state.mstate.pop(2)
value = global_state.mstate.pop() if with_value else 0
(
memory_input_offset,
memory_input_size,
memory_out_offset,
memory_out_size,
) = global_state.mstate.pop(4)
callee_address = get_callee_address(global_state, dynamic_loader, to)
callee_account = None
call_data = get_call_data(global_state, memory_input_offset, memory_input_size)
if (
isinstance(callee_address, BitVec)
or int(callee_address, 16) > PRECOMPILE_COUNT
or int(callee_address, 16) == 0
):
callee_account = get_callee_account(
global_state, callee_address, dynamic_loader
)
return (
callee_address,
callee_account,
call_data,
value,
gas,
memory_out_offset,
memory_out_size,
)key.potential_values.append(
(val, And(models[i][1], BitVec(key.raw) == val))
)
return key.potential_values
if key.size() == 512:
val = simplify(Extract(511, 256, key))
concrete_vals = self._traverse_concretise(val, models)
vals2 = self._traverse_concretise(Extract(255, 0, key), models)
key.potential_values = []
i = 0
for val1, val2 in zip(concrete_vals, vals2):
if val2 and val1:
c_val = Concat(val1[0], val2[0])
condition = And(
models[i][1], BitVec(key.raw) == c_val, val1[1], val2[1]
)
key.potential_values.append((c_val, condition))
else:
key.potential_values.append((None, None))
if isinstance(key.input_, BitVec) or (
isinstance(key.input_, BitVecFunc) and key.input_.func_name == "sha3"
):
self._traverse_concretise(key.input_, models)
if isinstance(key, BitVecFunc):
if key.size() == 512:
p1 = Extract(511, 256, key)
if not isinstance(p1, BitVecFunc):
p1 = Extract(255, 0, key)
p1 = [:param item:
:return:
"""
if isinstance(item, int) or isinstance(item, Expression):
return self._load(item)
if isinstance(item, slice):
start = 0 if item.start is None else item.start
step = 1 if item.step is None else item.step
stop = self.size if item.stop is None else item.stop
try:
current_index = (
start
if isinstance(start, BitVec)
else symbol_factory.BitVecVal(start, 256)
)
parts = []
while simplify(current_index != stop):
element = self._load(current_index)
if not isinstance(element, Expression):
element = symbol_factory.BitVecVal(element, 8)
parts.append(element)
current_index = simplify(current_index + step)
except Z3Exception:
raise IndexError("Invalid Calldata Slice")
return parts
raise ValueErrormythril
Security analysis tool for Ethereum smart contracts
Package Health Score
78 / 100Popular mythril functions
- mythril.analysis.ops.get_variable
- mythril.analysis.report.Issue
- mythril.analysis.solver.get_model
- mythril.analysis.solver.get_transaction_sequence
- mythril.exceptions.CriticalError
- mythril.laser.ethereum.instructions.StateTransition
- mythril.laser.ethereum.util.get_concrete_int
- mythril.laser.ethereum.util.pop_bitvec
- mythril.laser.smt.And
- mythril.laser.smt.BitVec
- mythril.laser.smt.bitvec.BitVec
- mythril.laser.smt.bool.And
- mythril.laser.smt.bool.Bool
- mythril.laser.smt.Concat
- mythril.laser.smt.Extract
- mythril.laser.smt.If
- mythril.laser.smt.simplify
- mythril.laser.smt.symbol_factory
- mythril.laser.smt.symbol_factory.BitVecSym
- mythril.laser.smt.symbol_factory.BitVecVal