How to use the mythril.laser.smt.symbol_factory.BitVecSym function in mythril
To help you get started, we’ve selected a few mythril examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
ConsenSys / mythril / tests / laser / smt / concat_extract_tests / concat_extract_assignment.py View on Github 
def test_concat_extract_input_assignment():
inp1 = symbol_factory.BitVecSym("input1", 256)
inp2 = symbol_factory.BitVecSym("input2", 256)
output1 = symbol_factory.BitVecFuncSym(
"Keccak[input]", size=256, func_name="keccak256", input_=Concat(inp1, inp2)
)
inp3 = Concat(inp2, inp1)
cond = And(output1 == inp2, inp1 == inp2)
Extract(511, 256, inp3).potential_input_cond = cond
assert Extract(511, 256, inp3).potential_input_cond == conddef test_concat_extract_invariance2():
input_ = symbol_factory.BitVecSym("input", 256)
output_ = symbol_factory.BitVecFuncSym(
"Keccak[input]", size=256, func_name="keccak256", input_=input_
)
construct = Concat(output_, symbol_factory.BitVecVal(0, 256))
assert Extract(511, 256, construct).input_ == input_def test_concat_extract_invariance4():
input_ = symbol_factory.BitVecSym("input", 256)
output_ = symbol_factory.BitVecFuncSym(
"Keccak[input]", size=256, func_name="keccak256", input_=input_
)
output2_ = symbol_factory.BitVecFuncSym(
"Keccak[output_]",
size=256,
func_name="keccak256",
input_=Concat(output_, symbol_factory.BitVecVal(0, 256)),
)
construct = Concat(output2_, symbol_factory.BitVecVal(0, 256))
assert Extract(511, 256, Extract(511, 256, construct).input_).input_ == input_def test_concat_extract_invariance1():
input_ = symbol_factory.BitVecSym("input", 256)
output_ = symbol_factory.BitVecFuncSym(
"Keccak[input]", size=256, func_name="keccak256", input_=input_
)
p1 = Extract(127, 0, output_)
p2 = Extract(255, 128, output_)
construct = Concat(p2, p1)
assert isinstance(construct, BitVecFunc)
assert construct.input_ == input_def test_concat_extract_assignment():
inp1 = symbol_factory.BitVecSym("input1", 256)
inp2 = symbol_factory.BitVecSym("input2", 256)
output1 = symbol_factory.BitVecFuncSym(
"Keccak[input]", size=256, func_name="keccak256", input_=Concat(inp1, inp2)
)
output = Concat(output1, symbol_factory.BitVecVal(0, 256))
cond = And(output1 == inp2, inp1 == inp2)
Extract(511, 256, output).potential_input_cond = cond
assert Extract(511, 256, output).potential_input_cond == cond:param global_state:
:return:
"""
state = global_state.mstate
op0, op1 = state.stack.pop(), state.stack.pop()
try:
index, length = util.get_concrete_int(op0), util.get_concrete_int(op1)
except TypeError:
# Can't access symbolic memory offsets
if isinstance(op0, Expression):
op0 = simplify(op0)
state.stack.append(
symbol_factory.BitVecSym("KECCAC_mem[{}]".format(hash(op0)), 256)
)
gas_tuple = get_opcode_gas("SHA3")
state.min_gas_used += gas_tuple[0]
state.max_gas_used += gas_tuple[1]
return [global_state]
Instruction._sha3_gas_helper(global_state, length)
state.mem_extend(index, length)
data_list = [
b if isinstance(b, BitVec) else symbol_factory.BitVecVal(b, 8)
for b in state.memory[index : index + length]
]
if len(data_list) > 1:
data = simplify(Concat(data_list))# and add logic in codecopy/codesize/calldatacopy/calldatasize than to model code "correctly"
transaction = ContractCreationTransaction(
world_state=open_world_state,
identifier=next_transaction_id,
gas_price=symbol_factory.BitVecSym(
"gas_price{}".format(next_transaction_id), 256
),
gas_limit=8000000, # block gas limit
origin=symbol_factory.BitVecSym(
"origin{}".format(next_transaction_id), 256
),
code=Disassembly(contract_initialization_code),
caller=ACTORS["CREATOR"],
contract_name=contract_name,
call_data=None,
call_value=symbol_factory.BitVecSym(
"call_value{}".format(next_transaction_id), 256
),
)
_setup_global_state_for_execution(laser_evm, transaction)
new_account = new_account or transaction.callee_account
laser_evm.exec(True)
return new_accounttransaction = MessageCallTransaction(
world_state=open_world_state,
identifier=next_transaction_id,
gas_price=symbol_factory.BitVecSym(
"gas_price{}".format(next_transaction_id), 256
),
gas_limit=8000000, # block gas limit
origin=symbol_factory.BitVecSym(
"origin{}".format(next_transaction_id), 256
),
caller=symbol_factory.BitVecSym(
"sender_{}".format(next_transaction_id), 256
),
callee_account=open_world_state[callee_address],
call_data=SymbolicCalldata(next_transaction_id),
call_value=symbol_factory.BitVecSym(
"call_value{}".format(next_transaction_id), 256
),
)
_setup_global_state_for_execution(laser_evm, transaction)
laser_evm.exec()world_state = world_state or WorldState()
open_states = [world_state]
new_account = None
for open_world_state in open_states:
next_transaction_id = get_next_transaction_id()
# call_data "should" be '[]', but it is easier to model the calldata symbolically
# and add logic in codecopy/codesize/calldatacopy/calldatasize than to model code "correctly"
transaction = ContractCreationTransaction(
world_state=open_world_state,
identifier=next_transaction_id,
gas_price=symbol_factory.BitVecSym(
"gas_price{}".format(next_transaction_id), 256
),
gas_limit=8000000, # block gas limit
origin=symbol_factory.BitVecSym(
"origin{}".format(next_transaction_id), 256
),
code=Disassembly(contract_initialization_code),
caller=ACTORS["CREATOR"],
contract_name=contract_name,
call_data=None,
call_value=symbol_factory.BitVecSym(
"call_value{}".format(next_transaction_id), 256
),
)
_setup_global_state_for_execution(laser_evm, transaction)
new_account = new_account or transaction.callee_account
laser_evm.exec(True)
return new_accountidentifier: Optional[str] = None,
gas_price=None,
gas_limit=None,
origin=None,
code=None,
call_value=None,
init_call_data=True,
) -> None:
assert isinstance(world_state, WorldState)
self.world_state = world_state
self.id = identifier or get_next_transaction_id()
self.gas_price = (
gas_price
if gas_price is not None
else symbol_factory.BitVecSym("gasprice{}".format(identifier), 256)
)
self.gas_limit = gas_limit
self.origin = (
origin
if origin is not None
else symbol_factory.BitVecSym("origin{}".format(identifier), 256)
)
self.code = code
self.caller = caller
self.callee_account = callee_account
if call_data is None and init_call_data:
self.call_data = SymbolicCalldata(self.id) # type: BaseCalldata
else:
self.call_data = (mythril
Security analysis tool for Ethereum smart contracts
Package Health Score
78 / 100Popular mythril functions
- mythril.analysis.ops.get_variable
- mythril.analysis.report.Issue
- mythril.analysis.solver.get_model
- mythril.analysis.solver.get_transaction_sequence
- mythril.exceptions.CriticalError
- mythril.laser.ethereum.instructions.StateTransition
- mythril.laser.ethereum.util.get_concrete_int
- mythril.laser.ethereum.util.pop_bitvec
- mythril.laser.smt.And
- mythril.laser.smt.BitVec
- mythril.laser.smt.bitvec.BitVec
- mythril.laser.smt.bool.And
- mythril.laser.smt.bool.Bool
- mythril.laser.smt.Concat
- mythril.laser.smt.Extract
- mythril.laser.smt.If
- mythril.laser.smt.simplify
- mythril.laser.smt.symbol_factory
- mythril.laser.smt.symbol_factory.BitVecSym
- mythril.laser.smt.symbol_factory.BitVecVal