-
Notifications
You must be signed in to change notification settings - Fork 705
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stack filled with wrong data. #1759
Comments
|
Anyway. Is there a way how to reach/solve those values under that symbolic placeholder, to check whether they fits constraints or not? |
|
@norhh could you please point me out where exactly in code do you do this? |
This is the function which solves the constraints and gets the transaction sequence that satisfies those constraints: |
@norhh thank you for pointing me out. Could you as well point me out, how can I set a constraint for a case that contract having a given value in memory on the given step. The code above did not working well pretty often. offset = state.mstate.stack[-2] # let's assume that this stack depth lays memory pointer.
mem_value = state.mstate.memory.getword(offset) # let's assume that I'm sure that there should be a two bytes pointer like 0x12fd
constraint += mem_value == solver.simbolic_factory(0x12fd, 256) So I have a case when this is returns as Is there a way how I can work around that? |
for |
@norhh It's actually throws an error with the statement that the worddata (the value that is compared to it) should be 256. Anyway this is exactly what I'm doing, wrapping the code with the And here we're coming to the my original question: On my test case I got |
Description
I'm trying to access to a stack into my custom detector.
I'm doing it like
global_state.mstate.stack[-4]
.And I've got full stack filled with exact this data
call_value1
, instead of a useful one.So regarding to this my detector is failing. Since it doesn't expect this value.
This value appears from exact here
sympbolic.execute_contract_creation
as line 191.Nailing it down leads me that solver just coping that value over and over again, to fill stack up to required depth to perform a
CALL
. And worth to say, that this behaviour appears occasionally. I mean in some contracts my custom detector working well (e.g. stack filled with the right data), but on other ones it filled with such trash.So I'm confused in both ways:
execute_contract_creation
even called in the detector scope?The text was updated successfully, but these errors were encountered: