You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If a constructor has dynamic parameters (string or bytes), Manticore crashes.
Manticore will work for functions with dynamic parameters and only crashes with the constructors.
Step to reproduce the behavior
contractWork{
string s;
constructor() public{
}
function f(stringmemorys_) public{
s = s_;
}
}
contractDontWork1{
string s;
constructor(stringmemorys_) public{
s = s_;
}
}
contractDontWork2{
bytes s;
constructor(bytesmemorys_) public{
s = s_;
}
}
manticore test.sol --contract Work works
manticore test.sol --contract DontWork1 or manticore test.sol --contract DontWork2 raise
Traceback (most recent call last):
File "manticore/manticore/ethereum/abi.py", line 208, in deserialize
result = ABI._deserialize(abitypes.parse(ty), data)
File "manticore/manticore/ethereum/abi.py", line 235, in _deserialize
result += (ABI._deserialize(ty_i, buf, offset), )
File "manticore/manticore/ethereum/abi.py", line 230, in _deserialize
result = buf[dyn_offset + 32:dyn_offset + 32 + size]
File "manticore/manticore/core/smtlib/expression.py", line 927, in __getitem__
size = self._get_size(index)
File "manticore/manticore/core/smtlib/expression.py", line 582, in _get_size
assert isinstance(size, BitVecConstant)
AssertionError
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/monty/Envs/manticore/bin/manticore", line 11, in <module>
load_entry_point('manticore', 'console_scripts', 'manticore')()
File "manticore/manticore/__main__.py", line 41, in main
ethereum_main(args, logger)
File "manticore/manticore/ethereum/cli.py", line 68, in ethereum_main
tx_account=args.txaccount, tx_preconstrain=args.txpreconstrain)
File "manticore/manticore/ethereum/manticore.py", line 1085, in multi_tx_analysis
args=args, working_dir=working_dir)
File "manticore/manticore/ethereum/manticore.py", line 711, in solidity_create_contract
args = self.make_symbolic_arguments(constructor_types)
File "manticore/manticore/ethereum/manticore.py", line 581, in make_symbolic_arguments
return ABI.deserialize(types, self.make_symbolic_buffer(32, name='INITARGS', avoid_collisions=True))
File "manticore/manticore/ethereum/abi.py", line 211, in deserialize
raise EthereumError("Error {} deserializing type {:s}".format(str(e), type_spec))
manticore.exceptions.EthereumError: Error deserializing type (bytes)
Expected behavior
No crash
Actual behavior
Crash
Any relevant logs
This might come from the fact that the parameters of constructors are appended to the init bytecode; as a result, the init bytecode has a dynamic length, which might not be properly handled.
Manticore version
9c9b619
Summary of the problem
If a constructor has dynamic parameters (string or bytes), Manticore crashes.
Manticore will work for functions with dynamic parameters and only crashes with the constructors.
Step to reproduce the behavior
manticore test.sol --contract Work
worksmanticore test.sol --contract DontWork1
ormanticore test.sol --contract DontWork2
raiseExpected behavior
No crash
Actual behavior
Crash
Any relevant logs
This might come from the fact that the parameters of constructors are appended to the init bytecode; as a result, the init bytecode has a dynamic length, which might not be properly handled.
Also, it might be a duplicate of #1382
The text was updated successfully, but these errors were encountered: