From 4ae59acc098c2ede9a2dc44e741a28df49cc59d2 Mon Sep 17 00:00:00 2001 From: Daniel Kirchner Date: Fri, 10 Aug 2018 16:15:39 +0200 Subject: Consider mappings return values in control flow analysis. --- Changelog.md | 1 + libsolidity/analysis/ControlFlowAnalyzer.cpp | 5 ++++- test/libsolidity/syntaxTests/controlFlow/mappingReturn/named_err.sol | 5 +++++ .../libsolidity/syntaxTests/controlFlow/mappingReturn/named_fine.sol | 5 +++++ .../syntaxTests/controlFlow/mappingReturn/unnamed_err.sol | 5 +++++ .../syntaxTests/controlFlow/mappingReturn/unnamed_fine.sol | 5 +++++ 6 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 test/libsolidity/syntaxTests/controlFlow/mappingReturn/named_err.sol create mode 100644 test/libsolidity/syntaxTests/controlFlow/mappingReturn/named_fine.sol create mode 100644 test/libsolidity/syntaxTests/controlFlow/mappingReturn/unnamed_err.sol create mode 100644 test/libsolidity/syntaxTests/controlFlow/mappingReturn/unnamed_fine.sol diff --git a/Changelog.md b/Changelog.md index a61a7300..9e8337a5 100644 --- a/Changelog.md +++ b/Changelog.md @@ -17,6 +17,7 @@ Breaking Changes: * Commandline interface: Rename the ``--julia`` option to ``--yul``. * Commandline interface: Require ``-`` if standard input is used as source. * Compiler interface: Disallow remappings with empty prefix. + * Control Flow Analyzer: Consider mappings as well when checking for uninitialized return values. * Control Flow Analyzer: Turn warning about returning uninitialized storage pointers into an error. * General: ``continue`` in a ``do...while`` loop jumps to the condition (it used to jump to the loop body). Warning: this may silently change the semantics of existing code. * General: Disallow declaring empty structs. diff --git a/libsolidity/analysis/ControlFlowAnalyzer.cpp b/libsolidity/analysis/ControlFlowAnalyzer.cpp index 483d08c8..ab6569be 100644 --- a/libsolidity/analysis/ControlFlowAnalyzer.cpp +++ b/libsolidity/analysis/ControlFlowAnalyzer.cpp @@ -75,7 +75,10 @@ void ControlFlowAnalyzer::checkUnassignedStorageReturnValues( { auto& unassignedAtFunctionEntry = unassigned[_functionEntry]; for (auto const& returnParameter: _function.returnParameterList()->parameters()) - if (returnParameter->type()->dataStoredIn(DataLocation::Storage)) + if ( + returnParameter->type()->dataStoredIn(DataLocation::Storage) || + returnParameter->type()->category() == Type::Category::Mapping + ) unassignedAtFunctionEntry.insert(returnParameter.get()); } diff --git a/test/libsolidity/syntaxTests/controlFlow/mappingReturn/named_err.sol b/test/libsolidity/syntaxTests/controlFlow/mappingReturn/named_err.sol new file mode 100644 index 00000000..35420b6d --- /dev/null +++ b/test/libsolidity/syntaxTests/controlFlow/mappingReturn/named_err.sol @@ -0,0 +1,5 @@ +contract C { + function f() internal pure returns (mapping(uint=>uint) storage r) { } +} +// ---- +// TypeError: (53-82): This variable is of storage pointer type and might be returned without assignment and could be used uninitialized. Assign the variable (potentially from itself) to fix this error. diff --git a/test/libsolidity/syntaxTests/controlFlow/mappingReturn/named_fine.sol b/test/libsolidity/syntaxTests/controlFlow/mappingReturn/named_fine.sol new file mode 100644 index 00000000..4146192f --- /dev/null +++ b/test/libsolidity/syntaxTests/controlFlow/mappingReturn/named_fine.sol @@ -0,0 +1,5 @@ +contract C { + mapping(uint=>uint) m; + function f() internal view returns (mapping(uint=>uint) storage r) { r = m; } +} +// ---- diff --git a/test/libsolidity/syntaxTests/controlFlow/mappingReturn/unnamed_err.sol b/test/libsolidity/syntaxTests/controlFlow/mappingReturn/unnamed_err.sol new file mode 100644 index 00000000..7e8c4501 --- /dev/null +++ b/test/libsolidity/syntaxTests/controlFlow/mappingReturn/unnamed_err.sol @@ -0,0 +1,5 @@ +contract C { + function f() internal pure returns (mapping(uint=>uint) storage) {} +} +// ---- +// TypeError: (53-72): This variable is of storage pointer type and might be returned without assignment and could be used uninitialized. Assign the variable (potentially from itself) to fix this error. diff --git a/test/libsolidity/syntaxTests/controlFlow/mappingReturn/unnamed_fine.sol b/test/libsolidity/syntaxTests/controlFlow/mappingReturn/unnamed_fine.sol new file mode 100644 index 00000000..9c5e3149 --- /dev/null +++ b/test/libsolidity/syntaxTests/controlFlow/mappingReturn/unnamed_fine.sol @@ -0,0 +1,5 @@ +contract C { + mapping(uint=>uint) m; + function f() internal view returns (mapping(uint=>uint) storage) { return m; } +} +// ---- -- cgit v1.2.3