sFuzz Ouputs

Sample contract and its generated outputs

The code block contains main contract: BountyHunt.sol and its generated files. This contract encounters exception disorder and reentrancy vulnerabilities. The below picture shows terminal output of fuzzing process

/**
 * Source Code first verified at https://etherscan.io on Monday, August 14, 2017
 (UTC) */

pragma solidity ^0.4.24;

contract BountyHunt {
  mapping(address => uint) public bountyAmount;
  uint public totalBountyAmount;

  modifier preventTheft {
    _;
    if (this.balance < totalBountyAmount) throw;
  }

  function grantBounty(address beneficiary, uint amount) payable preventTheft {
    bountyAmount[beneficiary] += amount;
    totalBountyAmount += amount;
  }

  function claimBounty() preventTheft {
    uint balance = bountyAmount[msg.sender];
    if (msg.sender.call.value(balance)()) {
      totalBountyAmount -= balance;
      bountyAmount[msg.sender] = 0;
    }
  }

  function transferBounty(address to, uint value) preventTheft {
    if (bountyAmount[msg.sender] >= value) {
      bountyAmount[to] += value;
      bountyAmount[msg.sender] -= value;
    }
  }
}

{
    "functions": [
        {
            "name": "transferBounty",
            "inputs": [
                {
                    "type": "address",
                    "value": "0x0000000000000000000000000000000000000000000000000000000000000000"
                },
                {
                    "type": "uint256",
                    "value": "0x0000000000000000000000000000000000000000000000000000000000000000"
                }
            ]
        },
        {
            "name": "grantBounty",
            "inputs": [
                {
                    "type": "address",
                    "value": "0x0000000000000000000000000000000000000000000000000000000000000000"
                },
                {
                    "type": "uint256",
                    "value": "0x0000000000000000000000000000000000000000000000000000000000000000"
                }
            ]
        },
        {
            "name": "claimBounty",
            "inputs": ""
        }
    ],
    "accounts": [
        {
            "address": "0x00000000000000000000000000000000000000f0",
            "balance": "78918677504442992524819169280"
        },
        {
            "address": "0x0000000000000000000000000000000000000000",
            "balance": "0"
        }
    ]
}

[0,1,2

{
    "functions": [
        {
            "name": "transferBounty",
            "inputs": [
                {
                    "type": "address",
                    "value": "0x0000000000000000000000000000000000000000000000000000000000000000"
                },
                {
                    "type": "uint256",
                    "value": "0x0000000000000000000000000000000000000000000000000000000000000000"
                }
            ]
        },
        {
            "name": "grantBounty",
            "inputs": [
                {
                    "type": "address",
                    "value": "0x0000000000000000000000000000000000000000000000000000000000000000"
                },
                {
                    "type": "uint256",
                    "value": "0x0000000000000000000000000000000000000000000000000000000000000000"
                }
            ]
        },
        {
            "name": "claimBounty",
            "inputs": ""
        }
    ],
    "accounts": [
        {
            "address": "0x00000000000000000000000000000000000000f0",
            "balance": "78918677504442992524819169280"
        },
        {
            "address": "0x0000000000000000000000000000000000000000",
            "balance": "0"
        }
    ]
}

[0,1,2]

PreviousVulnerability NextRun sFuzz with Customized EVM

Last updated 6 years ago

Was this helpful?