solana_fender 0.5.4

Static analysis tool for Solana smart contracts
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

pub mod missing_owner;
pub mod reentrancy;
pub mod unauthorized_access;
pub mod integer_overflow;
pub mod type_cosplay;
pub mod pda_sharing;
pub mod invalid_sysvar_accounts;
pub mod closing_accounts;
pub mod bump_seed_canonicalization;
pub mod duplicate_mutable_accounts;
pub mod arbitrary_cpi;
pub mod account_initialization;
pub mod initialization_frontrunning;
pub mod account_data_matching;
pub mod improper_instruction_introspection;
pub mod account_reloading;
pub mod precision_loss;
pub mod insecure_randomness;
pub mod seed_collision;

#[cfg(test)]
pub mod test_utils;

// Common traits and types for analyzers
use crate::models::*;
use anyhow::Result;
use std::fmt;

#[allow(dead_code)]
pub trait Analyzer {
    fn analyze(&self, program: &Program) -> Result<Vec<Finding>>;
    fn name(&self) -> &'static str;
    fn description(&self) -> &'static str;
}

#[derive(Debug, Clone)]
#[allow(dead_code)]
pub struct Finding {
    pub severity: Severity,
    pub certainty: Certainty,
    pub message: String,
    pub location: Location,
}

#[derive(Debug, Clone)]
#[allow(dead_code)]
pub enum Severity {
    Critical,
    High,
    Medium,
    Low,
    //Info,
}

impl fmt::Display for Severity {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            Severity::Critical => write!(f, "Critical"),
            Severity::High => write!(f, "High"),
            Severity::Medium => write!(f, "Medium"),
            Severity::Low => write!(f, "Low"),
        }
    }
}

#[derive(Debug, Clone)]
pub enum Certainty {
    High,
    Medium,
    Low,
}

#[derive(Debug, Clone)]
#[allow(dead_code)]
pub struct Location {
    pub file: String,
    pub line: usize,
    pub column: usize,
}