Skip to content

Commit

Permalink
fix detectors skip notations & add some new
Browse files Browse the repository at this point in the history
  • Loading branch information
@0xhokugava
0xhokugava committed Dec 9, 2023
1 parent bf62da0 commit bd273e8
Show file tree
Hide file tree
Showing 29 changed files with 176 additions and 171 deletions.
3 changes: 3 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,3 +24,6 @@ rules/

# Test coverage report
report/

# OS files
.DS_Store
2 changes: 1 addition & 1 deletion script/libs/DeployStrategyLib.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ library DeployStrategyLib {
implementation = address(new GammaQuickSwapFarmStrategy());
}

//nosemgrep
// nosemgrep
require(implementation != address(0), "DeployStrategyLib: unknown strategy");

factory.setStrategyLogicConfig(
Expand Down
2 changes: 1 addition & 1 deletion src/adapters/AlgebraAdapter.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ contract AlgebraAdapter is Controllable, ICAmmAdapter {
//slither-disable-next-line naming-convention
bytes calldata _data
) external {
//nosemgrep
// nosemgrep
if (amount0Delta <= 0 && amount1Delta <= 0) {
revert IAmmAdapter.WrongCallbackAmount();
}
Expand Down
16 changes: 8 additions & 8 deletions src/adapters/ChainlinkAdapter.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,13 @@ contract ChainlinkAdapter is Controllable, IOracleAdapter {
if (len != priceFeeds_.length) {
revert IControllable.IncorrectArrayLength();
}
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
//nosemgrep
// nosemgrep
if (!_assets.add(assets_[i])) {
revert IControllable.AlreadyExist();
}
//nosemgrep
// nosemgrep
priceFeeds[assets_[i]] = priceFeeds_[i];
}

Expand All @@ -43,13 +43,13 @@ contract ChainlinkAdapter is Controllable, IOracleAdapter {

function removePriceFeeds(address[] memory assets_) external onlyOperator {
uint len = assets_.length;
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
//nosemgrep
// nosemgrep
if (!_assets.remove(assets_[i])) {
revert IControllable.NotExist();
}
//nosemgrep
// nosemgrep
priceFeeds[assets_[i]] = address(0);
}
emit RemovedPriceFeeds(assets_);
Expand Down Expand Up @@ -80,10 +80,10 @@ contract ChainlinkAdapter is Controllable, IOracleAdapter {
assets_ = _assets.values();
prices = new uint[](len);
timestamps = new uint[](len);
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
//slither-disable-next-line calls-loop
(, int answer,, uint updatedAt,) = IAggregatorV3Interface(priceFeeds[assets_[i]]).latestRoundData(); //nosemgrep
(, int answer,, uint updatedAt,) = IAggregatorV3Interface(priceFeeds[assets_[i]]).latestRoundData(); // nosemgrep

Check notice

Code scanning / Semgrep

Semgrep Finding: rules.solidity.performance.state-variable-read-in-a-loop Note

Replace state variable reads and writes within loops with local variable reads and writes.
prices[i] = uint(answer) * 1e10;
timestamps[i] = updatedAt;
}
Expand Down
2 changes: 1 addition & 1 deletion src/adapters/KyberAdapter.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ contract KyberAdapter is Controllable, ICAmmAdapter {
//slither-disable-next-line naming-convention
bytes calldata _data
) external {
//nosemgrep
// nosemgrep
if (amount0Delta <= 0 && amount1Delta <= 0) {
revert IAmmAdapter.WrongCallbackAmount();
}
Expand Down
3 changes: 2 additions & 1 deletion src/adapters/UniswapV3Adapter.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,14 +39,15 @@ contract UniswapV3Adapter is Controllable, ICAmmAdapter {
/* CALLBACKS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/

// nosemgrep
function uniswapV3SwapCallback(
//slither-disable-next-line similar-names
int amount0Delta,
int amount1Delta,
//slither-disable-next-line naming-convention
bytes calldata _data
) external {
//nosemgrep
// nosemgrep
if (amount0Delta <= 0 && amount1Delta <= 0) {
revert IAmmAdapter.WrongCallbackAmount();
}
Expand Down
4 changes: 2 additions & 2 deletions src/core/AprOracle.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ contract AprOracle is Controllable, IAprOracle {
if (len != aprs.length) {
revert IControllable.IncorrectArrayLength();
}
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
$.assetApr[assets[i]] = aprs[i];
}
Expand All @@ -54,7 +54,7 @@ contract AprOracle is Controllable, IAprOracle {
AprOracleStorage storage $ = _getStorage();
uint len = assets.length;
aprs = new uint[](len);
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
aprs[i] = $.assetApr[assets[i]];
}
Expand Down
10 changes: 5 additions & 5 deletions src/core/Factory.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@ contract Factory is Controllable, ReentrancyGuardUpgradeable, IFactory {
function addFarms(Farm[] memory farms_) external onlyOperator {
FactoryStorage storage $ = _getStorage();
uint len = farms_.length;
//nosemgrep
// nosemgrep
for (uint i = 0; i < len; ++i) {
$.farms.push(farms_[i]);
}
Expand Down Expand Up @@ -203,7 +203,7 @@ contract Factory is Controllable, ReentrancyGuardUpgradeable, IFactory {

if (vars.buildingPermitToken != address(0)) {
uint balance = IERC721Enumerable(vars.buildingPermitToken).balanceOf(msg.sender);
//nosemgrep
// nosemgrep
for (uint i; i < balance; ++i) {
//slither-disable-next-line calls-loop
uint tokenId = IERC721Enumerable(vars.buildingPermitToken).tokenOfOwnerByIndex(msg.sender, i);
Expand Down Expand Up @@ -243,7 +243,7 @@ contract Factory is Controllable, ReentrancyGuardUpgradeable, IFactory {
address[] memory initStrategyAddresses = new address[](2 + addressesLength);
initStrategyAddresses[0] = vars.platform;
initStrategyAddresses[1] = vault;
//nosemgrep
// nosemgrep
for (uint i = 2; i < 2 + addressesLength; ++i) {
initStrategyAddresses[i] = strategyInitAddresses[i - 2];
}
Expand Down Expand Up @@ -375,7 +375,7 @@ contract Factory is Controllable, ReentrancyGuardUpgradeable, IFactory {
upgradeAllowed = new bool[](len);
buildingPrice = new uint[](len);
extra = new bytes32[](len);
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
VaultConfig memory config = $.vaultConfig[hashes[i]];
vaultType[i] = config.vaultType;
Expand Down Expand Up @@ -413,7 +413,7 @@ contract Factory is Controllable, ReentrancyGuardUpgradeable, IFactory {
tokenURI = new string[](len);
extra = new bytes32[](len);
IStrategyLogic strategyLogicNft = IStrategyLogic(IPlatform(platform()).strategyLogic());
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
StrategyLogicConfig memory config = $.strategyLogicConfig[hashes[i]];
id[i] = config.id;
Expand Down
18 changes: 9 additions & 9 deletions src/core/HardWorker.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ contract HardWorker is Controllable, IHardWorker {
/// @inheritdoc IHardWorker
function setDelays(uint delayServer_, uint delayGelato_) external onlyGovernanceOrMultisig {
HardWorkerStorage storage $ = _getStorage();
//nosemgrep
// nosemgrep
if ($.delayServer == delayServer_ && $.delayGelato == delayGelato_) {
revert AlreadyExist();
}
Expand Down Expand Up @@ -149,7 +149,7 @@ contract HardWorker is Controllable, IHardWorker {
revert IControllable.IncorrectArrayLength();
}
IFactory factory = IFactory(IPlatform(platform()).factory());
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
// calls-loop here is not dangerous
//slither-disable-next-line calls-loop
Expand All @@ -174,7 +174,7 @@ contract HardWorker is Controllable, IHardWorker {

bool isServer = $.dedicatedServerMsgSender[msg.sender];
bool isGelato = msg.sender == $.dedicatedGelatoMsgSender;
//nosemgrep
// nosemgrep
if (!isServer && !isGelato) {
revert NotServerOrGelato();
}
Expand All @@ -197,7 +197,7 @@ contract HardWorker is Controllable, IHardWorker {
uint _maxHwPerCall = $.maxHwPerCall;
uint vaultsLength = vaults.length;
uint counter;
//nosemgrep
// nosemgrep
for (uint i; i < vaultsLength; ++i) {
IVault vault = IVault(vaults[i]);
//slither-disable-next-line calls-loop
Expand All @@ -222,8 +222,8 @@ contract HardWorker is Controllable, IHardWorker {
uint gasUsed = startGas - gasleft();
uint gasCost = gasUsed * tx.gasprice;
//slither-disable-next-line unused-return
if (isServer && gasCost > 0 && address(this).balance >= gasCost) {
//nosemgrep
if (isServer && gasCost > 0 && address(this).balance >= gasCost) { // nosemgrep
// nosemgrep
//slither-disable-next-line low-level-calls
(bool success,) = msg.sender.call{value: gasCost}("");
if (!success) {
Expand Down Expand Up @@ -309,7 +309,7 @@ contract HardWorker is Controllable, IHardWorker {
address[] memory vaultsForHardWork = new address[](len);
//slither-disable-next-line uninitialized-local
uint counter;
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
if ($.excludedVaults[vaults[i]]) {
continue;
Expand All @@ -319,7 +319,7 @@ contract HardWorker is Controllable, IHardWorker {
IStrategy strategy = vault.strategy();
//slither-disable-next-line unused-return
(uint tvl,) = vault.tvl();
//nosemgrep
// nosemgrep
if (
//slither-disable-next-line timestamp
tvl > 0 && block.timestamp - strategy.lastHardWork() > delay_
Expand All @@ -335,7 +335,7 @@ contract HardWorker is Controllable, IHardWorker {
} else {
address[] memory vaultsResult = new address[](counter);
uint j;
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
if (vaultsForHardWork[i] == address(0)) {
continue;
Expand Down
28 changes: 14 additions & 14 deletions src/core/Platform.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -229,7 +229,7 @@ contract Platform is Controllable, IPlatform {
if (len != newImplementations.length) {
revert IncorrectArrayLength();
}
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
if (proxies[i] == address(0)) {
revert IControllable.IncorrectZeroArgument();
Expand Down Expand Up @@ -268,7 +268,7 @@ contract Platform is Controllable, IPlatform {
}
PlatformUpgrade memory platformUpgrade = $.pendingPlatformUpgrade;
uint len = platformUpgrade.proxies.length;
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
//slither-disable-next-line calls-loop
string memory oldContractVersion = IControllable(platformUpgrade.proxies[i]).VERSION();
Expand Down Expand Up @@ -330,12 +330,12 @@ contract Platform is Controllable, IPlatform {
function addDexAggregators(address[] memory dexAggRouter) external onlyOperator {
PlatformStorage storage $ = _getStorage();
uint len = dexAggRouter.length;
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
if (dexAggRouter[i] == address(0)) {
revert IControllable.IncorrectZeroArgument();
}
//nosemgrep
// nosemgrep
if (!$.dexAggregators.add(dexAggRouter[i])) {
continue;
}
Expand Down Expand Up @@ -508,7 +508,7 @@ contract Platform is Controllable, IPlatform {
ids = new string[](len);
proxies = new address[](len);
bytes32[] memory _ammAdapterIdHash = $.ammAdapterIdHash;
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
bytes32 hash = _ammAdapterIdHash[i];
AmmAdapter memory __ammAdapter = $.ammAdapter[hash];
Expand Down Expand Up @@ -543,7 +543,7 @@ contract Platform is Controllable, IPlatform {
bbToken = $.allowedBBTokensVaults.keys();
uint len = bbToken.length;
vaultsLimit = new uint[](len);
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
//slither-disable-next-line unused-return
(, vaultsLimit[i]) = $.allowedBBTokensVaults.tryGet(bbToken[i]);
Expand All @@ -562,17 +562,17 @@ contract Platform is Controllable, IPlatform {
uint[] memory limit = new uint[](len);
//slither-disable-next-line uninitialized-local
uint k;
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
//nosemgrep
// nosemgrep
limit[i] = $.allowedBBTokensVaults.get(allBbTokens[i]);
if (limit[i] > 0) ++k;
}
bbToken = new address[](k);
vaultsLimit = new uint[](k);
//slither-disable-next-line uninitialized-local
uint y;
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
if (limit[i] == 0) {
continue;
Expand Down Expand Up @@ -680,7 +680,7 @@ contract Platform is Controllable, IPlatform {
uint len = token.length;
tokenPrice = new uint[](len);
tokenUserBalance = new uint[](len);
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
//slither-disable-next-line calls-loop
(tokenPrice[i],) = _priceReader.getPrice(token[i]);
Expand All @@ -692,7 +692,7 @@ contract Platform is Controllable, IPlatform {
len = vault.length;
vaultSharePrice = new uint[](len);
vaultUserBalance = new uint[](len);
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
//slither-disable-next-line calls-loop unused-return
(vaultSharePrice[i],) = IVault(vault[i]).price();
Expand All @@ -706,7 +706,7 @@ contract Platform is Controllable, IPlatform {
nft[1] = $.vaultManager;
nft[2] = $.strategyLogic;
nftUserBalance = new uint[](len);
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
//slither-disable-next-line calls-loop
nftUserBalance[i] = IERC721(nft[i]).balanceOf(yourAccount);
Expand Down Expand Up @@ -865,7 +865,7 @@ contract Platform is Controllable, IPlatform {
) internal {
PlatformStorage storage $ = _getStorage();
address ecosystemRevenueReceiver_ = $.ecosystemRevenueReceiver;
//nosemgrep
// nosemgrep
if (feeShareEcosystem != 0 && ecosystemRevenueReceiver_ == address(0)) {
revert IControllable.IncorrectZeroArgument();
// revert IncorrectFee(0,0);
Expand Down Expand Up @@ -903,7 +903,7 @@ contract Platform is Controllable, IPlatform {
*/
function _addTokens(EnumerableSet.AddressSet storage tokenSet, address[] memory tokens) internal {
uint len = tokens.length;
//nosemgrep
// nosemgrep
for (uint i = 0; i < len; ++i) {
if (!tokenSet.add(tokens[i])) {
revert TokenAlreadyExistsInSet({token: tokens[i]});
Expand Down
10 changes: 5 additions & 5 deletions src/core/PriceReader.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ contract PriceReader is Controllable, IPriceReader {
PriceReaderStorage storage $ = _getStorage();
address[] memory __adapters = $._adapters.values();
uint len = __adapters.length;
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
//slither-disable-next-line unused-return
(uint _price,) = IOracleAdapter(__adapters[i]).getPrice(asset);
Expand All @@ -73,13 +73,13 @@ contract PriceReader is Controllable, IPriceReader {

if (len > 0) {
ISwapper swapper = ISwapper(IPlatform(platform()).swapper());
//nosemgrep
// nosemgrep
for (uint j; j < len; ++j) {
IOracleAdapter oracleAdapter = IOracleAdapter($._adapters.at(j));
address[] memory oracleAssets = oracleAdapter.assets();
//nosemgrep
// nosemgrep
uint oracleAssetsLen = oracleAssets.length;
//nosemgrep
// nosemgrep
for (uint i; i < oracleAssetsLen; ++i) {
uint swapperPrice = swapper.getPrice(asset, oracleAssets[i], 0);
if (swapperPrice > 0) {
Expand Down Expand Up @@ -113,7 +113,7 @@ contract PriceReader is Controllable, IPriceReader {
assetAmountPrice = new uint[](len);
assetPrice = new uint[](len);
bool _trusted;
//nosemgrep
// nosemgrep
for (uint i; i < len; ++i) {
(assetPrice[i], _trusted) = getPrice(assets_[i]);
if (!_trusted) {
Expand Down
Loading

0 comments on commit bd273e8

Please sign in to comment.