mythril.disassembler package

Submodules

mythril.disassembler.asm module

This module contains various helper classes and functions to deal with EVM code disassembly.

class mythril.disassembler.asm.EvmInstruction(address, op_code, argument=None)[source]

Bases: object

Model to hold the information of the disassembly.

to_dict() → dict[source]
Returns:
mythril.disassembler.asm.disassemble(bytecode) → list[source]

Disassembles evm bytecode and returns a list of instructions.

Parameters:bytecode
Returns:
mythril.disassembler.asm.find_op_code_sequence(pattern: list, instruction_list: list) → collections.abc.Generator[source]

Returns all indices in instruction_list that point to instruction sequences following a pattern.

Parameters:
  • pattern – The pattern to look for, e.g. [[“PUSH1”, “PUSH2”], [“EQ”]] where [“PUSH1”, “EQ”] satisfies pattern
  • instruction_list – List of instructions to look in
Returns:

Indices to the instruction sequences
mythril.disassembler.asm.get_opcode_from_name(operation_name: str) → int[source]

Get an op code based on its name.

Parameters:operation_name
Returns:
mythril.disassembler.asm.instruction_list_to_easm(instruction_list: list) → str[source]

Convert a list of instructions into an easm op code string.

Parameters:instruction_list
Returns:
mythril.disassembler.asm.is_sequence_match(pattern: list, instruction_list: list, index: int) → bool[source]

Checks if the instructions starting at index follow a pattern.

Parameters:
  • pattern – List of lists describing a pattern, e.g. [[“PUSH1”, “PUSH2”], [“EQ”]] where [“PUSH1”, “EQ”] satisfies pattern
  • instruction_list – List of instructions
  • index – Index to check for
Returns:

Pattern matched

mythril.disassembler.disassembly module

This module contains the class used to represent disassembly code.

class mythril.disassembler.disassembly.Disassembly(code: str, enable_online_lookup: bool = False)[source]

Bases: object

Disassembly class.

Stores bytecode, and its disassembly. Additionally it will gather the following information on the existing functions in the disassembled code: - function hashes - function name to entry point mapping - function entry point to function name mapping

assign_bytecode(bytecode)[source]
get_easm()[source]
Returns:
mythril.disassembler.disassembly.get_function_info(index: int, instruction_list: list, signature_database: mythril.support.signatures.SignatureDB) → Tuple[str, int, str][source]

Finds the function information for a call table entry Solidity uses the first 4 bytes of the calldata to indicate which function the message call should execute The generated code that directs execution to the correct function looks like this:

  • PUSH function_hash
  • EQ
  • PUSH entry_point
  • JUMPI

This function takes an index that points to the first instruction, and from that finds out the function hash, function entry and the function name.

Parameters:
  • index – Start of the entry pattern
  • instruction_list – Instruction list for the contract that is being analyzed
  • signature_database – Database used to map function hashes to their respective function names
Returns:

function hash, function entry point, function name

Module contents