public void CheckPatchAudit_ForMethodCallInjection()
{
var contractCode = ReadContractCode(typeof(TransactionFeesContract));
var findings = Should.Throw <CSharpCodeCheckException>(
() => _auditor.Audit(contractCode, false))
.Findings;
findings.Count(f => f is MethodCallInjectionValidationResult).ShouldBe(3);
findings.Count(f => f is ObserverProxyValidationResult).ShouldBe(1);
// After patching, all unchecked arithmetic OpCodes should be cleared.
Should.NotThrow(() => _auditor.Audit(_patcher.Patch(contractCode, false), false));
var badContractModule = GetModule(typeof(BadContract));
var validator = new ObserverProxyValidator();
var validationResults = validator.Validate(badContractModule, CancellationToken.None);
validationResults.ShouldContain(v => v.Message.Contains("BranchCount proxy method body is tampered."));
validationResults.ShouldContain(v => v.Message.Contains("CallCount proxy method body is tampered."));
validationResults.ShouldContain(v =>
v.Message.Contains("Missing execution observer call count call detected."));
validationResults.ShouldContain(v =>
v.Message.Contains("Missing execution observer branch count call detected."));
validationResults.ShouldContain(v =>
v.Message.Contains("Proxy initialize call detected from within the contract."));
}
public void ContractAudit_NotInjectAndCheckObserverProxy_Test()
{
var code = ReadCode(typeof(TokenContract).Assembly.Location);
var changedCode = InjectCallReplacerCode(code);
var md = ModuleDefinition.ReadModule(new MemoryStream(changedCode));
var observerValidator = new ObserverProxyValidator();
var validateResult = observerValidator.Validate(md);
validateResult.Count().ShouldBeGreaterThan(0);
}