From c91d9fdb9106b1393ab34a9eb2875c32ccae42d4 Mon Sep 17 00:00:00 2001
From: POTHURI HARIKA <cb.en.p2cys21018@cb.students.amrita.edu>
Date: Thu, 15 Jun 2023 12:29:49 +0530
Subject: [PATCH] Upload New File
---
.../Rules/SOLIDITY_VAR_IN_LOOP_FOR.md | 126 ++++++++++++++++++
1 file changed, 126 insertions(+)
create mode 100644 Tools/SmartCheck/Solidity/Rules/SOLIDITY_VAR_IN_LOOP_FOR.md
diff --git a/Tools/SmartCheck/Solidity/Rules/SOLIDITY_VAR_IN_LOOP_FOR.md b/Tools/SmartCheck/Solidity/Rules/SOLIDITY_VAR_IN_LOOP_FOR.md
new file mode 100644
index 0000000..b34a982
--- /dev/null
+++ b/Tools/SmartCheck/Solidity/Rules/SOLIDITY_VAR_IN_LOOP_FOR.md
@@ -0,0 +1,126 @@
+# Analysis of Smart Contract Security Vulnerabilities and Tools 
+     <br/>    <br/>
+ <br/>
+
+
+## SOLIDITY_VAR_IN_LOOP_FOR
+### Rule Description
+<p>
+ Solidity supports type inference: the type of <code>i</code> in <code>var i = 42;</code> is the smallest integer type sufficient to store the right-hand side value (<code>uint8</code>). Consider a common for-loop pattern:
+</p>
+<pre>
+<code>
+for (var i = 0; i < array.length; i++) { /* ... */ }
+</code>
+</pre>
+<p>
+The type of <code>i</code> is inferred to <code>uint8</code>. If <code>array.length</code> is bigger than 255, an
+overflow will occur. Explicitly define the type when declaring integer variables:
+</p>
+<pre>
+<code>
+for (uint256 i = 0; i < array.length; i++) { /* ... */ }
+</code>
+</pre>
+
+### Solidity-Rules
+
+
+ 
+
+```
+forStatement
+ [expression[1]/varDeclaration]
+ [condition/expression/expression/primaryExpression
+ [numberLiteral/decimalNumber
+ [matches(text()[1], "^[0-9]+$")]
+ > 255
+ ]
+ ]
+ [expression[2]/twoPlusMinusOperator/incrementOperator]
+```
+
+### Sample Code
+
+```
+pragma solidity ^0.4.11;
+
+contract SolidityUncheckedSend {
+ function unseatKing(address a, uint w) view returns (uint){
+ // <yes> <report> SOLIDITY_VAR_IN_LOOP_FOR f176ab
+ for (var i = 0; i < 257; i++) {
+ a=0;
+ }
+ for (var i = 0; i < 4; i++) {
+ a=0;
+ }
+ for (var i = 1000; i > 400; i--) {
+ a=0;
+ }
+ }
+}
+```
+
+### Abstract Syntax Tree
+
+[Click Here](https://astexplorer.net/#/gist/10bc55fd862bc7a9d5793065de870748/b92996017a8b37a4e0e2d96e5998229384f972d8) to view the AST for the above code. Code generated from AST Explorer using _solidity-parser-antlr-0.4.11_
+
+### Code Result
+
+```
+ruleId: SOLIDITY_FUNCTIONS_RETURNS_TYPE_AND_NO_RETURN
+patternId: 47acc2
+severity: 1
+line: 4
+column: 4
+content: functionunseatKing(addressa,uintw)viewreturns(uint){for(vari=0;i<257;i++){a=0;}for(vari=0;i<4;i++){a=0;}for(vari=1000;i>400;i--){a=0;}}
+
+ruleId: SOLIDITY_PRAGMAS_VERSION
+patternId: 23fc32
+severity: 1
+line: 1
+column: 16
+content: ^
+
+ruleId: SOLIDITY_VAR
+patternId: d28aa7
+severity: 2
+line: 6
+column: 13
+content: vari=0
+
+ruleId: SOLIDITY_VAR
+patternId: d28aa7
+severity: 2
+line: 9
+column: 13
+content: vari=0
+
+ruleId: SOLIDITY_VAR
+patternId: d28aa7
+severity: 2
+line: 12
+column: 13
+content: vari=1000
+
+ruleId: SOLIDITY_VAR_IN_LOOP_FOR
+patternId: f176ab
+severity: 2
+line: 6
+column: 8
+content: for(vari=0;i<257;i++){a=0;}
+
+ruleId: SOLIDITY_VISIBILITY
+patternId: 910067
+severity: 1
+line: 4
+column: 4
+content: functionunseatKing(addressa,uintw)viewreturns(uint){for(vari=0;i<257;i++){a=0;}for(vari=0;i<4;i++){a=0;}for(vari=1000;i>400;i--){a=0;}}
+
+SOLIDITY_VISIBILITY :1
+SOLIDITY_PRAGMAS_VERSION :1
+SOLIDITY_VAR_IN_LOOP_FOR :1
+SOLIDITY_FUNCTIONS_RETURNS_TYPE_AND_NO_RETURN :1
+SOLIDITY_VAR :3
+
+```
--
GitLab