lisa-analyzer
diff --git a/‎datasets/cross-chain/smartaxe/manually-labeled/EvoDeFi20220607/source-code/MasterChef_label.sol‎
Lines changed: 45 additions & 45 deletions b/‎datasets/cross-chain/smartaxe/manually-labeled/EvoDeFi20220607/source-code/MasterChef_label.sol‎
Lines changed: 45 additions & 45 deletions
diff --git a/‎datasets/cross-chain/smartaxe/manually-labeled/LiFinance20220320/source-code/AmarokFacet_label.sol‎
Lines changed: 1 addition & 1 deletion b/‎datasets/cross-chain/smartaxe/manually-labeled/LiFinance20220320/source-code/AmarokFacet_label.sol‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎datasets/cross-chain/smartaxe/manually-labeled/Multichain20230215/source-code/AnyswapV4ERC20_label.sol‎
Lines changed: 2 additions & 2 deletions b/‎datasets/cross-chain/smartaxe/manually-labeled/Multichain20230215/source-code/AnyswapV4ERC20_label.sol‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎datasets/cross-chain/smartaxe/manually-labeled/Multichain20230215/source-code/AnyswapV5ERC20_label.sol‎
Lines changed: 5 additions & 5 deletions b/‎datasets/cross-chain/smartaxe/manually-labeled/Multichain20230215/source-code/AnyswapV5ERC20_label.sol‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎datasets/cross-chain/smartaxe/manually-labeled/Multichain20230215/source-code/AnyswapV5ERC20_label_1.sol‎
Lines changed: 5 additions & 5 deletions b/‎datasets/cross-chain/smartaxe/manually-labeled/Multichain20230215/source-code/AnyswapV5ERC20_label_1.sol‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎datasets/cross-chain/smartaxe/manually-labeled/Multichain20230215/source-code/AnyswapV6ERC20_label.sol‎
Lines changed: 5 additions & 5 deletions b/‎datasets/cross-chain/smartaxe/manually-labeled/Multichain20230215/source-code/AnyswapV6ERC20_label.sol‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎datasets/cross-chain/smartaxe/manually-labeled/Multichain20230215/source-code/AnyswapV6Router_label.sol‎
Lines changed: 1 addition & 1 deletion b/‎datasets/cross-chain/smartaxe/manually-labeled/Multichain20230215/source-code/AnyswapV6Router_label.sol‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎datasets/cross-chain/smartaxe/manually-labeled/Multichain20230215/source-code/Erc20SwapAsset_label.sol‎
Lines changed: 1 addition & 1 deletion b/‎datasets/cross-chain/smartaxe/manually-labeled/Multichain20230215/source-code/Erc20SwapAsset_label.sol‎
Lines changed: 1 addition & 1 deletion
@@ -27,7 +27,7 @@ interface IGenNFT is IERC721 {
 contract MasterChef is Ownable, ERC721Holder {
     using SafeERC20 for IERC20;
     using SafeMath for uint;
-    
+
     // Info of each user.
     struct UserInfo {
         uint256 amount;         // How many LP tokens the user has provided.
@@ -36,7 +36,7 @@ contract MasterChef is Ownable, ERC721Holder {
         uint lastPoweredBlock;  // last powered Block
         uint lastClaimedBlock;  // last powered Block
     }
-    
+
     IProxy proxy;
 
     // Info of each pool.
@@ -62,15 +62,15 @@ contract MasterChef is Ownable, ERC721Holder {
 
     // Info of each pool.
     PoolInfo[] public poolInfo;
-    
+
     // Info of each user that stakes LP tokens.
     mapping (uint256 => mapping (address => UserInfo)) public userInfo;
-    
+
     // Total allocation points. Must be the sum of all allocation points in all pools.
     uint256 public totalAllocPoint = 0;
     // The block number when Gen mining starts.
     uint256 public startBlock;
-    
+
     uint public topPrice = 100; // 10$
     uint public bottomPrice = 10; //100$
     uint public lastBlockUpdate = 0;
@@ -93,7 +93,7 @@ contract MasterChef is Ownable, ERC721Holder {
     ) public {
         require(_devaddr != address(0), "address can't be 0");
         require(_feeAddress != address(0), "address can't be 0");
-        
+
         gen = _gen;
         busd = _busd;
         nft = _nft;
@@ -116,7 +116,7 @@ contract MasterChef is Ownable, ERC721Holder {
         if (_withUpdate) {
             massUpdatePools();
         }
-        
+
         uint256 lastRewardBlock = block.number > startBlock ? block.number : startBlock;
         totalAllocPoint = totalAllocPoint.add(_allocPoint);
         poolInfo.push(PoolInfo({
@@ -172,13 +172,13 @@ contract MasterChef is Ownable, ERC721Holder {
     }
 
     // Deposit LP tokens to MasterChef for GEN allocation.
-    //1.lack of check for uodate power
+    // CCV lack of check for update power
     function deposit(uint256 _pid, uint256 _amount) public {
         PoolInfo storage pool = poolInfo[_pid];
         UserInfo storage user = userInfo[_pid][msg.sender];
         updatePool(_pid);
         claim(_pid);
-        
+
         if(_amount > 0) {
             pool.lpToken.safeTransferFrom(address(msg.sender), address(this), _amount);
             if(pool.depositFeeBP > 0){
@@ -189,9 +189,9 @@ contract MasterChef is Ownable, ERC721Holder {
                 user.amount = user.amount.add(_amount);
             }
         }
-        //1.lack of check for uodate power
+        // CCV lack of check for update power
         updatePower(_pid);
-        
+
         user.rewardDebt = user.power.mul(pool.accGenPerPower).div(1e12);
         emit Deposit(msg.sender, _pid, _amount);
     }
@@ -201,70 +201,70 @@ contract MasterChef is Ownable, ERC721Holder {
         PoolInfo storage pool = poolInfo[_pid];
         UserInfo storage user = userInfo[_pid][msg.sender];
         require(user.amount >= _amount, "withdraw: not good");
-        
+
         updatePool(_pid);
         claim(_pid);
-        
+
         if (_amount > 0) {
             user.amount = user.amount.sub(_amount);
             pool.lpToken.safeTransfer(address(msg.sender), _amount);
         }
-        
+
         updatePower(_pid);
-        
+
         user.rewardDebt = user.power.mul(pool.accGenPerPower).div(1e12);
         emit Withdraw(msg.sender, _pid, _amount);
     }
-    
+
     function powerUpWithNFTs(uint256 _pid, uint[] memory _nftIds) public {
         PoolInfo storage pool = poolInfo[_pid];
         UserInfo storage user = userInfo[_pid][msg.sender];
-        
+
         updatePool(_pid);
         claim(_pid);
-        
+
         for (uint i =0; i < _nftIds.length; i++) {
             uint nftId = _nftIds[i];
             if (nft.ownerOf(nftId) == msg.sender) {
                 if (user.lastPoweredBlock >= block.number) {
                     user.lastPoweredBlock += proxy.getNFTPowerBonusBlocks(nftId);
                 } else {
-                    user.lastPoweredBlock = block.number + proxy.getNFTPowerBonusBlocks(nftId); 
+                    user.lastPoweredBlock = block.number + proxy.getNFTPowerBonusBlocks(nftId);
                 }
-                
+
                 nft.changeType(nftId,0);
             }
         }
-        
-            
+
+
         updatePower(_pid);
-    
+
         user.rewardDebt = user.power.mul(pool.accGenPerPower).div(1e12);
         emit Deposit(msg.sender, _pid, 1);
     }
     // CCV vulnerabilities functions
     function updatePower(uint256 _pid) public {
         PoolInfo storage pool = poolInfo[_pid];
         UserInfo storage user = userInfo[_pid][msg.sender];
-        
+
         uint256 currentPower = user.power;
         uint powerBonus = 100;
-        
+
         if (user.lastPoweredBlock >= block.number) {
             powerBonus += proxy.getNFTPowerBonus();
         }
         powerBonus += proxy.bonus(msg.sender);
-        
+
         user.power = user.amount.mul(powerBonus).div(100);
-        
+
         pool.totalPower = pool.totalPower.add(user.power).sub(currentPower);
     }
-    
+
     // Withdraw without caring about rewards. EMERGENCY ONLY.
     function emergencyWithdraw(uint256 _pid) public {
         PoolInfo storage pool = poolInfo[_pid];
         UserInfo storage user = userInfo[_pid][msg.sender];
-        
+
         pool.totalPower = pool.totalPower.sub(user.power);
         uint256 amount = user.amount;
         user.power = 0;
@@ -274,45 +274,45 @@ contract MasterChef is Ownable, ERC721Holder {
         pool.lpToken.safeTransfer(address(msg.sender), amount);
         emit EmergencyWithdraw(msg.sender, _pid, amount);
     }
-    
+
      function claim(uint256 _pid) internal {
         UserInfo storage user = userInfo[_pid][msg.sender];
-        
+
         user.lastClaimedBlock = block.number;
-        
+
         if (user.amount > 0) {
             uint256 pending = _pendingGen(_pid, msg.sender);
-            
+
             if (pending > 0) {
                 safeGenTransfer(msg.sender, pending);
             }
         }
         updateEmissionIfNeeded();
     }
-    
+
      function _pendingGen(uint256 _pid, address _user) internal view returns (uint256) {
         PoolInfo storage pool = poolInfo[_pid];
         UserInfo storage user = userInfo[_pid][_user];
         uint256 accGenPerPower = pool.accGenPerPower;
-        
-        
+
+
         uint256 lpSupply = pool.lpToken.balanceOf(address(this));
         if (block.number > pool.lastRewardBlock && lpSupply != 0 && pool.totalPower != 0) {
             uint256 blockAmount = block.number.sub(pool.lastRewardBlock);
             uint256 genReward = blockAmount.mul(genPerBlock).mul(pool.allocPoint).div(totalAllocPoint);
             accGenPerPower = accGenPerPower.add(genReward.mul(1e12).div(pool.totalPower));
         }
-        
+
         if ((user.lastClaimedBlock < user.lastPoweredBlock) && (block.number > user.lastPoweredBlock) && (user.power > 0)) {
             uint powerBonus = 100;
-            
+
             powerBonus += proxy.getNFTPowerBonus() * (user.lastPoweredBlock - user.lastClaimedBlock) / (block.number - user.lastClaimedBlock);
             powerBonus += proxy.bonus(msg.sender);
-        
+
             uint truePower = user.amount.mul(powerBonus).div(100);
             return user.power.mul(accGenPerPower).div(1e12).sub(user.rewardDebt) * truePower / user.power;
         }
-        
+
         return user.power.mul(accGenPerPower).div(1e12).sub(user.rewardDebt);
     }
 
@@ -325,7 +325,7 @@ contract MasterChef is Ownable, ERC721Holder {
             gen.transfer(_to, _amount);
         }
     }
-    
+
     // Update dev address by the previous dev.
     function dev(address _devaddr) public {
         require(msg.sender == devaddr, "dev: wut?");
@@ -346,12 +346,12 @@ contract MasterChef is Ownable, ERC721Holder {
     function updateEmissionIfNeeded() public {
         if (block.number - lastBlockUpdate > emissionUpdateInterval) { //every 3 hours
              lastBlockUpdate = block.number;
-             
+
              uint genBalance = gen.balanceOf(busdGenLP);
              uint priceCents = bottomPrice * 100;
              if (genBalance > 0) {
                 massUpdatePools();
-                priceCents = busd.balanceOf(busdGenLP).mul(100).div(genBalance);    
+                priceCents = busd.balanceOf(busdGenLP).mul(100).div(genBalance);
              }
 
              if (priceCents < bottomPrice * 100) {
@@ -367,13 +367,13 @@ contract MasterChef is Ownable, ERC721Holder {
              }
         }
     }
-    
+
     function updateEmissionParameters(uint _topPrice, uint _bottomPrice, uint _emissionUpdateInterval) public onlyOwner {
         topPrice = _topPrice;
         bottomPrice = _bottomPrice;
         emissionUpdateInterval = _emissionUpdateInterval;
     }
-    
+
     function setProxy(IProxy _proxy) public onlyOwner {
         proxy = _proxy;
     }
 
@@ -72,7 +72,7 @@ contract AmarokFacet is ILiFi, ReentrancyGuard, SwapperV2, Validatable {
     /// @param _bridgeData The core information needed for bridging
     /// @param _swapData An array of swap related data for performing swaps before bridging
     /// @param _amarokData Data specific to Amarok
-    //1. lack of check on argument by msg
+    // CCV lack of check on argument by msg
     function swapAndStartBridgeTokensViaAmarok(
         BridgeData memory _bridgeData,
         LibSwap.SwapData[] calldata _swapData,
 
@@ -333,13 +333,13 @@ contract AnyswapV4ERC20 is IAnyswapV3ERC20 {
     function totalSupply() external view override returns (uint256) {
         return _totalSupply;
     }
-    //1. semantic inconsistency
+    // CCV semantic inconsistency
     function depositWithPermit(address target, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s, address to) external returns (uint) {
         IERC20(underlying).permit(target, address(this), value, deadline, v, r, s);
         IERC20(underlying).safeTransferFrom(target, address(this), value);
         return _deposit(value, to);
     }
-    
+
     function depositWithTransferPermit(address target, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s, address to) external returns (uint) {
         IERC20(underlying).transferWithPermit(target, address(this), value, deadline, v, r, s);
         return _deposit(value, to);
 
@@ -333,20 +333,20 @@ contract AnyswapV5ERC20 is IAnyswapV3ERC20 {
     function totalSupply() external view override returns (uint256) {
         return _totalSupply;
     }
-    //1.lack of check on underlying permit
-    //2.access control inconsistency between paths
+    // CCV lack of check on underlying permit
+    // CCV access control inconsistency between paths
     function depositWithPermit(address target, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s, address to) external returns (uint) {
         IERC20(underlying).permit(target, address(this), value, deadline, v, r, s);
         IERC20(underlying).safeTransferFrom(target, address(this), value);
         return _deposit(value, to);
     }
-    //1.lack of check on underlying permit
-    //2.access control inconsistency between paths
+    // CCV lack of check on underlying permit
+    // CCV access control inconsistency between paths
     function depositWithTransferPermit(address target, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s, address to) external returns (uint) {
         IERC20(underlying).transferWithPermit(target, address(this), value, deadline, v, r, s);
         return _deposit(value, to);
     }
-    //2.access control inconsistency between paths
+    // CCV access control inconsistency between paths
     function deposit() external returns (uint) {
         uint _amount = IERC20(underlying).balanceOf(msg.sender);
         IERC20(underlying).safeTransferFrom(msg.sender, address(this), _amount);
 
@@ -333,20 +333,20 @@ contract AnyswapV5ERC20 is IAnyswapV3ERC20 {
     function totalSupply() external view override returns (uint256) {
         return _totalSupply;
     }
-    //1.lack of check on underlying permit
-    //2.access control inconsistency between paths
+    // CCV lack of check on underlying permit
+    // CCV access control inconsistency between paths
     function depositWithPermit(address target, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s, address to) external returns (uint) {
         IERC20(underlying).permit(target, address(this), value, deadline, v, r, s);
         IERC20(underlying).safeTransferFrom(target, address(this), value);
         return _deposit(value, to);
     }
-    //1.lack of check on underlying permit
-    //2.access control inconsistency between paths
+    // CCV lack of check on underlying permit
+    // CCV access control inconsistency between paths
     function depositWithTransferPermit(address target, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s, address to) external returns (uint) {
         IERC20(underlying).transferWithPermit(target, address(this), value, deadline, v, r, s);
         return _deposit(value, to);
     }
-    //2.access control inconsistency between paths
+    // CCV access control inconsistency between paths
     function deposit() external returns (uint) {
         uint _amount = IERC20(underlying).balanceOf(msg.sender);
         IERC20(underlying).safeTransferFrom(msg.sender, address(this), _amount);
 
@@ -182,7 +182,7 @@ contract AnyswapV6ERC20 is IERC20 {
         _mint(to, amount);
         return true;
     }
-    //1.Access control inconcsistency between paths
+    // CCV Access control inconsistency between paths
     function burn(address from, uint256 amount) external onlyAuth returns (bool) {
         //2.semantic inconsistency
         _burn(from, amount);
@@ -246,7 +246,7 @@ contract AnyswapV6ERC20 is IERC20 {
         IERC20(underlying).safeTransferFrom(msg.sender, address(this), _amount);
         return _deposit(_amount, msg.sender);
     }
-    //3.
+
     function deposit(uint amount) external returns (uint) {
         IERC20(underlying).safeTransferFrom(msg.sender, address(this), amount);
         return _deposit(amount, msg.sender);
@@ -283,12 +283,12 @@ contract AnyswapV6ERC20 is IERC20 {
     function withdrawVault(address from, uint amount, address to) external onlyVault returns (uint) {
         return _withdraw(from, amount, to);
     }
-    //1.Access control inconcsistency between paths
-    //3.lack of chcek on repetiveness
+    // CCV Access control inconsistency between paths
+    // CCV Lack of check on repetitiveness
     function _withdraw(address from, uint amount, address to) internal returns (uint) {
         require(!underlyingIsMinted);
         require(underlying != address(0) && underlying != address(this));
-        //2.semantic inconsistency
+        // CCV Semantic inconsistency
         _burn(from, amount);
         IERC20(underlying).safeTransfer(to, amount);
         return amount;
 
@@ -323,7 +323,7 @@ contract AnyswapV6Router {
         IERC20(AnyswapV1ERC20(token).underlying()).safeTransferFrom(msg.sender, token, amount);
         emit LogAnySwapOut(token, msg.sender, to, amount, cID(), toChainID);
     }
-    //1.access control inconsistency between paths
+    // CCV Access control inconsistency between paths
     function anySwapOutNative(address token, address to, uint toChainID) external payable {
         require(AnyswapV1ERC20(token).underlying() == wNATIVE, "AnyswapV3Router: underlying is not wNATIVE");
         IwNATIVE(wNATIVE).deposit{value: msg.value}();
 
@@ -465,7 +465,7 @@ contract ERC20 is Context, IERC20 {
      * - `account` cannot be the zero address.
      * - `account` must have at least `amount` tokens.
      */
-     //1.access control inconcsistency between paths
+     // CCV Access control inconsistency between paths
     function _burn(address account, uint256 amount) internal {
         require(account != address(0), "ERC20: burn from the zero address");
Original file line number	Diff line number	Diff line change
`@@ -323,7 +323,7 @@ contract AnyswapV6Router {`
`323`	`323`	`IERC20(AnyswapV1ERC20(token).underlying()).safeTransferFrom(msg.sender, token, amount);`
`324`	`324`	`emit LogAnySwapOut(token, msg.sender, to, amount, cID(), toChainID);`
`325`	`325`	`}`
`326`		`- //1.access control inconsistency between paths`
	`326`	`+ // CCV Access control inconsistency between paths`
`327`	`327`	`function anySwapOutNative(address token, address to, uint toChainID) external payable {`
`328`	`328`	`require(AnyswapV1ERC20(token).underlying() == wNATIVE, "AnyswapV3Router: underlying is not wNATIVE");`
`329`	`329`	`IwNATIVE(wNATIVE).deposit{value: msg.value}();`