import type { ASTNode, Rule, AnalysisContext } from "../../types.js"; /** * Advanced rule that analyzes potential reentrancy attack paths using CFG * * This rule goes beyond simple pattern matching to analyze the actual execution * paths that could be exploited in a reentrancy attack. It identifies: * * 1. Functions with external calls that could allow reentrancy * 2. State that could be inconsistent during reentrant calls * 3. Multiple call paths that could be chained in an attack * 4. Cross-function reentrancy patterns * * The rule provides detailed attack scenarios and prioritizes findings * based on exploitability and potential impact. */ export declare class ReentrancyPathsRule implements Rule { readonly id = "reentrancy-paths"; readonly description = "Analyze execution paths for potential reentrancy vulnerabilities"; readonly severity: "warning"; private cfgBuilder; private cfgAnalyzer; apply(ast: ASTNode, context: AnalysisContext): void; private checkFunction; /** * Calculate severity based on reentrancy risk factors */ private calculateSeverity; /** * Enhance reentrancy message with specific context */ private enhanceReentrancyMessage; /** * Check if CFG involves critical state updates */ private hasCriticalStateUpdates; /** * Check if variable name indicates critical state */ private isCriticalVariable; /** * Add detailed reentrancy analysis */ private addReentrancyAnalysis; /** * Generate detailed attack scenario */ private generateAttackScenario; /** * Generate mitigation suggestions */ private generateMitigationSuggestions; /** * Fallback basic reentrancy check when CFG analysis fails */ private performBasicReentrancyCheck; /** * Check if statement contains external calls (simplified) */ private containsExternalCall; /** * Check if statement contains state updates (simplified) */ private containsStateUpdate; } //# sourceMappingURL=reentrancy-paths.d.ts.map