SWC-118/错误的构造函数名

构造函数是特殊函数，仅在合约创建期间调用一次。构造函数通常执行关键的特权操作，例如设置合约所有者。在Solidity 0.4.22版之前，定义构造函数的唯一方法是创建一个与包含它的合约类同名的函数。如果要成为构造函数的函数名称与合约类名称不完全匹配，则该函数将成为常规的可调用函数。此行为有时会导致安全问题，尤其是当智能合约代码以其他名称重复使用但忘记更改构造函数名称时。

CWE漏洞分类

CWE-665：初始化不正确

整改方案

Solidity版本0.4.22引入了一个新constructor关键字，使构造函数定义更清晰。因此，建议将合约升级到Solidity编译器的最新版本，并更改为新的构造函数声明。

参考文献

SigmaPrime-构造函数

合约示例

correct_constructor_name1.sol

/*
 * @source: https://github.com/trailofbits/not-so-smart-contracts/blob/master/wrong_constructor_name/incorrect_constructor.sol
 * @author: Ben Perez
 * Modified by Gerhard Wagner
 */


pragma solidity 0.4.24;

contract Missing{
    address private owner;

    modifier onlyowner {
        require(msg.sender==owner);
        _;
    }

    function missing()
        public 
    {
        owner = msg.sender;
    }

    function () payable {} 

    function withdraw() 
        public 
        onlyowner
    {
       owner.transfer(this.balance);
    }
}

correct_constructor_name1.yaml

description: Invalid constructor name variant 1
issues:
- id: SWC-118
  count: 1
  locations:
  - bytecode_offsets: {}
    line_numbers:
      incorrect_constructor_name1.sol: [18]

correct_constructor_name1_fixed.sol

/*
 * @source: https://github.com/trailofbits/not-so-smart-contracts/blob/master/wrong_constructor_name/incorrect_constructor.sol
 * @author: Ben Perez
 * Modified by Gerhard Wagner
 */


pragma solidity ^0.4.24;

contract Missing{
    address private owner;

    modifier onlyowner {
        require(msg.sender==owner);
        _;
    }

    constructor()
        public
    {
        owner = msg.sender;
    }

    function () payable {}

    function withdraw()
        public
        onlyowner
    {
       owner.transfer(this.balance);
    }
}

correct_constructor_name1_fixed.yaml

description: Invalid constructor name variant 1 fixed
issues:
- id: SWC-118
  count: 0
  locations: []

correct_constructor_name2.sol

/*
 * @source: https://github.com/trailofbits/not-so-smart-contracts/blob/master/wrong_constructor_name/incorrect_constructor.sol
 * @author: Ben Perez
 * Modified by Gerhard Wagner
 */

pragma solidity 0.4.24;

contract Missing{
    address private owner;

    modifier onlyowner {
        require(msg.sender==owner);
        _;
    }

    function Constructor()
        public 
    {
        owner = msg.sender;
    }

    function () payable {} 

    function withdraw() 
        public 
        onlyowner
    {
       owner.transfer(this.balance);
    }

}

correct_constructor_name2.yaml

description: Invalid constructor name variant 2
issues:
- id: SWC-118
  count: 1
  locations:
  - bytecode_offsets: {}
    line_numbers:
      incorrect_constructor_name2.sol: [17]

correct_constructor_name2_fixed.sol

/*
 * @source: https://github.com/trailofbits/not-so-smart-contracts/blob/master/wrong_constructor_name/incorrect_constructor.sol
 * @author: Ben Perez
 * Modified by Gerhard Wagner
 */

pragma solidity ^0.4.24;

contract Missing{
    address private owner;

    modifier onlyowner {
        require(msg.sender==owner);
        _;
    }

    constructor()
        public
    {
        owner = msg.sender;
    }

    function () payable {}

    function withdraw()
        public
        onlyowner
    {
       owner.transfer(this.balance);
    }

}

correct_constructor_name2_fixed.yaml

description: Invalid constructor name variant 2 fixed
issues:
- id: SWC-118
  count: 0
  locations: []

SWC智能合约漏洞库

SWC-118/错误的构造函数名

CWE漏洞分类

整改方案

参考文献

合约示例