SWC-118/错误的构造函数名
构造函数是特殊函数,仅在合约创建期间调用一次。构造函数通常执行关键的特权操作, 例如设置合约所有者。在Solidity 0.4.22版之前,定义构造函数的唯一方法是创建一个 与包含它的合约类同名的函数。如果要成为构造函数的函数名称与合约类名称不完全匹配, 则该函数将成为常规的可调用函数。此行为有时会导致安全问题,尤其是当智能合约代码 以其他名称重复使用但忘记更改构造函数名称时。
CWE漏洞分类
整改方案
Solidity版本0.4.22引入了一个新constructor关键字,使构造函数定义更清晰。因此, 建议将合约升级到Solidity编译器的最新版本,并更改为新的构造函数声明。
参考文献
合约示例
correct_constructor_name1.sol
/*
* @source: https://github.com/trailofbits/not-so-smart-contracts/blob/master/wrong_constructor_name/incorrect_constructor.sol
* @author: Ben Perez
* Modified by Gerhard Wagner
*/
pragma solidity 0.4.24;
contract Missing{
address private owner;
modifier onlyowner {
require(msg.sender==owner);
_;
}
function missing()
public
{
owner = msg.sender;
}
function () payable {}
function withdraw()
public
onlyowner
{
owner.transfer(this.balance);
}
}
correct_constructor_name1.yaml
description: Invalid constructor name variant 1
issues:
- id: SWC-118
count: 1
locations:
- bytecode_offsets: {}
line_numbers:
incorrect_constructor_name1.sol: [18]
correct_constructor_name1_fixed.sol
/*
* @source: https://github.com/trailofbits/not-so-smart-contracts/blob/master/wrong_constructor_name/incorrect_constructor.sol
* @author: Ben Perez
* Modified by Gerhard Wagner
*/
pragma solidity ^0.4.24;
contract Missing{
address private owner;
modifier onlyowner {
require(msg.sender==owner);
_;
}
constructor()
public
{
owner = msg.sender;
}
function () payable {}
function withdraw()
public
onlyowner
{
owner.transfer(this.balance);
}
}
correct_constructor_name1_fixed.yaml
description: Invalid constructor name variant 1 fixed
issues:
- id: SWC-118
count: 0
locations: []
correct_constructor_name2.sol
/*
* @source: https://github.com/trailofbits/not-so-smart-contracts/blob/master/wrong_constructor_name/incorrect_constructor.sol
* @author: Ben Perez
* Modified by Gerhard Wagner
*/
pragma solidity 0.4.24;
contract Missing{
address private owner;
modifier onlyowner {
require(msg.sender==owner);
_;
}
function Constructor()
public
{
owner = msg.sender;
}
function () payable {}
function withdraw()
public
onlyowner
{
owner.transfer(this.balance);
}
}
correct_constructor_name2.yaml
description: Invalid constructor name variant 2
issues:
- id: SWC-118
count: 1
locations:
- bytecode_offsets: {}
line_numbers:
incorrect_constructor_name2.sol: [17]
correct_constructor_name2_fixed.sol
/*
* @source: https://github.com/trailofbits/not-so-smart-contracts/blob/master/wrong_constructor_name/incorrect_constructor.sol
* @author: Ben Perez
* Modified by Gerhard Wagner
*/
pragma solidity ^0.4.24;
contract Missing{
address private owner;
modifier onlyowner {
require(msg.sender==owner);
_;
}
constructor()
public
{
owner = msg.sender;
}
function () payable {}
function withdraw()
public
onlyowner
{
owner.transfer(this.balance);
}
}
correct_constructor_name2_fixed.yaml
description: Invalid constructor name variant 2 fixed
issues:
- id: SWC-118
count: 0
locations: []