Title
Requirement Violation
Relationships
CWE-573: Improper Following of Specification by Caller
Description
The Solidity require()
construct is meant to validate external inputs of a function. In most cases, such external inputs are provided by callers, but they may also be returned by callees. In the former case, we refer to them as precondition violations. Violations of a requirement can indicate one of two possible issues:
- A bug exists in the contract that provided the external input.
- The condition used to express the requirement is too strong.
Remediation
If the required logical condition is too strong, it should be weakened to allow all valid external inputs.
Otherwise, the bug must be in the contract that provided the external input and one should consider fixing its code by making sure no invalid inputs are provided.
References
Samples
requirement_simple.sol
pragma solidity ^0.4.25;
contract Bar {
Foo private f = new Foo();
function doubleBaz() public view returns (int256) {
return 2 * f.baz(0);
}
}
contract Foo {
function baz(int256 x) public pure returns (int256) {
require(0 < x);
return 42;
}
}
requirement_simple_fixed.sol
pragma solidity ^0.4.25;
contract Bar {
Foo private f = new Foo();
function doubleBaz() public view returns (int256) {
return 2 * f.baz(1); //Changes the external contract to not hit the overly strong requirement.
}
}
contract Foo {
function baz(int256 x) public pure returns (int256) {
require(0 < x); //You can also fix the contract by changing the input to the uint type and removing the require
return 42;
}
}