Title

Unchecked Call Return Value

Relationships

Description

The return value of a message call is not checked. Execution will resume even if the called contract throws an exception. If the call fails accidentally or an attacker forces the call to fail, this may cause unexpected behaviour in the subsequent program logic.

Remediation

If you choose to use low-level call methods, make sure to handle the possibility that the call will fail by checking the return value.

References

Ethereum Smart Contract Best Practices - Handle errors in external calls

Contract Samples

unchecked_return_value.sol

pragma solidity 0.4.25;

contract ReturnValue {

  function callchecked(address callee) public {
    require(callee.call());
  }

  function callnotchecked(address callee) public {
    callee.call();
  }
}

unchecked_return_value.yaml

description: Unchecked Return Value
issues:
- id: SWC-104
  count: 1
  locations:
  - bytecode_offsets:
      '0x7ef422fc103074d1506988ef06e35af83fb2314146d00653790de08f7d6d9c8d': [312]
    line_numbers:
      unchecked_return_value.sol: [10]