Title

Requirement Violation

Relationships

CWE-573: Improper Following of Specification by Caller

Description

The Solidity require() construct is meant to validate external inputs of a function. In most cases, such external inputs are provided by callers, but they may also be returned by callees. In the former case, we refer to them as precondition violations. Violations of a requirement can indicate one of two possible issues:

1. A bug exists in the contract that provided the external input.
2. The condition used to express the requirement is too strong.

Remediation

If the required logical condition is too strong, it should be weakened to allow all valid external inputs.

Otherwise, the bug must be in the contract that provided the external input and one should consider fixing its code by making sure no invalid inputs are provided.

References

• The use of revert(), assert(), and require() in Solidity, and the new REVERT opcode in the EVM

Samples

requirement_simple.sol

pragma solidity ^0.4.25;

contract Bar {
    Foo private f = new Foo();
    function doubleBaz() public view returns (int256) {
        return 2 * f.baz(0);
    }
}

contract Foo {
    function baz(int256 x) public pure returns (int256) {
        require(0 < x);
        return 42;
    }
}

requirement_simple_fixed.sol

pragma solidity ^0.4.25;

contract Bar {
    Foo private f = new Foo();
    function doubleBaz() public view returns (int256) {
        return 2 * f.baz(1); //Changes the external contract to not hit the overly strong requirement.
    }
}

contract Foo {
    function baz(int256 x) public pure returns (int256) {
        require(0 < x); //You can also fix the contract by changing the input to the uint type and removing the require
        return 42;
    }
}