Please note, this content is no longer actively maintained.
The content of the SWC registry has not been thoroughly updated since 2020. It is known to be incomplete and may contain errors as well as crucial omissions.
For currently maintained guidance on known Smart Contract vulnerabilities written primarily as guidance for security reviewers, please see the EEA EthTrust Security Levels specification. As well as the latest release version, an Editor's draft is available, that represents the latest work of the group developing the specification.
General guidance for developers on what to consider to ensure security, that is currently maintained, is also available through the Smart Contract Security Verification Standard (SCSVS).
Title
Typographical Error
Relationships
- CWE-480: Use of Incorrect Operator
- EEA EthTrust Security Levels:
- [Q] Implement as Documented
Description
A typographical error can occur for example when the intent of a defined operation is to sum a number to a variable (+=) but it has accidentally been defined in a wrong way (=+), introducing a typo which happens to be a valid operator. Instead of calculating the sum it initializes the variable again.
The unary + operator is deprecated in new solidity compiler versions.
Remediation
The weakness can be avoided by performing pre-condition checks on any math operation or using a vetted library for arithmetic calculations such as SafeMath developed by OpenZeppelin.
References
Samples
typo_one_command.sol
pragma solidity ^0.4.25;
contract TypoOneCommand {
uint numberOne = 1;
function alwaysOne() public {
numberOne =+ 1;
}
}
typo_safe_math.sol
pragma solidity ^0.4.25;
/** Taken from the OpenZeppelin github
* @title SafeMath
* @dev Math operations with safety checks that revert on error
*/
library SafeMath {
/**
* @dev Multiplies two numbers, reverts on overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-solidity/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b);
return c;
}
/**
* @dev Integer division of two numbers truncating the quotient, reverts on division by zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
require(b > 0); // Solidity only automatically asserts when dividing by 0
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Subtracts two numbers, reverts on overflow (i.e. if subtrahend is greater than minuend).
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
require(b <= a);
uint256 c = a - b;
return c;
}
/**
* @dev Adds two numbers, reverts on overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a);
return c;
}
/**
* @dev Divides two numbers and returns the remainder (unsigned integer modulo),
* reverts when dividing by zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
require(b != 0);
return a % b;
}
}
contract TypoSafeMath {
using SafeMath for uint256;
uint256 public numberOne = 1;
bool public win = false;
function addOne() public {
numberOne =+ 1;
}
function addOneCorrect() public {
numberOne += 1;
}
function addOneSafeMath() public {
numberOne = numberOne.add(1);
}
function iWin() public {
if(!win && numberOne>3) {
win = true;
}
}
}
typo_simple.sol
pragma solidity ^0.4.25;
contract TypoSimple {
uint onlyOne = 1;
bool win = false;
function addOne() public {
onlyOne =+ 1;
if(onlyOne>1) {
win = true;
}
}
function iWin() view public returns (bool) {
return win;
}
}