| 知乎专栏 | 多维度架构 |
什么是整型溢出呢?在solidity编写合约时,定义整型一般是用uint8, uint256。一个变量如果定义为uint8表示的无符号的8位整型,即取值范围为0-255。当给这个变量赋值256时,即整型溢出变成了0,以此类推257变成了1。
pragma solidity ^0.4.24;
//author: netkiller <netkiller@msn.com>
//homepage: http://www.netkiller.cn
contract NetkillerOverflowTest{
function add(uint8 a, uint8 b) pure public returns (uint8){
uint8 result = a + b;
return result;
}
function sub(uint8 a, uint8 b) pure public returns (uint8){
uint8 result = a - b;
return result;
}
function mul(uint8 a, uint8 b) pure public returns (uint8){
uint8 result = a * b;
return result;
}
function div(uint8 a, uint8 b) pure public returns (uint8){
uint8 result = a / b;
return result;
}
}
调用上面合约,运行结果
254 + 1 = 255 254 + 2 = 0 254 + 3 = 1
减法运行结果
10 - 20 = 246
乘法运行结果
51 * 5 = 255 51 * 6 = 50
再来测试乘法
255 / 10 = 25
这有点想千年虫问题,即99年变成00年后,你无法区分1900年还是2000年。
现在测试一下uint256,uint256支持的取值范围是0到2^256-1
pragma solidity ^0.4.24;
//author: netkiller <netkiller@msn.com>
//homepage: http://www.netkiller.cn
contract TestUint256Overflow {
// (2**256 – 1) + 1 = 0 向上溢出测试
function overflow() pure public returns (uint256 _overflow) {
uint256 max = 2 ** 256 - 1;
return max + 1;
}
// 0 – 1 = 2**256 – 1 向下溢出测试
function underflow() pure public returns (uint256 _underflow) {
uint256 min = 0;
return min - 1;
}
}
运行结果
_overflow : 0 _underflow : 115792089237316195423570985008687907853269984665640564039457584007913129639935
第一个函数溢出为 0,第二个函数 0 - 1 = 115792089237316195423570985008687907853269984665640564039457584007913129639935
解决溢出问题使用SafeMath库
pragma solidity ^0.4.24;
//author: netkiller <netkiller@msn.com>
//homepage: http://www.netkiller.cn
library SafeMath {
function mul(uint256 a, uint256 b) internal pure returns (uint256 c) {
if (a == 0) {
return 0;
}
c = a * b;
assert(c / a == b);
return c;
}
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return a / b;
}
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
assert(b <= a);
return a - b;
}
function add(uint256 a, uint256 b) internal pure returns (uint256 c) {
c = a + b;
assert(c >= a);
return c;
}
}
contract NetkillerSafeMath {
using SafeMath for uint256;
function add(uint256 a, uint256 b) pure public returns (uint256){
uint256 result = a.add(b);
return result;
}
function sub(uint256 a, uint256 b) pure public returns (uint256){
uint256 result = a.sub(b);
return result;
}
function mul(uint256 a, uint256 b) pure public returns (uint256){
uint256 result = a.mul(b);
return result;
}
function div(uint256 a, uint256 b) pure public returns (uint256){
uint256 result = a.div(b);
return result;
}
}
测试 SafeMath
add(115792089237316195423570985008687907853269984665640564039457584007913129639934,1) => 115792089237316195423570985008687907853269984665640564039457584007913129639935 add(115792089237316195423570985008687907853269984665640564039457584007913129639935,1) => 抛出异常