Soroban SDK Contract Implementation Macro Bug Leading to Incorrect Function Calls

A vulnerability exists in the Soroban SDK Rust library for Soroban contracts, specifically in versions prior to 22.0.10, 23.5.2, and 25.1.1. The issue arises within the `#[contractimpl]` macro, which incorrectly manages function call resolutions. Instead of properly referencing trait functions, it defaults to inherent functions when names overlap. This misalignment can cause critical security checks, embedded in the trait functions, to be bypassed, potentially leading to unauthorized actions within the contract. The vulnerability is particularly concerning when a contract implements a trait and also defines inherent functions with identical names, as the macro-generated WebAssembly export will inadvertently call the wrong function, omitting essential security verifications.

Impact

This vulnerability can cause the WebAssembly-exported entry point to call the incorrect function, bypassing important security checks defined in the trait version of the function. As a result, anyone interacting with the contract through its public interface may inadvertently trigger the wrong function, leading to potential security risks, especially if the omitted function includes critical authorization checks.

Reproduction

To reproduce this vulnerability, define a contract with the `#[contractimpl]` macro applied to a trait implementation that includes a function name also used in an inherent function of the contract. When the contract is compiled and the `#[contractimpl]`` macro is processed, the inherent function will be called instead of the trait function, bypassing any security checks the trait function may have included.

Remediation

Users should upgrade to `soroban-sdk-macros` versions 22.0.10, 23.5.2, or 25.1.1 and recompile their contracts. If an immediate upgrade is not possible, contract developers can rename or remove the conflicting inherent function to avoid the issue.