gaspersic/go-ethereum
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

contracts/chequebook/contract: fix possible reentrancy bug in chequebook.sol

Browse Source
This commit is contained in:
Daniel A. Nagy
2016-08-30 15:53:14 +02:00
parent 3e7b4ae0c3
commit 7b884e0075
5 changed files with 11 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
contracts/chequebook/contract/chequebook.sol
View File

@@ -28,9 +28,11 @@ contract chequebook is mortal {
// Attempt sending the difference between the cumulative amount on the cheque
// and the cumulative amount on the last cashed cheque to beneficiary.
if (amount - sent[beneficiary] >= this.balance) {
if (beneficiary.send(amount - sent[beneficiary])) {
// Upon success, update the cumulative amount.
sent[beneficiary] = amount;
// update the cumulative amount before sending
sent[beneficiary] = amount;
if (!beneficiary.send(amount - sent[beneficiary])) {
// Upon failure to execute send, revert everything
throw;
}
} else {
// Upon failure, punish owner for writing a bounced cheque.