smartbugs-curated/dataset/reentrancy/reentrancy_cross_function.sol

/*
 * @source: https://consensys.github.io/smart-contract-best-practices/known_attacks/
 * @author: consensys
 * @vulnerable_at_lines: 24
 */

pragma solidity ^0.4.0;

contract Reentrancy_cross_function {

    // INSECURE
    mapping (address => uint) private userBalances;

    function transfer(address to, uint amount) {
        if (userBalances[msg.sender] >= amount) {
            userBalances[to] += amount;
            userBalances[msg.sender] -= amount;
        }
    }

    function withdrawBalance() public {
        uint amountToWithdraw = userBalances[msg.sender];
        // <yes> <report> REENTRANCY
        (bool success, ) = msg.sender.call.value(amountToWithdraw)(""); // At this point, the caller's code is executed, and can call transfer()
        require(success);
        userBalances[msg.sender] = 0;
    }
}
Add SB Curated (copied from the smartbugs repository). 2022-11-23 10:07:09 +01:00			`/*`
			`* @source: https://consensys.github.io/smart-contract-best-practices/known_attacks/`
			`* @author: consensys`
			`* @vulnerable_at_lines: 24`
			`*/`

			`pragma solidity ^0.4.0;`

			`contract Reentrancy_cross_function {`

			`// INSECURE`
			`mapping (address => uint) private userBalances;`

			`function transfer(address to, uint amount) {`
			`if (userBalances[msg.sender] >= amount) {`
			`userBalances[to] += amount;`
			`userBalances[msg.sender] -= amount;`
			`}`
			`}`

			`function withdrawBalance() public {`
			`uint amountToWithdraw = userBalances[msg.sender];`
			`// <yes> <report> REENTRANCY`
			`(bool success, ) = msg.sender.call.value(amountToWithdraw)(""); // At this point, the caller's code is executed, and can call transfer()`
			`require(success);`
			`userBalances[msg.sender] = 0;`
			`}`
			`}`