33 lines
1009 B
Solidity
33 lines
1009 B
Solidity
|
/*
|
||
|
|
* @source: https://github.com/sigp/solidity-security-blog#storage-example
|
||
|
|
* @vulnerable_at_lines: 21
|
||
|
|
*/
|
||
|
|
// A Locked Name Registrar
|
||
|
|
|
||
|
|
pragma solidity ^0.4.15;
|
||
|
|
contract NameRegistrar {
|
||
|
|
|
||
|
|
bool public unlocked = false; // registrar locked, no name updates
|
||
|
|
|
||
|
|
struct NameRecord { // map hashes to addresses
|
||
|
|
bytes32 name;
|
||
|
|
address mappedAddress;
|
||
|
|
}
|
||
|
|
|
||
|
|
mapping(address => NameRecord) public registeredNameRecord; // records who registered names
|
||
|
|
mapping(bytes32 => address) public resolve; // resolves hashes to addresses
|
||
|
|
|
||
|
|
function register(bytes32 _name, address _mappedAddress) public {
|
||
|
|
// set up the new NameRecord
|
||
|
|
// <yes> <report> OTHER - uninitialized storage
|
||
|
|
NameRecord newRecord;
|
||
|
|
newRecord.name = _name;
|
||
|
|
newRecord.mappedAddress = _mappedAddress;
|
||
|
|
|
||
|
|
resolve[_name] = _mappedAddress;
|
||
|
|
registeredNameRecord[msg.sender] = newRecord;
|
||
|
|
|
||
|
|
require(unlocked); // only allow registrations if contract is unlocked
|
||
|
|
}
|
||
|
|
}
|