2022-11-23 10:07:09 +01:00
|
|
|
/*
|
|
|
|
* @source: https://consensys.github.io/smart-contract-best-practices/known_attacks/
|
|
|
|
* @author: consensys
|
|
|
|
* @vulnerable_at_lines: 17
|
|
|
|
*/
|
|
|
|
|
2023-02-08 13:17:07 +01:00
|
|
|
pragma solidity ^0.5.0;
|
2022-11-23 10:07:09 +01:00
|
|
|
|
|
|
|
contract Reentrancy_insecure {
|
|
|
|
|
|
|
|
// INSECURE
|
|
|
|
mapping (address => uint) private userBalances;
|
|
|
|
|
|
|
|
function withdrawBalance() public {
|
|
|
|
uint amountToWithdraw = userBalances[msg.sender];
|
|
|
|
// <yes> <report> REENTRANCY
|
|
|
|
(bool success, ) = msg.sender.call.value(amountToWithdraw)(""); // At this point, the caller's code is executed, and can call withdrawBalance again
|
|
|
|
require(success);
|
|
|
|
userBalances[msg.sender] = 0;
|
|
|
|
}
|
|
|
|
}
|