smartbugs-curated/dataset/access_control/mycontract.sol

25 lines
527 B
Solidity

/*
* @source: https://consensys.github.io/smart-contract-best-practices/recommendations/#avoid-using-txorigin
* @author: Consensys Diligence
* @vulnerable_at_lines: 20
* Modified by Gerhard Wagner
*/
pragma solidity ^0.4.24;
contract MyContract {
address owner;
function MyContract() public {
owner = msg.sender;
}
function sendTo(address receiver, uint amount) public {
// <yes> <report> ACCESS_CONTROL
require(tx.origin == owner);
receiver.transfer(amount);
}
}