30 lines
648 B
Solidity
30 lines
648 B
Solidity
/*
|
|
* @source: https://github.com/sigp/solidity-security-blog
|
|
* @author: Suhabe Bugrara
|
|
* @vulnerable_at_lines: 20,27
|
|
*/
|
|
|
|
pragma solidity ^0.4.18;
|
|
|
|
contract Lotto {
|
|
|
|
bool public payedOut = false;
|
|
address public winner;
|
|
uint public winAmount;
|
|
|
|
// ... extra functionality here
|
|
|
|
function sendToWinner() public {
|
|
require(!payedOut);
|
|
// <yes> <report> UNCHECKED_LL_CALLS
|
|
winner.send(winAmount);
|
|
payedOut = true;
|
|
}
|
|
|
|
function withdrawLeftOver() public {
|
|
require(payedOut);
|
|
// <yes> <report> UNCHECKED_LL_CALLS
|
|
msg.sender.send(this.balance);
|
|
}
|
|
}
|