Created
July 21, 2018 18:18
-
-
Save vasa-develop/01f8a36a9129fd43e1ced7eb7769c341 to your computer and use it in GitHub Desktop.
DO NOT USE THIS CODE. THIS CODE IS USED TO DEMONSTRATE A VULNERABILITY IN A SOLIDITY CODE.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| contract EtherStore { | |
| uint256 public withdrawalLimit = 1 ether; | |
| mapping(address => uint256) public lastWithdrawTime; | |
| mapping(address => uint256) public balances; | |
| function depositFunds() public payable { | |
| balances[msg.sender] += msg.value; | |
| } | |
| function withdrawFunds (uint256 _weiToWithdraw) public { | |
| require(balances[msg.sender] >= _weiToWithdraw); | |
| // limit the withdrawal | |
| require(_weiToWithdraw <= withdrawalLimit); | |
| // limit the time allowed to withdraw | |
| require(now >= lastWithdrawTime[msg.sender] + 1 weeks); | |
| require(msg.sender.call.value(_weiToWithdraw)()); | |
| balances[msg.sender] -= _weiToWithdraw; | |
| lastWithdrawTime[msg.sender] = now; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment