-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtest_contract.sol
More file actions
55 lines (43 loc) · 1.64 KB
/
test_contract.sol
File metadata and controls
55 lines (43 loc) · 1.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
// SPDX-License-Identifier: MIT
pragma solidity ^0.6.0;
contract VulnerableToken {
mapping(address => uint256) public balances;
address public owner;
constructor() public {
owner = msg.sender;
}
modifier onlyOwner() {
require(msg.sender == owner, "Not owner");
_;
}
// Reentrancy vulnerability - state is updated after external call
function withdraw(uint256 amount) public {
require(balances[msg.sender] >= amount, "Insufficient balance");
// Vulnerable to reentrancy - external call before state update
(bool success, ) = msg.sender.call{value: amount}("");
require(success, "Transfer failed");
// State updated after external call
balances[msg.sender] -= amount;
emit Withdrawal(msg.sender, amount, block.timestamp);
}
// Integer overflow vulnerability (in Solidity < 0.8.0)
function add(uint256 a, uint256 b) public pure returns (uint256) {
// Vulnerable to overflow
return a + b;
}
// Unchecked return value
function transfer(address payable recipient, uint256 amount) public {
// Unchecked return value from low-level call
recipient.send(amount);
}
// Added public visibility specifier
function initializeContract(address _owner) public {
// Missing visibility specifier (public by default)
owner = _owner;
}
// Function to receive ETH
receive() external payable {
balances[msg.sender] += msg.value;
}
event Withdrawal(address indexed user, uint256 amount, uint256 timestamp);
}