From 30c0600ac1e2b9115034372256d27dfe15974def Mon Sep 17 00:00:00 2001
From: Manuel Araoz <manuelaraoz@gmail.com>
Date: Tue, 16 Aug 2016 12:14:53 -0300
Subject: [PATCH] some security fixes

---
 contracts/BadPushPayments.sol    | 5 ++++-
 contracts/GoodPullPayments.sol   | 2 +-
 contracts/PullPaymentCapable.sol | 2 +-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/contracts/BadPushPayments.sol b/contracts/BadPushPayments.sol
index 4c1741ce6..926200357 100644
--- a/contracts/BadPushPayments.sol
+++ b/contracts/BadPushPayments.sol
@@ -9,7 +9,10 @@ contract BadPushPayments {
 		if (msg.value < highestBid) throw;
 
 		if (highestBidder != 0) {
-			highestBidder.send(highestBid);
+      // return bid to previous winner
+			if (!highestBidder.send(highestBid)) {
+        throw;
+      }
 		}
 
 	  highestBidder = msg.sender;
diff --git a/contracts/GoodPullPayments.sol b/contracts/GoodPullPayments.sol
index e8ac86b13..2ee3bac37 100644
--- a/contracts/GoodPullPayments.sol
+++ b/contracts/GoodPullPayments.sol
@@ -14,7 +14,7 @@ contract GoodPullPayments {
     highestBid = msg.value;
   }
 
-  function withdrawRefund() external {
+  function withdrawBid() external {
     uint refund = refunds[msg.sender];
     refunds[msg.sender] = 0;
     if (!msg.sender.send(refund)) {
diff --git a/contracts/PullPaymentCapable.sol b/contracts/PullPaymentCapable.sol
index 8bdfc79bf..5a5244214 100644
--- a/contracts/PullPaymentCapable.sol
+++ b/contracts/PullPaymentCapable.sol
@@ -1,7 +1,7 @@
 contract PullPaymentCapable {
   mapping(address => uint) refunds;
 
-  function asyncSend(address dest, uint amount) {
+  function asyncSend(address dest, uint amount) internal {
     refunds[dest] += amount;
   }