mirror
/
openzeppelin-contracts
mirror of https://github.com/OpenZeppelin/openzeppelin-contracts
2
1
Fork 1
Code Issues Releases Wiki Activity

fix for short address attack

Browse Source 
as suggested by /u/izqui9 here https://www.reddit.com/r/ethereum/comments/63s917/worrysome_bug_exploit_with_erc20_token/dfwmhc3/
Attack description: 
https://blog.golemproject.net/how-to-find-10m-by-just-reading-blockchain-6ae9d39fcd95
pull/188/head
Jerome de Tychey 8 years ago committed by GitHub
parent 14274f8677
commit d9b9ed227b
1 changed files with 9 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 10
      contracts/token/BasicToken.sol

10
contracts/token/BasicToken.sol
Unescape View File

@ -13,7 +13,15 @@ contract BasicToken is ERC20Basic, SafeMath {
mapping(address => uint) balances;
function transfer(address _to, uint _value) {
/*
* Fix for the ERC20 short address attack
*/
modifier onlyPayloadSize(uint size) {
assert(msg.data.length == size + 4);
_;
}
function transfer(address _to, uint _value) onlyPayloadSize(2 * 32) {
balances[msg.sender] = safeSub(balances[msg.sender], _value);
balances[_to] = safeAdd(balances[_to], _value);
Transfer(msg.sender, _to, _value);

Write Preview
Loading…
Cancel
Save