possible reentrancy vulnerabilities avoid state changes after transfer

0x00000002 / rootcore

Apache License 2.0

0 stars 1 forks source link

possible reentrancy vulnerabilities avoid state changes after transfer #11

Open gabriel-canaan opened 6 years ago

gabriel-canaan commented 6 years ago

rootcore/blob/master/contracts/CrowdsaleController.so LIne 244

totalEtherContributed = safeAdd(totalEtherContributed, msg.value); // update the total contribution amount

gabriel-canaan commented 6 years ago

It is recommended to avoid state changes after transfers as even if an ExternalContract is not malicious, malicious code can be executed by any contracts it calls.