Closed LucasSte closed 1 year ago
Presently, we do not check the magic number when we enter a fallback function. If it modifies or read the data account, a malefactor can forge an account so that the function would read or write malicious data. This PR fixes such an issue.
Solidity also has receive, is this already done properly there?
receive
receive is not permitted on Solana: https://solang.readthedocs.io/en/v0.3.2/targets/solana.html#receive-function
Presently, we do not check the magic number when we enter a fallback function. If it modifies or read the data account, a malefactor can forge an account so that the function would read or write malicious data. This PR fixes such an issue.