-
Notifications
You must be signed in to change notification settings - Fork 522
Commit
- Loading branch information
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -144,14 +144,13 @@ contract Airdrop is EIP712, Initializable, Ownable { | |
| uint256 len = _contents.length; | ||
|
|
||
| uint256 nativeTokenAmount; | ||
| uint256 refundAmount; | ||
|
|
||
| for (uint256 i = 0; i < len; ) { | ||
| nativeTokenAmount += _contents[i].amount; | ||
|
|
||
| (bool success, ) = _contents[i].recipient.call{ value: _contents[i].amount }(""); | ||
| if (!success) { | ||
| refundAmount += _contents[i].amount; | ||
| revert AirdropFailed(); | ||
| } | ||
|
|
||
| unchecked { | ||
|
|
@@ -162,13 +161,6 @@ contract Airdrop is EIP712, Initializable, Ownable { | |
| if (nativeTokenAmount != msg.value) { | ||
| revert AirdropValueMismatch(); | ||
| } | ||
|
|
||
| if (refundAmount > 0) { | ||
| // refund failed payments' amount to sender address | ||
| // solhint-disable avoid-low-level-calls | ||
| // slither-disable-next-line low-level-calls | ||
| (bool refundSuccess, ) = msg.sender.call{ value: refundAmount }(""); | ||
| } | ||
| } | ||
|
Check failure Code scanning / Slither Functions that send Ether to arbitrary destinations High
Airdrop.airdropNativeToken(Airdrop.AirdropContent20[]) sends eth to arbitrary user
Dangerous calls: - (success) = _contents[i].recipient.call{value: _contents[i].amount}() Check notice Code scanning / Slither Calls inside a loop Low
Airdrop.airdropNativeToken(Airdrop.AirdropContent20[]) has external calls inside a loop: (success) = _contents[i].recipient.call{value: _contents[i].amount}()
Check warning Code scanning / Slither Low-level calls Warning |
||
|
|
||
| function airdrop721(address _tokenAddress, AirdropContent721[] calldata _contents) external { | ||
|
|
@@ -251,11 +243,9 @@ contract Airdrop is EIP712, Initializable, Ownable { | |
| revert AirdropVerificationFailed(); | ||
| } | ||
|
|
||
| address _from = owner(); | ||
| uint256 len = req.contents.length; | ||
|
|
||
| uint256 nativeTokenAmount; | ||
| uint256 refundAmount; | ||
|
|
||
| for (uint256 i = 0; i < len; ) { | ||
| nativeTokenAmount += req.contents[i].amount; | ||
|
|
@@ -267,7 +257,7 @@ contract Airdrop is EIP712, Initializable, Ownable { | |
| (bool success, ) = req.contents[i].recipient.call{ value: req.contents[i].amount }(""); | ||
|
|
||
| if (!success) { | ||
| refundAmount += req.contents[i].amount; | ||
| revert AirdropFailed(); | ||
| } | ||
|
|
||
| unchecked { | ||
|
|
@@ -278,13 +268,6 @@ contract Airdrop is EIP712, Initializable, Ownable { | |
| if (nativeTokenAmount != msg.value) { | ||
| revert AirdropValueMismatch(); | ||
| } | ||
|
|
||
| if (refundAmount > 0) { | ||
| // refund failed payments' amount to sender address | ||
| // solhint-disable avoid-low-level-calls | ||
| // slither-disable-next-line low-level-calls | ||
| (bool refundSuccess, ) = _from.call{ value: refundAmount }(""); | ||
| } | ||
| } | ||
|
Check failure Code scanning / Slither Functions that send Ether to arbitrary destinations High
Airdrop.airdropNativeTokenWithSignature(Airdrop.AirdropRequest20,bytes) sends eth to arbitrary user
Dangerous calls: - (success) = req.contents[i].recipient.call{value: req.contents[i].amount}() Check notice Code scanning / Slither Calls inside a loop Low Check warning Code scanning / Slither Low-level calls Warning |
||
|
|
||
| function airdrop721WithSignature(AirdropRequest721 calldata req, bytes calldata signature) external { | ||
|
|
||